Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 01.12.2018 01 Gestart door Roland (05-12-2018 11:36:49) Gestart vanaf C:\Users\Roland\Downloads Windows 10 Home Versie 1803 17134.407 (X64) (2018-05-06 10:12:08) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-120023997-1235638858-2264277592-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-120023997-1235638858-2264277592-503 - Limited - Disabled) Gast (S-1-5-21-120023997-1235638858-2264277592-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-120023997-1235638858-2264277592-1003 - Limited - Enabled) macht_000 (S-1-5-21-120023997-1235638858-2264277592-1004 - Limited - Enabled) => C:\Users\macht_000 Roland (S-1-5-21-120023997-1235638858-2264277592-1001 - Administrator - Enabled) => C:\Users\Roland WDAGUtilityAccount (S-1-5-21-120023997-1235638858-2264277592-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated) Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated) Any Audio Converter 6.2.5 (HKLM-x32\...\Any Audio Converter) (Version: 6.2.5 - Anvsoft) Apowersoft Online Launcher versie 1.7.0 (HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.0 - APOWERSOFT LIMITED) Ashampoo Burning Studio 19 (HKLM-x32\...\{91B33C97-BA3F-5C99-C2A6-0EB17CC9054B}_is1) (Version: 19.0.2 - Ashampoo GmbH & Co. KG) Ashampoo Photo Optimizer 6 (HKLM-x32\...\{91B33C97-546E-E89A-9F44-0BB2D57DBE96}_is1) (Version: 6.0.20 - Ashampoo GmbH & Co. KG) Ashampoo Slideshow Studio HD 4 (HKLM-x32\...\{91B33C97-69A7-95EF-82EA-AAEAA76D338D}_is1) (Version: 4.0.8 - Ashampoo GmbH & Co. KG) Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team) Belgium e-ID middleware 4.3.2 (build 3551) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73551}) (Version: 4.3.3551 - Belgian Government) Canon Camera Access Library (HKLM-x32\...\CAL) (Version: 8.1.1.17 - ) Canon Camera Support Core Library (HKLM-x32\...\CSCLIB) (Version: 7.3.1.6 - ) Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC5) (Version: 5.4.5.17 - ) Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.2.0.8 - ) Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowMC) (Version: 6.1.0.7 - ) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.2.0.5 - ) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.4.2.6 - ) Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - ) Canon MG2100 series On-screen Manual (HKLM-x32\...\Canon MG2100 series On-screen Manual) (Version: - ) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 2.4.0.7 - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) Canon Utilities Digital Photo Professional 2.2 (HKLM-x32\...\DPP) (Version: 2.2.0.1 - ) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 1.1.0.8 - ) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.18.42 - ) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 5.7.0.74 - ) CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP) Compatibiliteitspakket voor het 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) Dropbox (HKLM-x32\...\Dropbox) (Version: 62.4.103 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden Evernote v. 4.6.7 (HKLM-x32\...\{A6563D7C-F3AD-11E2-A4DB-984BE15F174E}) (Version: 4.6.7.8409 - Evernote Corp.) Facebook Gameroom 1.9.6443.18496 (HKLM-x32\...\{2BA6B7D9-1D15-44FE-BC95-94FA4DB19B75}) (Version: 1.9.6443.18496 - Facebook) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.2.0.9297 - Foxit Software Inc.) Freemake Audio Converter versie 1.1.8 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation) Gebruikersregistratie voor Canon MG2100 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG2100 series) (Version: - ) GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.) Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.) IconToolkit 8.1 (HKLM-x32\...\IconToolkit) (Version: 8.1 - Seanau.com) Image Resizer for Windows (64 bit) (HKLM\...\{2A1F3759-5792-469B-B895-7E29680F02F1}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{92916BDF-74CB-479C-B69E-32EACB074FFE}) (Version: 3.1.1.0 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{c624f5da-779e-4ccb-9ce1-34bc5ef0a6b9}) (Version: 3.1.1.0 - Brice Lambson) InPixio Photo Clip 8 Demo (HKLM-x32\...\{9F45A8A5-0487-4aa6-A67E-46E103C927AD}) (Version: 8.00 - InPixio) Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.135.1 - Intel Security) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) MAGIX Content en soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Photo Designer 7 (HKLM\...\{EE0CEB2B-552C-49DE-B61F-B64E0DF170F7}) (Version: 7.0.1.1 - MAGIX Software GmbH) Hidden MAGIX Photo Designer 7 (HKLM-x32\...\MX.{EE0CEB2B-552C-49DE-B61F-B64E0DF170F7}) (Version: 7.0.1.1 - MAGIX Software GmbH) MAGIX Soundpool Music Maker - Feel good (HKLM\...\{DFEE4333-B802-4E27-9521-2D9E970B7813}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden Master PDF Editor 5.1.36 (HKLM\...\Master PDF Editor 5.1.36_is1) (Version: 5.1.36 - Code Industry Ltd.) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden MergeModule_x86 (HKLM-x32\...\{42251A8D-C4AE-4D3B-8A50-948CB98A0969}) (Version: 10.5.00 - Sony Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Dutch) (HKLM-x32\...\{95120000-00AF-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Editie 2003 (HKLM-x32\...\{91110413-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation) Microsoft ReportViewer 2010 Redistributable (HKLM-x32\...\{C19B3EB6-B54C-3204-A4DF-88432E0C79F7}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Mozilla Firefox 63.0.3 (x64 nl) (HKLM\...\Mozilla Firefox 63.0.3 (x64 nl)) (Version: 63.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla) Mozilla Thunderbird 60.3.2 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 60.3.2 (x86 nl)) (Version: 60.3.2 - Mozilla) MPC-BE x64 1.4.3.5823 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.4.3.5823 - MPC-BE Team) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) PhotoFiltre 7 (HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\PhotoFiltre 7) (Version: - ) PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 4.18 - NCH Software) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 5.15 - NCH Software) Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: 5.14 - NCH Software) PlayMemories Home (HKLM-x32\...\{D3981248-DBE7-4050-B666-A7FE5AFFC62C}) (Version: 5.5.01.05091 - Sony Corporation) PMB_ModeEditor (HKLM-x32\...\{E95982CA-945F-41F2-B156-A603897AB242}) (Version: 10.3.00 - Sony Corporation) Hidden PMB_ServiceUploader (HKLM-x32\...\{7D3A0097-9E0E-4073-801C-295BBDAEAED8}) (Version: 10.5.01 - Sony Corporation) Hidden Python 2.7.8 (64-bit) (HKLM\...\{61121B12-88BD-4261-A6EE-AB32610A56DE}) (Version: 2.7.8150 - Python Software Foundation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7818 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Stickies 9.0d (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 5.12 - NCH Software) SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 8.5.62.0 - 2BrightSparks) SyncBackPro x64 (HKLM-x32\...\SyncBackPro64_is1_is1) (Version: 8.3.6.0 - 2BrightSparks) TomTom HOME (HKLM-x32\...\{0E778C56-3A87-497E-BEF0-EF0D3EE4871C}) (Version: 2.10.2 - Uw bedrijfsnaam) TomTom HOME (HKLM-x32\...\{A9ECD2CC-CFC1-4537-88F8-3B540822FD67}) (Version: 2.11.2 - Uw bedrijfsnaam) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation) VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 6.29 - NCH Software) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Vita Concert Grand LE (HKLM\...\{BFA88ABE-D175-42C7-B374-92A2D9333CAB}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN) WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.63 - NCH Software) Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-07-12] (Foxit Software Inc.) ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-05-26] (Brice Lambson) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2017-10-18] () ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-28] (Dropbox, Inc.) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-13] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] () ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-07-12] (Foxit Software Inc.) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0C1B0868-9424-4470-8C4A-D8F2175D8565} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20] (Adobe Systems Incorporated) Task: {195A65A0-AC7D-4F77-B108-7AA089BEB6E4} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Roland) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe Task: {21551663-7EE7-44D5-ACF0-B075A63B9288} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation) Task: {2341C415-58A5-4B72-97CE-61521736A036} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-05-13] (Realtek Semiconductor) Task: {2ADA22D4-7135-499B-BEB4-2F820766E289} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-18] (Google Inc.) Task: {31CA3892-E6D7-425C-AB04-31E44FE14B51} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-roland_moens@msn.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated) Task: {40F741D6-EAA8-4300-BD39-8FB03060C300} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-120023997-1235638858-2264277592-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited) Task: {46F14CBB-E062-4BAF-8099-12C75F2E11DC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-26] (Dropbox, Inc.) Task: {472643E6-3B91-4AF9-B58F-B9A4981FA6B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation) Task: {4735F90C-0FDA-4D3C-BFD6-7824EC595A74} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-28] (Piriform Ltd) Task: {51032652-D3A5-4250-9A26-5C5EF5D11D21} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-18] (Google Inc.) Task: {5575BEC5-FF79-4F67-B2EC-E419CAEB5339} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-28] (Piriform Software Ltd) Task: {5823116C-728D-426E-A841-10DCD8FF7977} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {7B34E501-7308-488C-9D7D-DBC1AE54835A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation) Task: {8A1A93D4-505B-4321-87B8-3B17C9EBBF21} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-20] (Adobe Systems Incorporated) Task: {9F93B932-62F1-4B3C-87F7-689A3448F56F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-10-26] (Dropbox, Inc.) Task: {A97B6663-4C3D-413B-B18C-0FCDB3520858} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [2017-08-02] (MAGIX Software GmbH) Task: {C2D1D471-466A-4EF8-8019-3B5F68751F0E} - System32\Tasks\update-S-1-5-21-120023997-1235638858-2264277592-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) Task: {C3323FE8-1794-468C-A1A3-38FF0AFE2B07} - System32\Tasks\DriverUpdate Scan => C:\Program Files\DriverUpdate\DriverUpdate.exe Task: {C633D232-C1C7-4051-B38D-11872F28D138} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation) Task: {CF5A9FA9-5A93-4B37-B9B6-2D81CBB3A29C} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-roland_moens@msn.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {F0D7BF23-EA6E-460D-BDB6-F91819213D0E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-12-01] (AVAST Software) Task: {FFB8C973-66F6-47D0-BBB1-F70E6D97CE5B} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: ) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-120023997-1235638858-2264277592-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2017-10-15 08:46 - 2009-01-12 07:15 - 000082872 _____ () C:\WINDOWS\SysWOW64\NMSAccess64.exe 2016-07-28 13:14 - 2011-02-07 08:56 - 000138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll 2018-03-05 19:47 - 2018-03-05 19:47 - 000614848 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-03-13 23:20 - 2017-03-13 23:20 - 000410616 _____ () C:\WINDOWS\system32\igfxTray.exe 2018-11-14 09:34 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-30 12:47 - 2018-10-30 12:47 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-11-14 10:32 - 2018-11-14 10:32 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-11-14 10:32 - 2018-11-14 10:32 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-11-14 10:32 - 2018-11-14 10:32 - 010873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-11-14 10:32 - 2018-11-14 10:32 - 002834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll 2018-11-14 10:32 - 2018-11-14 10:32 - 000685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-08-01 08:40 - 2018-08-01 08:40 - 000016896 _____ () C:\Program Files\WindowsApps\22450.ImageResizerforWindows10_1.1.0.0_x64__0aqw1zw0x2snt\huaImageResizer.exe 2018-08-01 08:40 - 2018-08-01 08:40 - 013667840 _____ () C:\Program Files\WindowsApps\22450.ImageResizerforWindows10_1.1.0.0_x64__0aqw1zw0x2snt\huaImageResizer.dll 2018-11-14 10:32 - 2018-11-14 10:32 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\100sexlinks.com -> 100sexlinks.com Er zijn 4788 Meer websites. ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2016-12-16 10:57 - 2017-12-25 16:25 - 000000830 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-120023997-1235638858-2264277592-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roland\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSC02093_1_bew.JPG DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. MSCONFIG\Services: avgsvc => 2 MSCONFIG\Services: FoxitReaderService => 3 MSCONFIG\Services: TuneUp.UtilitiesSvc => 2 HKLM\...\StartupApproved\StartupFolder: => "Stickies.lnk" HKLM\...\StartupApproved\Run: => "RtHDVBg" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher" HKLM\...\StartupApproved\Run32: => "iSkysoft Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "Lightshot" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\StartupFolder: => "Stickies.lnk" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Roland\AppData\Local\Microsoft\OneDrive\17.3.5892.0626" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Roland\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\Run: => "vidnotifier.exe" HKU\S-1-5-21-120023997-1235638858-2264277592-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{8D7C3E21-F8C3-4D85-B144-7A660FECF547}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{066E41C4-69D9-40C5-9B58-09217A295E2A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B69E6671-A17C-4A8F-A6C0-79DDE1C86058}] => (Block) LPort=445 FirewallRules: [{EBB2A9A8-AE10-4381-975C-494F5BA4E287}] => (Block) LPort=445 FirewallRules: [{73ECFDA0-7AF8-4890-BAB3-4C06E201A1D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B01E4421-A045-4CF4-B269-AAF8D480F6AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{22FBACF9-8556-4B6B-AF2D-65C01DBC8929}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{0B01DA94-817D-4D7D-BF94-8D65C1C91D4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{52DA18F3-EFEC-4575-B7D9-7426540306B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{ECA5A630-74E0-4A47-A7F0-20500A810DEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{28B6EA6C-D944-4B21-95D9-AE6975E2B204}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{29831A32-1403-4CBE-8AED-FB3595459229}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{3F719091-D6DF-4F9E-A2AF-5371EDD7C857}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{4ACB42E3-8D51-4046-8740-D81E2B13A44B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{6395A62C-A539-4941-A754-57A2A7F6027B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{C1D925E7-08FA-4157-B6C5-FAC33656F974}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe ==================== Herstelpunten ========================= 28-11-2018 17:39:54 Installatieprogramma voor Windows-modules 29-11-2018 09:43:25 Installatieprogramma voor Windows-modules 30-11-2018 15:40:03 Installatieprogramma voor Windows-modules 03-12-2018 10:24:07 Installatieprogramma voor Windows-modules 03-12-2018 17:51:15 Removed DriverUpdate 03-12-2018 17:52:26 Removed DriverUpdate 03-12-2018 17:53:27 Removed SlimCleaner Plus 04-12-2018 11:57:28 Installatieprogramma voor Windows-modules 04-12-2018 12:13:52 Removed Belgium e-ID middleware 4.4.4 (build 3838) 04-12-2018 12:14:54 Removed Belgium e-ID viewer 4.2.11 (build 3344) ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (12/05/2018 11:37:52 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2118-11-11T10:37:52Z mislukt. Foutcode: 0x80070005. Error: (12/05/2018 11:37:22 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2118-11-11T10:37:22Z mislukt. Foutcode: 0x80070005. Error: (12/05/2018 11:36:52 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2118-11-11T10:36:52Z mislukt. Foutcode: 0x80070005. Error: (12/05/2018 11:36:17 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2118-11-11T10:36:17Z mislukt. Foutcode: 0x80070005. Error: (12/05/2018 11:35:47 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2118-11-11T10:35:47Z mislukt. Foutcode: 0x80070005. Error: (12/05/2018 11:35:17 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2118-11-11T10:35:17Z mislukt. Foutcode: 0x80070005. Error: (12/05/2018 11:34:47 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2118-11-11T10:34:46Z mislukt. Foutcode: 0x80070005. Error: (12/05/2018 11:34:16 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2118-11-11T10:34:16Z mislukt. Foutcode: 0x80070005. Systeemfouten: ============= Error: (12/05/2018 09:59:48 AM) (Source: DCOM) (EventID: 10016) (User: RMO) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker RMO\Roland SID (S-1-5-21-120023997-1235638858-2264277592-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/05/2018 09:35:04 AM) (Source: DCOM) (EventID: 10016) (User: RMO) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker RMO\Roland SID (S-1-5-21-120023997-1235638858-2264277592-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/05/2018 09:32:58 AM) (Source: DCOM) (EventID: 10016) (User: RMO) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} en APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} aan de gebruiker RMO\Roland SID (S-1-5-21-120023997-1235638858-2264277592-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/05/2018 09:32:29 AM) (Source: DCOM) (EventID: 10016) (User: RMO) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} en APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} aan de gebruiker RMO\Roland SID (S-1-5-21-120023997-1235638858-2264277592-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/05/2018 09:32:06 AM) (Source: DCOM) (EventID: 10010) (User: RMO) Description: De server {D63B10C5-BB46-4990-A94F-E40B9D520160} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (12/04/2018 06:10:49 PM) (Source: DCOM) (EventID: 10010) (User: RMO) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (12/04/2018 06:10:49 PM) (Source: DCOM) (EventID: 10010) (User: RMO) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (12/04/2018 06:10:49 PM) (Source: DCOM) (EventID: 10010) (User: RMO) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Windows Defender: =================================== Date: 2018-11-30 10:16:52.836 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {16F25018-460C-4DDA-8956-3B07CB82B7E1} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2018-11-27 17:06:18.877 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {CB144BC7-AC2C-46C8-B1BC-36CD2B9A14D0} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2018-11-27 08:55:15.944 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {F362CB7F-3E2C-464D-8551-159FB8205D95} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2018-11-26 17:04:37.809 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {8DBCEE3D-42EA-473E-9BE8-5B27FA9A7052} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2018-11-23 18:12:17.571 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {C31C40C6-39A1-434B-B2EE-07B67340B0F1} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM CodeIntegrity: =================================== Date: 2018-10-21 09:50:59.045 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll that did not meet the Microsoft signing level requirements. Date: 2018-10-21 09:50:59.039 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-19 10:08:51.647 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll that did not meet the Microsoft signing level requirements. Date: 2018-06-19 10:08:51.623 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Pentium(R) CPU G3220 @ 3.00GHz Percentage geheugen in gebruik: 64% Totaal fysiek RAM-geheugen: 3502.95 MB Beschikbaar fysiek RAM-geheugen: 1235.47 MB Totaal Virtueel geheugen: 7086.95 MB Beschikbaar Virtueel geheugen: 4272.32 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:919.68 GB) (Free:623.51 GB) NTFS \\?\Volume{5a7f2f9b-e98a-46a7-86b1-1516b182b574}\ (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.55 GB) NTFS \\?\Volume{7b919f3f-a4ca-4529-8334-b46b66cbb292}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS \\?\Volume{be5ff368-2f23-42ae-b1aa-ca3d7877dd4a}\ (PBR Image) (Fixed) (Total:8.74 GB) (Free:0.31 GB) NTFS \\?\Volume{78a2aba5-ccf5-4729-a98b-cd82ad4b41be}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 6526D9BB) Partition: GPT. ==================== Eind van Addition.txt ============================