[Onopgelost] Opstarten gaat niet, of erg moeizaam

J.van Lieshout · 13 apr 2019

Een paar maanden lang gebrui ik een computer waarvan ik iedere keer het internet moet verbinden. De laatste week kan ik hem steedts moeilijker opstarten. De verbinding nu komt tot stand met taakbeheer, Hoe kan ik zorgen dat de computer beter werkt?
Stuur een bericht naar . Normale e-mailadres niet goed mogelijk.

Verwijderd lid 59498 · 13 apr 2019

Gooi het in de groep.
Lees eens mijn sig.
Info gaarne.

Rubensky · 16 apr 2019

Geef ons alle info die je kan geven over je computer en over de problemen die je ondervind. Ik ben het eens met voor gaande schrijver. Niemand kan je helpen op deze manier.

J.van Lieshout · 21 apr 2019

Ik ben wel kort van stof geweest,hiervoor mijn excuses.
3 a4 maanden geleden heb ik windows defender willen instellen Dat lukte met behulp van uw forum.Toen heb ik een windows update moeten doen. Maar toen veranderde het opstarten. Ik kreeg verschillende afbeeldingen te zien. Erger was dat ik niet meer automatisch verbonden was met het internet. Dikwijls kon ik met de nodige moeite.handmatig een verbinding met internet verkrijgen.
Kwam dat nu door de update? Ik tob nu al verschillende maanden. Graag wil ik de oude toestand terug.

Abraham54 · 21 apr 2019

Download

MiniToolBox en plaats dit tool op jouw bureaublad.

Farbar MiniToolBox gebruiken:

Sluit nu eerst alle nog openstaande programmavensters!
- Windows 2000 en Windows XP: start "MiniToolBox.exe" via dubbelklikken.
- Windows Vista, Windows 7, Windows 8 en Windows 10: start "MiniToolBox.exe" via rechtsklik Als Administrator uitvoeren.

Vink de volgende onderdelen aan:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Events Viewer Errors
List Installed Programs
List Devices - Only Problems
List Users, Partitions and Memory size
List Minidump Files
List Restore Points
- Klik nu op de knop "Go".
- Aansluitend wordt een log aangemaakt (Result.txt) in de zelfde map waar "MiniToolBox.exe" in zit.
- Kopieer en plak de inhoud van het log in jouw volgende bericht.

Notabene: indien "Reset FF Proxy Settings" gekozen is, dienen de gebruikte webbrowsers afgesloten te zijn!

Rubensky · 23 apr 2019

Is het echt alleen gekomen door de update of heb je zelf ook nog dingen veranderd?

J.van Lieshout · 24 apr 2019

Rube
MiniToolBox by Farbar Version: 17-06-2016
Ran by ellyv (administrator) on 24-04-2019 at 15:33:11
Running from "C:\Users\ellyv\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads"
Microsoft Windows 10 Home (X64)
Model: 80L0 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
Intel(R) Dual Band Wireless-AC 3160 = Wi-Fi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 15" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 16" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

Windows IP Configuration
Host Name . . . . . . . . . . . . : LAPTOP-V74MEMEU
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 50-7B-9D-1F-AB-03
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Local Area Connection* 3:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #5
Physical Address. . . . . . . . . : B4-6D-83-C0-7D-D1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Local Area Connection* 16:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #4
Physical Address. . . . . . . . . : B6-6D-83-C0-7D-D0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 3160
Physical Address. . . . . . . . . : B4-6D-83-C0-7D-D0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2a02:a44d:9ec1:0:4dd6:fac4:bcdb:122f(Preferred)
Temporary IPv6 Address. . . . . . : 2a02:a44d:9ec1:0:3945:4a3c:9e8b:5009(Preferred)
Link-local IPv6 Address . . . . . : fe80::4dd6:fac4:bcdb:122f%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.35(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 24-apr-19 15:14:36
Lease Expires . . . . . . . . . . : 25-apr-19 15:14:37
Default Gateway . . . . . . . . . : fe80::46fe:3bff:fee4:6ac7%14
192.168.2.254
DHCP Server . . . . . . . . . . . : 192.168.2.254
DHCPv6 IAID . . . . . . . . . . . : 95710595
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-90-48-8E-50-7B-9D-1F-AB-03
DNS Servers . . . . . . . . . . . : 2a02:a47f:e000::53
2a02:a47f:e000::54
192.168.2.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth PAN HelpText
Physical Address. . . . . . . . . : B4-6D-83-C0-7D-D4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 2a02:a47f:e000::53
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging google.com [216.58.212.206] with 32 bytes of data:
Reply from 216.58.212.206: bytes=32 time=14ms TTL=57
Reply from 216.58.212.206: bytes=32 time=14ms TTL=57
Ping statistics for 216.58.212.206:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 14ms, Average = 14ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 2a02:a47f:e000::53
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Pinging yahoo.com [98.138.219.231] with 32 bytes of data:
Reply from 98.138.219.231: bytes=32 time=128ms TTL=53
Reply from 98.138.219.231: bytes=32 time=128ms TTL=53
Ping statistics for 98.138.219.231:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 128ms, Maximum = 128ms, Average = 128ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...50 7b 9d 1f ab 03 ......Realtek PCIe GBE Family Controller
5...b4 6d 83 c0 7d d1 ......Microsoft Wi-Fi Direct Virtual Adapter #5
7...b6 6d 83 c0 7d d0 ......Microsoft Wi-Fi Direct Virtual Adapter #4
14...b4 6d 83 c0 7d d0 ......Intel(R) Dual Band Wireless-AC 3160
10...b4 6d 83 c0 7d d4 ......Bluetooth PAN HelpText
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.254 192.168.2.35 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.2.0 255.255.255.0 On-link 192.168.2.35 291
192.168.2.35 255.255.255.255 On-link 192.168.2.35 291
192.168.2.255 255.255.255.255 On-link 192.168.2.35 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.2.35 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.2.35 291
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 291 ::/0 fe80::46fe:3bff:fee4:6ac7
1 331 ::1/128 On-link
14 51 2a02:a44d:9ec1::/48 fe80::46fe:3bff:fee4:6ac7
14 291 2a02:a44d:9ec1::/64 On-link
14 291 2a02:a44d:9ec1:0:3945:4a3c:9e8b:5009/128
On-link
14 291 2a02:a44d:9ec1:0:4dd6:fac4:bcdb:122f/128
On-link
14 291 fe80::/64 On-link
14 291 fe80::4dd6:fac4:bcdb:122f/128
On-link
1 331 ff00::/8 On-link
14 291 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (04/24/2019 03:14:29 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
Error: (04/24/2019 03:14:28 PM) (Source: PerfNet) (User: )
Description:
Error: (04/24/2019 03:14:27 PM) (Source: Perflib) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Error: (04/24/2019 03:14:23 PM) (Source: Perflib) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
Error: (04/24/2019 03:14:23 PM) (Source: Perflib) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8
Error: (04/23/2019 04:35:00 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
Error: (04/23/2019 04:35:00 PM) (Source: PerfNet) (User: )
Description:
Error: (04/23/2019 04:35:00 PM) (Source: Perflib) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL8
Error: (04/23/2019 04:34:58 PM) (Source: Perflib) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
Error: (04/23/2019 04:34:58 PM) (Source: Perflib) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8

System errors:
=============
Error: (04/24/2019 03:27:12 PM) (Source: DCOM) (User: LAPTOP-V74MEMEU)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}LAPTOP-V74MEMEUellyvS-1-5-21-2735736808-2654838343-107945157-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/24/2019 03:18:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/24/2019 03:16:27 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/24/2019 03:15:49 PM) (Source: DCOM) (User: LAPTOP-V74MEMEU)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}LAPTOP-V74MEMEUellyvS-1-5-21-2735736808-2654838343-107945157-1001LocalHost (Using LRPC)SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0Unavailable
Error: (04/24/2019 03:13:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/24/2019 03:13:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/24/2019 03:13:42 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/23/2019 04:39:29 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Error: (04/23/2019 04:35:58 PM) (Source: DCOM) (User: LAPTOP-V74MEMEU)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}LAPTOP-V74MEMEUellyvS-1-5-21-2735736808-2654838343-107945157-1001LocalHost (Using LRPC)SpotifyAB.SpotifyMusic_1.104.197.0_x86__zpdnekdrzrea0Unavailable
Error: (04/23/2019 04:35:57 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2019-04-02 23:28:38.396
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.267
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.243
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.217
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:37.256
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:37.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-13 09:50:17.665
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 09:50:17.647
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

=========================== Installed Programs ============================
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
Acrylic Wi-Fi Home v3.1 (HKCU\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{D2FFE8A1-980E-4CF9-A48F-453D767BA661}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{193C95A3-E4D5-4482-A9C9-1510E29849E4}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Productverbeteringsonderzoek (HKLM\...\{ABDD5DC4-E37C-40E1-AB1C-601AA7F7D383}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{3b62443b-0508-4b68-b01a-52a802851410}) (Version: 20.100.0 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1325.4_WHQL - Sonix)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.5222.01 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}) (Version: 3.0.002.00 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0 - Mozilla)
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.004.8 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
Search Powered by Yahoo! (HKLM-x32\...\{CFFE273E-9F7E-F6BE-2EFE-863EFE7E55BE}) (Version: - )
Search the Web (Yahoo) (HKLM-x32\...\{DCFF343F-8C7F-E5BF-3DFF-953FED7F46BF}) (Version: - )
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
========================= Devices: ================================
Name:
Description:
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Device ID: ROOT\PRINTER\0000
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

========================= Memory info: ===================================
Percentage of memory in use: 56%
Total physical RAM: 4017.08 MB
Available physical RAM: 1758.04 MB
Total Virtual: 8113.08 MB
Available Virtual: 5287.16 MB
========================= Partitions: =====================================
1 Drive c: (Windows) (Fixed) (Total:418.63 GB) (Free:322.37 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.04 GB) NTFS
========================= Users: ========================================
Gebruikersaccounts voor \\LAPTOP-V74MEMEU
Administrator DefaultAccount ellyv
Guest hansv WDAGUtilityAccount
De opdracht is voltooid.
========================= Minidump Files ==================================
No minidump file found
========================= Restore Points ==================================
05-04-2019 15:32:28 Windows Update
10-04-2019 11:18:53 Windows Update
**** End of log ****
Rubesky: Alleen de windows-opdate

Rubensky · 25 apr 2019

Is er een herstelpunt aangemaakt? Want dan kan je teruggaan naar een herstelpunt van voor de update.

Abraham54 · 25 apr 2019

Reset de modem via de resetfunctie zoals aangegeven in de handleiding.

En kijk hier hoe in Windows de DNS settings te flushen:

Windows 10: How to Flush and Reset the DNS Cache

We show you have to reset the DNS cache in Microsoft Windows 10.

www.technipages.com

J.van Lieshout · 29 apr 2019

Abraham54.
Reset :geen veranderingen.
DNS:Ik weet niet goed hoe ik dit aan moet pakken. Ik wil ook liever geen fout maken.

Rubensky: 5 april levert niets op. 29 aprillevert wel op(ook gezien de duur van de bewerkingen. Alleen ligt de datum niet in het verleden toen het mis ging met de update.

Abraham54 · 29 apr 2019

Ik heb de hele discussie verplaatst.

Download

Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links
Farbar Recovery Scan Tool 32 bit (x86)
Farbar Recovery Scan Tool 64 bit (x64)
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
Opmerkingen: Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

Antivirusprogramma en actieve malwarescanners dienen al voor je FRST.exe start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

FRST opstarten:

Windows 2000 en Windows XP: dubbelklik op FRST.exe.
Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".

FRST start op:

Wanneer het programma is geopend klik dan op de knop Yes bij de disclaimer.
Druk vervolgens op de Scan knop.
Aansluitend zal een logbestand - FRST.txt en Addition-txt aangemaakt worden en op het bureaublad opgeslagen worden.

.

Voeg beide logs toe aan jouw volgende antwoord.
Weet je niet hoe dit te doen, kijk dan hier: Hoe een bijlage toevoegen?

J.van Lieshout · 2 mei 2019

FRST.exe en addition.exe worden niet opgeslagen!

Abraham54 · 2 mei 2019

Je doelt er mogelijk op dat de logs niet open zijn gegaan.

Kijk in C:\ daar vind je het een en ander.

J.van Lieshout · 2 mei 2019

Het heeft te maken met Windows Defender Smart Screen

Abraham54 · 2 mei 2019

Heb jij geen FRST-map in C:\ staan?
Smartscreen kan inderdaad problemen veroorzaken als je niet weet hoe met smartscreen om te gaan.

J.van Lieshout · 2 mei 2019

Die staat er. Windows Defender Smartscreen heb ik geblokkerd. geen resultaat. Windows Defender Smartscreen zou alleen bij bepaalde gevaarlijke files werken.

Abraham54 · 2 mei 2019

Ondanks dat FRST al weer jaren bestaat en waarschijnlijk al meer dan een miljoen maal is gedownload van BleepingComputer blijft smartscreen dat bestand als gevaarlijk zien!

Download het tool opnieuw nu Smartscreen is uitgeschakeld.

J.van Lieshout · 3 mei 2019

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by ellyv (administrator) on LAPTOP-V74MEMEU (03-05-2019 22:21:53)
Running from C:\Users\ellyv\Downloads
Loaded Profiles: ellyv (Available Profiles: ellyv & hansv)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Engels (Verenigde Staten)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by ellyv (03-05-2019 22:34:26)
Running from C:\Users\ellyv\Downloads
Windows 10 Home Version 1803 17134.706 (X64) (2018-12-08 11:42:26)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2735736808-2654838343-107945157-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2735736808-2654838343-107945157-503 - Limited - Disabled)
ellyv (S-1-5-21-2735736808-2654838343-107945157-1001 - Administrator - Enabled) => C:\Users\ellyv
Guest (S-1-5-21-2735736808-2654838343-107945157-501 - Limited - Disabled)
hansv (S-1-5-21-2735736808-2654838343-107945157-1002 - Limited - Enabled) => C:\Users\hansv
WDAGUtilityAccount (S-1-5-21-2735736808-2654838343-107945157-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{D2FFE8A1-980E-4CF9-A48F-453D767BA661}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{193C95A3-E4D5-4482-A9C9-1510E29849E4}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Productverbeteringsonderzoek (HKLM\...\{ABDD5DC4-E37C-40E1-AB1C-601AA7F7D383}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{3b62443b-0508-4b68-b01a-52a802851410}) (Version: 20.100.0 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1325.4_WHQL - Sonix)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.5222.01 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}) (Version: 3.0.002.00 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0 - Mozilla)
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.004.8 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
Search Powered by Yahoo! (HKLM-x32\...\{CFFE273E-9F7E-F6BE-2EFE-863EFE7E55BE}) (Version: - )
Search the Web (Yahoo) (HKLM-x32\...\{DCFF343F-8C7F-E5BF-3DFF-953FED7F46BF}) (Version: - ) <==== ATTENTION
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {047B4E86-E8E8-4AFD-8BF5-F93F20C0D338} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {2075E85B-0DC6-4855-8054-58B4F5BBDAB8} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {2233F011-3103-46F8-AC88-CEEDB30FFFA7} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {249F4D09-B379-4FF8-ACAD-8EBD012E9C6E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software) <==== ATTENTION
Task: {2A3234F3-E231-4FAA-8882-B5A1E4422B1A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2B63F229-2ACB-43CC-9769-7E8C4CF15A1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-09] (Adobe)
Task: {2F93CBF9-AF2B-471C-93F7-F30BD871A44B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe [2019-04-09] (Adobe)
Task: {2FCD3536-DB63-49A5-944E-00FF8551907D} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {31610DD8-9A0E-494B-BBFE-769250CD4955} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\19494a2f-8e44-4c94-8dc0-0283ac83faa3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-03-06] (Lenovo Group Ltd.)
Task: {3EDBF408-E30B-4C29-A17E-778A8023B75C} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-03-30] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {4F6E06A6-2D75-4A15-AAD5-1CACC2F2D97C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-07-02] (Lenovo)
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {567564F6-4A47-4F8A-87A2-2B35CF49FA7A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5D36617A-AB01-46BD-A0D9-2D929290343F} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {69BD5D71-358E-4E1E-A0F6-6778B04C3EBC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\587b4999-fbb3-402c-a5a4-dd5608268d47 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-03-06] (Lenovo Group Ltd.)
Task: {6CCBBA79-739B-46D6-89B9-CAD84C10AE8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-09] (Google Inc.)
Task: {6D009A6D-6F44-486F-97A9-AC8E065343E9} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-04-08] (Lenovo)
Task: {70C74E9C-1BEC-4F1B-B63E-17E27FD77BCA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-02] ()
Task: {76F74B65-C124-4042-BCE2-E10A290B4050} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-04-08] (AVG Technologies CZ, s.r.o.)
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {79609C1B-8F1A-4BD9-91F3-65AEC43BAAE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [2019-04-23] (Microsoft Corporation)
Task: {8D41AEB9-583F-454A-9467-6FFB91F254D6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {99CAD5DC-537C-4A37-B528-E6F4DDFE2EE1} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-07-02] (Lenovo)
Task: {9EDA433F-53AC-4A10-9D12-542B03ED36E4} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {AD615A98-17DC-4AE9-AF5C-CAC53C15772C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B1A51967-556C-49AE-9C8C-EB714AA2E788} - System32\Tasks\Search Powered by Yahoo! naref => "wscript.exe" "C:\ProgramData\{CDD608B5-4794-8273-C152-1C315B1097FF}\tamo" "68747470733a2f2f643277763764656e63316a78397a2e636c6f756466726f6e742e6e6574" "//B" "//E:jscript" "--IsErIk"
Task: {B22764AD-BB02-465F-8BA8-434A1B97DF87} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-02] ()
Task: {BBC95E3B-98CF-46DD-96D5-F6858C29A2E5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-05] (Piriform Software Ltd)
Task: {BCC31878-7D05-492F-BA64-65E23200E11F} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {C0E311BF-B1B4-4B0C-9AEF-D5E8D7E52133} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-19] (Microsoft Corporation)
Task: {C4555DDF-D0FA-466A-9255-0AF6D1735EDE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [2019-04-23] (Microsoft Corporation)
Task: {CAF0A379-3292-4D9E-AB99-0A223E590CFA} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D2667C53-B7CB-40F8-97EF-7CE5B4D64D8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-09] (Google Inc.)
Task: {D2EBE06D-A035-4008-87E9-81A05F36446E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {D62A6C29-7F6D-45A3-A70A-185490BFCC86} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {D7CD76D8-8057-498D-B45D-45843274682C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {D81625EF-3B5B-4299-A738-2DBB19663309} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {D845B1FF-6E9D-4650-84E2-A3849D11BFAD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\aa9d383f-277f-469f-b68b-55e30991d970 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-03-06] (Lenovo Group Ltd.)
Task: {DCBE5256-01A9-410B-BE17-6765F722E98E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2019-03-06] (Lenovo Group Ltd.)
Task: {DFC3023F-5BB4-42F6-84B7-2E854ED9A876} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software) <==== ATTENTION
Task: {E2ED8E5A-4905-48DA-AE66-AE82213B2C2D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-04-08] (AVAST Software)
Task: {E4B142A4-928E-456A-ABDD-4A51064DDD35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [2019-04-23] (Microsoft Corporation)
Task: {ED01AF5D-D11B-4E38-8B45-F7EED8FE8C48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-12-16] (Adobe Systems Incorporated)
Task: {F1E42F84-EFC5-408A-BE73-C0392056D777} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [2019-04-23] (Microsoft Corporation)
Task: {F5BC45B9-9835-4CC5-A2F2-951DEDAA5A81} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2016-04-22] (CyberLink Corp.)
Task: {F6ADD9AE-61BE-4D5A-BD43-334DBBB49B65} - no filepath
Task: {FB6A0EE1-A67B-4A63-BD86-E3022386A32F} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\ellyv\Desktop\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid
ShortcutWithArgument: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid
==================== Loaded Modules (Whitelisted) ==============
2018-12-19 20:01 - 2018-12-19 20:01 - 000195832 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-12-19 20:01 - 2018-12-19 20:01 - 000937208 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2018-12-19 20:01 - 2018-12-19 20:01 - 002329336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000282360 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000578296 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000616696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000267000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000323832 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000978680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000243960 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000750840 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000411384 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000558840 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000665336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sampler_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000853240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000636152 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_fps_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000303864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_heartbeat_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000778488 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2015-09-28 15:09 - 2015-09-28 15:09 - 000043976 _____ () C:\Program Files\Lenovo\QuickOptimizer\LNBPrismAssistInf.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 12:54 - 2018-11-09 04:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-05-26 06:11 - 2017-05-26 06:11 - 000401840 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-04-10 13:30 - 2019-04-02 09:46 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-05-03 19:24 - 2019-05-03 19:29 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-11 12:43 - 2018-12-11 12:45 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-05-03 19:24 - 2019-05-03 19:28 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000863480 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
2018-12-19 20:01 - 2018-12-19 20:01 - 000312568 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000555768 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000636152 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_foreground_window_input.dll
2019-04-01 08:58 - 2019-04-01 08:59 - 000070144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2019-04-11 10:38 - 2019-04-11 10:38 - 034024960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1811.10862.0_x64__8wekyb3d8bbwe\PilotshubApp.dll
2018-06-19 22:06 - 2018-06-19 22:06 - 003912608 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-11-18 15:22 - 2016-04-22 10:55 - 000884504 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2018-12-27 22:43 - 2016-09-22 08:11 - 000081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2019-01-09 12:55 - 000002105 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run32: => "snp2uvc"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\StartupApproved\StartupFolder: => "Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk"
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\StartupApproved\Run: => "PhotoMasterImportAgent"
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\StartupApproved\Run: => "Chromium"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0442DAF4-0E9B-4D13-8620-3EA3550A1809}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{4FDF8363-C27F-43F8-B68D-5B638FCB6565}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{964C8137-5069-44E8-B55D-2B3134606E57}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS52E6\HPDiagnosticCoreUI.exe
FirewallRules: [{931BE7A3-4E17-4256-B60A-0EF3037B528C}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS52E6\HPDiagnosticCoreUI.exe
FirewallRules: [{FE9BFFF8-D20F-4EA5-AC62-9C066C317CD3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{ACB4DF54-C9F7-43CE-B4E8-3E3B17DF2FC3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{929BBA6B-190C-434D-8994-CC82FCAFB104}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{94B2E460-0C73-41DF-BFDC-72601D8A96A3}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [TCP Query User{3A730A34-D23B-4C74-89CC-885C62896B93}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{2AA58A17-6F5B-4C13-8290-7405302E5299}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{4DE5BDF2-64B0-45D0-B544-92BDFD0A69E5}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS50A6\HPDiagnosticCoreUI.exe
FirewallRules: [{685D813F-2011-4EAA-9E00-97D7E2DECD29}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS50A6\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{8381EAA4-5701-47E2-9A97-F48DB37F2F2F}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{77D9021A-FAB5-4ECC-B07B-85CE2BF6A2C7}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{137153A6-EC2F-44B6-9202-C1FFEC056812}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5DFB\HPDiagnosticCoreUI.exe
FirewallRules: [{0CB21516-CC25-4012-9110-CBF9A2502BF0}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5DFB\HPDiagnosticCoreUI.exe
FirewallRules: [{D3B30E33-7A7A-4D1F-90CB-AA0391E2CA52}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{B24CF1EC-39E8-451A-A00E-311807CBCC89}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{51012DC1-67D5-4211-8A27-F5379E0A3906}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{11921050-2E67-4B2F-9C2B-9B6C8DDD18E2}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe
FirewallRules: [{0B61F8D2-50C5-4782-BFDB-D5C9E41B2127}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe
FirewallRules: [{66AF1419-53D5-43FB-B9BE-D4BAED12A4C2}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1F81\HPDiagnosticCoreUI.exe
FirewallRules: [{982FD968-A42D-4B41-801C-902A3344E979}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1F81\HPDiagnosticCoreUI.exe
FirewallRules: [{884E22C0-9A68-4945-AC11-F73EF849683D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS208A\HPDiagnosticCoreUI.exe
FirewallRules: [{4B801B4F-A353-44A5-8E02-93D345A7794C}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS208A\HPDiagnosticCoreUI.exe
FirewallRules: [{044EB021-257B-4CC5-9DCB-1F35964C8138}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS63AC\HPDiagnosticCoreUI.exe
FirewallRules: [{19305344-3FE8-4274-879D-2BD52C501F3F}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS63AC\HPDiagnosticCoreUI.exe
FirewallRules: [{30D50728-4073-4D38-AA3D-7AF03D818C47}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6E2F\HPDiagnosticCoreUI.exe
FirewallRules: [{CC5F8EC4-A595-4CC1-ADAE-8E132B6C408C}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6E2F\HPDiagnosticCoreUI.exe
FirewallRules: [{DEF05EAE-13E2-434C-A840-A0EB8D15715C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DE72138F-26C4-47C0-93DC-1FFFAFD2B6B9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{B67B8B8F-FEC4-4D0E-84B1-2C218847AB4E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{29DE4207-37AC-4301-9357-F3E9EB2928AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EC30EB61-9314-46FC-BBEC-5B94C4E48E64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7AE85BAF-3821-4689-8901-3E9156B48651}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{249C9041-FCB7-42D0-8EF1-C374EC65D41E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{868D825C-7283-4001-86BD-7DF85E23C061}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C33EBF96-A547-44F7-8F6C-9B0F6543EFF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{83360BF2-21AF-4B7D-BAB4-CD95AC99686C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DFFC363D-A28E-447F-AEA2-38EA0D7B573A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
==================== Restore Points =========================
29-04-2019 16:32:12 Herstelbewerking
03-05-2019 19:25:20 Windows Update
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

==================== Event log errors: =========================
Application errors:
==================
Error: (05/03/2019 10:35:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma SkypeApp.exe, versie 8.44.0.40 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm.
Proces-id: 644
Starttijd: 01d501ebe89c81b6
Eindtijd: 4294967295
Toepassingspad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Rapport-id: 3000fa16-590d-43e4-b63e-6407e97d802c
Volledige pakketnaam met fout: Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c
Relatieve toepassings-id van pakket met fout: App
Error: (05/03/2019 10:10:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de WmiApRpl-service in DLL-bestand C:\WINDOWS\system32\wbem\wmiaprpl.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 10:10:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Kan het prestatieobject voor dee Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode.
Error: (05/03/2019 10:10:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de MSDTC-service in DLL-bestand C:\WINDOWS\system32\msdtcuiu.DLL is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 10:10:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de Lsa-service in DLL-bestand C:\Windows\System32\Secur32.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 10:10:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de ESENT-service in DLL-bestand C:\WINDOWS\system32\esentprf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 10:10:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de .NETFramework-service in DLL-bestand C:\WINDOWS\system32\mscoree.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 07:16:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de WmiApRpl-service in DLL-bestand C:\WINDOWS\system32\wbem\wmiaprpl.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 07:16:44 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Kan het prestatieobject voor dee Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode.
Error: (05/03/2019 07:16:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de MSDTC-service in DLL-bestand C:\WINDOWS\system32\msdtcuiu.DLL is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.

System errors:
=============
Error: (05/03/2019 10:20:54 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-V74MEMEU)
Description: De server microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe!microsoft.windowslive.mail heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
Error: (05/03/2019 10:11:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 10:08:45 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-V74MEMEU)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker LAPTOP-V74MEMEU\ellyv SID (S-1-5-21-2735736808-2654838343-107945157-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0 SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 10:06:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 10:06:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 10:06:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 08:00:54 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-V74MEMEU)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker LAPTOP-V74MEMEU\ellyv SID (S-1-5-21-2735736808-2654838343-107945157-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 07:59:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x8024200d: Feature update to Windows 10, version 1809.
Error: (05/03/2019 07:53:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-V74MEMEU)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker LAPTOP-V74MEMEU\ellyv SID (S-1-5-21-2735736808-2654838343-107945157-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 07:51:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

CodeIntegrity:
===================================
Date: 2019-04-02 23:28:38.396
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.267
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.243
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.217
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:37.256
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:37.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-13 09:50:17.665
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 09:50:17.647
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 50%
Total physical RAM: 4017.08 MB
Available physical RAM: 1979.18 MB
Total Virtual: 8113.08 MB
Available Virtual: 5146.31 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:418.63 GB) (Free:317.13 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 552C2E96)
Partition: GPT.
==================== End of Addition.txt ============================ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCmdRun.exe
(Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126200 2018-12-12] (Intel)
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM-x32\...\Run: [AVGUI.exe] => "C:\Program Files\AVG\Antivirus\AvLaunch.exe" /gui
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-04-22] (CyberLink Corp.)
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\Run: [Chromium] => c:\users\ellyv\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
Startup: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk [2018-12-26]
ShortcutTarget: Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series.lnk [2019-05-03]
ShortcutTarget: Inktwaarschuwingen controleren - HP Photosmart 5520 series.lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{21971cd8-d21e-43e1-b65d-1221743d71d8}: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{4eb20d74-151e-4d10-b165-d7b3c977823e}: [DhcpNameServer] 192.168.2.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://nl.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_a_19_09_agn_sovera_00_00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dnl%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0ByCyC0DzztA0CtDyB0D0DtDtByD0CtCtN0D0Tzu0StByCtCzytN1L2XzuyEtFyEtDtFtDtFzztAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBzztB0AyC0BtBzytGyBtD0F0BtGyC0FtDyCtGyEtB0ByEtGzzyCyEyCyDtD0F0FyB0DyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByCyCyByE0B0DyCtGyE0DzztCtGyE0ByCtDtGzztB0CtDtGzytAyCtDtDtAyDyCtA0D0E0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzzyDtCtN1Q2Z1B1P1RzutCyDyDtCyBtCtCtCyEtB%26cr%3D1754391114%26a%3Dhdr_a_19_09_agn_sovera_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://nl.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_a_19_09_agn_sovera_00_00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dnl%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0ByCyC0DzztA0CtDyB0D0DtDtByD0CtCtN0D0Tzu0StByCtCzytN1L2XzuyEtFyEtDtFtDtFzztAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBzztB0AyC0BtBzytGyBtD0F0BtGyC0FtDyCtGyEtB0ByEtGzzyCyEyCyDtD0F0FyB0DyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByCyCyByE0B0DyCtGyE0DzztCtGyE0ByCtDtGzztB0CtDtGzytAyCtDtDtAyDyCtA0D0E0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzzyDtCtN1Q2Z1B1P1RzutCyDyDtCyBtCtCtCyEtB%26cr%3D1754391114%26a%3Dhdr_a_19_09_agn_sovera_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://nl.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_a_19_09_agn_sovera_00_00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dnl%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0ByCyC0DzztA0CtDyB0D0DtDtByD0CtCtN0D0Tzu0StByCtCzytN1L2XzuyEtFyEtDtFtDtFzztAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBzztB0AyC0BtBzytGyBtD0F0BtGyC0FtDyCtGyEtB0ByEtGzzyCyEyCyDtD0F0FyB0DyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByCyCyByE0B0DyCtGyE0DzztCtGyE0ByCtDtGzztB0CtDtGzytAyCtDtDtAyDyCtA0D0E0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzzyDtCtN1Q2Z1B1P1RzutCyDyDtCyBtCtCtCyEtB%26cr%3D1754391114%26a%3Dhdr_a_19_09_agn_sovera_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {5CEF3B5F-7E95-49AE-80CB-C667C9A7391B} URL =
SearchScopes: HKLM -> {5CEF3B5F-7E95-49AE-80CB-C667C9A7391B} URL =
SearchScopes: HKLM -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_a_19_09_agn_sovera_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0ByCyC0DzztA0CtDyB0D0DtDtByD0CtCtN0D0Tzu0StByCtCzytN1L2XzuyEtFyEtDtFtDtFzztAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBzztB0AyC0BtBzytGyBtD0F0BtGyC0FtDyCtGyEtB0ByEtGzzyCyEyCyDtD0F0FyB0DyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByCyCyByE0B0DyCtGyE0DzztCtGyE0ByCtDtGzztB0CtDtGzytAyCtDtDtAyDyCtA0D0E0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzzyDtCtN1Q2Z1B1P1RzutCyDyDtCyBtCtCtCyEtB%26cr%3D1754391114%26a%3Dhdr_a_19_09_agn_sovera_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {5CEF3B5F-7E95-49AE-80CB-C667C9A7391B} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_a_19_09_agn_sovera_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0ByCyC0DzztA0CtDyB0D0DtDtByD0CtCtN0D0Tzu0StByCtCzytN1L2XzuyEtFyEtDtFtDtFzztAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBzztB0AyC0BtBzytGyBtD0F0BtGyC0FtDyCtGyEtB0ByEtGzzyCyEyCyDtD0F0FyB0DyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByCyCyByE0B0DyCtGyE0DzztCtGyE0ByCtDtGzztB0CtDtGzytAyCtDtDtAyDyCtA0D0E0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzzyDtCtN1Q2Z1B1P1RzutCyDyDtCyBtCtCtCyEtB%26cr%3D1754391114%26a%3Dhdr_a_19_09_agn_sovera_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> {5CEF3B5F-7E95-49AE-80CB-C667C9A7391B} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_a_19_09_agn_sovera_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0ByCyC0DzztA0CtDyB0D0DtDtByD0CtCtN0D0Tzu0StByCtCzytN1L2XzuyEtFyEtDtFtDtFzztAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBzztB0AyC0BtBzytGyBtD0F0BtGyC0FtDyCtGyEtB0ByEtGzzyCyEyCyDtD0F0FyB0DyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByCyCyByE0B0DyCtGyE0DzztCtGyE0ByCtDtGzztB0CtDtGzytAyCtDtDtAyDyCtA0D0E0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzzyDtCtN1Q2Z1B1P1RzutCyDyDtCyBtCtCtCyEtB%26cr%3D1754391114%26a%3Dhdr_a_19_09_agn_sovera_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_a_19_09_agn_sovera_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0ByCyC0DzztA0CtDyB0D0DtDtByD0CtCtN0D0Tzu0StByCtCzytN1L2XzuyEtFyEtDtFtDtFzztAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBzztB0AyC0BtBzytGyBtD0F0BtGyC0FtDyCtGyEtB0ByEtGzzyCyEyCyDtD0F0FyB0DyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByCyCyByE0B0DyCtGyE0DzztCtGyE0ByCtDtGzztB0CtDtGzytAyCtDtDtAyDyCtA0D0E0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzzyDtCtN1Q2Z1B1P1RzutCyDyDtCyBtCtCtCyEtB%26cr%3D1754391114%26a%3Dhdr_a_19_09_agn_sovera_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_a_19_09_agn_sovera_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dnl%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1Qzu0ByCyC0DzztA0CtDyB0D0DtDtByD0CtCtN0D0Tzu0StByCtCzytN1L2XzuyEtFyEtDtFtDtFzztAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBzztB0AyC0BtBzytGyBtD0F0BtGyC0FtDyCtGyEtB0ByEtGzzyCyEyCyDtD0F0FyB0DyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0ByCyCyByE0B0DyCtGyE0DzztCtGyE0ByCtDtGzztB0CtDtGzytAyCtDtDtAyDyCtA0D0E0A2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtDzzyDtCtN1Q2Z1B1P1RzutCyDyDtCyBtCtCtCyEtB%26cr%3D1754391114%26a%3Dhdr_a_19_09_agn_sovera_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2735736808-2654838343-107945157-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\ellyv\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default [2019-05-03]
CHR Extension: (Adobe Acrobat) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-04-02]
CHR Extension: (Gmail) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjadopoenpcjhdnknblbddcmlnlefid [2019-02-12]
CHR Extension: (AVG SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-03-14]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1364992 2019-04-02] (Microsoft Corporation)
S3 BcastDVRUserService_1c5224d; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_1c5224d; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [464384 2018-04-12] (Microsoft Corporation)
S3 BluetoothUserService_1c5224d; C:\WINDOWS\system32\svchost.exe [85472 2019-01-09] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_1c5224d; C:\WINDOWS\SysWOW64\svchost.exe [71456 2019-01-09] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [514048 2018-11-09] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [399872 2018-11-09] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [400896 2018-04-12] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [312832 2018-04-12] (Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-12-12] (Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] ()
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [1268720 2019-04-04] (Google Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation)
S2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373680 2017-05-26] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-03-06] (Lenovo Group Ltd.)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-07-02] (Lenovo)
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [199680 2018-04-12] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-10-26] ()
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
R2 osrss; C:\WINDOWS\system32\osrss.dll [131288 2018-06-27] (Microsoft Corporation)
R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [338744 2019-03-30] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [163336 2018-04-12] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-06-01] (Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [195832 2018-12-19] ()
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [72192 2018-04-12] (Microsoft Corporation)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937208 2018-12-19] ()
S3 VacSvc; C:\WINDOWS\System32\vac.dll [411256 2018-04-12] (Microsoft Corporation)
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [392704 2019-01-09] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [729088 2018-06-19] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1456640 2018-06-19] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-10-26] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [39424 2018-04-12] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-04-12] (Microsoft Corporation)
S3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [92704 2019-01-09] (Microsoft Corporation)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [33184 2018-04-12] (Microsoft Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885144 2018-04-12] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [145816 2018-04-12] (Avago Technologies)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [82328 2018-04-12] (Avago Technologies)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3586696 2018-09-26] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [104448 2018-04-12] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2016-04-09] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2016-04-08] (Realsil Semiconductor Corporation)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-12-19] ()
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [63896 2018-04-12] (Microsoft Corporation)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [21408 2018-04-12] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-03 22:19 - 2019-05-03 22:21 - 000001009 _____ C:\Users\ellyv\Desktop\FRST64 - Snelkoppeling.lnk
2019-05-03 20:07 - 2019-05-03 20:10 - 000048852 _____ C:\Users\ellyv\Downloads\Addition.txt
2019-05-03 20:03 - 2019-05-03 22:23 - 000026371 _____ C:\Users\ellyv\Downloads\FRST.txt
2019-05-03 20:02 - 2019-05-03 20:03 - 002393088 _____ (Farbar) C:\Users\ellyv\Downloads\FRST64.exe
2019-04-25 11:16 - 2019-04-25 11:13 - 000001476 _____ C:\Users\ellyv\Documents\MiniToolBox - Snelkoppeling.lnk
2019-04-24 15:54 - 2019-04-25 11:14 - 000030987 _____ C:\Users\ellyv\Downloads\MTB.txt
2019-04-24 15:53 - 2019-04-25 11:13 - 000001476 _____ C:\Users\ellyv\Desktop\MiniToolBox - Snelkoppeling.lnk
2019-04-24 15:53 - 2019-04-24 15:53 - 000892416 _____ (Farbar) C:\Users\ellyv\Downloads\MiniToolBox.exe
2019-04-24 15:28 - 2019-04-24 15:28 - 000587808 _____ (Reimage) C:\Users\ellyv\Downloads\ReimageRepair.exe
2019-04-23 11:21 - 2019-04-23 11:21 - 000014820 _____ C:\Users\ellyv\Downloads\Louis Couperus_ Gedroomd minnen.html
2019-04-23 11:18 - 2019-04-23 11:18 - 000014786 _____ C:\Users\ellyv\Downloads\couperus 1.html
2019-04-23 11:00 - 2019-04-23 11:00 - 000001491 _____ C:\Users\ellyv\Downloads\couperus.html
2019-04-23 10:36 - 2019-04-23 10:36 - 001597509 _____ C:\Users\ellyv\Downloads\potgieter.zip
2019-04-23 10:34 - 2019-04-23 11:02 - 000000000 ____D C:\Users\ellyv\Downloads\Laurens Janszoon Coster_files
2019-04-23 10:34 - 2019-04-23 10:34 - 000011085 _____ C:\Users\ellyv\Downloads\Laurens Janszoon Coster.html
2019-04-13 00:04 - 2019-04-13 00:04 - 000000020 ___SH C:\Users\hansv\ntuser.ini
2019-04-13 00:04 - 2019-04-13 00:04 - 000000000 ____D C:\Users\hansv\AppData\Local\ConnectedDevicesPlatform
2019-04-10 13:30 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 13:30 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 13:30 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 13:30 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 13:30 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 13:30 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 13:30 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 13:30 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 13:30 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 13:30 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 13:30 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 13:30 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 13:30 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 13:30 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 13:30 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 13:30 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 13:30 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 13:30 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 13:30 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 13:30 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 13:30 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 13:30 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 13:30 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 13:30 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 13:30 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 13:30 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 13:30 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 13:30 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 13:30 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 13:30 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 13:30 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 13:30 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 13:30 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 13:30 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 13:30 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 13:30 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 13:30 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 13:30 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 13:30 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 13:30 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 13:30 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 13:30 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 13:30 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 13:30 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 13:30 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 13:30 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 13:30 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 13:30 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 13:30 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 13:30 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 13:30 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 13:30 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 13:30 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 13:30 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 13:30 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 13:30 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 13:30 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 13:30 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 13:30 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 13:30 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 13:30 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 13:30 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 13:30 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 13:30 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 13:30 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 13:30 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 13:30 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 13:30 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 13:30 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 13:30 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 13:30 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 13:30 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 13:30 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 13:30 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 13:30 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 13:29 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 13:29 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 13:29 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 13:29 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 13:29 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 13:29 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 13:29 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 13:29 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 13:29 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 13:29 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 13:29 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 13:29 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 13:29 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 13:29 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 13:29 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 13:29 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 13:29 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 13:29 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 13:29 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 13:29 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 13:29 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 13:29 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 13:29 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 13:29 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 13:29 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 13:29 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 13:29 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 13:29 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 13:29 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 13:29 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 13:29 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 13:29 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 13:29 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 13:29 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 13:29 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 13:29 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 13:29 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 13:29 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 13:29 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 13:29 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 13:29 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 13:29 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 13:29 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 13:29 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 13:29 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 13:29 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 13:29 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 13:29 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 13:29 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 13:29 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 13:29 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 13:29 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 13:29 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 13:29 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 13:29 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 13:29 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 13:29 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 13:29 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 13:29 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 13:29 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 13:29 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 13:29 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 13:29 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 13:29 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 13:29 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 13:29 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 13:29 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 13:29 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 13:29 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 13:29 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 13:29 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 13:29 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 13:29 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 13:29 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 13:29 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 13:29 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 13:29 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 13:29 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 13:29 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 13:29 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 13:29 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 13:29 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 13:29 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 13:29 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 13:29 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 13:29 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 13:29 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 13:29 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 13:29 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 13:29 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 13:29 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 13:29 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 13:29 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 13:29 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 13:29 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 13:29 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 13:29 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 13:29 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 13:29 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 13:29 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 13:29 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 13:29 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 13:29 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 13:29 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 13:29 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 13:29 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 13:29 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 13:29 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 13:29 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 13:29 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 13:29 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 13:29 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 13:29 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 13:29 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 13:29 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 13:29 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 13:29 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 13:29 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 13:29 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 13:29 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 13:29 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 13:29 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 13:29 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 13:29 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 13:29 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 13:29 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 13:29 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 13:29 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 13:29 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 13:29 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 08:58 - 2019-03-06 09:17 - 000205992 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-04-10 08:58 - 2019-03-06 09:17 - 000130216 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-04-10 08:58 - 2019-03-06 09:17 - 000097960 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-04-10 08:58 - 2019-03-06 09:17 - 000043688 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-03 22:23 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-03 22:21 - 2018-12-04 17:28 - 000000000 ____D C:\FRST
2019-05-03 22:19 - 2018-12-01 20:39 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-03 22:07 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-03 22:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-03 22:06 - 2016-04-14 04:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-05-03 22:06 - 2016-04-08 04:52 - 000000000 __SHD C:\Users\ellyv\IntelGraphicsProfiles
2019-05-02 10:51 - 2018-12-08 13:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-02 10:51 - 2018-12-08 13:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-02 09:47 - 2019-01-09 12:47 - 000000000 ____D C:\ProgramData\{CDD608B5-4794-8273-C152-1C315B1097FF}
2019-04-30 22:57 - 2016-04-08 04:52 - 000000000 ____D C:\Users\ellyv\AppData\Local\Packages
2019-04-29 18:10 - 2018-12-08 13:20 - 000000000 ____D C:\Users\ellyv
2019-04-29 17:33 - 2018-12-22 12:43 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-04-29 17:28 - 2018-12-08 13:20 - 000000000 ____D C:\Users\hansv
2019-04-29 17:28 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-29 17:28 - 2015-09-20 13:20 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2019-04-29 17:04 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-04-29 16:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\registration
2019-04-23 10:42 - 2016-05-07 18:58 - 000000000 ____D C:\Users\ellyv\AppData\Local\ElevatedDiagnostics
2019-04-23 10:24 - 2018-12-08 13:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-21 09:46 - 2018-08-10 12:06 - 000000000 ____D C:\Users\ellyv\AppData\Local\CrashDumps
2019-04-21 09:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-18 11:37 - 2016-08-21 17:02 - 000000000 ____D C:\Users\ellyv\AppData\Roaming\vlc
2019-04-17 16:29 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-04-13 17:54 - 2018-12-11 11:43 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2735736808-2654838343-107945157-1001
2019-04-13 17:54 - 2018-12-08 13:20 - 000002372 _____ C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-13 17:54 - 2016-04-08 04:56 - 000000000 ___RD C:\Users\ellyv\OneDrive
2019-04-13 00:11 - 2016-04-19 22:25 - 000000000 __SHD C:\Users\hansv\IntelGraphicsProfiles
2019-04-13 00:06 - 2016-04-19 22:25 - 000000000 ____D C:\Users\hansv\AppData\Local\Packages
2019-04-12 23:53 - 2016-04-09 17:49 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-12 23:36 - 2018-12-08 21:52 - 000786272 _____ C:\WINDOWS\system32\perfh013.dat
2019-04-12 23:36 - 2018-12-08 21:52 - 000154174 _____ C:\WINDOWS\system32\perfc013.dat
2019-04-12 23:36 - 2015-07-16 17:54 - 001770610 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-12 17:37 - 2018-12-19 19:56 - 000000000 ____D C:\Users\ellyv\AppData\Local\D3DSCache
2019-04-11 23:35 - 2018-12-08 13:02 - 000411952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2019-04-11 11:25 - 2018-04-12 11:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2019-04-11 11:25 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 10:43 - 2018-12-14 20:04 - 000002328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 10:43 - 2018-12-14 20:04 - 000002287 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-11 10:32 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-11 10:28 - 2019-01-29 20:10 - 000001338 _____ C:\Users\ellyv\Desktop\Spotify.lnk
2019-04-10 13:28 - 2016-04-09 00:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 13:20 - 2016-04-09 00:44 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-09 19:19 - 2018-12-08 13:41 - 000004710 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-09 19:19 - 2018-12-08 13:41 - 000004532 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-09 19:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-09 19:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-05 17:35 - 2018-12-01 22:26 - 000000000 ____D C:\Program Files\rempl
==================== Files in the root of some directories =======
2016-08-04 13:02 - 2016-08-04 13:09 - 000099384 _____ () C:\Users\ellyv\AppData\Roaming\inst.exe
2016-08-04 13:02 - 2016-08-04 13:09 - 000007859 _____ () C:\Users\ellyv\AppData\Roaming\pcouffin.cat
2016-08-04 13:02 - 2016-08-04 13:09 - 000001167 _____ () C:\Users\ellyv\AppData\Roaming\pcouffin.inf
2016-08-04 13:02 - 2016-08-04 13:09 - 000000055 _____ () C:\Users\ellyv\AppData\Roaming\pcouffin.log
2016-08-04 13:02 - 2016-08-04 13:09 - 000082816 _____ (VSO Software) C:\Users\ellyv\AppData\Roaming\pcouffin.sys
2018-12-12 13:56 - 2018-12-12 13:56 - 000000038 _____ () C:\Users\ellyv\AppData\Roaming\WB.CFG
2019-03-04 16:48 - 2019-03-04 16:48 - 000629760 _____ () C:\Users\ellyv\AppData\Local\pRnPlN.exe
2018-06-06 14:05 - 2018-06-06 14:05 - 000000000 _____ () C:\Users\ellyv\AppData\Local\{2698AF4D-7FD5-43A0-A47D-CE7829DC8CEC}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-12-08 13:02
==================== End of FRST.txt ============================

J.van Lieshout · 3 mei 2019

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by ellyv (03-05-2019 22:50:24)
Running from C:\Users\ellyv\Downloads
Windows 10 Home Version 1803 17134.706 (X64) (2018-12-08 11:42:26)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2735736808-2654838343-107945157-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2735736808-2654838343-107945157-503 - Limited - Disabled)
ellyv (S-1-5-21-2735736808-2654838343-107945157-1001 - Administrator - Enabled) => C:\Users\ellyv
Guest (S-1-5-21-2735736808-2654838343-107945157-501 - Limited - Disabled)
hansv (S-1-5-21-2735736808-2654838343-107945157-1002 - Limited - Enabled) => C:\Users\hansv
WDAGUtilityAccount (S-1-5-21-2735736808-2654838343-107945157-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
Acrylic Wi-Fi Home v3.1 (HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\{3706FB7A-11FB-44C4-AD94-2B29878D75DC}_is1) (Version: 3.1 - Tarlogic Security S.L.)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{D2FFE8A1-980E-4CF9-A48F-453D767BA661}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{193C95A3-E4D5-4482-A9C9-1510E29849E4}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Productverbeteringsonderzoek (HKLM\...\{ABDD5DC4-E37C-40E1-AB1C-601AA7F7D383}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{3b62443b-0508-4b68-b01a-52a802851410}) (Version: 20.100.0 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1325.4_WHQL - Sonix)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.5222.01 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}) (Version: 3.0.002.00 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0 - Mozilla)
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.004.8 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
Search Powered by Yahoo! (HKLM-x32\...\{CFFE273E-9F7E-F6BE-2EFE-863EFE7E55BE}) (Version: - )
Search the Web (Yahoo) (HKLM-x32\...\{DCFF343F-8C7F-E5BF-3DFF-953FED7F46BF}) (Version: - ) <==== ATTENTION
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {047B4E86-E8E8-4AFD-8BF5-F93F20C0D338} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {2075E85B-0DC6-4855-8054-58B4F5BBDAB8} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {2233F011-3103-46F8-AC88-CEEDB30FFFA7} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {249F4D09-B379-4FF8-ACAD-8EBD012E9C6E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software) <==== ATTENTION
Task: {2A3234F3-E231-4FAA-8882-B5A1E4422B1A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2B63F229-2ACB-43CC-9769-7E8C4CF15A1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-09] (Adobe)
Task: {2F93CBF9-AF2B-471C-93F7-F30BD871A44B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe [2019-04-09] (Adobe)
Task: {2FCD3536-DB63-49A5-944E-00FF8551907D} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {31610DD8-9A0E-494B-BBFE-769250CD4955} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\19494a2f-8e44-4c94-8dc0-0283ac83faa3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-03-06] (Lenovo Group Ltd.)
Task: {3EDBF408-E30B-4C29-A17E-778A8023B75C} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-03-30] (Microsoft Corporation)
Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {4F6E06A6-2D75-4A15-AAD5-1CACC2F2D97C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-07-02] (Lenovo)
Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {567564F6-4A47-4F8A-87A2-2B35CF49FA7A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5D36617A-AB01-46BD-A0D9-2D929290343F} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {69BD5D71-358E-4E1E-A0F6-6778B04C3EBC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\587b4999-fbb3-402c-a5a4-dd5608268d47 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-03-06] (Lenovo Group Ltd.)
Task: {6CCBBA79-739B-46D6-89B9-CAD84C10AE8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-09] (Google Inc.)
Task: {6D009A6D-6F44-486F-97A9-AC8E065343E9} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-04-08] (Lenovo)
Task: {70C74E9C-1BEC-4F1B-B63E-17E27FD77BCA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-02] ()
Task: {76F74B65-C124-4042-BCE2-E10A290B4050} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-04-08] (AVG Technologies CZ, s.r.o.)
Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {79609C1B-8F1A-4BD9-91F3-65AEC43BAAE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [2019-04-23] (Microsoft Corporation)
Task: {8D41AEB9-583F-454A-9467-6FFB91F254D6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation)
Task: {99CAD5DC-537C-4A37-B528-E6F4DDFE2EE1} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-07-02] (Lenovo)
Task: {9EDA433F-53AC-4A10-9D12-542B03ED36E4} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {AD615A98-17DC-4AE9-AF5C-CAC53C15772C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B1A51967-556C-49AE-9C8C-EB714AA2E788} - System32\Tasks\Search Powered by Yahoo! naref => "wscript.exe" "C:\ProgramData\{CDD608B5-4794-8273-C152-1C315B1097FF}\tamo" "68747470733a2f2f643277763764656e63316a78397a2e636c6f756466726f6e742e6e6574" "//B" "//E:jscript" "--IsErIk"
Task: {B22764AD-BB02-465F-8BA8-434A1B97DF87} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-02] ()
Task: {BBC95E3B-98CF-46DD-96D5-F6858C29A2E5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-05] (Piriform Software Ltd)
Task: {BCC31878-7D05-492F-BA64-65E23200E11F} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {C0E311BF-B1B4-4B0C-9AEF-D5E8D7E52133} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-06-19] (Microsoft Corporation)
Task: {C4555DDF-D0FA-466A-9255-0AF6D1735EDE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [2019-04-23] (Microsoft Corporation)
Task: {CAF0A379-3292-4D9E-AB99-0A223E590CFA} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {D2667C53-B7CB-40F8-97EF-7CE5B4D64D8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-09] (Google Inc.)
Task: {D2EBE06D-A035-4008-87E9-81A05F36446E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {D62A6C29-7F6D-45A3-A70A-185490BFCC86} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {D7CD76D8-8057-498D-B45D-45843274682C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {D81625EF-3B5B-4299-A738-2DBB19663309} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {D845B1FF-6E9D-4650-84E2-A3849D11BFAD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\aa9d383f-277f-469f-b68b-55e30991d970 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-03-06] (Lenovo Group Ltd.)
Task: {DCBE5256-01A9-410B-BE17-6765F722E98E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2019-03-06] (Lenovo Group Ltd.)
Task: {DFC3023F-5BB4-42F6-84B7-2E854ED9A876} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software) <==== ATTENTION
Task: {E2ED8E5A-4905-48DA-AE66-AE82213B2C2D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-04-08] (AVAST Software)
Task: {E4B142A4-928E-456A-ABDD-4A51064DDD35} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [2019-04-23] (Microsoft Corporation)
Task: {ED01AF5D-D11B-4E38-8B45-F7EED8FE8C48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-12-16] (Adobe Systems Incorporated)
Task: {F1E42F84-EFC5-408A-BE73-C0392056D777} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [2019-04-23] (Microsoft Corporation)
Task: {F5BC45B9-9835-4CC5-A2F2-951DEDAA5A81} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2016-04-22] (CyberLink Corp.)
Task: {F6ADD9AE-61BE-4D5A-BD43-334DBBB49B65} - no filepath
Task: {FB6A0EE1-A67B-4A63-BD86-E3022386A32F} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\ellyv\Desktop\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid
ShortcutWithArgument: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid
==================== Loaded Modules (Whitelisted) ==============
2018-12-19 20:01 - 2018-12-19 20:01 - 000195832 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-12-19 20:01 - 2018-12-19 20:01 - 000937208 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2018-12-19 20:01 - 2018-12-19 20:01 - 002329336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000282360 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000578296 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000616696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000267000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000323832 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000978680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000243960 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000750840 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000411384 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000558840 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000665336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sampler_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000853240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000636152 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_fps_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000303864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_heartbeat_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000778488 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2015-09-28 15:09 - 2015-09-28 15:09 - 000043976 _____ () C:\Program Files\Lenovo\QuickOptimizer\LNBPrismAssistInf.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 12:54 - 2018-11-09 04:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-05-26 06:11 - 2017-05-26 06:11 - 000401840 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-04-10 13:30 - 2019-04-02 09:46 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-05-03 19:24 - 2019-05-03 19:29 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-19 20:01 - 2018-12-19 20:01 - 000863480 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
2018-12-19 20:01 - 2018-12-19 20:01 - 000312568 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000555768 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll
2018-12-19 20:01 - 2018-12-19 20:01 - 000636152 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_foreground_window_input.dll
2018-12-11 12:43 - 2018-12-11 12:45 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-05-03 19:24 - 2019-05-03 19:28 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-03-04 16:52 - 2019-03-04 16:52 - 008571392 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1902.361.0_x64__8wekyb3d8bbwe\OneConnect.dll
2019-04-05 17:34 - 2019-04-05 17:36 - 026138624 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-04-05 17:34 - 2019-04-05 17:37 - 000289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 11:24 - 2018-04-12 11:24 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-11 12:46 - 2018-12-11 12:46 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-04-05 17:34 - 2019-04-05 17:36 - 005709824 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-04-05 17:34 - 2019-04-05 17:37 - 008948224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\EntPlat.dll
2016-11-18 15:22 - 2016-04-22 10:55 - 000884504 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2018-12-27 22:43 - 2016-09-22 08:11 - 000081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2019-01-09 12:55 - 000002105 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run32: => "snp2uvc"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\StartupApproved\StartupFolder: => "Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk"
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\StartupApproved\Run: => "PhotoMasterImportAgent"
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\StartupApproved\Run: => "Chromium"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0442DAF4-0E9B-4D13-8620-3EA3550A1809}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{4FDF8363-C27F-43F8-B68D-5B638FCB6565}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{964C8137-5069-44E8-B55D-2B3134606E57}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS52E6\HPDiagnosticCoreUI.exe
FirewallRules: [{931BE7A3-4E17-4256-B60A-0EF3037B528C}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS52E6\HPDiagnosticCoreUI.exe
FirewallRules: [{FE9BFFF8-D20F-4EA5-AC62-9C066C317CD3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{ACB4DF54-C9F7-43CE-B4E8-3E3B17DF2FC3}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{929BBA6B-190C-434D-8994-CC82FCAFB104}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{94B2E460-0C73-41DF-BFDC-72601D8A96A3}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [TCP Query User{3A730A34-D23B-4C74-89CC-885C62896B93}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{2AA58A17-6F5B-4C13-8290-7405302E5299}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{4DE5BDF2-64B0-45D0-B544-92BDFD0A69E5}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS50A6\HPDiagnosticCoreUI.exe
FirewallRules: [{685D813F-2011-4EAA-9E00-97D7E2DECD29}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS50A6\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{8381EAA4-5701-47E2-9A97-F48DB37F2F2F}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{77D9021A-FAB5-4ECC-B07B-85CE2BF6A2C7}C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp photosmart 5520 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{137153A6-EC2F-44B6-9202-C1FFEC056812}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5DFB\HPDiagnosticCoreUI.exe
FirewallRules: [{0CB21516-CC25-4012-9110-CBF9A2502BF0}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5DFB\HPDiagnosticCoreUI.exe
FirewallRules: [{D3B30E33-7A7A-4D1F-90CB-AA0391E2CA52}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{B24CF1EC-39E8-451A-A00E-311807CBCC89}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{51012DC1-67D5-4211-8A27-F5379E0A3906}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{11921050-2E67-4B2F-9C2B-9B6C8DDD18E2}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe
FirewallRules: [{0B61F8D2-50C5-4782-BFDB-D5C9E41B2127}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe
FirewallRules: [{66AF1419-53D5-43FB-B9BE-D4BAED12A4C2}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1F81\HPDiagnosticCoreUI.exe
FirewallRules: [{982FD968-A42D-4B41-801C-902A3344E979}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1F81\HPDiagnosticCoreUI.exe
FirewallRules: [{884E22C0-9A68-4945-AC11-F73EF849683D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS208A\HPDiagnosticCoreUI.exe
FirewallRules: [{4B801B4F-A353-44A5-8E02-93D345A7794C}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS208A\HPDiagnosticCoreUI.exe
FirewallRules: [{044EB021-257B-4CC5-9DCB-1F35964C8138}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS63AC\HPDiagnosticCoreUI.exe
FirewallRules: [{19305344-3FE8-4274-879D-2BD52C501F3F}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS63AC\HPDiagnosticCoreUI.exe
FirewallRules: [{30D50728-4073-4D38-AA3D-7AF03D818C47}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6E2F\HPDiagnosticCoreUI.exe
FirewallRules: [{CC5F8EC4-A595-4CC1-ADAE-8E132B6C408C}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6E2F\HPDiagnosticCoreUI.exe
FirewallRules: [{DEF05EAE-13E2-434C-A840-A0EB8D15715C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{DE72138F-26C4-47C0-93DC-1FFFAFD2B6B9}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{B67B8B8F-FEC4-4D0E-84B1-2C218847AB4E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{29DE4207-37AC-4301-9357-F3E9EB2928AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{EC30EB61-9314-46FC-BBEC-5B94C4E48E64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7AE85BAF-3821-4689-8901-3E9156B48651}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{249C9041-FCB7-42D0-8EF1-C374EC65D41E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{868D825C-7283-4001-86BD-7DF85E23C061}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C33EBF96-A547-44F7-8F6C-9B0F6543EFF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{83360BF2-21AF-4B7D-BAB4-CD95AC99686C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DFFC363D-A28E-447F-AEA2-38EA0D7B573A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe
==================== Restore Points =========================
29-04-2019 16:32:12 Herstelbewerking
03-05-2019 19:25:20 Windows Update
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer:
Service:
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.

==================== Event log errors: =========================
Application errors:
==================
Error: (05/03/2019 10:35:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma SkypeApp.exe, versie 8.44.0.40 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm.
Proces-id: 644
Starttijd: 01d501ebe89c81b6
Eindtijd: 4294967295
Toepassingspad: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Rapport-id: 3000fa16-590d-43e4-b63e-6407e97d802c
Volledige pakketnaam met fout: Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c
Relatieve toepassings-id van pakket met fout: App
Error: (05/03/2019 10:10:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de WmiApRpl-service in DLL-bestand C:\WINDOWS\system32\wbem\wmiaprpl.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 10:10:24 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Kan het prestatieobject voor dee Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode.
Error: (05/03/2019 10:10:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de MSDTC-service in DLL-bestand C:\WINDOWS\system32\msdtcuiu.DLL is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 10:10:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de Lsa-service in DLL-bestand C:\Windows\System32\Secur32.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 10:10:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de ESENT-service in DLL-bestand C:\WINDOWS\system32\esentprf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 10:10:23 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de .NETFramework-service in DLL-bestand C:\WINDOWS\system32\mscoree.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 07:16:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de WmiApRpl-service in DLL-bestand C:\WINDOWS\system32\wbem\wmiaprpl.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
Error: (05/03/2019 07:16:44 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Kan het prestatieobject voor dee Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode.
Error: (05/03/2019 07:16:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de MSDTC-service in DLL-bestand C:\WINDOWS\system32\msdtcuiu.DLL is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.

System errors:
=============
Error: (05/03/2019 10:20:54 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-V74MEMEU)
Description: De server microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe!microsoft.windowslive.mail heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
Error: (05/03/2019 10:11:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 10:08:45 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-V74MEMEU)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker LAPTOP-V74MEMEU\ellyv SID (S-1-5-21-2735736808-2654838343-107945157-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0 SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 10:06:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 10:06:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 10:06:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 08:00:54 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-V74MEMEU)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker LAPTOP-V74MEMEU\ellyv SID (S-1-5-21-2735736808-2654838343-107945157-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 07:59:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x8024200d: Feature update to Windows 10, version 1809.
Error: (05/03/2019 07:53:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-V74MEMEU)
Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
en APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
aan de gebruiker LAPTOP-V74MEMEU\ellyv SID (S-1-5-21-2735736808-2654838343-107945157-1001) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (05/03/2019 07:51:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

CodeIntegrity:
===================================
Date: 2019-04-02 23:28:38.396
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.373
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.267
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.243
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.217
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:38.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:37.256
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-04-02 23:28:37.139
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-12-13 09:50:17.665
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-12-13 09:50:17.647
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\pmls64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 48%
Total physical RAM: 4017.08 MB
Available physical RAM: 2086.11 MB
Total Virtual: 8113.08 MB
Available Virtual: 5140.41 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:418.63 GB) (Free:317.14 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 552C2E96)
Partition: GPT.
==================== End of Addition.txt ============================

Abraham54 · 4 mei 2019

Door je niet aan de handleiding te houden en de logs niet bij te voegen, heb jij jezelf meer werk laten doen door de inhoud van de logs in je antwoord te plakken, waarbij het ook nog eens een rommeltje is geworden en ik bijgevolg er meer weer meer werk aan overhield dit alles te analyseren.

Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.

We gaan

Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer nu de tekst die in het code-venster staat en plak die tekst in het lege kladblokvenster.

Code:

start
CreateRestorePoint:

Search the Web (Yahoo) (HKLM-x32\...\{DCFF343F-8C7F-E5BF-3DFF-953FED7F46BF}) (Version: - ) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
CHR HomePage: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Extension: (AVG SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-03-14]
Task: {76F74B65-C124-4042-BCE2-E10A290B4050} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-04-08] (AVG Technologies CZ, s.r.o.

EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
end

Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken

Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
Als het programma wordt gestart, klik dan op Ja in de popup.
Druk op de Fix knop.
Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
Post de inhoud van dit logbestand in jouw volgende bericht.

[Onopgelost] Opstarten gaat niet, of erg moeizaam

Gewaardeerd

Verwijderd lid 59498

Gast

NCF Goeroe

Gewaardeerd

Abraham54

Gast

NCF Goeroe

Gewaardeerd

NCF Goeroe

Abraham54

Gast

Gewaardeerd

Abraham54

Gast

Gewaardeerd

Abraham54

Gast

Gewaardeerd

Abraham54

Gast

Gewaardeerd

Abraham54

Gast

Gewaardeerd

Gewaardeerd

Abraham54

Gast

Wij waarderen jouw privacy