Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:06-06-2016 Gestart door Patrick (2016-06-07 17:37:46) Gestart vanaf C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache\IE\2FIWD527 Windows 8.1 (Update) (X64) (2014-08-12 17:04:31) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2096965510-2667581601-1132752284-500 - Administrator - Disabled) Gast (S-1-5-21-2096965510-2667581601-1132752284-501 - Limited - Enabled) Henk (S-1-5-21-2096965510-2667581601-1132752284-1009 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2096965510-2667581601-1132752284-1004 - Limited - Enabled) Patrick (S-1-5-21-2096965510-2667581601-1132752284-1002 - Administrator - Enabled) => C:\Users\Patrick ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: ESET Smart Security 9.0.375.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 9.0.381.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: ESET Persoonlijke firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 6500_E709n (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden 7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden BPDSoftware (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2230.0 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.2230.0 - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.2527 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Elevated Installer (x32 Version: 4.1.21.0 - Garmin Ltd or its subsidiaries) Hidden ESET Smart Security (HKLM\...\{B433C5FA-8CF2-4B65-B6A0-7DBB4E9E09F4}) (Version: 9.0.375.1 - ESET, spol. s r.o.) Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Fotogalleri (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{dee43f2c-65bf-40c0-97f2-b887178f63f4}) (Version: 4.1.21.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 4.1.21.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 4.1.21.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Officejet 6500 E709 Series (HKLM\...\{9C57D227-1FE7-4F40-BD49-2BCA7761B083}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HWiNFO64 Version 5.10 (HKLM\...\HWiNFO64_is1) (Version: 5.10 - Martin Malík - REALiX) iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3355 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden MergeModule_x64 (Version: 9.3.00 - Sony Corporation) Hidden MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - nl-nl (HKLM\...\ProPlusRetail - nl-nl) (Version: 16.0.6868.2067 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 nl)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Nero 2015 (HKLM-x32\...\{EF09AC51-1657-4A06-9449-B2BF1C4FB608}) (Version: 16.0.05500 - Nero AG) Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden NewBlue Video Essentials for PowerDirector (HKLM\...\NewBlue Video Essentials for Cyberlink) (Version: 3.0 - NewBlue) NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation) NVIDIA Graphics Driver 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1019 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1019 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1019 - Microsoft Corporation) Hidden PCFerret version 2.2.3.1008 (HKLM-x32\...\{5F28DBE2-546C-4D3C-BF0F-EBB82C89A0CE}_is1) (Version: 2.2.3.1008 - PCFerret) PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0092 - Pegatron Corporation) PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation) PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden PMB_ServiceUploader (x32 Version: 10.1.00 - Sony Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden ProductContext (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.) recALL versie 15.11 (HKLM-x32\...\recALL_is1) (Version: 15.11 - ) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Sunny Explorer (HKLM-x32\...\{1D95D560-CB14-4262-A979-EBE19E831061}) (Version: 1.07.23.4 - SMA Solar Technology AG) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.15.0 - Synaptics Incorporated) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden UnHackMe 8.00 (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.) Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden WiFi Password Revealer (HKLM-x32\...\WiFi Password Revealer_is1) (Version: 1.0.0.7 - Magical Jelly Bean) WiFiPasswordDecryptor v4.0 (HKLM-x32\...\WiFiPasswordDecryptor) (Version: 4.0 - SecurityXploded) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. ) Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () CustomCLSID: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0B2FDD56-91D9-4C78-94B8-D514F2B02159} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-05-05] () Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Geen bestand <==== AANDACHT Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Geen bestand <==== AANDACHT Task: {133D2538-F0F2-44A9-96B8-192528F7E135} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-17] (Microsoft Corporation) Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Geen bestand <==== AANDACHT Task: {27496CB3-D673-4CD6-9867-944E161BDCEE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-15] (Microsoft Corporation) Task: {31ACC2F4-98B5-4D5C-951B-B2487021BEEE} - System32\Tasks\GoogleUpdateTaskMachineUA1cff2da3b1db50 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {352EA8C8-B033-4FDE-930A-6146E66269D5} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2096965510-2667581601-1132752284-1002 => C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-20] (Microsoft Corporation) Task: {3BB9A907-9B74-4FB5-AC9B-FCC0546BF654} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-17] (Microsoft Corporation) Task: {44DEFF7A-5B20-496B-9F28-9FD897FAEF7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {503C90EF-B782-424B-860F-4A87CE799F06} - System32\Tasks\GoogleUpdateTaskMachineUA1d00291ff17f7a5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Geen bestand <==== AANDACHT Task: {79D71BEE-2829-4EB3-A14B-BF7F58A9F7FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {8147E03F-CC3D-467D-A75D-A2D70DACF560} - System32\Tasks\GoogleUpdateTaskMachineCore1cfb94378950479 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {92346218-9FE7-4C91-959E-207481BFBBF3} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2016-04-05] (Greatis Software) Task: {A51A8121-082E-4396-83DA-2B3854B70007} - \CreateChoiceProcessTask -> Geen bestand <==== AANDACHT Task: {B57745A2-C03F-43CD-BF28-E869CA93EAE0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-15] (Microsoft Corporation) Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Geen bestand <==== AANDACHT Task: {BEA5BFD8-0070-4707-8172-93BECB8E56DE} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.) Task: {C08DC5F6-1376-4561-8E2C-D96E92E26FCD} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG) Task: {CBDBF98A-467E-4F70-8F90-BC3C3BB9CEE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated) Task: {CC1AB6CC-0111-419A-A9A0-852CD686F260} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-19] (Synaptics Incorporated) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Geen bestand <==== AANDACHT Task: {D3E24995-8434-4FCC-A070-CC0669480415} - System32\Tasks\GoogleUpdateTaskMachineCore1d00291fe5f2ea2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {E902BDC7-790B-413D-AE60-F5F2E938586B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-11] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfb94378950479.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d00291fe5f2ea2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff2da3b1db50.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d00291ff17f7a5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2014-03-26 14:24 - 2013-06-27 11:56 - 00160768 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 2016-02-04 16:39 - 2016-05-15 11:51 - 00417480 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll 2016-05-20 18:31 - 2016-05-20 18:31 - 00959168 _____ () C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2014-03-25 19:28 - 2012-08-08 23:36 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2014-03-26 14:24 - 2013-09-02 17:15 - 02216960 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe 2014-03-26 14:24 - 2012-10-23 20:07 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe 2014-03-26 13:48 - 2015-08-09 04:50 - 00404376 _____ () C:\Windows\system32\igfxTray.exe 2014-03-26 14:24 - 2013-07-18 17:41 - 08856576 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe 2015-03-31 17:04 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-03-26 14:24 - 2009-12-18 17:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll 2014-03-26 14:24 - 2009-12-18 17:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll 2014-03-25 19:20 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-08-05 17:48 - 2013-08-05 17:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2016-05-08 10:24 - 2016-05-28 10:05 - 03592392 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\gfx.dll 2016-02-04 16:39 - 2016-02-04 16:43 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\tmpod.dll 2016-03-07 23:32 - 2016-05-15 20:05 - 01072840 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll 2014-03-26 13:51 - 2013-09-16 13:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-03-07 23:26 - 2016-05-28 10:05 - 00157384 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll 2016-05-27 21:19 - 2016-05-27 21:19 - 22345912 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll 2016-05-03 16:41 - 2016-05-03 16:41 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll 2016-05-03 16:41 - 2016-05-03 16:41 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Windows:nlsPreferences [386] AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\1001movie.com -> 1001movie.com Er zijn 6091 Meer websites. IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001movie.com -> 1001movie.com Er zijn 6091 Meer websites. ==================== Hosts inhoud: ========================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2016-03-06 10:44 - 00000967 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrick\AppData\Roaming\Microsoft\Windows Photo Viewer\Achtergrond van Windows Photo Viewer.jpg HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Patrick\AppData\Roaming\Microsoft\Windows Photo Viewer\Achtergrond van Windows Photo Viewer.jpg HKU\S-1-5-21-2096965510-2667581601-1132752284-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\OEM\wallpaper.jpg DNS Servers: 195.130.131.3 - 195.130.130.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Momenteel is er geen automatische fix voor dit onderdeel.) MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\StartupApproved\StartupFolder: => "867337350E.lnk" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "867337350E.lnk" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "DAEMON Tools Lite" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-2096965510-2667581601-1132752284-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ApplePhotoStreams" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{4F27C294-BF1A-4AE8-A20C-244D2E6F29A9}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE FirewallRules: [{46F1A647-95FF-4A3C-85E3-A920E734E0DB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{90C35DB0-E84E-4B2A-9D07-AF2B75177721}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{E489A156-C985-47ED-BB49-F7465E7A9976}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe FirewallRules: [{F23C5B00-DBEE-4839-ADE6-79D8C2D93F91}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe FirewallRules: [{53C6BC94-23FC-49FE-9C2E-60AAD0D1D0F3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{065AF2AF-2F75-48C3-B8B2-28576F379248}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{0CC84E3D-6336-41CD-B51C-27006CA8584B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{552D17AB-C9FD-4A88-833E-452D0936B651}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{08322C4E-F9E7-4F0C-ABE5-C8EA3E5315C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E9C76A60-40D2-4415-BB30-FF14EEA344F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{4388945B-B8B3-4297-9A23-6B1F111CA618}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{D4158799-18D5-4B01-9D7E-1FCE9DCB6B46}] => (Allow) C:\Users\Patrick\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{E607C9F3-E602-4954-BC1E-38674FF81C4F}] => (Allow) C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C43ED853-FAA1-49CA-A189-1860628031D5}] => (Allow) C:\Users\Patrick\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{786D61A9-BAD1-4886-840E-8F4F337AD839}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{BDB5E0CB-FE10-4AFA-99BB-463842CE1DE9}] => (Allow) LPort=2869 FirewallRules: [{173B2BB9-6214-4562-AC3A-D6B007A29B73}] => (Allow) LPort=1900 FirewallRules: [{DF32D192-F17C-4422-8227-66317A281676}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{F1310BC1-B9DF-4569-B00E-C3EAE6C84C00}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{D2E3CD49-FCB8-4200-8D68-9F1AD536D702}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{89ABB1BB-2EC9-4BFF-A232-75EE548CFA52}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{66BB75CF-5038-4E41-8A24-91025F454FB5}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{E5AC076F-8359-4EBB-B529-D36BDDD2BBA1}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{296107F5-616C-4193-90EF-50E5722A10AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F8F0357A-142F-4681-B8C6-716C70DE59D1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{AF2F715B-E1A8-4609-B581-79C364F6036A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{273ED0C6-FDC1-4C7F-804E-E0F3D85D7A68}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{267BFF55-4DB0-4F7B-8F0E-76636BC1CEEF}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{CB0ED885-46D8-4088-94AC-31A648A34910}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{06C82393-2D14-4970-93E8-677F7A39D215}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{9D3AC002-1769-4D5B-9838-C103B4E760CF}] => (Allow) C:\Users\Patrick\AppData\Local\Temp\7zS6100\setup\hpznui40.exe FirewallRules: [{C54D071E-8FC2-4C5A-9CA8-E5915389949B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{91A58133-F721-4F52-80C2-8B439BE42EF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{21EF19A9-EDC9-4916-A304-442F2168C9C8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{E8C2551D-07B4-44F6-9FC3-E0E1FDE35F5D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{74943578-EEF4-45F6-8F0E-0D69E4A03EE3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{3D804CBC-8FD0-449F-BA87-DEB75CB0CE78}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{6C743E86-CAA2-49CF-B291-EB866FD34BA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{FECC11DD-2BB2-471A-8EB3-C96A113B6771}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{ABE7FB20-D562-4358-8825-AD867B56278D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{CDD05868-5882-4C76-A124-D7956816D4C8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{C8B588E3-18F7-479F-9614-A30020489BA7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{69D430AD-6A1E-42E2-9A7D-374FBC41F864}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{4785EED7-D215-4FA4-A760-592A22F8F447}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{5E95F3C9-3F43-453C-8028-1CEAA77B3F46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{5BB6D55D-E93A-4F71-950F-C408187F4127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{D58B01F6-A0BC-4975-8A44-D6D70EFCC70E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{066DA71E-6AB0-41D3-801B-2A58724D0E04}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{5206639F-37FE-47ED-B0C9-85B2EC4D16F0}] => (Allow) C:\Users\Patrick\AppData\Local\Temp\7zS42F7\hppiw.exe FirewallRules: [{DC3B13A5-5CE4-48ED-8A6A-56C42EE87C6B}] => (Allow) C:\Users\Patrick\AppData\Local\Temp\7zS42F7\hppiw.exe FirewallRules: [{6FF97C3C-0869-48DF-B792-58C9530A4729}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{50B10B0B-3F9B-4486-861D-F15CA94B7618}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{20D8FD7C-2901-4D00-98B4-537A8CE83C60}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{96E0F16B-2E6F-4E0D-B082-1F7D8495AA6F}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe FirewallRules: [{DDD9E02F-81D7-4C84-A1A1-73A1A47379C7}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe FirewallRules: [{F8535507-B21C-4117-B4FF-A4A488485528}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{BE80FAD8-6B7D-4CF8-ACC0-66B499C0157D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe FirewallRules: [{B1E87CF1-354D-45D6-8497-256246BC33B2}] => (Allow) C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache\IE\B43TPHBV\Restoration-64888435.exe FirewallRules: [{39811DF7-F609-489B-838E-FA28860930F0}] => (Allow) C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache\IE\B43TPHBV\Restoration-64888435.exe FirewallRules: [{AC3123C7-444B-45C6-A603-59209478E0CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{66B11787-999C-4411-9B63-A177B8591F42}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{33DC654C-D0C6-4BAD-885D-FEDEB081A99B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{97255F11-836E-4D08-B844-965A01891631}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{28A0E9FD-7CAD-439F-997E-04FBF17D1CEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{4CA8A213-A98E-4E5C-B371-0B3580D779EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{E541E57B-501A-4470-BF2B-1B558F5F6959}] => (Allow) C:\Program Files (x86)\SMA\Sunny Explorer\SMA.Multicasting.IGMP.QuerierService.exe FirewallRules: [{821D2C90-138B-4A3D-8859-35F4DC14D15B}] => (Allow) C:\Program Files (x86)\SMA\Sunny Explorer\SunnyExplorer.exe FirewallRules: [{88A1A93D-7DA5-48CB-98CF-31A62E8F0759}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe ==================== Herstelpunten ========================= 14-05-2016 17:58:53 Windows Update 24-05-2016 10:53:59 Gepland controlepunt 01-06-2016 09:57:37 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= Name: Officejet 6500 E709n Description: Officejet 6500 E709n Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (06/06/2016 05:49:22 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (06/02/2016 11:46:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (06/01/2016 07:30:06 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY) Description: There was an error with the Windows Location Provider database Error: (06/01/2016 01:53:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.9600.18124, tijdstempel: 0x5641278d Naam van module met fout: igd10iumd32.dll, versie: 10.18.14.4264, tijdstempel: 0x55c197a9 Uitzonderingscode: 0xc0000005 Foutmarge: 0x0003a842 Id van proces met fout: 0x1284 Starttijd van toepassing met fout: 0xIEXPLORE.EXE0 Pad naar toepassing met fout: IEXPLORE.EXE1 Pad naar module met fout: IEXPLORE.EXE2 Rapport-id: IEXPLORE.EXE3 Volledige pakketnaam met fout: IEXPLORE.EXE4 Relatieve toepassings-id van pakket met fout: IEXPLORE.EXE5 Error: (06/01/2016 11:33:33 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma IEXPLORE.EXE, versie 11.0.9600.18124 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 1118 Starttijd: 01d1bbe78f6517fb Eindtijd: 43 Toepassingspad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Rapport-id: e5d41dbb-27db-11e6-840e-ac7ba1a7e8f5 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (05/30/2016 10:28:59 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/30/2016 10:17:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THUIS) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023174. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (05/30/2016 10:17:45 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THUIS) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023174. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (05/29/2016 06:30:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/28/2016 10:26:11 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma LiveComm.exe, versie 17.5.9600.20911 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 21bc Starttijd: 01d1b8b9df1b61f7 Eindtijd: 4294967295 Toepassingspad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Rapport-id: d3a8d3b5-24ad-11e6-8409-ac7ba1a7e8f5 Volledige pakketnaam met fout: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Relatieve toepassings-id van pakket met fout: ppleae38af2e007f4358a809ac99a64a67c1 Systeemfouten: ============= Error: (06/07/2016 05:23:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80070643: Definitie-update voor Windows Defender - KB2267602 (definitie 1.223.959.0). Error: (06/07/2016 05:13:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Par1284-service kan vanwege de volgende fout niet worden gestart: %%2 Error: (06/07/2016 05:13:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Hardlock-service kan vanwege de volgende fout niet worden gestart: %%1275 Error: (06/07/2016 05:13:14 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Windows\SysWow64\drivers\hardlock.sys Error: (06/06/2016 05:13:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80070643: Definitie-update voor Windows Defender - KB2267602 (definitie 1.223.850.0). Error: (06/06/2016 05:09:16 PM) (Source: DCOM) (EventID: 10016) (User: THUIS) Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}thuisPatrickS-1-5-21-2096965510-2667581601-1132752284-1002LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar Error: (06/06/2016 05:09:15 PM) (Source: DCOM) (EventID: 10016) (User: THUIS) Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}thuisPatrickS-1-5-21-2096965510-2667581601-1132752284-1002LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar Error: (06/06/2016 05:09:15 PM) (Source: DCOM) (EventID: 10016) (User: THUIS) Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}thuisPatrickS-1-5-21-2096965510-2667581601-1132752284-1002LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar Error: (06/06/2016 05:09:15 PM) (Source: DCOM) (EventID: 10016) (User: THUIS) Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}thuisPatrickS-1-5-21-2096965510-2667581601-1132752284-1002LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar Error: (06/06/2016 05:09:15 PM) (Source: DCOM) (EventID: 10016) (User: THUIS) Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}thuisPatrickS-1-5-21-2096965510-2667581601-1132752284-1002LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz Percentage geheugen in gebruik: 39% Totaal fysiek RAM-geheugen: 8100.68 MB Beschikbaar fysiek RAM-geheugen: 4930.52 MB Totaal Virtueel geheugen: 9380.68 MB Beschikbaar Virtual geheugen: 5968.49 MB ==================== Schijven ================================ Drive c: (Boot) (Fixed) (Total:869.8 GB) (Free:586.38 GB) NTFS Drive d: (Recover) (Fixed) (Total:60 GB) (Free:38.71 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 6C5EA539) Partition: GPT. ==================== Eind van Addition.txt ============================