Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 20-09-2017 Gestart door Filiz (22-09-2017 16:41:37) Gestart vanaf C:\Users\Filiz\Downloads Windows 10 Pro Versie 1703 (X64) (2017-08-31 20:03:09) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-957578125-3795420024-2367941236-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-957578125-3795420024-2367941236-503 - Limited - Disabled) Filiz (S-1-5-21-957578125-3795420024-2367941236-1001 - Administrator - Enabled) => C:\Users\Filiz Gast (S-1-5-21-957578125-3795420024-2367941236-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-957578125-3795420024-2367941236-1003 - Limited - Enabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-957578125-3795420024-2367941236-1001\...\uTorrent) (Version: 3.4.8.42449 - BitTorrent Inc.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated) Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF01}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 8.0 - PainteR) Amazon Assistant (HKLM-x32\...\{3BBC4F87-1F46-431F-A5DB-AFB28F692775}) (Version: 10.17.0612 - Amazon) <==== AANDACHT Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software) BlueStacks App Player (HKLM-x32\...\{2A19A03A-A339-4697-99A4-EBA3D035D41A}) (Version: 2.2.19.6015 - BlueStack Systems, Inc.) Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation) Connectify 2017 (HKLM\...\Connectify) (Version: 2017.4.4.38725 - Connectify) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.) Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: - ) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) LenovoEMC Storage Manager (HKLM\...\LenovoEMC Storage Manager) (Version: 1.4.12.33916 - LenovoEMC) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8326.2107 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-957578125-3795420024-2367941236-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 53.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 nl)) (Version: 53.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla) Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.2.17 - Symantec Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Pharaoh Gold Bundle (HKLM-x32\...\Pharaoh Gold Bundle_is1) (Version: - GOG.com) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.7.8 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.707 - Razer Inc.) SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-11] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-11] (AVAST Software) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] () ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-11] (AVAST Software) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-11] (AVAST Software) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2016-01-28] (Intel Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-11] (AVAST Software) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-05] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0A92BBE1-83A9-4B0C-87B1-1BEAAD9FB402} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {0F420CFA-1D6B-420A-A9F9-ACC6BB5240E9} - System32\Tasks\Norton Security Scan for Filiz => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.2.17\Nss.exe [2017-05-15] (Symantec Corporation) Task: {184F047D-AC45-44BE-8184-9EF068D21001} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-28] (Google Inc.) Task: {1BBDF827-8437-43D0-858C-DB23F715DDB9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-16] (Adobe Systems Incorporated) Task: {3476BC02-7585-4387-9913-57016EDD0689} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {3D4F70BC-079E-44ED-9661-C47CABEED56D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-11] (AVAST Software) Task: {818C7E21-D1BB-4F84-80B4-11EF64F3A39B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-22] (Microsoft Corporation) Task: {95F3ECDF-0FDA-4102-9164-6028E1D7CF65} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-22] () Task: {9BEA6DA9-F234-4492-B99E-9EAB7A7826B1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {9CA27B35-80C9-4368-852A-CD966614D3C8} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-d_filiz@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {A0981312-3737-4879-9C84-B4FBB52B49F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-28] (Google Inc.) Task: {B4783BC7-ABDB-42AB-8664-47877E666027} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {D6D56F8F-CA41-4BDF-ABA4-F476B6A2FC28} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {E1F01DB8-A350-40E2-9E13-BCEA62706CC8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-22] () Task: {EC5FF24D-036A-4848-B73B-0EDC7B37AD28} - System32\Tasks\SafeZone scheduled Autoupdate 1459160475 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software) Task: {ECE447A6-0BB1-427A-BBD8-93F6716A5667} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-22] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2017-06-14 13:11 - 2017-06-14 13:11 - 000104624 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe 2015-11-05 01:11 - 2015-11-05 01:12 - 000188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-09-06 13:42 - 2017-09-22 16:35 - 008929480 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-05-18 00:42 - 2016-05-18 00:42 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 22:59 - 2017-03-20 05:56 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-08-22 18:10 - 2017-08-22 18:10 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-22 18:10 - 2017-08-22 18:10 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-22 18:10 - 2017-08-22 18:10 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-22 18:10 - 2017-08-22 18:10 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2017-09-11 08:03 - 2017-09-11 08:03 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll 2017-08-29 16:49 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll 2017-08-29 16:49 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll 2017-07-16 22:04 - 2017-05-24 18:14 - 000925240 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll 2017-09-11 08:03 - 2017-09-11 08:03 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-09-11 08:03 - 2017-09-11 08:03 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-07-02 22:21 - 2017-07-02 22:21 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-09-11 08:03 - 2017-09-11 08:03 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-09-11 08:03 - 2017-09-11 08:03 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-09-11 08:03 - 2017-09-11 08:03 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-09-11 08:03 - 2017-09-11 08:03 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-957578125-3795420024-2367941236-1001\...\sharepoint.com -> hxxps://vakmedianet-files.sharepoint.com ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-07-31 00:42 - 2017-09-15 00:52 - 000000850 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-957578125-3795420024-2367941236-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 84.116.46.23 - 84.116.46.22 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "Apoint" HKLM\...\StartupApproved\Run: => "Connectify Hotspot" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKLM\...\StartupApproved\Run32: => "RzWizard" HKU\S-1-5-21-957578125-3795420024-2367941236-1001\...\StartupApproved\Run: => "BlueStacks Agent" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{96655CB8-8D2C-463B-8485-CC7ACFD6F480}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{BEABBFA4-F47E-40BB-B696-3B3A3A5C0D88}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe FirewallRules: [{6F3DACB5-86DE-406D-902E-87E6000FDAAD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{D3EEFD73-50B2-40CE-9A99-759465A3144D}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{67453942-D8E8-4D1F-8A4F-77F0D49E6911}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{924B0FEF-CF30-4753-9CBD-8C3E9036CB98}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{38C5B9CD-C6AA-40B6-A410-F8EF2ED25738}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{A5BA58EC-87EC-4EC3-B9CB-55ED647F6E30}] => (Allow) C:\Program Files (x86)\Connectify\ConnectifyNetServices.exe FirewallRules: [{C742D6E9-EB4A-423C-A95F-C10347ED6010}] => (Allow) LPort=1688 FirewallRules: [{C784FC3D-EF23-465D-9584-049FA6BF9503}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{9BA32439-1883-483E-ACEB-E8252E29C27E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{9F88868A-A8B2-4652-94EE-646A8D88C28D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{7258C676-836D-47F0-AB20-45653C9E1FCF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{72F1A749-2AD5-4450-B21D-55FFE0251F59}] => (Allow) LPort=1900 FirewallRules: [{60441BAC-4361-43D5-BD0A-7EB28F0F6DC4}] => (Allow) LPort=2869 FirewallRules: [{5FE39B8F-3F2A-496F-9DA6-E6019A284966}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{75FA4C49-CC3E-41BC-AB00-1E23666B030A}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [{25D1AF22-4FEC-40B2-9ABC-28DC5733907E}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [UDP Query User{A121030D-52C0-446F-B3A6-2F1C4E4CC87C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{840A6F70-436D-4F1E-A3C0-531E8DD5CBD7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{AF233C97-8143-4FBA-B523-284954E723F9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{DF848745-536F-4288-A510-7468F7EF8214}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [UDP Query User{6520D798-A08B-4206-BF5F-282D659FA048}C:\users\filiz\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\filiz\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{93174344-C9E8-4863-87F3-CBC714BCDA7F}C:\users\filiz\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\filiz\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{20B37145-D6B4-4E16-834B-9807802EAA66}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{AC242386-2A76-4C23-866A-D690BE5E6A48}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{688B2964-4B1E-472D-8BBE-5DE70038CA2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EF219EDA-C04F-452A-86CE-B034161D9121}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{AF32980D-913C-4E1A-855E-59FF96136C3B}C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe] => (Allow) C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe FirewallRules: [UDP Query User{F6552205-D474-4981-9FBF-959C48B8AFA8}C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe] => (Allow) C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe FirewallRules: [TCP Query User{68E11AA9-0744-43F2-9928-D1CD790908D5}C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe] => (Block) C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe FirewallRules: [UDP Query User{7DC93267-D1F4-4160-AEC9-0E6BFF5C0C13}C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe] => (Block) C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe FirewallRules: [{920813E4-84AA-41AF-B046-6B056DB9124F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{09F35FAA-7DE5-492C-9C58-35D2E27DC3B9}] => (Allow) LPort=8317 FirewallRules: [{978BAF7A-FA75-4EF1-B14B-86BE79187FFB}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [TCP Query User{E625923A-4C1A-49DC-8E30-C61BBFE00F3A}C:\users\filiz\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\filiz\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{0C904DF2-B864-4535-B554-C9EFBD78729A}C:\users\filiz\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\filiz\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{6AA3962D-4B01-4F31-B92A-4448FD1D881E}] => (Allow) LPort=1688 FirewallRules: [{5B490F4C-1BD0-4849-AC56-82E1804461B4}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld ==================== Defecte Apparaatbeheer Apparaten ============= Name: Broadcom USH Description: Broadcom USH Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (09/22/2017 04:19:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/22/2017 04:18:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (09/22/2017 04:17:55 PM) (Source: BstHdPlusAndroidSvc) (EventID: 0) (User: ) Description: Service kan niet worden gestart. System.ApplicationException: Cannot start state machine bij BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bij System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/22/2017 04:17:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: RzWizardService.exe, versie: 1.0.6.1000, tijdstempel: 0x56f20402 Naam van module met fout: KERNELBASE.dll, versie: 10.0.15063.608, tijdstempel: 0xadaa6ed6 Uitzonderingscode: 0xe0434352 Foutmarge: 0x000eb832 Id van proces met fout: 0xb50 Starttijd van toepassing met fout: 0x01d333ad82a45576 Pad naar toepassing met fout: C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: d2377d39-a4ff-426c-b830-556bfa86367c Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/22/2017 04:17:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: RzWizardService.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.BadImageFormatException bij Razer.Emily.Common.Log4netLogger.Configure(System.String, System.String, System.String) bij Razer.MiniInstallerService.Log.SetUp() bij Razer.MiniInstallerService.RzWizardService..ctor() bij Razer.MiniInstallerService.Program.Main() Error: (09/22/2017 03:57:34 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL op regel 1. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definitie is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (09/22/2017 03:55:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (09/22/2017 03:54:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (09/22/2017 03:54:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0xC004F074 Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent Error: (09/22/2017 03:51:41 PM) (Source: BstHdPlusAndroidSvc) (EventID: 0) (User: ) Description: Service kan niet worden gestart. System.ApplicationException: Cannot start state machine bij BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) bij System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Systeemfouten: ============= Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. Error: (09/22/2017 04:37:25 PM) (Source: cdrom) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\CdRom0. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz Percentage geheugen in gebruik: 68% Totaal fysiek RAM-geheugen: 3957.83 MB Beschikbaar fysiek RAM-geheugen: 1254.69 MB Totaal Virtueel geheugen: 6261.83 MB Beschikbaar Virtual geheugen: 3287.38 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:118.75 GB) (Free:61.88 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 826E0666) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=118.8 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================