Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 24-09-2017 Gestart door Qtera69 (25-09-2017 12:02:09) Gestart vanaf C:\Users\Qtera69\Downloads Windows 10 Home Versie 1607 (X64) (2016-08-15 17:41:50) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3587330891-1572245818-3806218168-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3587330891-1572245818-3806218168-503 - Limited - Disabled) Gast (S-1-5-21-3587330891-1572245818-3806218168-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3587330891-1572245818-3806218168-1002 - Limited - Enabled) Qtera69 (S-1-5-21-3587330891-1572245818-3806218168-1001 - Administrator - Enabled) => C:\Users\Qtera69 ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Albelli.be Fotoboeken (HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1) (Version: 11.3.0.2053 - albelli BE) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.2.0 - Canon Inc.) Canon MG6800 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6800_series) (Version: 1.00 - Canon Inc.) Canon MG6800 series On-screen Manual (HKLM-x32\...\Canon MG6800 series On-screen Manual) (Version: 7.8.0 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.240 - DivX, LLC) dr.fone toolkit voor iOS (Version 8.5.0) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 8.5.0.54 - Wondershare Technology Co.,Ltd.) Dropbox (HKLM-x32\...\Dropbox) (Version: 35.4.20 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden Gebruikersregistratie voor Canon MG6800 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG6800 series) (Version: - ‭Canon Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.) iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PokerStars.be (HKLM-x32\...\PokerStars.be) (Version: - PokerStars.be) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung ) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom) TomTom Sports Connect (HKLM-x32\...\TomTom Sports Connect) (Version: 3.3.2.0 - TomTom International B.V.) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 10-upgradeassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinX HD Video Converter Deluxe 5.9.2 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software) ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2017-05-25] (DivX, LLC) ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2017-05-25] (DivX, LLC) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-09-20] (Dropbox, Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-12] (AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-05] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {058D5A84-E416-4B64-90D3-7973D42D813B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {3209BB5F-7238-4DC5-A99C-B70BEB145437} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-25] (Dropbox, Inc.) Task: {3D0D4D8C-B4C5-4A3D-9427-693718E1E8AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.) Task: {6415FA2E-0003-4FD1-876A-0F5A423BC9EB} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-04-22] () Task: {6A9B91E5-2EE7-44DC-9E1C-FB6C0032A944} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) Task: {7813AD45-C198-482E-9921-21BE1D5448FE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {819CC0B6-22DE-451F-B913-BAD5BFA42D67} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-05-26] (DivX, LLC) Task: {85E0F1C9-81D8-4FA1-B82A-3DF666597EA4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-25] (Dropbox, Inc.) Task: {A662C04B-C99F-4B80-85C6-7336846C0CCD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-12] (AVAST Software) Task: {ACA4DCAF-72D5-4B0F-BAA8-069830581046} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {C87E37A3-9717-4726-B2A8-66E1A8C7F057} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.) Task: {D0878D11-5A5B-4D44-8CD0-B789A547442B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {D3AF6B05-9205-4F70-9170-6E7EE9594E46} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {EA3751CA-4D3F-48DD-839F-7C36E09F1A3E} - System32\Tasks\SafeZone scheduled Autoupdate 1461346313 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software) Task: {EC83AEA4-E5BC-4C7B-BC11-812DFBB3A903} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-05-31 19:50 - 2016-02-04 11:53 - 000387144 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-09-12 21:29 - 2017-09-07 08:01 - 002681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-09-16 21:56 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 22:10 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-14 22:08 - 2017-03-04 08:12 - 009760768 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 22:08 - 2017-03-04 08:05 - 001401856 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 22:08 - 2017-03-04 08:05 - 000757248 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-09-12 21:29 - 2017-09-07 06:53 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-09-12 21:29 - 2017-09-07 06:59 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-03-03 20:09 - 2017-03-03 20:09 - 000073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2017-09-12 20:34 - 2017-09-12 20:34 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll 2017-08-24 21:16 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll 2017-08-24 21:16 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll 2017-08-24 19:14 - 2017-08-24 19:14 - 002210480 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll 2015-10-13 15:10 - 2015-10-13 15:10 - 001428648 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll 2017-08-04 19:51 - 2017-08-04 19:52 - 000019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-08-04 19:51 - 2017-08-04 19:52 - 028986880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-08-04 19:51 - 2017-08-04 19:52 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-08-04 19:51 - 2017-08-04 19:52 - 020510208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2017-08-04 19:51 - 2017-08-04 19:52 - 002339328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-08-04 19:51 - 2017-08-04 19:52 - 003041792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-06-08 08:45 - 2017-06-08 08:45 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-15 05:58 - 2017-06-15 08:11 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2017-08-04 19:51 - 2017-08-04 19:52 - 001361920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-09-12 20:34 - 2017-09-12 20:34 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-09-12 20:34 - 2017-09-12 20:34 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-07-15 19:20 - 2017-07-15 19:20 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-09-12 20:34 - 2017-09-12 20:34 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-09-12 20:34 - 2017-09-12 20:34 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-09-12 20:34 - 2017-09-12 20:34 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-09-12 20:34 - 2017-09-12 20:34 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-09-21 20:10 - 2017-09-20 18:48 - 000771904 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2017-09-21 20:10 - 2017-09-20 18:48 - 001804608 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2017-09-21 20:10 - 2017-09-20 18:49 - 000023872 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_bootstrap.dll 2016-10-25 12:58 - 2017-09-20 18:48 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-10-25 12:58 - 2017-09-20 18:50 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 001862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-09-21 20:10 - 2017-09-20 18:48 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-09-21 20:10 - 2017-09-20 18:48 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-10-25 12:58 - 2017-09-20 18:48 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-10-25 12:58 - 2017-09-20 18:50 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2017-09-21 20:10 - 2017-09-20 18:48 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2017-09-21 20:10 - 2017-09-20 18:48 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-10-25 12:58 - 2017-09-20 18:50 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-10-25 12:58 - 2017-09-20 18:50 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2017-09-21 20:10 - 2017-09-20 18:48 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-09-07 09:48 - 2017-09-20 18:50 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2017-05-17 21:36 - 2017-09-20 18:50 - 000082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2016-10-25 12:58 - 2017-09-20 18:50 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000154440 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000045888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-03-03 12:16 - 2017-09-20 18:50 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-01-24 08:31 - 2017-09-20 18:50 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2016-10-25 12:58 - 2017-09-20 18:50 - 000069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2017-01-24 08:31 - 2017-09-20 18:50 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-01-24 08:31 - 2017-09-20 18:50 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-01-24 08:31 - 2017-09-20 18:50 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-10-25 12:58 - 2017-09-20 18:48 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2016-10-25 12:58 - 2017-09-20 18:50 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-09-21 20:10 - 2017-09-20 18:48 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-09-21 20:10 - 2017-09-20 18:49 - 000033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-09-21 20:10 - 2017-09-20 18:48 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-09-21 20:10 - 2017-09-20 18:49 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-10-25 12:58 - 2017-09-20 18:50 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-09-21 20:10 - 2017-09-20 18:49 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2017-09-21 20:10 - 2017-09-20 18:49 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2016-10-25 12:58 - 2017-09-20 18:50 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2017-09-21 20:10 - 2017-09-20 18:50 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd 2017-07-13 20:51 - 2017-07-13 20:51 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-07-13 20:50 - 2017-07-13 20:50 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2016-09-01 18:13 - 2016-09-01 18:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2016-04-22 14:45 - 2016-04-22 14:42 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 195.130.131.4 - 195.130.130.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "MyDriveConnect.exe" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "TomTom MySports Connect.exe" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{B15A1B7F-262A-4069-9DDE-D236F37FC4EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{6DC4239D-482B-4138-ABEB-F4CBC8DD1D49}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CADC1797-77E8-4564-A3B0-1C5587C3DEEE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{ADFE585E-98A9-4521-BCC5-FC09275E1DDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F7683092-124D-47EE-8DD1-143C68B29047}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{03B881F7-CEEC-452D-A041-4C829DEBEE90}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{5583E2DD-6CE9-42A7-9BD9-8141FED0BBEA}] => (Allow) LPort=1900 FirewallRules: [{5764FD25-B7C2-458A-A575-CC25A2FFCC0A}] => (Allow) LPort=2869 FirewallRules: [{702D183C-927A-465F-A348-38B87BC2DDBF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A492EEF0-6F83-4676-BBAB-B9AF05F7CD7C}] => (Allow) D:\Software - programmas\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P\Microsoft Toolkit.exe FirewallRules: [{0ADDA244-1E43-4ACF-A02B-CB416EBFFCCC}] => (Allow) D:\Software - programmas\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P\Microsoft Toolkit.exe FirewallRules: [{E16D6DA8-7717-45D6-8020-D47D76E6D9F6}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E52EA470-DDA0-468C-A46E-4A9E201C3FCA}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F258E490-B524-4B33-ACF5-282B56A1619E}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B3CA81C3-0AAE-4ADC-99B7-1FC676ED6C90}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2D551744-8B44-488E-A48F-87C3DC395C3C}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2BD6AE8A-5598-4AC5-9550-7AA80A60732D}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{03BDA80E-A50F-4C95-B3C0-82483505B499}] => (Allow) C:\Users\Qtera69\AppData\Local\Maelstrom\Application\chrome.native.torrent.exe FirewallRules: [{8B17EFE8-8078-4D98-A758-B8DDD7C44769}] => (Allow) C:\Users\Qtera69\AppData\Local\Maelstrom\Application\chrome.native.torrent.exe FirewallRules: [{71048256-DF3A-4DB1-9A78-93288CEDD2A1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{7FAC1F63-C65C-40D6-95EA-CC619E31F116}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{929BE1FF-B70A-46BE-A038-072522D35ED2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{6BE36F46-016F-421A-8E6A-5ECBB6737D9A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{032BAA96-73FC-4A76-861C-8939F361FB3A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{EDA17F36-074A-41C1-9736-8F37B7B5670F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{6D49F123-D907-4E0E-8FE6-F47ABF7357E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{5F120DBE-E507-4237-AEAF-28BAE50AC1DB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{5F293842-22EE-4F93-844F-BB379BDF7DAE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe FirewallRules: [{E0688DC6-6193-454A-8E11-4A0D9D08FD74}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{0E7217D9-A28B-4310-A6C5-3AE8D6B7E14F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{6369ECD2-C948-4C24-8916-EC28E92CA982}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe FirewallRules: [{91AE5E52-FE71-4B5C-A970-6C2C41F92472}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Herstelpunten ========================= 07-09-2017 17:33:43 Gepland controlepunt 12-09-2017 21:32:43 Windows Update 21-09-2017 15:40:00 Gepland controlepunt 21-09-2017 20:12:16 Herstelbewerking 24-09-2017 20:16:32 Configured Microsoft Office Professional Plus 2013 24-09-2017 20:33:11 Herstelbewerking ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (09/25/2017 10:54:37 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (09/24/2017 08:48:23 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Er is tijdens Systeemherstel een onbekende fout opgetreden: (Gepland controlepunt). Aanvullende gegevens: 0x80070091. Error: (09/24/2017 08:39:13 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: Er is tijdens Systeemherstel een onbekende fout opgetreden: (Herstelbewerking). Aanvullende gegevens: 0x80070091. Error: (09/24/2017 08:33:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (09/24/2017 08:16:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (09/24/2017 08:06:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Microsoft Toolkit.exe, versie: 2.4.7.0, tijdstempel: 0x51fd0366 Naam van module met fout: KERNELBASE.dll, versie: 10.0.14393.1715, tijdstempel: 0x59b0d106 Uitzonderingscode: 0xe0434352 Foutmarge: 0x0000000000033c58 Id van proces met fout: 0x1c44 Starttijd van toepassing met fout: 0x01d3355fe00b4c0d Pad naar toepassing met fout: D:\Software - programmas\Microsoft Office ProPlus 2013 VL 32 Bit and 64 Bit en-US (Aug 2013) + MS Toolkit Activator 2.4.7\Microsoft Toolkit Activator 2.4.7\Microsoft Toolkit.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: a3c04c27-5861-47e9-8856-083b6fcf8dbe Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/24/2017 08:06:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: Microsoft Toolkit.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.Configuration.SettingsPropertyNotFoundException bij System.Configuration.SettingsBase.GetPropertyValueByName(System.String) bij System.Configuration.SettingsBase.get_Item(System.String) bij System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String) bij System.Configuration.ApplicationSettingsBase.get_Item(System.String) bij ..(System.Configuration.ApplicationSettingsBase ByRef) bij ..() Error: (09/24/2017 08:06:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Microsoft Toolkit.exe, versie: 2.4.7.0, tijdstempel: 0x51fd0366 Naam van module met fout: KERNELBASE.dll, versie: 10.0.14393.1715, tijdstempel: 0x59b0d106 Uitzonderingscode: 0xe0434352 Foutmarge: 0x0000000000033c58 Id van proces met fout: 0x1b98 Starttijd van toepassing met fout: 0x01d3355fd81a4d4f Pad naar toepassing met fout: D:\Software - programmas\Microsoft Office ProPlus 2013 VL 32 Bit and 64 Bit en-US (Aug 2013) + MS Toolkit Activator 2.4.7\Microsoft Toolkit Activator 2.4.7\Microsoft Toolkit.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: edf98638-5e5f-49e4-9c47-454b01d2c577 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/24/2017 08:06:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: Microsoft Toolkit.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.Configuration.SettingsPropertyNotFoundException bij System.Configuration.SettingsBase.GetPropertyValueByName(System.String) bij System.Configuration.SettingsBase.get_Item(System.String) bij System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String) bij System.Configuration.ApplicationSettingsBase.get_Item(System.String) bij ..(System.Configuration.ApplicationSettingsBase ByRef) bij ..() Error: (09/24/2017 07:33:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 22 0.6.9.A.B.B.0.6.4.7.8.E.5.0.D.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Qtera69-TOSH-2.local. Systeemfouten: ============= Error: (09/25/2017 11:05:08 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (09/25/2017 10:52:55 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY) Description: Minipoort TAP-Windows Adapter V9 #3, {5B275C85-1289-4713-BA8F-C57A66CDDA0D}: gebeurtenis 76 Error: (09/25/2017 10:51:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/24/2017 08:52:09 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY) Description: Minipoort TAP-Win32 Adapter OAS #24, {A006BE57-3799-4D27-A226-A80DD5787C95}: gebeurtenis 76 Error: (09/24/2017 08:49:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/24/2017 08:47:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De RtkAudioService-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (09/24/2017 08:40:31 PM) (Source: DCOM) (EventID: 10010) (User: QTERA69-TOSH) Description: De server {21F282D1-A881-49E1-9A3A-26E44E39B86C} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/24/2017 08:38:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De RtkAudioService-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (09/24/2017 08:33:47 PM) (Source: DCOM) (EventID: 10010) (User: QTERA69-TOSH) Description: De server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/24/2017 08:27:02 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY) Description: Minipoort TAP-Win32 Adapter OAS #23, {A0258FB6-1332-471E-AFBC-2242A3751FD7}: gebeurtenis 76 CodeIntegrity: =================================== Date: 2017-07-17 21:16:21.101 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-17 21:16:21.098 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-07-16 10:09:19.492 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Percentage geheugen in gebruik: 66% Totaal fysiek RAM-geheugen: 3954.67 MB Beschikbaar fysiek RAM-geheugen: 1311.1 MB Totaal Virtueel geheugen: 5170.67 MB Beschikbaar Virtual geheugen: 1929.27 MB ==================== Schijven ================================ Drive c: (WINDOWS) (Fixed) (Total:161.79 GB) (Free:11.66 GB) NTFS Drive d: (Data) (Fixed) (Total:303.43 GB) (Free:50.43 GB) NTFS Drive e: (ZWACHTELEN2) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9634BEED) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=161.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=303.4 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================