Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 21.02.2018 Gestart door rita (22-02-2018 19:24:52) Gestart vanaf C:\Users\rita\Downloads Windows 10 Home Versie 1709 16299.125 (X64) (2018-02-17 05:59:51) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-455634102-3971962441-1493714179-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-455634102-3971962441-1493714179-503 - Limited - Disabled) Gast (S-1-5-21-455634102-3971962441-1493714179-501 - Limited - Disabled) => C:\Users\Gast rita (S-1-5-21-455634102-3971962441-1493714179-1001 - Administrator - Enabled) => C:\Users\rita WDAGUtilityAccount (S-1-5-21-455634102-3971962441-1493714179-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{EAB6B77C-0E46-48EF-8660-7ABA400F7FB4}) (Version: 1.5 - Eyeo GmbH) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-1199499e-254b-40ae-aec4-613e6191aed5) (Version: 2.2.0.98 - WildTangent) Hidden Akamai NetSession Interface (HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Aloha TriPeaks (HKLM-x32\...\WTA-98c0d246-452b-48d4-95ce-0e46790d0d89) (Version: 2.2.0.98 - WildTangent) Hidden ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.212 - Alps Electric) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.) Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.1.2326 - AVAST Software) Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG) Bejeweled 3 (HKLM-x32\...\WTA-ea49f273-2931-462e-b875-90fb16f307de) (Version: 2.2.0.98 - WildTangent) Hidden Belgium e-ID middleware 4.3.2 (build 3551) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73551}) (Version: 4.3.3551 - Belgian Government) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.48.0 - Conexant) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.) CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4427.52 - CyberLink Corp.) Delicious: Emily's True Love Premium Edition (HKLM-x32\...\WTA-d96c894b-28b4-48e5-9fca-eec94965d3f9) (Version: 2.2.0.98 - WildTangent) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 43.4.50 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden eaZyLink (HKLM-x32\...\{CF756771-3653-45E5-809E-D056F4BAACC0}) (Version: 1.2.5 - ZETES) E-Peek (HKLM-x32\...\E-Peek) (Version: - ) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FARO LS 1.1.505.0 (64bit) (HKLM-x32\...\{8834451B-6209-4E02-9EF4-4EF9E3C1F70F}) (Version: 5.5.0.44203 - FARO Scanner Production) Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 0.6.0 - Hotger) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-693aeaf0-4716-4e3a-87c2-e340390cf539) (Version: 2.2.0.110 - WildTangent) Hidden HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Officejet 4620 series Basissoftware van het apparaat (HKLM\...\{E75C591A-0E5F-4365-9B79-0E4FCCF1B34F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet 4620 series Haelp (HKLM-x32\...\{225F0E4C-A89A-4AC7-A56A-95B2A12DDC26}) (Version: 6.0.0 - Hewlett Packard) HP Officejet 4620 series Productverbeteringsonderzoek (HKLM\...\{487EE170-5858-4400-8975-085145D91C83}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photo Creations (HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{99868C9C-C141-4DDE-A2C7-9DDF00F68F17}) (Version: 7.2.0.67 - Apple Inc.) Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Packard Bell) Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security) Island Tribe (HKLM-x32\...\WTA-76750326-df14-4ecd-9da1-e8dc530a4537) (Version: 2.2.0.98 - WildTangent) Hidden iTunes (HKLM\...\{A5FA22F3-4BA1-4F07-8FD4-DA8E17D020AB}) (Version: 12.7.3.46 - Apple Inc.) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Jewel Legends Atlantis (HKLM-x32\...\WTA-4a5fd9cf-d72d-45b2-ad3c-af0d04675c59) (Version: 3.0.2.51 - WildTangent) Hidden Jewel Match 3 (HKLM-x32\...\WTA-9966b442-4d90-4833-acff-c03bd8422bab) (Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (HKLM-x32\...\WTA-7d7b1629-7914-47c0-827d-e0b4995f4fba) (Version: 2.2.0.95 - WildTangent) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Packard Bell) Magic Academy (HKLM-x32\...\WTA-fd1518fe-1cb2-410e-a6e0-4565da444c38) (Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes versie 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft Access Runtime 2013 (HKLM\...\Office15.AccessRT) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.9001.2171 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 58.0.1 (x64 nl) (HKLM\...\Mozilla Firefox 58.0.1 (x64 nl)) (Version: 58.0.1 - Mozilla) Mozilla Firefox 58.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 58.0.2 (x86 nl)) (Version: 58.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla) MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG) Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}) (Version: 12.5.00000 - Nero AG) Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG) Norton Online Backup ARA (HKLM-x32\...\NARA) (Version: 4.1.0.14 - Symantec Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden Packard Bell Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Packard Bell) Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Packard Bell) Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Packard Bell) PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia) Penguins! (HKLM-x32\...\WTA-5000cdd2-6bd9-488a-964c-1a6ab347219f) (Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-6f7645df-852f-41ab-b2a2-ad77506a4c81) (Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (HKLM-x32\...\WTA-933093f7-9c4e-4d8c-9f1f-f693272007dc) (Version: 2.2.0.97 - WildTangent) Hidden Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Qualcomm Atheros Communications Inc.) Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28124 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.) Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia) SketchUp Import 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype Web Plugin (HKLM-x32\...\{0F7D4832-16AE-4857-A6FA-2B141D75A59B}) (Version: 7.7.0.219 - Skype Technologies S.A.) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Tales of Lagoona (HKLM-x32\...\WTA-491c8ba8-71b1-4f8f-a3f9-8236469c5cca) (Version: 2.2.0.110 - WildTangent) Hidden Unchecky v1.1 (HKLM-x32\...\Unchecky) (Version: 1.1 - Reason Software Company Inc.) Unity Web Player (HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS) Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.AccessRT_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell) (Version: 4.0.10.25 - WildTangent) Hidden Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation) Windows-stuurprogrammapakket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia) WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24115}) (Version: 22.0.12670 - Corel Corporation) Zuma's Revenge (HKLM-x32\...\WTA-8f5abc1c-23e2-4b7a-a509-93bcbb7d6726) (Version: 2.2.0.98 - WildTangent) Hidden ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-455634102-3971962441-1493714179-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe /Automation => Geen bestand CustomCLSID: HKU\S-1-5-21-455634102-3971962441-1493714179-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe => Geen bestand CustomCLSID: HKU\S-1-5-21-455634102-3971962441-1493714179-1001_Classes\CLSID\{81CD4B70-A8AB-48FC-826C-8F76A1A06829}\InprocServer32 -> C:\Users\rita\AppData\Local\SkypePlugin\7.7.0.219\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-455634102-3971962441-1493714179-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll () CustomCLSID: HKU\S-1-5-21-455634102-3971962441-1493714179-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\rita\AppData\Local\SkypePlugin\7.7.0.219\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-455634102-3971962441-1493714179-1001_Classes\CLSID\{D779CCB8-300C-4160-B101-D6A5FD73294E}\localserver32 -> C:\Users\rita\AppData\Local\SkypePlugin\7.7.0.219\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-455634102-3971962441-1493714179-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-455634102-3971962441-1493714179-1001_Classes\CLSID\{FE186CB0-BEDC-11D5-9B1D-0050DA438716}\localserver32 -> "C:\Program Files\EPLAN\Platform\2.5.4\Bin\EPLAN.exe" => Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-12] (AVAST Software) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-12] (AVAST Software) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-12-08] (Apple Inc.) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (WinZip Computing, S.L.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-12] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => -> Geen bestand ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (WinZip Computing, S.L.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-02-28] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-02-12] (AVAST Software) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-11-01] (WinZip Computing, S.L.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {05C020B1-46CA-4BA7-80E2-89A72020DA66} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-455634102-3971962441-1493714179-1001Core => C:\Users\rita\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19] (Facebook Inc.) Task: {0BAE7725-FD51-4BCA-8BC9-6BFD7B68DE32} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd) Task: {1B407A2D-AB73-46DF-B1E5-742A00622E5B} - System32\Tasks\{7E363E3F-BDFC-43DD-B474-8063D18A6AF8} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\rita\SkyDrive\Documenten\Education 2.5.4.9380\setup.exe" -d "C:\Users\rita\SkyDrive\Documenten\Education 2.5.4.9380" Task: {1CBD0FFF-DF7A-4EE8-A2DE-0D95F0E61C56} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {32D44C84-DF6B-4020-B9F2-9064336AC7B4} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2012-06-21] () Task: {33272C47-6DFF-4628-8970-E3299659A949} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-08] (Microsoft Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {36138F06-60CA-483D-80FD-F268EEE60C58} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-20] (Microsoft Corporation) Task: {47238C0A-AE41-47E9-9C04-D88C26D800F6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated) Task: {4937F43A-61A4-404D-AF39-410B58685384} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated) Task: {494BA159-6DDE-4B42-B5F7-754AC16BAE11} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19] (Oracle Corporation) Task: {5B881B55-9289-4553-892B-1DFFCED40768} - System32\Tasks\{2522551F-65FB-4163-969D-21A79F1EE7AC} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.7.64.103/nl/go/help.faq.installer?LastError=1618 Task: {5E2C0485-BA38-40E3-8712-F0BC744CF49D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-455634102-3971962441-1493714179-1001UA => C:\Users\rita\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19] (Facebook Inc.) Task: {665AC6D6-EEE9-494A-ACAF-A8E7D1BD5DA7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-02-12] (AVAST Software) Task: {6854A027-4DE7-4628-9FD2-9386A03286ED} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-02-20] (Microsoft Corporation) Task: {75D9C616-4257-42BC-BA55-E96FD1DA1809} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-02-15] (Microsoft Corporation) Task: {789E05FD-571D-43EC-8061-31C65EC8A1F2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-08] (Microsoft Corporation) Task: {7F8CC220-EA29-42CA-A450-E5C1DFD40C95} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated) Task: {8872D3F4-1EA3-429E-8C43-5FB585E54653} - System32\Tasks\{1E01C950-A9E4-4FED-9CB1-364B33473B1A} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Easy Speed Check\uninstall.exe" Task: {8C3985D0-4ECD-4056-846E-A2CB4B7FBBF0} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {8FBD9F28-45C4-411D-A324-2D755D9E3075} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-11] (Dropbox, Inc.) Task: {979E233F-8401-4BDE-80A2-1AD0686EB2A2} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {98769F9F-D926-49CF-A04F-3EB9BD43AAF4} - System32\Tasks\{863A6AB2-1D06-475D-8DA5-F6CFF2A87ADA} => C:\Windows\system32\pcalua.exe -a D:\Setup.EXE -d D:\ Task: {9925C05F-39EA-412D-BB9C-80B949836062} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {BA300815-8C83-4B92-8016-BB25149C8BE4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE Task: {BA300815-8C83-4B92-8016-BB25149C8BE4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE Task: {BA300815-8C83-4B92-8016-BB25149C8BE4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE Task: {BA300815-8C83-4B92-8016-BB25149C8BE4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-455634102-3971962441-1493714179-1001" /ENABLE Task: {BA300815-8C83-4B92-8016-BB25149C8BE4} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {BD5B7706-67C5-4293-BFFD-E27F020F0A18} - System32\Tasks\HP-Online updateprogramma => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard) Task: {C24A1950-FA38-4291-9C59-1641FAD05817} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {C922013F-5719-4A59-9322-91C331F73B42} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-20] (Microsoft Corporation) Task: {CE9DB532-69B2-44E1-BE43-8CD6F4D902FA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-13] (AVAST Software) Task: {D79813FD-E4E0-4D90-BD56-17ADDCF9CD27} - System32\Tasks\S-1-5-21-455634102-3971962441-1493714179-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation) Task: {D976D0A1-D641-4999-ACC8-80842506A540} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-11] (Dropbox, Inc.) Task: {E96B4819-8368-412B-A674-0196DCF86FE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {EC57B42E-269E-4CD0-A434-C996CFD73F8B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {F4340BCB-9E1F-4F93-B8AA-992EB58278FA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd) Task: {F80BBDCE-26BE-4BBB-B6B3-2EE22F07E7F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.) Task: {FEEC37B2-F9A1-4503-B0ED-EF7B62C78A5F} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2012-11-06] () (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-455634102-3971962441-1493714179-1001Core.job => C:\Users\rita\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-455634102-3971962441-1493714179-1001UA.job => C:\Users\rita\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\rita\Favorites\Packard Bell\Packard Bell.lnk -> hxxp://www.packardbell.com ==================== Geladen Modules (gefilterd) ============== 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2014-12-12 15:43 - 2013-10-23 15:24 - 000087600 _____ () C:\WINDOWS\System32\cpwmon64.dll 2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-02-28 03:38 - 2015-02-28 03:38 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-01-17 17:00 - 2014-03-03 14:04 - 000068096 _____ () C:\Program Files (x86)\BrytonBridge2\BBService.exe 2017-04-27 18:23 - 2017-04-27 18:23 - 000518656 _____ () C:\ProgramData\eaZyLink\eaZySvr.exe 2017-09-01 12:15 - 2017-09-01 12:15 - 000495872 _____ () C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe 2017-11-14 18:25 - 2017-12-10 21:04 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2014-01-17 17:00 - 2014-03-03 14:04 - 001298432 _____ () C:\Program Files (x86)\BrytonBridge2\BBDaemon.exe 2017-04-28 11:12 - 2017-04-28 11:12 - 001890040 _____ () C:\ProgramData\eaZyLink\eazylink.exe 2017-12-14 05:55 - 2017-12-14 05:55 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-12-14 05:55 - 2017-12-14 05:55 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll 2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll 2014-01-17 17:00 - 2014-03-03 14:04 - 001704960 _____ () C:\Program Files (x86)\BrytonBridge2\BrytonBridge2.exe 2018-02-07 18:47 - 2018-02-07 18:47 - 000090496 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2015-02-28 03:38 - 2015-02-28 03:38 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000339816 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000966512 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000266096 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000139112 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000040808 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000081776 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000495464 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000360304 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000114544 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll 2018-02-18 19:58 - 2017-09-01 16:35 - 002411968 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000089960 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000073584 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000298864 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000348008 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000978792 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll 2018-02-18 19:58 - 2017-09-04 10:10 - 000126832 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000175984 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000724848 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000114544 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000188264 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll 2018-02-18 19:58 - 2017-09-04 10:11 - 000266088 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll 2014-01-17 17:00 - 2014-03-03 14:04 - 001061888 _____ () C:\Program Files (x86)\BrytonBridge2\PythonQt.dll 2014-01-17 17:00 - 2014-03-03 14:04 - 000041472 _____ () C:\Program Files (x86)\BrytonBridge2\HeraLib.dll 2014-04-04 15:58 - 2014-03-03 14:04 - 000087040 _____ () C:\Program Files (x86)\BrytonBridge2\Resources\_ctypes.pyd 2014-04-04 15:58 - 2014-03-03 14:04 - 000044032 _____ () C:\Program Files (x86)\BrytonBridge2\Resources\_socket.pyd 2014-04-04 15:58 - 2014-03-03 14:04 - 000865792 _____ () C:\Program Files (x86)\BrytonBridge2\Resources\_ssl.pyd 2014-04-04 15:58 - 2014-03-03 14:04 - 000010240 _____ () C:\Program Files (x86)\BrytonBridge2\Resources\select.pyd 2014-04-04 15:58 - 2014-03-03 14:04 - 000356352 _____ () C:\Program Files (x86)\BrytonBridge2\Resources\_hashlib.pyd 2014-04-04 15:58 - 2014-03-03 14:04 - 000686080 _____ () C:\Program Files (x86)\BrytonBridge2\Resources\unicodedata.pyd 2018-01-05 00:14 - 2018-01-05 00:14 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2018-01-05 00:14 - 2018-01-05 00:14 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2017-11-30 18:55 - 2017-11-30 18:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-17 17:00 - 2012-06-21 18:31 - 000019968 _____ () C:\Users\rita\AppData\Roaming\Python-Eggs\greenlet-0.4.0-py2.7-win32.egg-tmp\greenlet.pyd 2014-01-17 17:00 - 2012-12-25 10:21 - 000049152 _____ () C:\Users\rita\AppData\Roaming\Python-Eggs\gevent-1.0rc2-py2.7-win32.egg-tmp\gevent\_semaphore.pyd 2014-01-17 17:00 - 2012-12-25 10:21 - 000195584 _____ () C:\Users\rita\AppData\Roaming\Python-Eggs\gevent-1.0rc2-py2.7-win32.egg-tmp\gevent\core.pyd 2014-04-04 15:58 - 2014-03-03 14:04 - 000026624 _____ () C:\Program Files (x86)\BrytonBridge2\imageformats\qgif4.dll 2014-04-04 15:58 - 2014-03-03 14:04 - 000028672 _____ () C:\Program Files (x86)\BrytonBridge2\imageformats\qico4.dll 2014-04-04 15:58 - 2014-03-03 14:04 - 000196608 _____ () C:\Program Files (x86)\BrytonBridge2\imageformats\qjpeg4.dll 2014-04-04 15:58 - 2014-03-03 14:04 - 000220672 _____ () C:\Program Files (x86)\BrytonBridge2\imageformats\qmng4.dll 2014-04-04 15:58 - 2014-03-03 14:04 - 000022016 _____ () C:\Program Files (x86)\BrytonBridge2\imageformats\qsvg4.dll 2014-04-04 15:58 - 2014-03-03 14:04 - 000284672 _____ () C:\Program Files (x86)\BrytonBridge2\imageformats\qtiff4.dll 2018-02-10 04:44 - 2018-02-08 21:10 - 000740168 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-02-10 04:44 - 2018-02-08 21:10 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2018-02-10 04:44 - 2018-02-08 21:10 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2018-02-10 04:44 - 2018-02-08 21:10 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2018-02-10 04:44 - 2018-02-08 21:12 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 001796416 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 001956672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 003859272 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000521032 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000100704 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2018-02-10 04:44 - 2018-02-08 21:13 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-02-10 04:44 - 2018-02-08 21:12 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2018-02-10 04:44 - 2018-02-08 21:10 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2018-02-10 04:44 - 2018-02-08 21:13 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-02-10 04:44 - 2018-02-08 21:12 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-02-10 04:44 - 2018-02-08 21:12 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2018-02-10 04:44 - 2018-02-08 21:13 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000545096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000359232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2018-02-10 04:44 - 2018-02-08 21:12 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd 2017-10-27 17:57 - 2017-10-27 17:57 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-02-12 18:53 - 2018-02-12 18:53 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-02-12 18:53 - 2018-02-12 18:53 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2018-02-12 18:52 - 2018-02-12 18:52 - 000275672 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [119] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) HKU\S-1-5-21-455634102-3971962441-1493714179-1001\Software\Classes\.scr: scrfile => <==== AANDACHT ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-455634102-3971962441-1493714179-1001\...\1001movie.com -> 1001movie.com Er zijn 6091 Meer websites. ==================== Hosts inhoud: ========================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 14:25 - 2018-02-21 22:21 - 000002132 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-455634102-3971962441-1493714179-1001\Control Panel\Desktop\\Wallpaper -> c:\users\rita\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\achtergrond van windows photo viewer.jpg DNS Servers: 195.130.130.5 - 195.130.131.5 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run32: => "LManager" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "beid" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "iTunesHelper" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{5EC3BE95-CBA0-40C8-8C7B-F30B971214C8}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{04F05E4D-83EF-417E-94C0-715F3F3F2937}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{F78092FA-F3CC-4E2F-B2B6-E85BE1AA975D}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{F2EAAEBB-895C-4D52-AE23-738201D79CE2}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{92065754-448C-410C-9037-1799A30063A9}] => (Allow) %systemroot%\system32\alg.exe FirewallRules: [{8C48AE96-B018-4650-92E2-4A6A697DC435}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [TCP Query User{94771F5A-78C4-4CC4-83E2-1BD58A6D32B7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{085FDCC4-EBF3-467D-BC57-568C860EC061}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{C7F02B43-C10D-4832-98DF-7C6205E3E394}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{721A416D-3B0F-47CD-A4AF-101440D92C01}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{37DE4182-906E-4B83-8F4F-E71A9199ADE9}C:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicator.exe FirewallRules: [UDP Query User{77C6A5D4-FCAF-40C6-953E-84D5EE7D3B9F}C:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicator.exe FirewallRules: [TCP Query User{B9EA3E07-293A-43D3-B7D7-901F15B00C91}C:\users\rita\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rita\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{2379E016-4279-42F2-B3A3-F6E6A33B520B}C:\users\rita\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rita\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{524FD0C2-EFA5-45D9-AEC2-4D0D50187DC9}C:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicatorcom.exe FirewallRules: [UDP Query User{8984036D-4D1B-4031-A0E0-6CF5FC593F63}C:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicatorcom.exe FirewallRules: [{35EA5BFF-02D2-40DA-B560-57BF53551FF2}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{7DF6E6CF-B678-44D7-8794-CBEC633C100B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{7B9BD807-CA6B-4E6D-BCFA-19BA87B45CEA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{BCF948B1-3380-412D-BB68-45B409E82A3A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [TCP Query User{6E1C8F20-BCDE-4B7B-BB74-CE8E5E81A708}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{05773E9D-06B6-46C9-89EC-B9D247A6144F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{43CE867A-FB51-44F9-8643-65515C04FA41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 17-02-2018 07:45:04 erwin1 20-02-2018 17:40:29 Removed Nokia Connectivity Cable Driver ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (02/22/2018 07:03:10 AM) (Source: MsiInstaller) (EventID: 11310) (User: ERWIN) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rita\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (02/22/2018 07:02:09 AM) (Source: MsiInstaller) (EventID: 11310) (User: ERWIN) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rita\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (02/22/2018 07:01:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 1.0.0.127.in-addr.arpa. PTR erwin-2.local. Error: (02/22/2018 07:01:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353 13 1.0.0.127.in-addr.arpa. PTR erwin.local. Error: (02/22/2018 07:01:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 2.7.5.5.3.0.F.8.5.5.0.D.7.C.D.A.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR erwin-2.local. Error: (02/22/2018 07:01:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:ADC7:D055:8F03:5572:5353 13 2.7.5.5.3.0.F.8.5.5.0.D.7.C.D.A.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR erwin.local. Error: (02/22/2018 07:01:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname erwin.local already in use; will try erwin-2.local instead Error: (02/22/2018 07:01:21 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 16 erwin.local. AAAA FE80:0000:0000:0000:ADC7:D055:8F03:5572 Systeemfouten: ============= Error: (02/22/2018 07:24:45 PM) (Source: DCOM) (EventID: 10001) (User: ERWIN) Description: Kan DCOM Server 62632UNETA.492836F161CC8_1.1.23.0_x64__rmspfwnbz040j!App.AppX5qq4e0mmcx3790vsb1yhn9r57z8gdhy1.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "2" is opgetreden bij het uitvoeren van de opdracht "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXj224cyfn9eze53ggjp67s62s6mynhdn6.mca Error: (02/22/2018 07:09:47 PM) (Source: DCOM) (EventID: 10001) (User: ERWIN) Description: Kan DCOM Server 62632UNETA.492836F161CC8_1.1.23.0_x64__rmspfwnbz040j!App.AppX5qq4e0mmcx3790vsb1yhn9r57z8gdhy1.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "2" is opgetreden bij het uitvoeren van de opdracht "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXj224cyfn9eze53ggjp67s62s6mynhdn6.mca Error: (02/22/2018 07:09:47 PM) (Source: DCOM) (EventID: 10001) (User: ERWIN) Description: Kan DCOM Server 62632UNETA.492836F161CC8_1.1.23.0_x64__rmspfwnbz040j!App.AppX5qq4e0mmcx3790vsb1yhn9r57z8gdhy1.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "2" is opgetreden bij het uitvoeren van de opdracht "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXj224cyfn9eze53ggjp67s62s6mynhdn6.mca Error: (02/22/2018 07:06:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (02/22/2018 07:02:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (02/22/2018 07:23:37 AM) (Source: DCOM) (EventID: 10016) (User: ERWIN) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker ERWIN\rita SID (S-1-5-21-455634102-3971962441-1493714179-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/22/2018 07:23:36 AM) (Source: DCOM) (EventID: 10016) (User: ERWIN) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker ERWIN\rita SID (S-1-5-21-455634102-3971962441-1493714179-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/22/2018 07:23:34 AM) (Source: DCOM) (EventID: 10016) (User: ERWIN) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker ERWIN\rita SID (S-1-5-21-455634102-3971962441-1493714179-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2018-02-20 07:19:42.212 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\beidmdrv64.dll that did not meet the Store signing level requirements. Date: 2018-02-20 07:19:37.062 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\beidmdrv64.dll that did not meet the Store signing level requirements. Date: 2018-02-20 07:19:37.023 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\beidmdrv64.dll that did not meet the Store signing level requirements. Date: 2018-02-20 07:19:31.922 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\beidmdrv64.dll that did not meet the Store signing level requirements. Date: 2018-02-20 07:19:20.066 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\beidmdrv64.dll that did not meet the Store signing level requirements. Date: 2018-02-20 07:19:09.057 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\beidmdrv64.dll that did not meet the Store signing level requirements. Date: 2018-02-20 07:19:09.017 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\beidmdrv64.dll that did not meet the Store signing level requirements. Date: 2018-02-20 07:19:00.217 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\beidmdrv64.dll that did not meet the Store signing level requirements. ==================== Geheugen info =========================== Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics Percentage geheugen in gebruik: 70% Totaal fysiek RAM-geheugen: 3658.26 MB Beschikbaar fysiek RAM-geheugen: 1068.49 MB Totaal Virtueel geheugen: 5066.26 MB Beschikbaar Virtual geheugen: 2007.07 MB ==================== Schijven ================================ Drive c: (Packard Bell) (Fixed) (Total:442.83 GB) (Free:283.17 GB) NTFS \\?\Volume{aa6c998b-37fb-4621-8ad9-d6b35c6598ac}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS \\?\Volume{0061eb7e-366d-4944-8d75-ba3aa8e61190}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32 \\?\Volume{618bd2aa-6117-45e0-be9f-8acdaf3072f7}\ () (Fixed) (Total:0.78 GB) (Free:0.34 GB) NTFS \\?\Volume{e1324845-3dd0-4e93-8bd9-0ab59d698b68}\ () (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS \\?\Volume{2dffcbb6-3f42-4cb9-ad19-613f381e4f8a}\ (Push Button Reset) (Fixed) (Total:21 GB) (Free:8.57 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: BB98C7E9) Partition: GPT. ==================== Eind van Addition.txt ============================