Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 11-09-2017 02 Gestart door ruski_000 (12-09-2017 06:52:38) Gestart vanaf C:\Users\ruski_000\Desktop\ANTI Windows 10 Home Versie 1703 (X64) (2017-07-23 09:43:38) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-677268874-3307230616-387958917-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-677268874-3307230616-387958917-503 - Limited - Disabled) Gast (S-1-5-21-677268874-3307230616-387958917-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-677268874-3307230616-387958917-1003 - Limited - Enabled) ruski_000 (S-1-5-21-677268874-3307230616-387958917-1001 - Administrator - Enabled) => C:\Users\ruski_000 ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee Virusscan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Virusscan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3019 - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3019 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DiscAPI (HKLM-x32\...\{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2}) (Version: 2.00.0000 - Pinnacle Systems) Hidden Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc) ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.) Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (HKLM-x32\...\{5D5B5672-1A0F-4412-B6A0-3A16706DE82D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotoğraf Galerisi (HKLM-x32\...\{B743ABDD-E681-4B32-A33E-6E7F3F845AEA}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (HKLM-x32\...\{439B34FF-F74E-4807-B5E2-4B758551DA6B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security) Intel(R) Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation) IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Malwarebytes Anti-Malware versie 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Malwarebytes versie 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.) McAfee SafeKey(alleen installatie verwijderen) (HKLM-x32\...\SafeKey) (Version: 2.2.3 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.161 - McAfee, Inc.) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-677268874-3307230616-387958917-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{21764A96-6748-4B83-89E7-7A5063BF156C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{5B3D4718-9146-45CB-8989-C4E87B239B3A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{A27180D0-17BB-498B-89FF-A72656B85978}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{B653D7B1-41B5-4982-9A25-E91FF46D131A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich) MyBackupPC from Rerware, LLC (HKLM-x32\...\MyBackupPC) (Version: - ) MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8397 - MyHeritage.com) Nero 2016 (HKLM-x32\...\{31390581-090F-43BE-9607-5E6418C11DC8}) (Version: 17.0.01600 - Nero AG) Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG) Nettv+ Player 4 (HKU\S-1-5-21-677268874-3307230616-387958917-1001\...\Nettv+ Player 4) (Version: 00.04.06.01 - nettvplus) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PDF Converter Elite 5.0 (HKLM\...\{EF5416DB-8813-4211-95A4-16724AB10198}_is1) (Version: 5.0 - PDFConverter.com) PDFTK Builder 3.5.3 (HKLM-x32\...\PDFTK Builder_is1) (Version: - ) Pinnacle Hollywood FX for Studio (HKLM-x32\...\Hollywood FX for Studio) (Version: - ) Pinnacle Instant DVD Recorder (HKLM-x32\...\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}) (Version: 1.60.066 - ) Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden proDAD Heroglyph 2.0 (HKLM-x32\...\proDAD-Heroglyph-2.0) (Version: - ) Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden RAPID (HKLM-x32\...\{EEECE229-49F6-4851-A73A-99B058221F8C}) (Version: 1.00.0000 - Pinnacle Systems) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.) SmartSound Quicktracks Plugin (HKLM-x32\...\{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc) Hidden SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc) Spotify (HKU\S-1-5-21-677268874-3307230616-387958917-1001\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB) Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden Studio 10 Bonus DVD (HKLM-x32\...\{6A012D9C-2E2E-405A-B87C-E909F5297C3F}) (Version: 10.0.000 - ) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.56 - Nullsoft, Inc) Winamp Applicatie Detect (HKU\S-1-5-21-677268874-3307230616-387958917-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.) ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation) ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.) ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {01079176-42B1-4FC6-947F-08FEF40D2B61} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {05761686-4A82-40BA-8B81-4844FE5F7ADE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {065963CC-106F-4179-9EBE-3D693790C052} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {109B0FD2-F064-4EAA-AB68-6DEC54BC51A0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {17DB2139-4AC4-418B-90F3-429FB04842DE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {19D24F55-6533-4A9D-B686-22041A0A520A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {1DA34ADA-F29A-437A-8525-6B1D9ACA06A7} - System32\Tasks\Lenovo\sysrun-18722 => C:\Users\ADMINI~1\AppData\Local\Temp\sysrun-18722.cmd Task: {216118A5-4167-4914-9703-509FE1F0D103} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {32705749-0E15-4EDE-9CC7-8F099003DE07} - System32\Tasks\Lenovo\sysrun-19062 => C:\Users\ADMINI~1\AppData\Local\Temp\sysrun-19062.cmd Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {37C0E253-9DD8-47CA-9EC3-861EDE88C982} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {3A1DC0A1-022F-4515-B265-1F08BBA72EF5} - System32\Tasks\Microsoft Office 15 Sync Maintenance for RUSKICSUBASA-ruski_000 RuskicSubasa => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {3F682F83-1204-40F1-B846-2251D38EB683} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-08-27] (McAfee, Inc.) Task: {448A7BAC-DB52-4C6F-86F6-06350AD55BDE} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.) Task: {4B93AB7A-257F-4E96-A83D-87F38B6AD5B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {5623FAB5-1809-49EB-9124-243C27DF1413} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe Task: {643CA2C1-6A49-45E0-97B8-9799EF1C4BC1} - System32\Tasks\Lenovo\sysrun-27095 => C:\Users\ADMINI~1\AppData\Local\Temp\sysrun-27095.cmd Task: {68985DE8-22AF-4E2A-9BEC-DC4EF6E57D69} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {6909D491-83E9-4007-8639-18493E2CB4D9} - \WPD\SqmUpload_S-1-5-21-677268874-3307230616-387958917-1001 -> Geen bestand <==== AANDACHT Task: {6BDA1999-9909-455F-850D-1091964BA75C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {7C671400-0D10-4CCF-8BE7-C9B577CB12D6} - System32\Tasks\{C89C1679-4B1C-45DA-918D-1D743398CA05} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.8.64.102/nl/abandoninstall?page=tsMain Task: {7E5AA45D-F305-4303-B37C-2D45D7B1F201} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-08] (Microsoft Corporation) Task: {8066CABD-0AA1-4F5F-9131-2BB8F1BD5166} - System32\Tasks\Lenovo\sysrun-19336 => C:\Users\ADMINI~1\AppData\Local\Temp\sysrun-19336.cmd Task: {86014398-6FEB-45B7-8AD8-5E8B505E8E68} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {8D74ABF7-130E-4D0D-A26B-48094F0058E9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {ADD497B0-6B8D-42AE-89F0-8080DE02B1B5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {B5B33C04-A6A6-428C-B635-6A076BFD7F04} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {CC9CD300-1B62-44F1-9CCD-A7E587A95B19} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {CEA88860-F75B-4BAD-8C29-94137BC64EA0} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-08-27] (McAfee, Inc.) Task: {EBF0EB01-290F-4E01-88A5-9932FB5C30AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {F03408AE-F0E6-494E-BBF8-D8D4566C80D6} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe Task: {FB702005-31C5-4D31-BC26-1FFA0C5E6F4C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {FFB545E5-8727-4C5F-BBF2-ABA58A9A55F5} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.) Task: {FFE0CA74-0044-4EC4-BD62-594D8ECC7F7D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi.com ==================== Geladen Modules (gefilterd) ============== 2016-05-21 10:08 - 2016-02-16 11:04 - 000192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe 2013-10-17 15:27 - 2013-10-17 15:27 - 000166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2017-08-27 17:00 - 2017-06-11 13:00 - 000583160 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll 2017-08-27 17:00 - 2017-06-11 12:59 - 000574352 _____ () C:\Program Files\McAfee\MfeAV\AMEngineScan.dll 2017-08-27 17:00 - 2017-06-11 13:00 - 000571240 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2012-10-01 20:36 - 2012-10-01 20:36 - 006522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2016-11-02 00:05 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe 2017-03-18 22:59 - 2017-03-20 05:56 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2009-07-01 18:37 - 2009-07-01 18:37 - 000037888 _____ () C:\Program Files (x86)\Winamp\winampa.exe 2017-08-27 17:39 - 2017-06-27 11:15 - 066355808 _____ () C:\Program Files\Intel Security\True Key\Application\libcef.dll 2017-08-23 20:35 - 2017-08-23 20:35 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-23 20:35 - 2017-08-23 20:35 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2014-06-24 18:08 - 2014-06-24 18:08 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-03-04 11:00 - 2015-05-21 16:15 - 000883872 _____ () C:\Program Files\PDFConverter.com\PDF Converter Elite 5.0\platforms\qwindows.dll 2017-03-04 11:00 - 2015-05-21 16:15 - 000022688 _____ () C:\Program Files\PDFConverter.com\PDF Converter Elite 5.0\imageformats\qsvg.dll 2009-07-01 18:21 - 2009-07-01 18:21 - 000046592 _____ () C:\Program Files (x86)\Winamp\zlib.dll 2017-09-10 14:14 - 2017-09-10 14:14 - 000013824 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\dsp_sps.lng 2017-09-10 14:14 - 2017-09-10 14:14 - 000009728 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\enc_aacplus.lng 2017-09-10 14:14 - 2017-09-10 14:14 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\enc_flac.lng 2017-09-10 14:14 - 2017-09-10 14:14 - 000005632 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\enc_lame.lng 2017-09-10 14:14 - 2017-09-10 14:14 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\enc_vorbis.lng 2017-09-10 14:14 - 2017-09-10 14:14 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\enc_wav.lng 2017-09-10 14:14 - 2017-09-10 14:14 - 000006144 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\enc_wma.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000007168 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\gen_crasher.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000020992 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\gen_ff.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000010752 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\gen_hotkeys.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000019456 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\gen_ml.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000007680 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\gen_tray.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000012288 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_cdda.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000006144 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_dshow.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000005632 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_flac.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000003584 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_flv.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000003584 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_linein.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000019456 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_midi.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000017920 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_mod.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000021504 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_mp3.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_mp4.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000010752 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_nsv.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000003584 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_swf.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000011264 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_vorbis.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_wave.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000014848 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\in_wm.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000006656 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_autotag.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000005120 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_bookmarks.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000004608 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_dash.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000043008 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_disc.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000007168 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_history.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000004608 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_impex.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000049664 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_local.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_nowplaying.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000005120 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_online.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_orb.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000012288 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_playlists.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000007680 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_plg.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000037888 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_pmp.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000006144 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_rg.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000007680 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_transcode.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000013312 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\ml_wire.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000006144 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\out_disk.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000015872 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\out_ds.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000007168 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\out_wave.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000003584 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\playlist.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\pmp_activesync.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000006144 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\pmp_ipod.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000003584 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\pmp_njb.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000004096 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\pmp_p4s.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000008704 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\pmp_usb.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000006144 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\tagz.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000007168 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\vis_nsfs.lng 2017-09-10 14:15 - 2017-09-10 14:15 - 000147968 _____ () C:\Users\ruski_000\AppData\Local\Temp\WLZ2D8B.tmp\winamp.lng 2009-07-01 18:27 - 2009-07-01 18:27 - 000018432 _____ () C:\Program Files (x86)\Winamp\System\auth.w5s 2009-07-01 18:25 - 2009-07-01 18:25 - 000007168 _____ () C:\Program Files (x86)\Winamp\System\bmp.w5s 2009-07-01 18:24 - 2009-07-01 18:24 - 000024576 _____ () C:\Program Files (x86)\Winamp\System\dlmgr.w5s 2009-07-01 18:27 - 2009-07-01 18:27 - 000011264 _____ () C:\Program Files (x86)\Winamp\System\filereader.w5s 2009-07-01 18:25 - 2009-07-01 18:25 - 000015872 _____ () C:\Program Files (x86)\Winamp\System\gif.w5s 2009-07-01 18:24 - 2009-07-01 18:24 - 000013824 _____ () C:\Program Files (x86)\Winamp\System\gracenote.w5s 2009-07-01 18:32 - 2009-07-01 18:32 - 000616960 _____ () C:\Program Files (x86)\Winamp\System\jnetlib.w5s 2009-07-01 18:26 - 2009-07-01 18:26 - 000104448 _____ () C:\Program Files (x86)\Winamp\System\jpeg.w5s 2009-07-01 18:27 - 2009-07-01 18:27 - 000075776 _____ () C:\Program Files (x86)\Winamp\System\playlist.w5s 2009-07-01 18:29 - 2009-07-01 18:29 - 000078336 _____ () C:\Program Files (x86)\Winamp\System\png.w5s 2009-07-01 18:23 - 2009-07-01 18:23 - 000009728 _____ () C:\Program Files (x86)\Winamp\System\primo.w5s 2009-07-01 18:31 - 2009-07-01 18:31 - 000018944 _____ () C:\Program Files (x86)\Winamp\System\tagz.w5s 2009-07-01 18:25 - 2009-07-01 18:25 - 000026624 _____ () C:\Program Files (x86)\Winamp\System\timer.w5s 2009-07-01 18:29 - 2009-07-01 18:29 - 000087552 _____ () C:\Program Files (x86)\Winamp\System\xml.w5s 2009-07-01 18:34 - 2009-07-01 18:34 - 000107520 _____ () C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll 2009-07-01 18:32 - 2009-07-01 18:32 - 000071680 _____ () C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll 2009-07-01 18:25 - 2009-07-01 18:25 - 000038400 _____ () C:\Program Files (x86)\Winamp\Plugins\in_flac.dll 2009-07-01 18:24 - 2009-07-01 18:24 - 000034816 _____ () C:\Program Files (x86)\Winamp\Plugins\in_flv.dll 2009-07-01 18:34 - 2009-07-01 18:34 - 000006656 _____ () C:\Program Files (x86)\Winamp\Plugins\in_linein.dll 2009-07-01 18:34 - 2009-07-01 18:34 - 000098304 _____ () C:\Program Files (x86)\Winamp\Plugins\in_midi.dll 2009-07-01 18:34 - 2009-07-01 18:34 - 000160768 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mod.dll 2009-07-01 18:33 - 2009-07-01 18:33 - 000267776 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll 2009-07-01 18:33 - 2009-07-01 18:33 - 000038400 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll 2009-07-01 18:33 - 2009-07-01 18:33 - 000069120 _____ () C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll 2009-07-01 18:23 - 2009-07-01 18:23 - 000036864 _____ () C:\Program Files (x86)\Winamp\Plugins\in_swf.dll 2009-07-01 18:33 - 2009-07-01 18:33 - 000231424 _____ () C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll 2009-07-01 18:31 - 2009-07-01 18:31 - 000014848 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wave.dll 2009-07-01 18:20 - 2009-07-01 18:20 - 000238080 _____ () C:\Program Files (x86)\Winamp\libsndfile.dll 2009-07-01 18:32 - 2009-07-01 18:32 - 000297472 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wm.dll 2009-07-01 18:31 - 2009-07-01 18:31 - 000019456 _____ () C:\Program Files (x86)\Winamp\Plugins\out_disk.dll 2009-07-01 18:32 - 2009-07-01 18:32 - 000047104 _____ () C:\Program Files (x86)\Winamp\Plugins\out_ds.dll 2009-07-01 18:32 - 2009-07-01 18:32 - 000018432 _____ () C:\Program Files (x86)\Winamp\Plugins\out_wave.dll 2009-07-01 18:23 - 2009-07-01 18:23 - 000869376 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_dropbox.dll 2009-07-01 18:36 - 2009-07-01 18:36 - 001506304 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll 2009-07-01 18:21 - 2009-07-01 18:21 - 000064000 _____ () C:\Program Files (x86)\Winamp\tataki.dll 2009-07-01 18:31 - 2009-07-01 18:31 - 000330752 _____ () C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac 2009-07-01 18:35 - 2009-07-01 18:35 - 000025600 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll 2009-04-28 22:20 - 2009-04-28 22:20 - 000210432 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll 2009-07-01 18:35 - 2009-07-01 18:35 - 000294912 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll 2009-07-01 18:28 - 2009-07-01 18:28 - 000275968 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_local.dll 2009-07-01 18:20 - 2009-07-01 18:20 - 000087040 _____ () C:\Program Files (x86)\Winamp\nde.dll 2009-07-01 18:28 - 2009-07-01 18:28 - 000076288 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll 2009-07-01 18:30 - 2009-07-01 18:30 - 000256000 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_online.dll 2009-07-01 18:29 - 2009-07-01 18:29 - 000194048 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll 2009-07-01 18:31 - 2009-07-01 18:31 - 000201728 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll 2009-07-01 18:30 - 2009-07-01 18:30 - 000104960 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll 2009-07-01 18:30 - 2009-07-01 18:30 - 000017920 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll 2009-07-01 18:30 - 2009-07-01 18:30 - 000114176 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll 2009-07-01 18:26 - 2009-07-01 18:26 - 000042496 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll 2009-07-01 18:29 - 2009-07-01 18:29 - 000020480 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll 2009-07-01 18:29 - 2009-07-01 18:29 - 000042496 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_history.dll 2009-07-01 18:24 - 2009-07-01 18:24 - 000026624 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll 2009-07-01 18:26 - 2009-07-01 18:26 - 000045568 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll 2009-07-01 18:24 - 2009-07-01 18:24 - 000057856 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll 2009-07-01 18:26 - 2009-07-01 18:26 - 000024064 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll 2009-07-01 18:26 - 2009-07-01 18:26 - 000028160 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll 2009-07-01 18:27 - 2009-07-01 18:27 - 000045568 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll 2009-07-01 18:34 - 2009-07-01 18:34 - 000025088 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll 2009-07-01 18:32 - 2009-07-01 18:32 - 000365056 _____ () C:\Program Files (x86)\Winamp\System\aacPlusDecoder.w5s ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-677268874-3307230616-387958917-1001\...\amazon.com -> hxxps://amazon.com ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-677268874-3307230616-387958917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ruski_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tekening anna-mria..jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run: => "IAStorIcon" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKU\S-1-5-21-677268874-3307230616-387958917-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-677268874-3307230616-387958917-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-677268874-3307230616-387958917-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{EEC0A5C9-0CBA-43F9-A01F-487C97AA14C0}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe FirewallRules: [{D3228DE5-B0D0-4B2C-AEB9-4A652BF32D9A}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{DBDE7954-3841-46C5-96D4-ED9543AFC813}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe FirewallRules: [{FC9B1E93-05E6-43BA-B3E9-9DFCDDD46454}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 10\programs\umi.exe FirewallRules: [{3BFAD4F1-CF57-4A0A-A49E-96E6CB473467}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 10\programs\umi.exe FirewallRules: [{ED4A719A-D343-4C69-9EE6-AA1D0F871FDE}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 10\programs\PMSRegisterFile.exe FirewallRules: [{BB12332C-AA4D-4CC7-B416-FCDD990A76B2}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 10\programs\PMSRegisterFile.exe FirewallRules: [{382F6F18-8E9F-41C2-AD5D-3A69A3984012}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 10\programs\Studio.exe FirewallRules: [{3043C9AF-CE1F-4F25-85C3-4432956176D0}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 10\programs\Studio.exe FirewallRules: [{F01D6660-E33A-433B-BD96-8EAEA0D4ADB0}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 10\programs\RM.exe FirewallRules: [{E640EE39-9338-4522-8A44-ECEEFCF3261B}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 10\programs\RM.exe FirewallRules: [UDP Query User{F9418B1B-9CF8-481D-968A-E0CE351B28C7}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe] => (Block) C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe FirewallRules: [TCP Query User{43FFCF77-0666-47D4-B570-61F9D8015243}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe] => (Block) C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe FirewallRules: [UDP Query User{E4DA4850-F174-4990-B897-32209E886E32}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{4CB01B0A-9EB7-45C6-9BCD-FE2A494398BF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{C16E69EC-C92C-483E-A6BA-E324307F742E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{90A12F70-6D86-4B14-BE11-6BB825390FAD}] => (Allow) LPort=2869 FirewallRules: [{BD1AF121-63B8-4ABD-8837-DD725E7DD287}] => (Allow) LPort=1900 FirewallRules: [{3E1D5798-59BF-4825-9C11-328AFA89281C}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE FirewallRules: [{45359734-3E53-430D-9CA0-3E8CDDE9A332}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{29681950-8902-4C1C-B49D-797F8A65F9E1}] => (Allow) C:\Users\ruski_000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{7825056F-21B6-4594-9FB8-14DB6A2B14AC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{8B55677F-BCA2-43EC-A8C9-AAFE64653EF0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{D657DDC3-4D87-48C2-8CC3-1516318317EF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3E64EC5E-431A-4984-8642-6FF69C8E3EE0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{9066E00B-CE4B-422D-AA22-E507A273BE0A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{8B0839FD-12F9-4B1B-B22F-8902F48CEBA2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{7EFA3057-9FCF-4663-BDF4-0EC5DCBD52C2}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe ==================== Herstelpunten ========================= 26-08-2017 10:03:50 Gepland controlepunt 03-09-2017 15:20:10 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (09/12/2017 06:25:34 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (09/10/2017 03:28:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma iexplore.exe, versie 11.0.15063.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 2b08 Starttijd: 01d32a38639da33c Eindtijd: 39 Toepassingspad: C:\Program Files (x86)\Internet Explorer\iexplore.exe Rapport-id: 4ca38456-0f6c-48fd-928d-0be1794fc2d5 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/10/2017 03:26:20 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma iexplore.exe, versie 11.0.15063.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 2a60 Starttijd: 01d32a3554779551 Eindtijd: 46 Toepassingspad: C:\Program Files (x86)\Internet Explorer\iexplore.exe Rapport-id: 71c9787d-bf91-4f35-b296-e84b160dc0aa Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/10/2017 03:03:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.15063.0, tijdstempel: 0x5019fe1a Naam van module met fout: KERNELBASE.dll, versie: 10.0.15063.502, tijdstempel: 0xc3955624 Uitzonderingscode: 0xe06d7363 Foutmarge: 0x000eb802 Id van proces met fout: 0x270c Starttijd van toepassing met fout: 0x01d32a0b977b5497 Pad naar toepassing met fout: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: d28cb15e-f4b8-4b1b-8463-e848c8de8e5d Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/10/2017 02:23:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma iexplore.exe, versie 11.0.15063.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 1fd4 Starttijd: 01d32a0bab963626 Eindtijd: 47 Toepassingspad: C:\Program Files (x86)\Internet Explorer\iexplore.exe Rapport-id: 938e0c84-de28-4e0f-84a5-8ea4c0eb6945 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/10/2017 10:05:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.15063.0, tijdstempel: 0x5019fe1a Naam van module met fout: KERNELBASE.dll, versie: 10.0.15063.502, tijdstempel: 0xc3955624 Uitzonderingscode: 0xe06d7363 Foutmarge: 0x000eb802 Id van proces met fout: 0x2950 Starttijd van toepassing met fout: 0x01d32a044cc4b9ea Pad naar toepassing met fout: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 573f808e-b416-4f2f-8583-931faf32fb8a Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/10/2017 08:46:38 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (09/10/2017 08:41:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RUSKICSUBASA) Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (09/06/2017 09:27:40 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (09/06/2017 09:13:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 11.0.15063.0, tijdstempel: 0x5019fe1a Naam van module met fout: KERNELBASE.dll, versie: 10.0.15063.502, tijdstempel: 0xc3955624 Uitzonderingscode: 0xe06d7363 Foutmarge: 0x000eb802 Id van proces met fout: 0x32e8 Starttijd van toepassing met fout: 0x01d3273a6f3af232 Pad naar toepassing met fout: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 55b09b18-2450-4632-8182-c5d2f4503f6d Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Systeemfouten: ============= Error: (09/12/2017 06:48:43 AM) (Source: DCOM) (EventID: 10010) (User: RUSKICSUBASA) Description: De server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/12/2017 06:27:05 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Interactive Services Detection-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (09/12/2017 06:26:43 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/12/2017 06:23:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/10/2017 04:45:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/10/2017 04:19:06 PM) (Source: DCOM) (EventID: 10010) (User: RUSKICSUBASA) Description: De server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/10/2017 02:45:00 PM) (Source: DCOM) (EventID: 10010) (User: RUSKICSUBASA) Description: De server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/10/2017 02:33:53 PM) (Source: DCOM) (EventID: 10010) (User: RUSKICSUBASA) Description: De server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/10/2017 02:33:23 PM) (Source: DCOM) (EventID: 10010) (User: RUSKICSUBASA) Description: De server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/10/2017 02:32:13 PM) (Source: DCOM) (EventID: 10010) (User: RUSKICSUBASA) Description: De server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. CodeIntegrity: =================================== Date: 2017-07-28 17:08:14.259 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\Windows.UI.dll because the set of per-page image hashes could not be found on the system. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i3-5010U CPU @ 2.10GHz Percentage geheugen in gebruik: 73% Totaal fysiek RAM-geheugen: 4014.9 MB Beschikbaar fysiek RAM-geheugen: 1064.99 MB Totaal Virtueel geheugen: 8110.9 MB Beschikbaar Virtual geheugen: 4312.81 MB ==================== Schijven ================================ Drive c: (Boot) (Fixed) (Total:403.28 GB) (Free:66.67 GB) NTFS Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.12 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 6CB82667) Partition: GPT. ==================== Eind van Addition.txt ============================