1. #1

    Unhappy ColorUService

    Hi Corinne,&lt;br&gt;<br>
    I found your website while looking for an answer to my problem with colorUservice. I also prevends me from shutting down the computer (ASUS 300) properly + my computer has been very slow the last couple of weeks and sometimes just freezes while I try to turn it on. &lt;br&gt;<br>
    I'm not exactly a computer wizard so I hope you can help me...I have tried the 'DISM.exe /Online /Cleanup-image /Restorehealth</b>' link but it stalls at 20%? It won't let me go to the next step 'sfc /scannow


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,615

    Re: ColorUService

    Hi, eleyenaar.

    Welcome to Sysnative. In order to assist you, I need to see logs. Please follow the instructions here: Malware Removal Posting Instructions


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  3. #3

    Re: ColorUService

    Thanks will try

  4. #4

    Re: ColorUService

    Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:31-08-2015
    Gestart door Elisabeth (Beheerder) op ELISABETH (01-09-2015 15:51:32)
    Gestart vanaf C:\Users\Elisabeth\Downloads
    Geladen Profielen: Elisabeth (Beschikbare Profielen: Elisabeth & Administrator)
    Platform: Windows 8 (X64) Taal: Nederlands (Nederland)
    Internet Explorer Versie 10 (Standaardbrowser: Chrome)
    Boot Modus: Normal
    Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum


    ==================== Processen (gefilterd) =================


    (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)


    (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
    () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
    (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
    (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
    (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\AutoUpdate.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17280_none_6224eed751126779\TiWorker.exe
    (Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\0d07ff703505fd9b670db379c141cd20\windowsstoresetupbox.exe
    (Microsoft Corporation) C:\$Windows.~BT\Sources\SetupHost.exe
    (McAfee, Inc.) C:\Program Files\mcafee\msc\mcupdmgr.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corp.) C:\Windows\System32\Defrag.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (Microsoft Corporation) C:\Windows\System32\aitagent.exe
    (Microsoft Corporation) C:\Windows\System32\MRT.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe




    ==================== Register (gefilterd) ===========================


    (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)


    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2497769255-3106467318-1841470499-1001\...\Run: [GoogleChromeAutoLaunch_A385CFAFF1AE1048CD6A10CF09A23046] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
    HKU\S-1-5-21-2497769255-3106467318-1841470499-1001\...\Run: [OneDrive] => C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-08-31] (Microsoft Corporation)
    HKU\S-1-5-21-2497769255-3106467318-1841470499-1001\...\RunOnce: [Uninstall C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64"
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
    ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)


    ==================== Internet (gefilterd) ====================


    (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)


    Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
    Tcpip\..\Interfaces\{1AFD02F2-AD80-4C01-A7BC-CF982BDE4898}: [DhcpNameServer] 192.168.2.254
    Tcpip\..\Interfaces\{A10EA01E-EA7F-4212-ABA1-DBDE693E213F}: [DhcpNameServer] 192.168.32.1


    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beleid restrictie <======= AANDACHT
    HKU\S-1-5-21-2497769255-3106467318-1841470499-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
    HKU\S-1-5-21-2497769255-3106467318-1841470499-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
    SearchScopes: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
    BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-31] (Qualcomm Atheros Commnucations)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-10] (Microsoft Corporation)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2012-11-30] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2012-11-30] (McAfee, Inc.)


    FireFox:
    ========
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2012-11-30] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2012-11-30] ()
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-10] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-31] (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-04-26]


    Chrome:
    =======
    CHR Profile: C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-10]
    CHR Extension: (Google Docs) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-10]
    CHR Extension: (Google Drive) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-10]
    CHR Extension: (YouTube) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-10]
    CHR Extension: (Google Search) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-10]
    CHR Extension: (Google Sheets) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-10]
    CHR Extension: (Pin It Button) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-08-10]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-10]
    CHR Extension: (Gmail) - C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-10]


    ==================== Services (gefilterd) ========================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    R3 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
    R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Bestand niet getekend]
    R3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-10-31] (Qualcomm Atheros Commnucations) [Bestand niet getekend]
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-07-14] (Microsoft Corporation)
    R3 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
    R3 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
    R3 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
    R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
    R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
    S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
    R3 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
    R3 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
    S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [388240 2012-11-23] (McAfee, Inc.)
    R3 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
    R3 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
    R3 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
    R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1007288 2012-10-06] (McAfee, Inc.)
    R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-11-09] (McAfee, Inc.)
    R2 mfevtp; C:\windows\system32\mfevtps.exe [177680 2012-11-09] (McAfee, Inc.)
    R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [220856 2012-11-30] (McAfee, Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
    R3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-31] (Atheros) [Bestand niet getekend]


    ===================== Drivers (gefilterd) ==========================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation)
    R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-31] (Qualcomm Atheros)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-11-09] (McAfee, Inc.)
    R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
    R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
    R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
    R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
    R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2013-04-26] (Broadcom Corporation)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
    R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
    R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-11-09] (McAfee, Inc.)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-11-09] (McAfee, Inc.)
    U3 mfeavfk01; geen ImagePath
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2012-11-09] (McAfee, Inc.)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-11-09] (McAfee, Inc.)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-11-09] (McAfee, Inc.)
    R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
    S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-11-09] (McAfee, Inc.)
    U0 msahci; geen ImagePath


    ==================== NetSvcs (gefilterd) ===================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)




    ==================== Een Maand Aangemaakt bestanden en mappen ========


    (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)


    2015-09-01 15:51 - 2015-09-01 15:54 - 00018362 _____ C:\Users\Elisabeth\Downloads\FRST.txt
    2015-09-01 15:50 - 2015-09-01 15:52 - 00000000 ____D C:\FRST
    2015-09-01 15:49 - 2015-09-01 15:49 - 02188800 _____ (Farbar) C:\Users\Elisabeth\Downloads\FRST64.exe
    2015-09-01 10:09 - 2015-08-08 04:27 - 00793544 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-09-01 10:09 - 2015-08-08 04:27 - 00177632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-09-01 10:02 - 2015-09-01 10:02 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
    2015-09-01 10:02 - 2015-09-01 10:02 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-08-31 23:05 - 2015-08-31 23:05 - 00000000 _____ C:\WINDOWS\system32\[X]
    2015-08-31 20:36 - 2015-08-31 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2015-08-31 14:02 - 2015-08-31 15:10 - 00000000 ____D C:\WINDOWS\system32\AutoUpdateLicense
    2015-08-31 12:35 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2015-08-31 12:35 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aaclient.dll
    2015-08-31 12:35 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2015-08-31 12:35 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aaclient.dll
    2015-08-31 12:35 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
    2015-08-31 12:35 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
    2015-08-31 12:35 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
    2015-08-31 12:35 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
    2015-08-31 12:34 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2015-08-31 12:34 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2015-08-31 12:34 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2015-08-31 12:34 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2015-08-31 12:34 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2015-08-31 12:34 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2015-08-31 12:34 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2015-08-31 12:34 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2015-08-31 12:34 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2015-08-31 12:34 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2015-08-31 12:34 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2015-08-31 12:34 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2015-08-31 12:34 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2015-08-31 12:34 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
    2015-08-31 12:34 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
    2015-08-31 12:33 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2015-08-31 12:33 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2015-08-31 12:33 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2015-08-31 12:33 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2015-08-31 12:33 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-08-31 12:33 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2015-08-31 12:33 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2015-08-31 12:33 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2015-08-31 12:33 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-08-31 12:33 - 2015-07-16 22:31 - 19291648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-08-31 12:33 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2015-08-31 12:33 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-08-31 12:33 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2015-08-31 12:33 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-08-31 12:33 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-08-31 12:33 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2015-08-31 12:33 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2015-08-31 12:33 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2015-08-31 12:33 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 14383616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
    2015-08-31 12:33 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2015-08-31 12:33 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
    2015-08-31 12:33 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
    2015-08-31 12:32 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
    2015-08-31 12:32 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2015-08-31 12:32 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2015-08-31 12:32 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
    2015-08-31 12:32 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2015-08-31 12:32 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2015-08-31 12:32 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
    2015-08-31 12:32 - 2015-06-09 15:09 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
    2015-08-31 12:31 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
    2015-08-31 12:31 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
    2015-08-31 12:31 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
    2015-08-31 11:25 - 2015-08-31 13:50 - 00005068 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ELISABETH-Elisabeth Elisabeth
    2015-08-16 21:22 - 2015-08-16 21:22 - 00000000 ____D C:\sources
    2015-08-10 21:41 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2015-08-10 21:06 - 2015-08-10 21:06 - 00000000 ____D C:\Users\Elisabeth\AppData\Local\Adobe
    2015-08-10 21:03 - 2015-08-31 12:52 - 00002257 _____ C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2015-08-10 21:03 - 2015-08-10 21:03 - 00002227 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2015-08-10 21:03 - 2015-08-10 21:03 - 00002227 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2015-08-10 21:03 - 2015-08-10 21:03 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
    2015-08-10 20:51 - 2015-08-10 20:51 - 01382640 _____ C:\WINDOWSNIRMALA.tt2
    2015-08-10 20:51 - 2015-08-10 20:51 - 01334012 _____ C:\WINDOWSNIRMALAB.tt2
    2015-08-10 19:56 - 2015-08-10 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
    2015-08-10 19:54 - 2015-08-31 13:52 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2015-08-10 19:49 - 2015-08-31 11:41 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-08-10 19:49 - 2015-08-10 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2015-08-10 19:47 - 2015-09-01 10:13 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-08-10 19:47 - 2015-09-01 10:12 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-08-10 19:47 - 2015-08-31 11:07 - 00004056 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-08-10 19:47 - 2015-08-31 11:07 - 00003820 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-08-10 19:47 - 2015-08-10 19:49 - 00000000 ____D C:\Users\Elisabeth\AppData\Local\Google
    2015-08-10 19:47 - 2015-08-10 19:48 - 00000000 ____D C:\Program Files (x86)\Google
    2015-08-10 19:46 - 2015-08-10 19:47 - 00000000 ____D C:\Users\Elisabeth\AppData\Local\Deployment
    2015-08-10 19:46 - 2015-08-10 19:46 - 00000000 ____D C:\Users\Elisabeth\AppData\Local\Apps\2.0
    2015-08-10 19:41 - 2015-08-10 19:41 - 00000000 ____D C:\Users\Elisabeth\AppData\Roaming\Macromedia
    2015-08-07 12:50 - 2015-08-07 12:50 - 00006086 _____ C:\Users\Elisabeth\Desktop\Verwijderde apps.html
    2015-08-07 12:50 - 2015-08-07 12:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
    2015-08-07 12:48 - 2015-08-10 21:06 - 00000000 ____D C:\Users\Elisabeth\AppData\Roaming\Adobe
    2015-08-07 12:48 - 2015-08-07 12:48 - 00001424 _____ C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-08-07 12:48 - 2015-08-07 12:48 - 00000188 _____ C:\WINDOWS\FixPatch.log
    2015-08-07 12:47 - 2015-09-01 10:19 - 00000062 _____ C:\Users\Elisabeth\AppData\Roaming\sp_data.sys
    2015-08-07 12:46 - 2015-08-07 12:46 - 00000000 ____D C:\Users\Elisabeth\AppData\Roaming\Atheros
    2015-08-07 12:46 - 2015-08-07 12:46 - 00000000 ____D C:\Users\Elisabeth\AppData\Roaming\ASUS WebStorage
    2015-08-07 12:46 - 2015-08-07 12:46 - 00000000 ____D C:\Users\Elisabeth\AppData\Local\BMExplorer
    2015-08-07 12:45 - 2015-08-07 12:46 - 00000000 ____D C:\Users\Elisabeth\AppData\Local\ASUS
    2015-08-07 12:44 - 2015-08-10 19:55 - 00000000 ____D C:\Users\Elisabeth\AppData\Local\VirtualStore
    2015-08-07 12:44 - 2015-08-07 12:44 - 00000020 ___SH C:\Users\Elisabeth\ntuser.ini
    2015-08-07 11:50 - 2015-09-01 10:13 - 00796080 _____ C:\WINDOWS\system32\perfh00C.dat
    2015-08-07 11:50 - 2015-09-01 10:13 - 00787034 _____ C:\WINDOWS\system32\perfh010.dat
    2015-08-07 11:50 - 2015-09-01 10:13 - 00157634 _____ C:\WINDOWS\system32\perfc00C.dat
    2015-08-07 11:50 - 2015-09-01 10:13 - 00155158 _____ C:\WINDOWS\system32\perfc010.dat
    2015-08-07 11:50 - 2015-08-07 11:07 - 00340806 _____ C:\WINDOWS\system32\perfi010.dat
    2015-08-07 11:50 - 2015-08-07 11:07 - 00039784 _____ C:\WINDOWS\system32\perfd010.dat
    2015-08-07 11:50 - 2015-08-07 11:04 - 00350772 _____ C:\WINDOWS\system32\perfi00C.dat
    2015-08-07 11:50 - 2015-08-07 11:04 - 00040528 _____ C:\WINDOWS\system32\perfd00C.dat
    2015-08-07 11:40 - 2015-08-07 11:40 - 00000000 ____D C:\WINDOWS\SysWOW64\it
    2015-08-07 11:40 - 2015-08-07 11:40 - 00000000 ____D C:\WINDOWS\SysWOW64\0410
    2015-08-07 11:40 - 2015-08-07 11:40 - 00000000 ____D C:\WINDOWS\system32\it
    2015-08-07 11:40 - 2015-08-07 11:40 - 00000000 ____D C:\WINDOWS\system32\0410
    2015-08-07 11:39 - 2015-08-07 11:39 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
    2015-08-07 11:38 - 2015-08-07 11:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Drivers\en-GB
    2015-08-07 11:38 - 2015-08-07 11:38 - 00000000 ____D C:\WINDOWS\system32\0409
    2015-08-07 11:37 - 2015-08-07 11:37 - 00000000 ____D C:\WINDOWS\system32\Drivers\en-GB
    2015-08-07 11:34 - 2015-08-07 11:34 - 00000000 ____D C:\WINDOWS\SysWOW64\fr
    2015-08-07 11:34 - 2015-08-07 11:34 - 00000000 ____D C:\WINDOWS\SysWOW64\040C
    2015-08-07 11:33 - 2015-08-07 11:33 - 00000000 ____D C:\WINDOWS\system32\fr
    2015-08-07 11:33 - 2015-08-07 11:33 - 00000000 ____D C:\WINDOWS\system32\040C


    ==================== Een Maand Gewijzigd bestanden en mappen ========


    (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)


    2015-09-01 15:40 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-09-01 10:17 - 2013-09-19 05:10 - 01905498 _____ C:\WINDOWS\WindowsUpdate.log
    2015-09-01 10:16 - 2013-09-19 05:29 - 00003268 _____ C:\WINDOWS\System32\Tasks\AsusVibeSchedule
    2015-09-01 10:16 - 2013-09-19 05:29 - 00003004 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
    2015-09-01 10:16 - 2013-09-19 05:28 - 00003028 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
    2015-09-01 10:15 - 2013-09-19 05:29 - 00002988 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
    2015-09-01 10:15 - 2013-09-19 05:27 - 00003056 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
    2015-09-01 10:15 - 2013-09-19 05:19 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
    2015-09-01 10:15 - 2013-04-26 01:15 - 00000000 ____D C:\ProgramData\Adobe
    2015-09-01 10:14 - 2015-06-17 10:54 - 00000000 ____D C:\Users\Elisabeth\OneDrive
    2015-09-01 10:13 - 2012-08-03 01:15 - 00802978 _____ C:\WINDOWS\system32\perfh013.dat
    2015-09-01 10:13 - 2012-08-03 01:15 - 00161726 _____ C:\WINDOWS\system32\perfc013.dat
    2015-09-01 10:13 - 2012-07-26 09:28 - 03671134 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-09-01 10:08 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-09-01 10:06 - 2012-08-02 15:24 - 00008134 _____ C:\WINDOWS\PFRO.log
    2015-09-01 10:06 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
    2015-09-01 10:03 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-01 10:03 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
    2015-09-01 10:03 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
    2015-09-01 10:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
    2015-09-01 10:02 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2015-09-01 10:01 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\en-GB
    2015-09-01 09:33 - 2014-11-22 00:02 - 00000000 ___HD C:\$Windows.~BT
    2015-09-01 09:07 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
    2015-08-31 23:05 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-08-31 20:33 - 2013-04-26 01:18 - 00000000 ____D C:\ProgramData\McAfee
    2015-08-31 17:23 - 2015-06-14 18:34 - 00000000 ____D C:\Users\Elisabeth\AppData\Local\Packages
    2015-08-31 15:13 - 2015-07-15 06:37 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-08-31 14:34 - 2015-07-15 06:37 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2015-08-31 14:04 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-08-31 14:04 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-08-31 14:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\WinStore
    2015-08-31 12:50 - 2015-07-15 00:28 - 00000000 ____D C:\Users\Elisabeth
    2015-08-31 12:50 - 2013-04-26 01:18 - 00000000 ____D C:\Program Files (x86)\McAfee
    2015-08-31 11:28 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
    2015-08-31 11:14 - 2013-09-19 05:29 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
    2015-08-31 11:14 - 2013-09-19 05:29 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
    2015-08-31 11:10 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
    2015-08-16 21:30 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-08-16 21:30 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
    2015-08-16 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
    2015-08-16 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2015-08-16 21:30 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
    2015-08-16 21:29 - 2012-07-26 10:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-08-16 21:29 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
    2015-08-16 21:29 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\oobe
    2015-08-16 21:28 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
    2015-08-16 21:28 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
    2015-08-16 21:28 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2015-08-16 21:28 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
    2015-08-16 21:28 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Dism
    2015-08-16 21:27 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData
    2015-08-16 21:25 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
    2015-08-16 21:25 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
    2015-08-16 21:25 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
    2015-08-16 21:24 - 2012-08-03 01:01 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
    2015-08-16 21:24 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
    2015-08-16 21:24 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
    2015-08-16 21:24 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
    2015-08-16 21:24 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
    2015-08-16 21:24 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\system32\winrm
    2015-08-16 21:24 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2015-08-16 21:24 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
    2015-08-16 21:24 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
    2015-08-16 21:24 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\migwiz
    2015-08-16 21:23 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\system32\slmgr
    2015-08-16 21:23 - 2012-07-26 07:38 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2015-08-16 21:22 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\system32\WCN
    2015-08-16 21:22 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
    2015-08-16 21:22 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2015-08-16 21:22 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\Com
    2015-08-10 21:03 - 2012-08-02 15:33 - 00000000 ____D C:\WINDOWS\Log
    2015-08-10 20:17 - 2014-02-21 20:36 - 00000000 __RDO C:\Users\Elisabeth\SkyDrive
    2015-08-10 19:40 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\NDF
    2015-08-07 13:21 - 2015-07-15 02:24 - 00000000 ____D C:\Windows.old
    2015-08-07 13:13 - 2015-07-14 21:44 - 00000000 ___HD C:\$SysReset
    2015-08-07 12:46 - 2013-09-19 05:26 - 00000000 ____D C:\ProgramData\Atheros
    2015-08-07 12:38 - 2012-07-26 07:37 - 00000000 ____D C:\WINDOWS\servicing
    2015-08-07 11:39 - 2012-07-26 11:43 - 00000000 ____D C:\WINDOWS\en-GB
    2015-08-07 11:39 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
    2015-08-07 11:33 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\MUI
    2015-08-07 11:32 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AppCompat


    ==================== Bestanden in de root van sommige mappen =======


    2015-08-07 12:47 - 2015-09-01 10:19 - 0000062 _____ () C:\Users\Elisabeth\AppData\Roaming\sp_data.sys
    2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS


    Bestanden om te verplaatsen of verwijderen:
    ====================
    C:\ProgramData\SetStretch.VBS




    Sommige bestanden in TEMP:
    ====================
    C:\Users\Elisabeth\AppData\Local\Temp\mpam-61119e9c.exe




    ==================== Bamital & volsnap =================


    (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)


    C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
    C:\WINDOWS\system32\wininit.exe => Bestand is getekend
    C:\WINDOWS\explorer.exe => Bestand is getekend
    C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
    C:\WINDOWS\system32\svchost.exe => Bestand is getekend
    C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
    C:\WINDOWS\system32\services.exe => Bestand is getekend
    C:\WINDOWS\system32\User32.dll => Bestand is getekend
    C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
    C:\WINDOWS\system32\userinit.exe => Bestand is getekend
    C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
    C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
    C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
    C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
    C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend




    LastRegBack: 2015-09-01 15:45


    ==================== Eind van FRST.txt ============================

  5. #5

    Re: ColorUService

    Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:31-08-2015
    Gestart door Elisabeth (2015-09-01 15:56:47)
    Gestart vanaf C:\Users\Elisabeth\Downloads
    Boot Modus: Normal
    ==========================================================




    ==================== Accounts: =============================


    Administrator (S-1-5-21-2497769255-3106467318-1841470499-500 - Administrator - Disabled) => C:\Users\Administrator
    Elisabeth (S-1-5-21-2497769255-3106467318-1841470499-1001 - Administrator - Enabled) => C:\Users\Elisabeth
    Gast (S-1-5-21-2497769255-3106467318-1841470499-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2497769255-3106467318-1841470499-1005 - Limited - Enabled)


    ==================== Security Center ========================


    (Als een item is opgenomen in de fixlist, zal het worden verwijderd.)


    AV: McAfee Antivirus en antispyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee Antivirus en antispyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}


    ==================== Geļnstalleerde programma's ======================


    (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)


    Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
    Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.3.143.61629 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 3.3.143.61629 - Alcor Micro Corp.) Hidden
    ASUS FaceKey (HKLM-x32\...\{ACE24C70-743B-43B0-8045-817FF050800B}) (Version: 4.1.0.0 - )
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.4 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.4 - ASUS)
    ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
    ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0014 - ASUS)
    ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
    ASUS Video DSP (HKLM-x32\...\{B80DB514-46E5-43AA-B68C-1EBBF5CF7D34}) (Version: 1.0.000 - )
    ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.30 - ASUS)
    ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
    Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.6.1082 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    McAfee Internet Security (HKLM-x32\...\MSC) (Version: 12.1.282 - McAfee, Inc.)
    Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 15.0.4745.1002 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-2497769255-3106467318-1841470499-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
    Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
    Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
    Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Qualcomm Atheros Communications Inc.)
    Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6828 - Realtek Semiconductor Corp.)
    Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
    Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
    WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
    Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)


    ==================== Aangepaste CLSID (gefilterd): ==========================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-2497769255-3106467318-1841470499-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncApi64.dll (Microsoft Corporation)


    ==================== Herstelpunten =========================


    16-08-2015 21:04:24 Windows Update
    31-08-2015 13:59:06 Windows Update


    ==================== Hosts inhoud: ===============================


    (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)


    2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Geplande Taken (gefilterd) =============


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    Task: {0C3DC15D-99AF-4660-9EF4-69C3952173AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
    Task: {12542F43-3BEE-4605-A512-927BFF8B8E9F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-07-14] (Microsoft Corporation)
    Task: {2776D121-22E1-4D12-9864-53C6289A3D85} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-07-01] (ASUSTeK Computer Inc.)
    Task: {29FE5A87-41B2-4CBD-AE38-7BABEB630F53} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ELISABETH-Elisabeth Elisabeth => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-08-10] (Microsoft Corporation)
    Task: {2FE2C5AA-45DA-477E-A4A3-C037FE347FF4} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
    Task: {327230E0-D0BA-4FFD-BDD7-EBE0C846C2EF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
    Task: {3CFE75DF-A615-44FB-8368-C770ECC58A4B} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-07-01] (ASUSTeK Computer Inc.)
    Task: {41ECBCF0-9CC7-4168-B91E-9AA520392413} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
    Task: {A7FFCBF8-8FD0-45D6-8978-1E9DCB1A6CE6} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-06-28] (AsusTek)
    Task: {BE042205-70C9-4E17-92DB-4C6E12113A52} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
    Task: {BFB078FB-9885-4B72-BD7D-4B9139DEB76D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
    Task: {D08539F5-8EF2-42E5-B9AB-0F0ED1C099E7} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
    Task: {DCEC1B46-1F58-4E21-84A5-C771AF9E5BFB} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-07-31] (ASUSTeK Computer Inc.)
    Task: {DEFBCBA3-BC4C-465C-B944-67C4D340C80B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-06-03] (ASUS)
    Task: {E8E1F16F-C108-4761-A2AF-C740D80A1FDB} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-06-19] (ASUS)
    Task: {E9A22A22-32AA-4D75-BEDD-273EBEB9A2CF} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
    Task: {EA253461-7480-4606-A53F-65E4D7924474} - System32\Tasks\ASUS Vivokey => C:\Program Files\ASUS\ASUS VivoBook\vivokey.exe [2013-07-01] (ASUSTek Computer Inc.)
    Task: {EF3839FB-42FC-49E4-BDB7-16B56217D73D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-31] (Microsoft Corporation)


    (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)


    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


    ==================== Geladen Modules (gefilterd) ==============


    2015-08-10 20:47 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
    2012-10-31 21:57 - 2012-10-31 21:57 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
    2012-10-31 21:52 - 2012-10-31 21:52 - 00020480 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\nl-NL\BtTray.nl-NL.dll
    2012-10-31 21:55 - 2012-10-31 21:55 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
    2012-10-31 21:57 - 2012-10-31 21:57 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
    2013-06-19 21:49 - 2013-06-19 21:49 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2013-08-05 09:15 - 2012-11-02 09:19 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
    2015-08-31 11:41 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
    2015-08-31 11:41 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
    2015-08-10 20:51 - 2015-08-10 20:56 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
    2013-09-19 05:14 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2013-04-29 15:17 - 2013-04-29 15:17 - 00587264 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll


    ==================== Alternate Data Streams (gefilterd) =========


    (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


    AlternateDataStreams: C:\Users\Elisabeth\SkyDrive:ms-properties


    ==================== Veilige Modus (gefilterd) ===================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"


    ==================== EXE Bestandskoppeling (gefilterd) ===============


    (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)




    ==================== Internet Explorer vertrouwde/beperkte toegang ===============


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)




    ==================== Andere gebieden ============================


    (Momenteel is er geen automatische fix voor dit onderdeel.)


    HKU\S-1-5-21-2497769255-3106467318-1841470499-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\asus\wallpapers\asus.jpg
    DNS Servers: 192.168.2.254
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is ingeschakeld.


    ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==


    (Momenteel is er geen automatische fix voor dit onderdeel.)


    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
    MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
    MSCONFIG\startupreg: BtvStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
    MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
    MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
    MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
    MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
    MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s


    ==================== Firewall regels (gefilterd) ===============


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
    FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
    FirewallRules: [{99AB5382-1059-45AC-AAEB-E32736E99DF9}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{D455A165-03A7-4A41-88EC-FD4627D4B5FF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [{446A29A0-D39F-4106-94B6-DB6B49469DEE}] => (Allow) C:\Users\Elisabeth\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    FirewallRules: [{CEA48694-3470-4446-84FF-23CAF8A92A40}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Defecte Apparaatbeheer Apparaten =============




    ==================== Eventlog fouten: =========================


    Applicatiefouten:
    ==================
    Error: (09/01/2015 03:58:52 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:54:33 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:51:56 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:51:55 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:51:52 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:40:10 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 10:15:48 AM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 10:15:46 AM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 09:17:54 AM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Kan activeringscontext voor C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1 niet maken. Fout in manifest of beleidsbestand C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2 op regel C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
    Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
    Conflicterende onderdelen zijn:
    Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
    Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.


    Error: (09/01/2015 09:17:54 AM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Kan activeringscontext voor C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1 niet maken. Fout in manifest of beleidsbestand C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2 op regel C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
    Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
    Conflicterende onderdelen zijn:
    Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
    Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.




    Systeemfouten:
    =============
    Error: (09/01/2015 03:44:53 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:44:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:43:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:43:17 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:42:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:42:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:41:41 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:41:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:40:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}


    Error: (09/01/2015 03:40:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {6DFC2D17-579D-4C1C-93B7-B05B7DCCD766}




    Microsoft Office:
    =========================
    Error: (09/01/2015 03:58:52 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:54:33 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:51:56 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:51:55 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:51:52 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 03:40:10 PM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 10:15:48 AM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 10:15:46 AM) (Source: DptfPolicyLpmDll) (EventID: 1) (User: )
    Description: DptfPolicyLpmDllDptfGetLpmMode: DeviceIoControl() failed.


    Error: (09/01/2015 09:17:54 AM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\Elisabeth\Downloads\SoftonicDownloader_voor_handbrake.exe


    Error: (09/01/2015 09:17:54 AM) (Source: SideBySide) (EventID: 78) (User: )
    Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\Elisabeth\Downloads\SoftonicDownloader_voor_handbrake.exe




    ==================== Geheugen info ===========================


    Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
    Percentage geheugen in gebruik: 66%
    Totaal fysiek RAM-geheugen: 3981.7 MB
    Beschikbaar fysiek RAM-geheugen: 1351.07 MB
    Totaal Virtueel geheugen: 6029.7 MB
    Beschikbaar Virtual geheugen: 3058.11 MB


    ==================== Schijven ================================


    Drive c: (OS) (Fixed) (Total:279.11 GB) (Free:203.13 GB) NTFS ==>[systeem met boot componenten (verkregen van lezen van schijf)]
    Drive d: (DATA) (Fixed) (Total:398.07 GB) (Free:397.42 GB) NTFS


    ==================== MBR & Partitietabel ==================


    ========================================================
    Disk: 0 (Size: 698.6 GB) (Disk ID: 568814A2)


    Partition: GPT.


    ==================== Eind van Addition.txt ============================

  6. #6

    Re: ColorUService

    THe link to the security check by screen 137 doesnt work...

  7. #7
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,615

    Re: ColorUService

    Please do the following to run FRST:

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Open Notepad (Start =>All Programs => Accessories => Notepad).
    • Copy/Paste the entire contents of the code box below into Notepad.
    Code:
    start
    CreateRestorePoint:
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beleid restrictie <======= AANDACHT
    2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
    2015-08-31 23:05 - 2015-08-31 23:05 - 00000000 _____ C:\WINDOWS\system32\[X]
    EmptyTemp:
    end
    • Click Format and ensure Wordwrap is unchecked.
    • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
      • Press the Fix button once and wait.
      • FRST will process fixlist.txt
      • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
      • Please post the log in your next reply.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  8. #8

    Re: ColorUService

    Quote Originally Posted by Corrine View Post
    Please do the following to run FRST:

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Open Notepad (Start =>All Programs => Accessories => Notepad).
    • Copy/Paste the entire contents of the code box below into Notepad.

    Code:
    start
    CreateRestorePoint:
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beleid restrictie <======= AANDACHT
    2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
    2015-08-31 23:05 - 2015-08-31 23:05 - 00000000 _____ C:\WINDOWS\system32\[X]
    EmptyTemp:
    end
    • Click Format and ensure Wordwrap is unchecked.
    • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
    • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
      • Press the Fix button once and wait.
      • FRST will process fixlist.txt
      • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
      • Please post the log in your next reply.

Similar Threads

  1. ColorUService
    By segal in forum Security Arena
    Replies: 9
    Last Post: 02-08-2015, 10:45 AM

Log in

Log in