Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 06.06.2018 01 Gestart door Laptop (15-06-2018 16:07:28) Gestart vanaf C:\Users\Laptop\Desktop Windows 10 Pro Versie 1709 16299.492 (X64) (2018-01-03 17:40:44) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3463537045-2426531621-2115468099-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3463537045-2426531621-2115468099-503 - Limited - Disabled) Gast (S-1-5-21-3463537045-2426531621-2115468099-501 - Limited - Disabled) Laptop (S-1-5-21-3463537045-2426531621-2115468099-1001 - Administrator - Enabled) => C:\Users\Laptop WDAGUtilityAccount (S-1-5-21-3463537045-2426531621-2115468099-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) µTorrent (HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\uTorrent) (Version: 3.5.3.44428 - BitTorrent Inc.) 3uTools (HKLM-x32\...\3uTools) (Version: 2.20.012 - ShangHai ZhangZheng Network Technology Co., Ltd.) adobe (HKLM\...\{F9972BCA-8EDC-42D8-B157-2B093EB26838}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated) Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated) AhMyth 1.0.0 (only current user) (HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\03595f1d-03b5-5cd8-b7b3-ac9848bbb87b) (Version: 1.0.0 - AhmED AlHajri) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.) Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.) Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden Application Verifier x64 External Package (HKLM\...\{F02CC6FE-37FC-3D47-F961-721D85BAF224}) (Version: 10.1.15063.674 - Microsoft) Hidden BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.74.1828 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform) Click Install if prompted (HKLM-x32\...\{40830C8E-936E-4E08-AE37-240FF3343927}) (Version: 1.0.6.0 - ExpressVpn) Hidden ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{D1844DC3-B378-47CC-AB40-7FC16C79A2CD}) (Version: 4.7.02558 - Microsoft Corporation) Hidden CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.A.) DiagnosticsHub_CollectionService (HKLM\...\{A5DD0731-C724-4037-B35B-B80782AACE00}) (Version: 15.0.27128 - Microsoft Corporation) Hidden Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.4.0 - IObit) Entity Framework 6.1.3 Tools for Visual Studio 15 (HKLM-x32\...\{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 - Microsoft Corporation) Hidden ExpressVPN (HKLM-x32\...\{B97E1AC2-1F11-43C0-90A7-22B158337D06}) (Version: 6.5.1.3605 - ExpressVPN) Hidden ExpressVPN (HKLM-x32\...\{e87d0eca-dc93-4f55-bf74-0d155d8c6f07}) (Version: 6.5.1.3605 - ExpressVPN) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Hide ALL IP 2018.04.29 (HKLM-x32\...\{02FC1980-2123-451F-8CB7-C9B60BE40717}_is1) (Version: - www.hideallip.com) HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.6.18.11 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{1D488BAD-A0A4-42FB-8EB4-E6245A29B113}) (Version: 12.9.18.3 - HP Inc.) icecap_collection_neutral (HKLM-x32\...\{9149432D-3BEE-4869-B6F5-7A5CF843A612}) (Version: 15.0.27005 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{D0C9796E-CB35-4440-885D-9630A0153D1E}) (Version: 15.0.27005 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{B96B62E4-2EE4-45EC-8082-246FFC1B12E3}) (Version: 15.0.27005 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{262EE643-72FF-406D-9776-C6B65443DA5B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden IIS 10.0 Express (HKLM\...\{883ED9A8-3762-481E-A362-3A7BE5CBEB15}) (Version: 10.0.1740 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 (HKLM-x32\...\{87A8879A-3189-4E81-8D1A-0467301C5049}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden IntelliTraceProfilerProxy (HKLM-x32\...\{0A2EDF2C-9A71-43D7-964A-696BB7CEAC65}) (Version: 15.0.25.0 - Microsoft Corporation) Hidden iTunes (HKLM\...\{A5FA22F3-4BA1-4F07-8FD4-DA8E17D020AB}) (Version: 12.7.3.46 - Apple Inc.) Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Kits Configuration Installer (HKLM-x32\...\{971E24EB-1096-64A5-10C0-7FD2D3774669}) (Version: 10.1.15063.674 - Microsoft) Hidden Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft .NET Core SDK - 2.1.4 (x64) (HKLM-x32\...\{9e732e8f-9e57-467d-a425-6f2387bdabd0}) (Version: 2.1.4 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM\...\{9BAD8F82-A221-42CE-AFF0-7CAB825790C9}) (Version: 14.0.600.250 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2017 CTP2.1 (HKLM-x32\...\{F0DD1AA8-44D7-4ACE-AF65-7378EA5D884C}) (Version: 14.0.600.250 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.14.162.1217 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{65C71B09-C33D-4F60-93EA-DF3AD1D40600}) (Version: 10.0.1981 - Microsoft Corporation) MSI Development Tools (HKLM-x32\...\{577FB968-1AAC-A315-93D6-419725A69F36}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.5 - Notepad++ Team) Octopus Box Samsung software 2.6.6 (HKLM-x32\...\Octoplus Box Samsung software_is1) (Version: - Octoplus team) Oracle VM VirtualBox 5.2.12 (HKLM\...\{128AD467-F107-4FED-A283-F355E74DE103}) (Version: 5.2.12 - Oracle Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC) Plex Media Server (HKLM-x32\...\{4a09aae2-b4a1-4c15-8f26-5e1ed766c1b3}) (Version: 1.13.0.5023 - Plex, Inc.) Plex Media Server (HKLM-x32\...\{A5BBDF8B-9033-45EC-9D5F-6B04FF74288F}) (Version: 1.13.23 - Plex, Inc.) Hidden Popcorn-Time (HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time) PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.8557 - Kakao Corp.) Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32) Python 3.6.3 (64-bit) (HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\{b3a11d5f-0d2d-4bc3-ad72-39f3fa14162c}) (Version: 3.6.3150.0 - Python Software Foundation) Python 3.6.3 Core Interpreter (64-bit symbols) (HKLM\...\{4F41E9C9-3079-4BB0-806E-EA74F6E218AC}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Core Interpreter (64-bit) (HKLM\...\{5CAB3F9C-AC0C-4796-984C-292FF82FB112}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Development Libraries (64-bit) (HKLM\...\{B6B221CE-20AA-46D6-8156-911613216968}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Documentation (64-bit) (HKLM\...\{404A8C42-6B82-4B32-AC7F-0583644A04F2}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Executables (64-bit symbols) (HKLM\...\{B6C96BF6-D381-4011-B65D-44FC4A7CFC9E}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Executables (64-bit) (HKLM\...\{D3ABC2C4-85AF-4AFD-94D4-F2B84F49BFEA}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 pip Bootstrap (64-bit) (HKLM\...\{48EC8399-294B-40F5-8274-E2AFBF0CFCBE}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Standard Library (64-bit symbols) (HKLM\...\{28FDA5E7-4FD1-4659-96D0-E6D2FD756DDD}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Standard Library (64-bit) (HKLM\...\{60B3332C-989F-4609-8D4F-7B1FD1DB0A5D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Tcl/Tk Support (64-bit symbols) (HKLM\...\{50A4B450-4499-4AF7-8AC9-5125DA32153A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Tcl/Tk Support (64-bit) (HKLM\...\{8FE3FFD1-2F7E-4EBB-A4B7-627E279DA70E}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Test Suite (64-bit symbols) (HKLM\...\{43BEECFA-E1E7-4124-B3EC-124B7D35C170}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Test Suite (64-bit) (HKLM\...\{2C6B5217-ACF4-4082-B19C-3463C9340E41}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.3 Utility Scripts (64-bit) (HKLM\...\{E3F016B8-A524-4F97-9095-944C31A971E0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden Python 3.6.4 (32-bit) (HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\{9218130b-5ad0-4cf7-82be-6993cfd6cb84}) (Version: 3.6.4150.0 - Python Software Foundation) Python 3.6.4 Core Interpreter (32-bit symbols) (HKLM-x32\...\{7FD841FD-89E9-4346-94C8-A1408F12DE82}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Core Interpreter (32-bit) (HKLM-x32\...\{D188614B-E656-4EF1-9F5A-23559EBE8F5A}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Development Libraries (32-bit) (HKLM-x32\...\{C3797E33-967D-4687-8F1A-9DE771A00125}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Documentation (32-bit) (HKLM-x32\...\{E09874D3-E898-4AB6-B043-EE24DF786088}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Executables (32-bit symbols) (HKLM-x32\...\{0C00F463-3106-4050-A2D8-8E428E51E83C}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Executables (32-bit) (HKLM-x32\...\{47A75DB9-F3F5-4697-9261-DBA5162DBB9E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 pip Bootstrap (32-bit) (HKLM-x32\...\{54142B43-2FA5-4BBA-BF03-27C10EB50C1E}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Standard Library (32-bit symbols) (HKLM-x32\...\{6CC54DC8-92F1-415D-B642-BB6A89C7AAD4}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Standard Library (32-bit) (HKLM-x32\...\{2832768E-9BCA-4421-950C-7186B3BDFC45}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Tcl/Tk Support (32-bit symbols) (HKLM-x32\...\{4C92CB12-D8A0-4758-8118-D4E98F6CDC7C}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Tcl/Tk Support (32-bit) (HKLM-x32\...\{20888FA1-8127-42E3-969F-9BF93245AC83}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Test Suite (32-bit symbols) (HKLM-x32\...\{AD3A41ED-8F63-4C30-BA79-25A8F3F8ABC8}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Test Suite (32-bit) (HKLM-x32\...\{D14FB2FA-51B2-415C-93BF-5053102235EE}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python 3.6.4 Utility Scripts (32-bit) (HKLM-x32\...\{D0730E44-E519-4F39-B926-E2FC0449D67C}) (Version: 3.6.4150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{B42FF40A-60D4-4096-AC47-C86153D72797}) (Version: 3.6.6196.0 - Python Software Foundation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.) Registry Finder 2.24 (HKLM\...\{CC3C7E59-8611-4542-8BFD-FFC6759AD0FB}_is1) (Version: 2.24 - Sergey Filippov) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Split Tunneling Driver (HKLM-x32\...\{F078B0B5-2F41-42C2-9162-B8C628D5E6FE}) (Version: 1.0.0.0 - ExpressVpn) Hidden Spotnet (HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\Spotnet) (Version: 2.0.0.276 - Spotnet) Stopping Plex (HKLM-x32\...\{57FCED33-B159-4B27-9D55-C760A5E5BA1F}) (Version: 1.13.23 - Plex, Inc.) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated) Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) TypeScript SDK (HKLM-x32\...\{B08D05BC-7897-4616-B34C-95B58D07650C}) (Version: 2.5.4.0 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Universal CRT Extension SDK (HKLM-x32\...\{BE2D1829-B45D-4D78-BF02-4076B86AC57C}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{A46D1F7A-BA32-2375-EF97-4975E594A7E7}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{E2EA2702-534B-D6C1-5AC4-724E3CE7B2D9}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) vcpp_crt.redist.clickonce (HKLM-x32\...\{0074562E-F896-4994-9086-79F8BC8DE02C}) (Version: 14.12.25830 - Microsoft Corporation) Hidden Visual Studio Professional 2017 (HKLM\...\fdb0d1be) (Version: 15.5.27130.2020 - Microsoft Corporation) Visual Studio Professional 2017 (HKLM-x32\...\fdb0d1be) (Version: 15.5.27130.2020 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN) VS Immersive Activate Helper (HKLM-x32\...\{8A2BDA07-3417-46C1-9058-CB32BC63E30E}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{F8F52853-A1A7-42C7-A082-5A6D5853BB0B}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{0EE5749D-2DC0-460F-AB1C-06B3EDB42426}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden VS WCF Debugging (HKLM\...\{209A1A84-1A06-4954-9D73-7E654C5F8D7A}) (Version: 16.0.76.0 - Microsoft Corporation) Hidden vs_BlendMsi (HKLM-x32\...\{18640789-304F-40B5-884B-130B4A97D83B}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsi (HKLM-x32\...\{A68D7884-F036-4A0D-AE1A-410E0311E135}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsires (HKLM-x32\...\{91DDDFB5-1782-48C2-BA2A-8F4D9DE39D27}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_clickoncesigntoolmsi (HKLM-x32\...\{6A1ECF65-2CBF-4B33-9D4A-D1C0A0E5FE45}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{595F5D63-8773-4182-A1E0-EC9ECF4B6EA4}) (Version: 15.0.27102 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{9414C260-D479-49EB-B0BF-01C1F5076EA0}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{A57BD1C0-42AD-42F8-AFEB-FAC7E6ABB005}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{70F69B4F-7950-4841-8139-5D0C7EDD2FE6}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{B11D79C6-332C-47B6-B58C-2F88A4911C7C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{2497054A-0269-4F45-98AE-F469F89CC45F}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{231C8ADB-BF59-458E-A909-CFA825F46388}) (Version: 15.0.27102 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{9CDD69A2-765A-4970-AB6B-595A740C614F}) (Version: 15.0.27019 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_professionalmsi (HKLM-x32\...\{C135A30B-7258-4E11-8660-87C5642A4AAE}) (Version: 15.0.26621 - Microsoft Corporation) Hidden vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{5779B6DD-604A-41CE-BC3D-9D4BDDA22AD2}) (Version: 15.0.27005 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden VyprVPN (HKLM\...\{526B3DDC-6891-4F43-8F64-8B83DC9E4848}) (Version: 2.13.0.8109 - Golden Frog, GmbH.) WinAppDeploy (HKLM-x32\...\{03343DEA-224B-E9B6-1FBB-E637E6BC6BAA}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.15063.674 (HKLM-x32\...\{6824cee4-b358-4633-b82c-5f20894af8e2}) (Version: 10.1.15063.674 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - en-us (HKLM-x32\...\{D8AA52A2-81E2-BB84-AAF9-C487C586CC15}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{5715A2A6-E637-81E3-464D-3F0F999E506A}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{2B8614A6-D0C1-CFE0-9311-7AF9227DC9BA}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{409D68FF-37DD-F8F4-A60F-30BEAA4AA4CE}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{3617F573-CF51-0F5A-063F-B272F98D0522}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FDE59EF8-D43D-F9DA-5B0C-CC9C90DB0335}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{87CC4887-0873-F87B-D804-6A78B07DC1F5}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D62E0DD5-9853-C09C-AE15-D02988503C60}) (Version: 10.1.15063.674 - Microsoft Corporation) Hidden Wondershare MobileGo(Version 8.2.3) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.3 - Wondershare) XAMPP (HKLM-x32\...\xampp) (Version: 7.2.2-0 - Bitnami) Xoreax IncrediBuild 9.0.1 (build 2004) (HKLM-x32\...\XoreaxIncrediBuild) (Version: - ) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3463537045-2426531621-2115468099-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-02-27] () ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-05-05] (AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-14] (Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-05-05] (AO Kaspersky Lab) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-05-05] (AO Kaspersky Lab) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] () ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-05-05] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-14] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {073C0A29-14AD-49BA-BB02-53B9737124F8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {0FC6106E-5495-4346-9863-B39817AA9908} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {10A4CB46-3213-4681-8699-F308803A9BA1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-27] (HP Inc.) Task: {2BE45DDA-B519-4739-AB40-5029F3993870} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-05-02] (HP Inc.) Task: {2DFEF94A-536F-406D-B411-A01DCCCBA0C2} - System32\Tasks\ASCU11_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2018-03-28] (IObit) Task: {2E2F86B4-218C-481E-BAB9-D8ED5C61FA0D} - System32\Tasks\HPCeeScheduleForLaptop => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.) Task: {31417141-E843-44F8-9DBD-FDD3F9E0BE7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation) Task: {36BC60EC-5BB4-49BA-B605-466AA341DC99} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-03] (Google Inc.) Task: {42DBC62B-83C7-4894-A997-C363DED00E53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-01] (Piriform Ltd) Task: {44BC44F2-533A-46C5-BD4F-26BC2D12E4DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-03] (Google Inc.) Task: {452296BA-177B-46B7-A297-B67C8A33311A} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 15.5.99 => C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\VSIXAutoUpdate.exe [2018-01-14] () Task: {46909CC2-9AB4-4B3D-A4CB-5BB68940AEB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation) Task: {4B7B2C7D-03C0-459F-AA19-360B22CA3D2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-09-27] (HP Inc.) Task: {539BFA59-AE45-4652-8B7A-6DCC0CCD81E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.) Task: {700D8223-A64A-45E5-9457-60A630E2DEA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.) Task: {8F315D14-DBF6-4536-8743-58198A6207E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {94B58B77-59FD-4138-B9CD-5E465DF25939} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.) Task: {A54AECC7-FE3F-4F66-9401-0C6F47D2E3C8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-01] (Piriform Ltd) Task: {B44462A9-6287-4D75-A394-8E0E96249F15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-27] (HP Inc.) Task: {C3CEBCA0-A792-4B2F-A7EB-332376F34FD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation) Task: {C4424A23-E9B4-467E-B7B4-E96D9D3F58DB} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\Windows\system32\Notifier.exe [2018-05-04] (Microsoft Corporation) Task: {CAD3CA02-4D5A-4071-A0FD-A0B14E7B0839} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-09-27] (HP Inc.) Task: {CEA44447-2D63-40F8-B5AA-D194B24A8A10} - System32\Tasks\Driver Booster SkipUAC (Laptop) => C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe [2018-05-27] (IObit) Task: {D505D63B-CF96-4D02-B000-C5CD2D7BEAB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-05-11] (HP Inc.) Task: {E8BAF5FA-E4F4-4124-B081-3320DC39B3F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation) Task: {EA8BC246-9C04-4D4C-9E9C-95E855819027} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-05-02] (HP Inc.) Task: {F51E7F9F-0B8D-48C2-843F-E09FB64970B3} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-5MPV6GN-Laptop => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\HPCeeScheduleForLaptop.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll 2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-02-07 17:42 - 2018-02-07 17:42 - 000339168 _____ () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe 2018-02-07 17:45 - 2018-02-07 17:45 - 008457344 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe 2018-06-15 00:41 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-06-15 00:41 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2017-09-26 03:52 - 2017-09-26 03:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2018-06-13 17:16 - 2018-06-08 08:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-06-13 17:16 - 2018-06-08 07:56 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-06-13 17:15 - 2018-06-08 09:24 - 003657632 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll 2018-06-13 17:15 - 2018-06-08 09:26 - 002470304 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll 2018-05-01 23:20 - 2018-05-01 23:20 - 031061504 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1712.1141.0_x64__8wekyb3d8bbwe\PilotshubApp.dll 2018-05-01 23:20 - 2018-05-01 23:20 - 000502272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1712.1141.0_x64__8wekyb3d8bbwe\Helper.dll 2018-05-26 13:59 - 2018-05-26 14:00 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-05-26 13:59 - 2018-05-26 14:00 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-05-26 13:59 - 2018-05-26 14:00 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-05-26 13:59 - 2018-05-26 14:00 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll 2018-05-31 21:54 - 2018-05-31 21:54 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-05-26 13:49 - 2018-05-26 13:49 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-05-26 13:49 - 2018-05-26 13:49 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll 2018-01-03 20:26 - 2018-01-03 20:26 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-05-26 13:49 - 2018-05-26 13:49 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll 2018-06-14 00:05 - 2018-06-12 07:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll 2018-06-14 00:05 - 2018-06-12 07:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000083432 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000203240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll 2018-01-14 22:47 - 2017-10-26 13:28 - 000053248 _____ () C:\Program Files (x86)\Xoreax\IncrediBuild\QuickLZ131.dll 2018-02-07 17:45 - 2018-02-07 17:45 - 006164864 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\libxvclient.dll 2018-02-07 17:46 - 2018-02-07 17:46 - 000080512 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.NetworkUtils.dll 2018-02-07 17:42 - 2018-02-07 17:42 - 000303104 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.SplitTunnel.dll 2018-02-07 17:46 - 2018-02-07 17:46 - 000441472 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll 2018-05-27 20:20 - 2017-08-04 13:44 - 000082720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\GetProcessDLL.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 001083368 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000059880 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000115688 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 001741288 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc2411.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 001962984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core2411.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000025576 _____ () C:\Program Files (x86)\Plex\Plex Media Server\lyric_lite.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000772072 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 001549104 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libstdc++-6.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000127136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libgcc_s_dw2-1.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000050152 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000071656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000024552 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000041448 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000930280 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000074728 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000190952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll 2018-05-04 04:49 - 2018-05-04 04:49 - 000218088 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000018920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000095720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000143336 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000694248 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd 2018-05-04 04:49 - 2018-05-04 04:49 - 000064488 _____ () C:\Program Files (x86)\Plex\Plex Media Server\TeVii.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\localhost -> localhost ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2017-09-29 15:46 - 2018-06-14 23:07 - 000000822 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.2.254 - 213.75.63.75 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AvastUI.exe" HKLM\...\StartupApproved\Run: => "RtHDVBg" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "PlaysTV" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "IncrediBuild Agent Monitor" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\StartupApproved\StartupFolder: => "5r8DcJB4ok4inz0o.exe.url" HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\StartupApproved\StartupFolder: => "Ccleaner.exe" HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\StartupApproved\Run: => "CyberGhost" HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\StartupApproved\Run: => "ExpressVPN4" HKU\S-1-5-21-3463537045-2426531621-2115468099-1001\...\StartupApproved\Run: => "Windows Update*" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{79DDE16E-A3D4-4845-8AAD-8E4D9205F1DA}] => (Allow) C:\Users\Laptop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BA500C7F-C46B-488F-BE9F-70F76447E0F5}] => (Allow) C:\Users\Laptop\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DA38A94C-BAC0-4285-83C5-6EBEC9FCA4CA}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{512F7F87-3BD8-4D3B-BC7E-495464A3707D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{B27E1E55-CEA4-480C-84F6-9B8665DFD886}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{9595172A-BF5C-4D5D-A3FC-58D0C8DA0FD2}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{F0DC043A-3633-4F08-B1EE-9B7133C9E52E}] => (Allow) LPort=31104 FirewallRules: [{D0B31606-FC5A-4612-AFFB-252A1675DC88}] => (Allow) LPort=31105 FirewallRules: [{E462CCDF-0906-4B15-8EA5-E93F50149364}] => (Allow) LPort=31106 FirewallRules: [{B461C51D-BB51-4C07-84DF-58A170A6BF84}] => (Allow) LPort=31107 FirewallRules: [{FF6AB8A6-F359-4893-AD63-B988EB6E080D}] => (Allow) LPort=31108 FirewallRules: [{A597B6D0-BA70-4ED8-A939-AFC1D1045CCC}] => (Allow) LPort=31109 FirewallRules: [TCP Query User{5F05BA41-AEE8-4605-B669-A0638DFD6E92}C:\windows\syswow64\explorer.exe] => (Allow) C:\windows\syswow64\explorer.exe FirewallRules: [UDP Query User{2781C88E-56DF-490F-99C4-D1619DA21DEC}C:\windows\syswow64\explorer.exe] => (Allow) C:\windows\syswow64\explorer.exe FirewallRules: [{3B56C2D0-B889-48B5-9FD5-D52288824B8A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{217699BB-A46F-4436-9C36-2D4674361CC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C0EAC819-EDF3-469F-8CDA-3D94D382C344}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{05C3BEE0-1E31-4279-92F7-FC3D80448CBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{87E2F51C-D1F0-4A37-96A4-2FBF8B8CC4D4}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe FirewallRules: [{549D123F-F364-43D7-A605-1B884BC9C586}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{1E88ABE8-5AE4-4462-8498-A63963E55A96}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{D6945124-9762-49A3-B4D0-AE93D7C5B564}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe FirewallRules: [{4338E81C-7076-4F6E-ACE2-5A7DF039D722}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe FirewallRules: [{54348E31-FF81-481C-920B-D022CB5A4742}] => (Allow) LPort=80 FirewallRules: [TCP Query User{7C99C0CF-30B6-4640-A620-95CE78540300}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{BEA5EA28-EAFF-4361-8A22-D5DC0E560219}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{48AABEEE-0964-48D1-B72A-27523C35FDB1}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{4AFB1690-AB25-4865-AB1B-6D43BDADC461}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [TCP Query User{32573B9D-F9AD-4D48-8AB7-69174446C0B0}C:\users\laptop\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\laptop\appdata\local\popcorn-time\popcorn-time.exe FirewallRules: [UDP Query User{2EAF63A4-E8D4-4C2C-B323-D2076C4A41BC}C:\users\laptop\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\laptop\appdata\local\popcorn-time\popcorn-time.exe FirewallRules: [{9CECB09F-05A0-4893-B0B3-A41E8FFE085F}] => (Allow) C:\Program Files (x86)\Hide ALL IP\HideALLIP.exe FirewallRules: [{ECEBA9B4-3EAF-4B56-B5F3-355A9CD3A193}] => (Allow) C:\Program Files (x86)\Hide ALL IP\HideALLIP.exe FirewallRules: [{47983717-95A2-417C-A72E-4555B77CB73E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe FirewallRules: [{6F969305-6BBC-4AAB-8C6D-EFFA4E7983CC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe FirewallRules: [{FD2A7CC7-2F75-4CAD-A60D-045F4AA16B25}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DBDownloader.exe FirewallRules: [{DE63CB8F-58ED-4044-BAD9-6F4D64F69267}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DBDownloader.exe FirewallRules: [{A36589FE-305A-4BCB-863F-895C91AFCF3E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\AutoUpdate.exe FirewallRules: [{43E91CFD-7B2F-4125-AB9E-11B7147BE8D5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\AutoUpdate.exe FirewallRules: [{060F56A1-4EB0-45B1-B65B-F5CF08F6EE6A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe FirewallRules: [{FB8BC5A2-3D11-4C84-B8CC-D12F378A37E1}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe FirewallRules: [{A14B9C08-40C7-4442-9BA0-8718E825E01F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe FirewallRules: [{CB40DB64-0DA7-41E9-A845-DF36FB28FC51}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe FirewallRules: [{380F063E-0CC2-42F4-A4E4-8FF5125CC08C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{A153FE85-D797-43A9-ADF0-516C3FE84C45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{7EA5778C-C301-44A3-B8C7-A66A1B364716}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{17A717B8-6DEB-483D-8D72-D08D952EC728}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{48BDE863-56C6-47F6-952D-94EF8BCEB7B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{5E8B6879-7B98-442C-85A1-3F35D201FF61}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{DEC3DFC2-F045-4913-A149-7021EF7AEFB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{47B02C9C-C6A5-4D16-9041-BA7438EE6BA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{F7B367FB-C8AC-4FD9-BE3C-B0A222BF2EDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{04249A0A-DE00-4EF2-8FAA-1B65E2F3E7B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.82.454.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{B4F47FD6-01C7-46F6-9C97-8B563F790BAF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 11-06-2018 15:44:15 Windows Update 13-06-2018 01:18:44 Installed CircularProgressBarSetUp ==================== Defecte Apparaatbeheer Apparaten ============= Name: ExpressVPN Tap Adapter Description: ExpressVPN Tap Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ExpressVPN Service: tapexpressvpn Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: TAP-VyprVPN Adapter V9 Description: TAP-VyprVPN Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-VyprVPN Provider V9 Service: tapvyprvpn Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (06/15/2018 03:54:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (06/15/2018 03:54:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/15/2018 03:50:47 PM) (Source: nssm) (EventID: 1018) (User: ) Description: Failed to read registry value AppDirectory: The operation completed successfully. Error: (06/15/2018 03:17:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-5MPV6GN) Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16299.492_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend. Error: (06/15/2018 03:16:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (06/15/2018 03:16:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/15/2018 03:15:01 PM) (Source: nssm) (EventID: 1018) (User: ) Description: Failed to read registry value AppDirectory: The operation completed successfully. Error: (06/15/2018 02:57:53 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Systeemfouten: ============= Error: (06/15/2018 03:54:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5MPV6GN) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-5MPV6GN\Laptop SID (S-1-5-21-3463537045-2426531621-2115468099-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (06/15/2018 03:51:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CG6Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (06/15/2018 03:51:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the CG6Service service to connect. Error: (06/15/2018 03:51:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (06/15/2018 03:51:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (06/15/2018 03:51:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (06/15/2018 03:51:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (06/15/2018 03:50:45 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: The driver detected an internal driver error on \Device\VBoxNetLwf. Windows Defender: =================================== Date: 2018-06-02 21:36:17.676 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Bluteal.B!rfn&threatid=2147727314&enterprise=0 Name: Trojan:Win32/Bluteal.B!rfn ID: 2147727314 Severity: Ernstig Category: Trojaans paard Path: file:_C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vde5ed89a#\457b4a4c20bed2246e03f1f9e5eaa1a5\Microsoft.VisualStudio.Utilities.Internal.ni.dll Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\VSIXAutoUpdate.exe Signature Version: AV: 1.269.412.0, AS: 1.269.412.0, NIS: 1.269.412.0 Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4 Date: 2018-05-30 17:26:16.272 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Bluteal.B!rfn&threatid=2147727314&enterprise=0 Name: Trojan:Win32/Bluteal.B!rfn ID: 2147727314 Severity: Ernstig Category: Trojaans paard Path: file:_C:\Users\Laptop\Downloads\CyberGhost VPN v6.5.2\CyberGhost VPN v6.5.2\Crack\stop.service.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\SearchProtocolHost.exe Signature Version: AV: 1.269.149.0, AS: 1.269.149.0, NIS: 1.269.149.0 Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4 Date: 2018-05-30 17:24:59.077 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.B&threatid=2147725576&enterprise=0 Name: Trojan:Win32/Occamy.B ID: 2147725576 Severity: Ernstig Category: Trojaans paard Path: file:_C:\Users\Laptop\Downloads\incomplete\CyberGhost VPN v6.5.2\__unpack\CyberGhost VPN v6.5.2\Crack\CyberGhost.Service.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Users\Laptop\AppData\Local\Spotnet\app-2.0.0.276\Spotnet.exe Signature Version: AV: 1.269.149.0, AS: 1.269.149.0, NIS: 1.269.149.0 Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4 Date: 2018-05-30 17:24:40.122 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.B&threatid=2147725576&enterprise=0 Name: Trojan:Win32/Occamy.B ID: 2147725576 Severity: Ernstig Category: Trojaans paard Path: file:_C:\Users\Laptop\Downloads\incomplete\CyberGhost VPN v6.5.2\__unpack\CyberGhost VPN v6.5.2\Crack\CyberGhost.Service.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Users\Laptop\AppData\Local\Spotnet\app-2.0.0.276\Spotnet.exe Signature Version: AV: 1.269.149.0, AS: 1.269.149.0, NIS: 1.269.149.0 Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4 Date: 2018-05-30 17:23:09.350 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Bluteal.B!rfn&threatid=2147727314&enterprise=0 Name: Trojan:Win32/Bluteal.B!rfn ID: 2147727314 Severity: Ernstig Category: Trojaans paard Path: file:_C:\Users\Laptop\Downloads\incomplete\CyberGhost VPN v6.5.2\__unpack\CyberGhost VPN v6.5.2\Crack\stop.service.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Users\Laptop\AppData\Local\Spotnet\app-2.0.0.276\UnRAR.exe Signature Version: AV: 1.269.149.0, AS: 1.269.149.0, NIS: 1.269.149.0 Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4 Date: 2018-04-25 19:22:16.150 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: 1.267.346.0 Previous Signature Version: 1.267.267.0 Update Source: Signature Update Folder Signature Type: AntiSpyware Update Type: Delta Current Engine Version: 1.1.14800.3 Previous Engine Version: 1.1.14800.3 Error code: 0x80004004 Error description: De bewerking is afgebroken Date: 2018-04-25 19:22:16.150 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: 1.267.346.0 Previous Signature Version: 1.267.267.0 Update Source: Signature Update Folder Signature Type: AntiVirus Update Type: Delta Current Engine Version: 1.1.14800.3 Previous Engine Version: 1.1.14800.3 Error code: 0x80004004 Error description: De bewerking is afgebroken Date: 2018-03-12 21:41:09.583 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.263.113.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14600.4 Error code: 0x80072ee2 Error description: Er heeft een time-out van de bewerking plaatsgevonden. Date: 2018-03-12 21:41:09.582 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 118.2.0.0 Update Source: Microsoft Malware Protection Center Signature Type: Network Inspection System Update Type: Full Current Engine Version: Previous Engine Version: 2.1.14202.0 Error code: 0x80072ee2 Error description: Er heeft een time-out van de bewerking plaatsgevonden. Date: 2018-03-12 21:40:06.421 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.263.113.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14600.4 Error code: 0x80072ee2 Error description: Er heeft een time-out van de bewerking plaatsgevonden. CodeIntegrity: =================================== Date: 2018-06-15 14:29:56.517 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-15 00:41:58.119 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-13 19:54:08.726 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-13 19:54:08.724 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-13 19:45:41.485 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-13 19:45:41.482 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-13 19:27:36.657 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-13 19:27:36.654 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz Percentage geheugen in gebruik: 66% Totaal fysiek RAM-geheugen: 3957.86 MB Beschikbaar fysiek RAM-geheugen: 1340.16 MB Totaal Virtueel geheugen: 5749.86 MB Beschikbaar Virtueel geheugen: 2342.72 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:368.01 GB) (Free:241.06 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)] Drive e: () (Fixed) (Total:97.66 GB) (Free:97.41 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 89E71103) Partition 1: (Active) - (Size=368 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================