Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 15-03-2017 Gestart door Dimitry (02-04-2017 18:13:11) Gestart vanaf C:\Users\Dimitry\Downloads Windows 8.1 (Update) (X64) (2015-05-05 15:22:34) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-919706677-2626140902-522991668-500 - Administrator - Disabled) Dimitry (S-1-5-21-919706677-2626140902-522991668-1001 - Administrator - Enabled) => C:\Users\Dimitry Gast (S-1-5-21-919706677-2626140902-522991668-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-919706677-2626140902-522991668-1003 - Limited - Enabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.1.0 - IObit) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS) AVG (Version: 16.151.8012 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4769 - AVG Technologies) Hidden AVG Driver Updater (HKLM-x32\...\{BB3024E3-E647-45BD-9A6D-8E39818F9F81}) (Version: 2.2.1 - AVG Netherlands B.V) AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies) AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.151.8012 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies) Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government) Booking.com version 1.1.0.5019 (HKLM-x32\...\{F9B4E180-69C1-4414-81E6-DF79F5F971B1}_is1) (Version: 1.1.0.5019 - Booking.com) <==== AANDACHT Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.16.525 - Digital Wave Ltd) HP Deskjet 2540 series Basissoftware van het apparaat (HKLM\...\{A7F14256-6DC6-458A-A92D-B5EEF79429AB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Help (HKLM-x32\...\{50467ECF-F6A9-40EC-A649-67EB6FAD9894}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.1.126 - IObit) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - ) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-919706677-2626140902-522991668-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time) <==== AANDACHT Popcorn Time (HKU\S-1-5-21-919706677-2626140902-522991668-1001\...\Popcorn Time) (Version: - Popcorn Official) <==== AANDACHT Productverbeteringsonderzoek voor HP Deskjet 2540 series (HKLM\...\{08FB88A2-3FB6-4E82-AD55-393EBAD0E967}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 2.2.2.2 - Ralink) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.2.0 - IObit) Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) TomTom HOME (HKLM-x32\...\{B581E191-A2C1-4CE3-907E-9FE3C728750C}) (Version: 2.9.91 - Uw bedrijfsnaam) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) TomTom MyDrive Connect 4.1.1.2797 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.1.2797 - TomTom) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0413-1000-0000000FF1CE}_Office15.PROPLUS_{F0120021-C9E2-4B7A-9F74-CCC86E1A9A16}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation) Windows Driver Package - ASUS (ATP) Mouse (07/02/2014 1.0.0.228) (HKLM\...\7504488B89E0121B0737D63957491C9CD2633065) (Version: 07/02/2014 1.0.0.228 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-919706677-2626140902-522991668-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Dimitry\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-919706677-2626140902-522991668-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {09DEC376-C23E-4CBB-AD74-F09A6C3B2DB2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {25E6EBFC-DBFF-4ADF-9E3C-2406F1DE809A} - System32\Tasks\ASC9_SkipUac_Dimitry => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-01-18] (IObit) Task: {271B05F7-1C7F-4CED-98BB-0D05D36CBDAD} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek) Task: {27BD267F-30B5-46F1-98EE-0BC600B45DAB} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {386B3213-252B-40B5-9F8E-2CB1EC021A0C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {49FF5172-B8EC-4109-9819-F73BBA8343AB} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {655C5B90-252C-4D8A-A2F4-B896F70F93E2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-04-10] (Realtek Semiconductor) Task: {838428AD-11E8-498A-A98D-702F3F0AAC10} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {A12D87E7-54A6-4B98-9FEE-DE609BD94B0A} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {AE0AC410-89C9-4E25-84AF-BAE5C96836B6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {BC85A3FD-E1D9-4450-B7CE-1E5C2B96FB10} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.) Task: {BD70045F-C174-4221-B88C-16A3CEFD384A} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-01-15] (IObit) Task: {D74C38F2-410C-4664-81CD-DA8180A58A4B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd) Task: {DC103669-25A8-4598-A036-054AA6D58373} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {DE1815C5-B96D-4E74-9697-E3BE598FB908} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {E3FA0E29-3108-4581-BE2B-4412B1AE5EAE} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] () Task: {E447310A-2F99-4798-9F41-7F00E7EB5A36} - System32\Tasks\Uninstaller_SkipUac_Dimitry => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-01-12] (IObit) Task: {ECF70C51-FC37-4CB5-945C-2DE09F023B4A} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.) Task: {F06E6403-6349-408B-B397-E8C301BA233A} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS) Task: {F08D100A-065D-403E-9E6B-A0C0E4DC50BC} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-15] (Realtek Semiconductor) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\0116avUpdateInfo.job => C:\ProgramData\Avg_Update_0116av\0116av_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\0316avUpdateInfo.job => C:\ProgramData\Avg_Update_0316av\0316av_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\0915avUpdateInfo.job => C:\ProgramData\Avg_Update_0915av\0915av_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\1215avUpdateInfo.job => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe Task: C:\Windows\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-04-27 19:58 - 2017-02-10 23:06 - 00981576 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2016-04-27 19:58 - 2017-02-10 23:06 - 02183752 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe 2016-05-29 13:01 - 2016-05-25 11:40 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2016-05-29 13:01 - 2016-05-25 11:40 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2016-05-29 13:01 - 2016-05-25 11:40 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2016-05-29 13:01 - 2016-05-25 11:40 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2014-04-02 16:46 - 2014-04-02 16:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-04-02 16:46 - 2014-04-02 16:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-04-02 16:46 - 2014-04-02 16:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-04-02 16:46 - 2014-04-02 16:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll 2016-03-06 19:44 - 2015-12-23 19:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl 2016-03-06 19:44 - 2015-12-23 19:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl 2016-03-06 19:44 - 2015-12-23 19:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl 2015-05-08 20:57 - 2015-05-07 14:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl 2015-05-08 20:57 - 2015-05-07 14:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl 2015-05-08 20:57 - 2015-05-07 14:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl 2015-05-08 20:57 - 2015-05-07 14:07 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll 2015-05-08 20:57 - 2015-05-07 14:07 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll 2015-05-08 20:57 - 2015-05-07 14:07 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll 2015-05-08 20:57 - 2015-05-07 14:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll 2016-03-06 19:44 - 2015-12-28 14:50 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll 2016-03-06 19:44 - 2015-12-28 14:49 - 00629536 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll 2016-12-02 14:45 - 2016-12-02 14:45 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-919706677-2626140902-522991668-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dimitry\Desktop\Mr Djangho\11999199_1499852006974435_1763066285_o.jpg DNS Servers: 195.130.130.4 - 195.130.131.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run32: => "WebStorage" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKU\S-1-5-21-919706677-2626140902-522991668-1001\...\StartupApproved\Run: => "Advanced SystemCare 8" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{725BF633-C6E1-4AFF-81D4-13B53AC81259}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{33D8F770-949D-462E-8F7B-066C1E3DBAA6}] => (Allow) LPort=2869 FirewallRules: [{CDE9D3C9-09A3-4CD7-A0A8-B37120E5BA7E}] => (Allow) LPort=1900 FirewallRules: [{C87809C2-A536-47F9-8486-38AAF5382CA5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{BF967864-F32E-4A82-8057-4F7B75EDF2F2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{7AA23F56-43FA-448F-8FF0-C59353AC4CC9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D69F7F30-FC49-4C41-822A-4A5382DD2720}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{08F6707B-D9EF-4ABA-8945-3403010C187A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{C5D7B998-6A71-4D0A-A0E9-597D91E6FFA1}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{8812CB6D-A0E1-4067-B601-EA0822DBA955}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{A3D664A8-C690-4FFE-A19D-A147224A5280}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{BBA48EC1-9874-4E5D-A24D-76FED662F4D1}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{C8F4EC6D-C755-40EE-B197-FC9E38D8E76A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{7256CA98-79C3-410B-994A-5E1D50408CF8}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{599D1976-E41C-4635-BBE2-2DA8811C4641}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [TCP Query User{D0930B71-485D-445A-9A9E-D3844D52688A}C:\users\dimitry\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\dimitry\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{36B32CB7-0D3F-411C-B787-64FE0F1CC849}C:\users\dimitry\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\dimitry\appdata\local\popcorn time\nw.exe FirewallRules: [{640C6F07-4891-42B2-B622-7FB3B2D6C3C0}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{8CE2BFFF-B486-45AE-94FE-69C95B918D3C}] => (Allow) LPort=5357 FirewallRules: [{EE452965-E894-4B18-8A12-89D5961C7A70}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{AAFBD3F8-9460-4628-9395-8F94D48E7946}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{0C026E7B-BF20-4CEB-966D-082BF590EFA4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{414A0D66-94C1-4506-BC3F-352D2FAED2EA}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{34336990-06B4-4238-82AB-3A72FE145D06}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{19D3BFC0-27F1-4CAA-907B-61D397F5478B}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{03630F24-EEA8-4A8C-AC9F-604EF331ABB6}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{3FAE6761-1440-46F6-93CF-A7096A0D896F}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{4D43E336-F0D7-41E0-B2D5-91F8074F7498}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{60DF718A-7C26-4D93-B2C4-3678A37DBBF0}] => (Allow) LPort=1688 FirewallRules: [{70418C01-3A04-4865-9453-61A8BDCAD602}] => (Allow) C:\Users\Dimitry\AppData\Local\Temp\7zS7E9D\HPDiagnosticCoreUI.exe FirewallRules: [{744B5377-B686-4E77-812C-F27D26A59B79}] => (Allow) C:\Users\Dimitry\AppData\Local\Temp\7zS7E9D\HPDiagnosticCoreUI.exe FirewallRules: [{7E7AFAEB-69D5-4F18-ABD7-A576CF2E8EDC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{F547AB18-CF08-44F5-A0F8-7AF5BCB8C3B2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{ACD1E061-C6AA-47EE-B807-AAAB3AA619E1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{BEDA25EB-78F4-4053-A4EE-F52B397D0E2A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{A90BD93B-84EE-4EF4-A8CD-363EEA2E9874}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe FirewallRules: [{2D4AD466-9259-4DD5-8581-10B9634168C3}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe FirewallRules: [{5201B895-B19D-407C-A32C-A131070DF29E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe FirewallRules: [{A05EF52F-18D9-404D-96B0-0936AF209C7B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe ==================== Herstelpunten ========================= 09-03-2017 14:04:23 Windows Update 19-03-2017 21:19:31 Windows Update 02-04-2017 12:15:53 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (04/02/2017 02:00:56 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: Het volumewijzigingslogboek wordt verwijderd. (HRESULT : 0x8007049a) (0x8007049a) Error: (04/02/2017 01:58:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Service_KMS.exe, versie: 11.0.0.0, tijdstempel: 0x52a8d15d Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0x00000000 Foutmarge: 0x00007ffca32b0565 Id van proces met fout: 0xb20 Starttijd van toepassing met fout: 0x01d2aba86178fafd Pad naar toepassing met fout: C:\Program Files\KMSpico\Service_KMS.exe Pad naar module met fout: unknown Rapport-id: b1e2955a-179b-11e7-8431-086266518d15 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (04/02/2017 10:42:58 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma IEXPLORE.EXE, versie 11.0.9600.18124 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 1ce4 Starttijd: 01d2ab8d0f0d2fc8 Eindtijd: 30 Toepassingspad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Rapport-id: 5d88b06a-1780-11e7-8430-086266518d15 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (04/02/2017 09:49:50 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma LiveComm.exe, versie 17.5.9600.20911 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 8f0 Starttijd: 01d2ab84fe23c3bd Eindtijd: 4294967295 Toepassingspad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Rapport-id: f1b05de5-1778-11e7-8430-086266518d15 Volledige pakketnaam met fout: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Relatieve toepassings-id van pakket met fout: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/02/2017 09:30:58 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma LiveComm.exe, versie 17.5.9600.20911 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 1204 Starttijd: 01d2ab7450df5d62 Eindtijd: 4294967295 Toepassingspad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Rapport-id: 4edbef04-1776-11e7-8430-086266518d15 Volledige pakketnaam met fout: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Relatieve toepassings-id van pakket met fout: ppleae38af2e007f4358a809ac99a64a67c1 Error: (04/02/2017 07:47:53 AM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: Het volumewijzigingslogboek wordt verwijderd. (HRESULT : 0x8007049a) (0x8007049a) Error: (04/02/2017 07:46:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Service_KMS.exe, versie: 11.0.0.0, tijdstempel: 0x52a8d15d Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0x00000000 Foutmarge: 0x00007ff8154e0565 Id van proces met fout: 0xaac Starttijd van toepassing met fout: 0x01d2ab7444acaa56 Pad naar toepassing met fout: C:\Program Files\KMSpico\Service_KMS.exe Pad naar module met fout: unknown Rapport-id: a66698f9-1767-11e7-8430-086266518d15 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (03/31/2017 11:41:48 AM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: Het volumewijzigingslogboek wordt verwijderd. (HRESULT : 0x8007049a) (0x8007049a) Error: (03/31/2017 11:40:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Service_KMS.exe, versie: 11.0.0.0, tijdstempel: 0x52a8d15d Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0x00000000 Foutmarge: 0x00007ff8f93b0555 Id van proces met fout: 0xae4 Starttijd van toepassing met fout: 0x01d2aa02521b146e Pad naar toepassing met fout: C:\Program Files\KMSpico\Service_KMS.exe Pad naar module met fout: unknown Rapport-id: 08c1150d-15f6-11e7-842f-086266518d15 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (03/31/2017 10:05:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Service_KMS.exe, versie: 11.0.0.0, tijdstempel: 0x52a8d15d Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0x00000000 Foutmarge: 0x00007ffa6ac00565 Id van proces met fout: 0xb90 Starttijd van toepassing met fout: 0x01d2a9f553f33747 Pad naar toepassing met fout: C:\Program Files\KMSpico\Service_KMS.exe Pad naar module met fout: unknown Rapport-id: c00d3ff7-15e8-11e7-842e-086266518d15 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Systeemfouten: ============= Error: (04/02/2017 05:53:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Service KMSELDI-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (04/02/2017 05:52:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De NetGroup Packet Filter Driver-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (04/02/2017 05:52:17 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: Toegang geweigerd. . Error: (04/02/2017 05:52:16 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: Toegang geweigerd. . Error: (04/02/2017 02:54:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: Toegang geweigerd. . Error: (04/02/2017 02:00:29 PM) (Source: DCOM) (EventID: 10010) (User: DIMITRY) Description: De server {0002DF01-0000-0000-C000-000000000046} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (04/02/2017 01:59:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Service KMSELDI-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (04/02/2017 01:59:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Windows Presentation Foundation Font Cache 3.0.0.0-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (04/02/2017 01:59:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Windows Presentation Foundation Font Cache 3.0.0.0. Error: (04/02/2017 01:58:02 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: Toegang geweigerd. . CodeIntegrity: =================================== Date: 2017-04-02 17:52:50.125 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 17:52:44.483 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 17:52:22.488 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 13:58:19.644 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 13:58:14.632 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 13:58:07.380 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 08:00:54.486 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 07:59:03.454 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 07:58:57.694 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-02 07:58:51.929 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz Percentage geheugen in gebruik: 28% Totaal fysiek RAM-geheugen: 8078.54 MB Beschikbaar fysiek RAM-geheugen: 5787.67 MB Totaal Virtueel geheugen: 9358.54 MB Beschikbaar Virtual geheugen: 6768.5 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:94.08 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:258.21 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 3C2B5A29) Partition: GPT. ==================== Eind van Addition.txt ============================