Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 12-11-2017 Gestart door Qtera69 (12-11-2017 16:40:59) Gestart vanaf C:\Users\Qtera69\Downloads Windows 10 Home Versie 1703 15063.674 (X64) (2017-09-30 12:44:50) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3587330891-1572245818-3806218168-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3587330891-1572245818-3806218168-503 - Limited - Disabled) Gast (S-1-5-21-3587330891-1572245818-3806218168-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3587330891-1572245818-3806218168-1002 - Limited - Enabled) Qtera69 (S-1-5-21-3587330891-1572245818-3806218168-1001 - Administrator - Enabled) => C:\Users\Qtera69 ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Albelli.be Fotoboeken (HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1) (Version: 11.3.0.2053 - albelli BE) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.2.0 - Canon Inc.) Canon MG6800 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6800_series) (Version: 1.00 - Canon Inc.) Canon MG6800 series On-screen Manual (HKLM-x32\...\Canon MG6800 series On-screen Manual) (Version: 7.8.0 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.240 - DivX, LLC) dr.fone toolkit voor iOS (Version 8.5.0) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 8.5.0.54 - Wondershare Technology Co.,Ltd.) DriverToolkit version 8.5.1.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.5.1.0 - Megaify Software) Dropbox (HKLM-x32\...\Dropbox) (Version: 38.4.27 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden Gebruikersregistratie voor Canon MG6800 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG6800 series) (Version: - ‭Canon Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.) inSSIDer Office (HKLM-x32\...\{F7F37748-A121-4B38-8192-6453E1FF5ADD}) (Version: 4.4.0.6 - MetaGeek, LLC) iTunes (HKLM\...\{C690D43D-4ECF-4904-A0AC-09AFD4BEA6BF}) (Version: 12.7.1.14 - Apple Inc.) Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation) Malwarebytes versie 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Office 2016 KMS Activator Ultimate v1.1 Final (HKLM\...\Office 2016 KMS Activator Ultimate v1.1 Final_is1) (Version: v1.1 Final - ) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PokerStars.be (HKLM-x32\...\PokerStars.be) (Version: - PokerStars.be) Polar FlowSync versie 2.6.2 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 2.6.2 - Polar Electro Oy) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung ) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom) TomTom Sports Connect (HKLM-x32\...\TomTom Sports Connect) (Version: 3.3.4.0 - TomTom International B.V.) VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 10-upgradeassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinX HD Video Converter Deluxe 5.9.2 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2017-05-25] (DivX, LLC) ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2017-05-25] (DivX, LLC) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-12] (AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-02-05] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-02-05] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {058D5A84-E416-4B64-90D3-7973D42D813B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {25A2D685-B0ED-4B01-9D1A-D8B7FDD28C17} - System32\Tasks\{C0489643-44C5-F8B8-C343-DB054549A834} => C:\PROGRA~2\FASTDA~1\FASTDA~1.EXE Task: {3209BB5F-7238-4DC5-A99C-B70BEB145437} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-25] (Dropbox, Inc.) Task: {3D0D4D8C-B4C5-4A3D-9427-693718E1E8AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.) Task: {643EFF6B-FBDE-47C1-B037-785AF02653B2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-12] (AVAST Software) Task: {7813AD45-C198-482E-9921-21BE1D5448FE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {819CC0B6-22DE-451F-B913-BAD5BFA42D67} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [2017-05-26] (DivX, LLC) Task: {85E0F1C9-81D8-4FA1-B82A-3DF666597EA4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-25] (Dropbox, Inc.) Task: {ACA4DCAF-72D5-4B0F-BAA8-069830581046} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {B3FCC11F-F7C7-471D-88AD-6400913C6805} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {C31A9079-34AE-4650-A110-B13ADA30E4C2} - \AutoKMS -> Geen bestand <==== AANDACHT Task: {C87E37A3-9717-4726-B2A8-66E1A8C7F057} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.) Task: {D0878D11-5A5B-4D44-8CD0-B789A547442B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {D3AF6B05-9205-4F70-9170-6E7EE9594E46} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {DC0BB881-B6CE-4AAF-8569-783D9BB6D9D9} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [2017-05-15] (Megaify Software Co., Ltd.) Task: {EA3751CA-4D3F-48DD-839F-7C36E09F1A3E} - System32\Tasks\SafeZone scheduled Autoupdate 1461346313 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software) Task: {EC83AEA4-E5BC-4C7B-BC11-812DFBB3A903} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {F7C4CA7D-22BD-45C2-B87D-E1E7FF3CE745} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2017-09-01 01:49 - 2017-09-01 01:49 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-05-31 18:50 - 2016-02-04 10:53 - 000387144 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2017-11-12 13:05 - 2017-11-12 13:05 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll 2017-11-12 14:16 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-11-12 14:16 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-02-23 07:29 - 2017-02-23 07:29 - 008909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2017-03-18 21:59 - 2017-03-20 04:56 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-03 19:09 - 2017-03-03 19:09 - 000073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2017-11-08 11:33 - 2017-11-05 10:12 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libglesv2.dll 2017-11-08 11:33 - 2017-11-05 10:12 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libegl.dll 2017-09-30 14:09 - 2014-02-17 18:13 - 000092984 _____ () C:\Program Files (x86)\DriverToolkit\zlibwapi.dll 2017-10-22 18:44 - 2015-11-19 14:56 - 001759232 _____ () C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll 2017-11-12 13:05 - 2017-11-12 13:05 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-11-12 13:05 - 2017-11-12 13:05 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll 2017-07-15 18:20 - 2017-07-15 18:20 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-11-12 13:05 - 2017-11-12 13:05 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-11-12 13:05 - 2017-11-12 13:05 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-11-12 13:05 - 2017-11-12 13:05 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-11-04 13:29 - 2017-11-01 12:58 - 000724288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2017-11-04 13:29 - 2017-11-01 12:58 - 002002752 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2016-10-25 11:58 - 2017-11-01 12:57 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-10-25 11:58 - 2017-11-01 13:01 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000130512 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 001856848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-11-04 13:29 - 2017-11-01 12:57 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-11-04 13:29 - 2017-11-01 12:58 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-10-25 11:58 - 2017-11-01 12:57 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-10-25 11:58 - 2017-11-01 13:01 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2017-11-04 13:29 - 2017-11-01 12:57 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2017-11-04 13:29 - 2017-11-01 12:58 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-10-25 11:58 - 2017-11-01 13:01 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-10-25 11:58 - 2017-11-01 13:01 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2017-09-21 19:10 - 2017-11-01 12:57 - 000026056 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000021824 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-09-07 08:48 - 2017-11-01 13:01 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000022856 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2017-05-17 20:36 - 2017-11-01 13:01 - 000066392 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 001796920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000084424 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 001956152 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 003859264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000154440 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000521024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000050496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000042304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000131384 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000218944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000204096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-10-25 11:58 - 2017-11-01 13:01 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-03-03 11:16 - 2017-11-01 13:01 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-01-24 07:31 - 2017-11-01 13:01 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2016-10-25 11:58 - 2017-11-01 13:01 - 000100688 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-01-24 07:31 - 2017-11-01 13:01 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-01-24 07:31 - 2017-11-01 13:01 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-01-24 07:31 - 2017-11-01 13:01 - 000022360 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-10-25 11:58 - 2017-11-01 12:57 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000101184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2016-10-25 11:58 - 2017-11-01 13:01 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000025424 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-11-04 13:29 - 2017-11-01 12:58 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-11-04 13:29 - 2017-11-01 13:01 - 000032600 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-11-04 13:29 - 2017-11-01 12:58 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-11-04 13:29 - 2017-11-01 13:01 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-10-25 11:58 - 2017-11-01 13:01 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2017-11-04 13:29 - 2017-11-01 13:01 - 001638200 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2016-10-25 11:58 - 2017-11-01 13:01 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000545080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000359224 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2017-11-04 13:29 - 2017-11-01 13:01 - 000038208 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd 2017-10-18 23:52 - 2017-10-18 23:52 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-09-01 01:49 - 2017-09-01 01:49 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2017-10-18 23:51 - 2017-10-18 23:51 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2016-04-22 13:45 - 2016-04-22 13:42 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Qtera69\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{e7da8508-5fb5-41e1-8944-6df8a6443c6b}.jpg DNS Servers: 195.130.131.4 - 195.130.130.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "MyDriveConnect.exe" HKU\S-1-5-21-3587330891-1572245818-3806218168-1001\...\StartupApproved\Run: => "TomTom MySports Connect.exe" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{D2FCA4C2-43BE-44B7-84D3-1D6AED1F15AD}] => (Allow) C:\WINDOWS\AutoKMS\AutoKMS.exe FirewallRules: [{8DCFACB3-CDEC-45EB-8D97-FB495E86FDEA}] => (Allow) C:\WINDOWS\AutoKMS\AutoKMS.exe FirewallRules: [{6369ECD2-C948-4C24-8916-EC28E92CA982}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe FirewallRules: [{5F293842-22EE-4F93-844F-BB379BDF7DAE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe FirewallRules: [{5F120DBE-E507-4237-AEAF-28BAE50AC1DB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{6D49F123-D907-4E0E-8FE6-F47ABF7357E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EDA17F36-074A-41C1-9736-8F37B7B5670F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{032BAA96-73FC-4A76-861C-8939F361FB3A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{6BE36F46-016F-421A-8E6A-5ECBB6737D9A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{929BE1FF-B70A-46BE-A038-072522D35ED2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{7FAC1F63-C65C-40D6-95EA-CC619E31F116}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{71048256-DF3A-4DB1-9A78-93288CEDD2A1}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{8B17EFE8-8078-4D98-A758-B8DDD7C44769}] => (Allow) C:\Users\Qtera69\AppData\Local\Maelstrom\Application\chrome.native.torrent.exe FirewallRules: [{03BDA80E-A50F-4C95-B3C0-82483505B499}] => (Allow) C:\Users\Qtera69\AppData\Local\Maelstrom\Application\chrome.native.torrent.exe FirewallRules: [{2BD6AE8A-5598-4AC5-9550-7AA80A60732D}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2D551744-8B44-488E-A48F-87C3DC395C3C}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B3CA81C3-0AAE-4ADC-99B7-1FC676ED6C90}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F258E490-B524-4B33-ACF5-282B56A1619E}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E52EA470-DDA0-468C-A46E-4A9E201C3FCA}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E16D6DA8-7717-45D6-8020-D47D76E6D9F6}] => (Allow) C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0ADDA244-1E43-4ACF-A02B-CB416EBFFCCC}] => (Allow) D:\Software - programmas\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P\Microsoft Toolkit.exe FirewallRules: [{A492EEF0-6F83-4676-BBAB-B9AF05F7CD7C}] => (Allow) D:\Software - programmas\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P\Microsoft Toolkit.exe FirewallRules: [{702D183C-927A-465F-A348-38B87BC2DDBF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5764FD25-B7C2-458A-A575-CC25A2FFCC0A}] => (Allow) LPort=2869 FirewallRules: [{5583E2DD-6CE9-42A7-9BD9-8141FED0BBEA}] => (Allow) LPort=1900 FirewallRules: [{03B881F7-CEEC-452D-A041-4C829DEBEE90}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{F7683092-124D-47EE-8DD1-143C68B29047}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{ADFE585E-98A9-4521-BCC5-FC09275E1DDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CADC1797-77E8-4564-A3B0-1C5587C3DEEE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6DC4239D-482B-4138-ABEB-F4CBC8DD1D49}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B15A1B7F-262A-4069-9DDE-D236F37FC4EF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{0AF026B0-63C8-40E2-A5C9-320D3DC89984}] => (Allow) LPort=5354 FirewallRules: [{057EBED8-8E76-45EF-913E-723147832324}] => (Allow) LPort=5354 FirewallRules: [{63D8F440-B1EC-4A4E-B749-1322899F08A3}] => (Allow) LPort=5354 FirewallRules: [{902808EC-39EA-4838-AB27-86159C2F2D3A}] => (Allow) LPort=5354 FirewallRules: [{A18E986C-407D-4553-949F-9094BDD4BB11}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{FCB63022-460C-4E91-A222-5EB7D8141A52}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{4111FE5D-86D5-413A-A541-545A762869B1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 12-11-2017 13:05:04 Removed Microsoft Silverlight ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/12/2017 04:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Qtera69-TOSH.local already in use; will try Qtera69-TOSH-2.local instead Error: (11/12/2017 04:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 Qtera69-TOSH.local. Addr 192.168.0.100 Error: (11/12/2017 04:32:48 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.100:5353 16 Qtera69-TOSH.local. AAAA 2A02:1810:3E0F:A000:FD05:E874:60BB:A960 Error: (11/12/2017 03:07:25 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: ) Description: Kan gebruiksrechtovereenkomst niet verkrijgen. hr=0xC004C003 Sku-id=2b88c4f2-ea8f-43cd-805e-4d41346e18a7 Error: (11/12/2017 03:07:25 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: ) Description: Details van het mislukken van ophalen van licentie. hr=0xC004C003 Error: (11/12/2017 01:31:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: svchost.exe, versie: 10.0.15063.0, tijdstempel: 0x4c9dbd90 Naam van module met fout: adservice.dll, versie: 0.0.0.0, tijdstempel: 0x59895171 Uitzonderingscode: 0xc00001a5 Foutmarge: 0x00025950 Id van proces met fout: 0xd7c Starttijd van toepassing met fout: 0x01d35baec2881c5b Pad naar toepassing met fout: c:\windows\syswow64\svchost.exe Pad naar module met fout: c:\users\qtera69\appdata\local\adservice\adservice.dll Rapport-id: 75f44488-929a-4ac6-b899-ef16b3fad501 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (11/12/2017 01:07:27 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Kan DLL voor uitbreidbare items rdyboost niet laden. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de Windows-foutcode. Error: (11/12/2017 01:07:26 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (11/12/2017 01:01:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ic-0.41d2199f3c6d44.exe, versie: 1.0.0.1, tijdstempel: 0x5a0831b0 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000 Uitzonderingscode: 0xc00001a5 Foutmarge: 0x00450e2a Id van proces met fout: 0x3a18 Starttijd van toepassing met fout: 0x01d35badf34f5a3a Pad naar toepassing met fout: C:\Users\Qtera69\AppData\Local\Temp\597013140\ic-0.41d2199f3c6d44.exe Pad naar module met fout: unknown Rapport-id: b4c636ef-d163-4fb5-8247-b8832e8a7f87 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (11/12/2017 11:59:44 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Systeemfouten: ============= Error: (11/12/2017 04:32:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De RtkAudioService-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (11/12/2017 04:32:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart: De aanvraag wordt niet ondersteund. Error: (11/12/2017 04:32:08 PM) (Source: DCOM) (EventID: 10010) (User: QTERA69-TOSH) Description: De server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/12/2017 02:13:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De RtkAudioService-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (11/12/2017 02:13:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart: De aanvraag wordt niet ondersteund. Error: (11/12/2017 01:31:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De AdsService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (11/12/2017 01:07:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De RtkAudioService-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (11/12/2017 01:07:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart: De aanvraag wordt niet ondersteund. Error: (11/12/2017 01:06:58 PM) (Source: volmgr) (EventID: 49) (User: ) Description: Het configureren van het paginabestand voor de crashdump is mislukt. Zorg ervoor dat er zich een paginabestand op de opstartpartitie bevindt en dat deze groot genoeg is om het gehele fysieke geheugen te bevatten. Error: (11/12/2017 01:05:14 PM) (Source: DCOM) (EventID: 10010) (User: QTERA69-TOSH) Description: De server {9E6E74C7-0E85-4D14-8851-7635E2C1C528} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz Percentage geheugen in gebruik: 71% Totaal fysiek RAM-geheugen: 3954.67 MB Beschikbaar fysiek RAM-geheugen: 1121.8 MB Totaal Virtueel geheugen: 8306.67 MB Beschikbaar Virtual geheugen: 4805.61 MB ==================== Schijven ================================ Drive c: (WINDOWS) (Fixed) (Total:161.27 GB) (Free:12.54 GB) NTFS Drive d: (Data) (Fixed) (Total:303.43 GB) (Free:32.49 GB) NTFS Drive e: (ANATtrainer) (CDROM) (Total:0.53 GB) (Free:0 GB) CDFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 9634BEED) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=161.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=984 MB) - (Type=27) Partition 4: (Not Active) - (Size=303.4 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================