Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 16.01.2019 01 Gestart door Pieter (17-01-2019 12:21:55) Gestart vanaf C:\Users\Pieter\Downloads Windows 10 Home Versie 1809 17763.253 (X64) (2018-11-19 06:42:21) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3783610813-3995635876-4157474929-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3783610813-3995635876-4157474929-503 - Limited - Disabled) Gast (S-1-5-21-3783610813-3995635876-4157474929-501 - Limited - Disabled) Pieter (S-1-5-21-3783610813-3995635876-4157474929-1001 - Administrator - Enabled) => C:\Users\Pieter WDAGUtilityAccount (S-1-5-21-3783610813-3995635876-4157474929-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Disabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Disabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) µTorrent (HKU\S-1-5-21-3783610813-3995635876-4157474929-1001\...\uTorrent) (Version: 3.5.5.44994 - BitTorrent Inc.) 7-Zip 18.06 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1806-000001000000}) (Version: 18.06.00.0 - Igor Pavlov) Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{2B2310B1-FBC0-4933-8C73-1CBAD0D7CA28}) (Version: 1.6 - Eyeo GmbH) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated) Adobe Shockwave Player 12.3 (HKLM-x32\...\{3BD13111-2F32-4AB7-B9BB-16E07C9AA894}) (Version: 12.3.4.204 - Adobe Systems, Inc) Ashampoo Slideshow Studio 2017 (HKLM-x32\...\{91B33C97-41EE-3DB7-1FDD-5308E332AC28}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG) AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.210.0 - Autodesk) Hidden AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0409-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD 2015 Language Pack - English (HKLM\...\{5783F2D7-E001-0409-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden AutoCAD 2015 VBA Enabler (HKLM\...\{FD0595A7-C560-4967-0133-ADCE7EE7644D}) (Version: 20.0.51.0 - Autodesk) Hidden Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.1.1.1001 - Autodesk) Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk) Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk) Autodesk AutoCAD 2015 - English SP2 (HKLM\...\AutoCAD 2015 - English SP2) (Version: 20.0.210.0 - Autodesk) Autodesk AutoCAD 2015 VBA Enabler (HKLM\...\AutoCAD 2015 VBA Enabler) (Version: 20.0.51.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk) Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk) Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk) Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk) Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.3.1.39 - Autodesk) Hidden Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk) AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.1.3075 - AVG Technologies) BleachBit (HKLM-x32\...\BleachBit) (Version: 2.0 - BleachBit) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version: - ) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd) DiskGenius 5.0.1 (HKLM\...\{2661F2FA-56A7-415D-8196-C4CB3D3ACFFE}_is1) (Version: - Eassos Co., Ltd.) Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.) ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.) Epic Privacy Browser (HKU\S-1-5-21-3783610813-3995635876-4157474929-1001\...\Epic) (Version: 62.0.3202.94 - Epic) Everything 1.4.1.928 (x64) (HKLM\...\Everything) (Version: 1.4.1.928 - David Carpenter) File Converter (64 bit) (HKLM\...\{FF320E22-8728-4314-8053-2FA56FE4CCB4}) (Version: 1.2.1 - Adrien Allard) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation) LockHunter 3.2, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft SharePoint Designer 2010 (HKLM-x32\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 64.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 64.0.2 (x64 nl)) (Version: 64.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla) Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden paint.net (HKLM\...\{E637E0EF-6EB3-44C4-97B8-6F9EA444D649}) (Version: 4.1.5 - dotPDN LLC) PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.10 - Tracker Software Products Ltd) PDF-XChange Editor (HKLM\...\{FCF7B5F2-5903-496E-A0FC-CF7D80F639E6}) (Version: 7.0.328.1 - Tracker Software Products (Canada) Ltd.) Hidden PDF-XChange Editor (HKLM-x32\...\{5522ed54-7bde-4d64-9a44-0b32399a111f}) (Version: 7.0.328.1 - Tracker Software Products (Canada) Ltd.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) Remembr version 1.1.1 (HKLM-x32\...\{0D9815CB-32F7-4842-8D16-5E411FA919C0}_is1) (Version: 1.1.1 - SingularLabs) Restore Point Creator version 7.1 (HKLM\...\{CC48DE1C-8EC2-43BC-9201-29701CD9AE13}_is1) (Version: 7.1 - ) Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0000-0000-0000000FF1CE}_Office14.SharePointDesigner_{8B883A57-E4BC-4745-8E6C-68168850F9DD}) (Version: - Microsoft) SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk) Snagit 13 (HKLM-x32\...\{4fcd74bf-76ca-4f48-bfe4-5b444eccb4a3}) (Version: 13.0.2.6653 - TechSmith Corporation) Snagit 13 (HKLM-x32\...\{98426CCE-210A-4416-8578-A0D470A0065A}) (Version: 13.0.2 - TechSmith Corporation) Hidden SnailDriver version 1.0.0.4 (HKLM-x32\...\{3189DA22-4E71-4794-9F3D-39A3DE0062DE}_is1) (Version: 1.0.0.4 - SnailSuite) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer) Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.) Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland) Update for Skype for Business 2016 (KB4461586) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D3BC3593-9260-47AD-9EC8-8DEB8668956D}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4461586) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D3BC3593-9260-47AD-9EC8-8DEB8668956D}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4461586) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.VISPRO_{D3BC3593-9260-47AD-9EC8-8DEB8668956D}) (Version: - Microsoft) Update for Skype for Business 2016 (KB4461586) 64-Bit Edition (HKLM\...\{90160000-012B-0413-1000-0000000FF1CE}_Office16.PROPLUS_{D3BC3593-9260-47AD-9EC8-8DEB8668956D}) (Version: - Microsoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN) Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.12.1.0 - Winaero) Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com) Wise Disk Cleaner 10.1.5 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.1.5 - WiseCleaner.com, Inc.) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3783610813-3995635876-4157474929-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3783610813-3995635876-4157474929-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-3783610813-3995635876-4157474929-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-01-04] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [FileConverterExtension] -> {af9b72b5-f4e4-44b0-a3d9-b55b748efe90} => C:\WINDOWS\system32\mscoree.dll [2018-09-15] (Microsoft Corporation) ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd) ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2018-12-16] (Tracker Software Products (Canada) Ltd.) ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 13\DLLx64\SnagitShellExt64.dll [2016-08-15] (TechSmith Corporation) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (Disc Soft Ltd) ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (Disc Soft Ltd) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd) ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 13\DLLx64\SnagitShellExt64.dll [2016-08-15] (TechSmith Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d8ca5f86add535ef\igfxDTCM.dll [2018-07-10] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-11-16] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-01-04] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-08-18] (Open-Shell) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {04F8398A-DF1E-47DA-A0C5-1749A0FD2274} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-19] (Microsoft Corporation) Task: {1BB44D52-8C38-4DDB-A326-5E7B8F599D52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-19] (Microsoft Corporation) Task: {349EA192-C94B-4CA1-980C-AB41C077DEBC} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Delete old Restore Points) (For User Pieter) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-07-24] () Task: {4117143A-CDD5-4B1D-A048-547D4249359D} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Custom Restore Point) (For User Pieter) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-07-24] () Task: {42A2D7C3-23F5-47CB-9BBA-22D7D1A82749} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.) Task: {467D3509-38C1-4884-B70C-26C292CB78E3} - System32\Tasks\SnailDriverSkipUSC => C:\Program Files (x86)\SnailSuite\SnailDriver\SnailLaunch.exe [2017-03-14] (SnailDrivers) Task: {50FE8177-F43E-47E7-82D1-51AB05D501FF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated) Task: {554D0116-D287-405F-9478-8BE2759AEA5A} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-01-16] (AVG Technologies CZ, s.r.o.) Task: {5D69E6EF-4588-4A44-9D40-603918CCF9FE} - System32\Tasks\Patch My PC => C:\_Apart\PatchMyPC.exe [2019-01-01] (Patch My PC, LLC) Task: {5EC726E3-3A96-4C58-810E-4560859B2E7A} - System32\Tasks\Optimize Thumbnail Cache Files => wscript.exe //nologo //E:jscript //B C:\ProgramData\InstallShield\Update\isuspm.ini <==== AANDACHT Task: {72129E6B-46BE-4DBC-9058-CBB440B044A0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated) Task: {8059A882-9A84-48E7-BF5A-A5A16207D219} - System32\Tasks\SnailDriverSkipUAC => C:\Program Files (x86)\SnailSuite\SnailDriver\SnailDriver.exe [2016-09-17] (TODO: <公司名>) Task: {89397DD2-D3D9-4F78-B820-973741315FA6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-19] (Google Inc.) Task: {93AE7A32-1FBC-419A-BED3-5B1DF6AD0B7F} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (For User Pieter) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-07-24] () Task: {B04D068F-BFB6-410C-B326-733682A18275} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Keep X Number of Restore Points) (For User Pieter) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-07-24] () Task: {B2D7B37D-4B77-4F27-8A32-EDD70614E6EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-19] (Microsoft Corporation) Task: {B3C32E64-0459-4B2F-BBAC-FA99C025FCB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-19] (Microsoft Corporation) Task: {BAAFD101-4341-44D2-BB92-81FEE59BDC66} - System32\Tasks\Wise Disk Cleaner Schedule Task => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [2019-01-08] (WiseCleaner.com) Task: {D4F3E55B-503B-49F3-8494-94BBFD5C6576} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd) Task: {D77D622C-E697-4E5B-9730-61962A189794} - System32\Tasks\S-1-5-21-3783610813-3995635876-4157474929-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Corporation) Task: {D8C58536-B0E4-43FD-B554-14905A33FF85} - System32\Tasks\InstallShield® Update Service Scheduler => C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe [2017-01-18] (InstallShield®) Task: {D924B730-EE24-4349-9A40-20B1A08323D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd) Task: {EF25E0D7-90F8-4498-9DD7-0061B2BDD2E1} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2019-01-04] (AVG Technologies CZ, s.r.o.) Task: {F6C91AE2-4A69-4714-8225-5F32FF70C1E4} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2016-03-28] (TechSmith Corporation) Task: {F6E3DCB2-5CFD-462D-9CEA-22BF205823D5} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Restore Point) (For User Pieter) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-07-24] () Task: {FB41277D-86DB-4B85-B78D-6D128DD9CBFB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\Pieter\Desktop\Klembord_Leeg.lnk -> D:\Users\BASIC\Documents\Gegevens Info (PC Info alleman)\Piet & Maria\Klembord_Leegmaken.bat () ==================== Geladen Modules (gefilterd) ============== 2016-01-27 05:04 - 2016-01-27 05:04 - 000163328 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe 2018-11-24 09:17 - 2018-11-24 09:17 - 000003584 _____ () C:\WINDOWS\SECOH-QAD.dll 2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-09-15 17:45 - 2018-09-15 17:45 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-11-18 22:58 - 2018-11-18 22:58 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-11-18 22:58 - 2018-11-18 22:59 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-12-22 08:12 - 2018-07-06 19:41 - 001198080 _____ () C:\Program Files (x86)\Remembr\Remembr.exe 2019-01-04 09:37 - 2019-01-04 09:37 - 093696960 _____ () C:\Program Files\AVG\Antivirus\libcef.dll 2019-01-04 09:37 - 2019-01-04 09:37 - 000662960 _____ () C:\Program Files\AVG\Antivirus\streamback.dll 2018-12-10 11:09 - 2018-12-10 11:09 - 000107200 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2015-07-30 03:32 - 2015-07-30 03:32 - 002210480 _____ () C:\Program Files\Microsoft Office\Office16\tmpod.dll 2018-06-13 08:50 - 2018-06-13 08:50 - 001471152 _____ () C:\Program Files\Microsoft Office\Office16\ADDINS\UmOutlookAddin.dll 2015-07-31 09:58 - 2015-07-31 09:58 - 000588968 _____ () C:\Program Files\Microsoft Office\Office16\msfad.dll 2018-11-18 22:56 - 2018-11-18 22:57 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2018-11-18 22:56 - 2018-11-18 22:57 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-11-18 22:56 - 2018-11-18 22:57 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-11-18 22:55 - 2018-11-18 23:00 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-11-18 22:55 - 2018-11-18 22:59 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-11-18 22:55 - 2018-11-18 22:59 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-11-18 22:55 - 2018-11-18 22:57 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-11-18 22:55 - 2018-11-18 23:00 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-09-15 17:47 - 2018-09-15 17:47 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 ____N () C:\Windows\ShellExperiences\TileControl.dll 2018-12-07 08:06 - 2018-12-07 08:06 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-08-15 14:37 - 2016-08-15 14:37 - 008968192 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\opencv_core300.dll 2016-08-15 14:39 - 2016-08-15 14:39 - 000601088 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\fontconfig.dll 2016-08-15 14:39 - 2016-08-15 14:39 - 001152512 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\cairo.dll 2016-08-15 14:37 - 2016-08-15 14:37 - 020629504 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\opencv_imgproc300.dll 2016-08-15 14:39 - 2016-08-15 14:39 - 001015296 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\libxml2.dll 2016-08-15 14:39 - 2016-08-15 14:39 - 000023552 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\iconv.dll 2016-08-15 14:39 - 2016-08-15 14:39 - 000588288 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\pixman-1.dll 2016-08-15 14:39 - 2016-08-15 14:39 - 000165888 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\libpng16.dll 2016-08-15 14:39 - 2016-08-15 14:39 - 000071680 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\zlib1.dll 2016-08-15 14:39 - 2016-08-15 14:39 - 000778240 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\harfbuzz.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) HKU\S-1-5-21-3783610813-3995635876-4157474929-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1" ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: ========================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2018-11-19 05:54 - 2019-01-17 05:23 - 000002103 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Universal Extractor;C:\Program Files (x86)\Universal Extractor\bin HKU\S-1-5-21-3783610813-3995635876-4157474929-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKLM\...\StartupApproved\Run: => "Everything" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "ADSKAppManager" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{12098301-90A0-4CAF-A2DE-54A14C9C8FA1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{DE007552-7F6D-4E77-8B94-299EC6DC820E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{4C270FBB-F9EF-4CD1-A232-5E58E4EE7D6D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) FirewallRules: [{1B9E79E7-DC72-4C12-B28E-6C1CED1B2FF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) FirewallRules: [{859D53AE-0BAA-42A6-B9D4-77FEF3EC48FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) FirewallRules: [{45C4E5CC-75CB-402B-BFD3-9D84407BFEF3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) FirewallRules: [{68E88B9D-1E0A-416F-A9B3-161A4E1509F2}] => (Allow) C:\Users\Pieter\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{41FF2865-6CB9-4E50-809A-E470A80DA025}] => (Allow) C:\Users\Pieter\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) FirewallRules: [{F8FD9FBA-FD38-4D78-871F-FE08873FDFD2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation) FirewallRules: [{7A867EF1-B4FD-4535-B055-81C7C712F217}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation) FirewallRules: [{5058B47F-ADBC-43B7-AABD-C217472191AB}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation) FirewallRules: [{99B61997-EA53-43C0-9E6F-5A75E14A77BD}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation) FirewallRules: [{2A12C2FC-B09E-42BC-A605-ECC78944EFD9}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd) FirewallRules: [{85A3F449-EE9C-4A05-8165-4FDFCE1497B6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{8B103C4D-37E6-4248-8EAE-752B38E3E188}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{77166C1B-6842-4D86-8A60-0390FDF059D1}] => (Allow) LPort=50248 FirewallRules: [{8D3CC935-8DC9-40C3-A2E8-D97F168A5D8C}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation) FirewallRules: [{B837E57A-8A5D-4D0F-A29A-B2C9D2E4FFD2}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation) FirewallRules: [{332ECB8C-CC61-473D-A737-35E2BDC92EA5}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation) FirewallRules: [{8A6B5ABD-8E47-48F9-8CC2-3F3E5EF4D069}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation) FirewallRules: [{629F4EEE-A144-4326-AB56-F12F0860F692}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies CZ, s.r.o.) FirewallRules: [{A3AA096E-2A96-4D27-8511-0F7B11ECFAD4}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies CZ, s.r.o.) FirewallRules: [{1DCEC033-3DFB-4DF3-B0E0-2BA0CECF1249}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) FirewallRules: [{75D64D93-F9DE-4E8E-B08D-012FDA40B1C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) FirewallRules: [{ECA79F7E-E4DD-4A4A-95D7-5DDB3F69C928}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) FirewallRules: [{4880AA11-C0E2-4F3F-9E24-8D7E89F1645C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) FirewallRules: [{C50300BB-4AE8-46F6-864D-2A541B2C1A34}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH) FirewallRules: [{419E5EEF-EB8A-439E-8982-B4518F186D91}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{BD68EF3E-6100-4CEA-9991-2700095ECBFE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd) FirewallRules: [{5E497941-E3B7-419D-9E39-0FCA82992E8A}] => (Allow) LPort=8298 FirewallRules: [{0F9E3947-82BF-4166-921D-29967C74DE5D}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies CZ, s.r.o.) FirewallRules: [{6DD48E23-7053-4084-BE7E-A1A1807EC0E0}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies CZ, s.r.o.) ==================== Herstelpunten ========================= 03-01-2019 09:18:44 Created by Wise Disk Cleaner 06-01-2019 08:50:37 Created by Wise Disk Cleaner 07-01-2019 09:32:13 Created by Wise Disk Cleaner 08-01-2019 12:32:24 Created by Wise Disk Cleaner 09-01-2019 08:16:01 Created by Wise Disk Cleaner 10-01-2019 15:00:42 Created by Wise Disk Cleaner 15-01-2019 08:17:29 Installed AppNHost 1.0.5.1 15-01-2019 09:23:38 Created by Wise Disk Cleaner 15-01-2019 09:24:39 Removed AppNHost 1.0.5.1 ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (01/17/2019 12:21:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2019-02-16T04:23:51Z mislukt. Foutcode: 0x80070002. Error: (01/17/2019 12:21:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2019-02-16T04:24:21Z mislukt. Foutcode: 0x80070002. Error: (01/17/2019 12:20:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2019-02-16T04:23:51Z mislukt. Foutcode: 0x80070002. Error: (01/17/2019 12:20:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2019-02-16T04:24:21Z mislukt. Foutcode: 0x80070002. Error: (01/17/2019 12:19:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2019-02-16T04:23:51Z mislukt. Foutcode: 0x80070002. Error: (01/17/2019 12:19:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2019-02-16T04:24:21Z mislukt. Foutcode: 0x80070002. Error: (01/17/2019 12:18:51 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2019-02-16T04:23:51Z mislukt. Foutcode: 0x80070002. Error: (01/17/2019 12:18:21 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Plannen van Software Protection-service voor opnieuw starten op 2019-02-16T04:24:21Z mislukt. Foutcode: 0x80070002. Systeemfouten: ============= Error: (01/17/2019 11:24:04 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JBBD7I) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} en APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} aan de gebruiker DESKTOP-1JBBD7I\Pieter SID (S-1-5-21-3783610813-3995635876-4157474929-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/17/2019 11:24:04 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JBBD7I) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} en APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} aan de gebruiker DESKTOP-1JBBD7I\Pieter SID (S-1-5-21-3783610813-3995635876-4157474929-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/17/2019 11:20:11 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JBBD7I) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} en APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} aan de gebruiker DESKTOP-1JBBD7I\Pieter SID (S-1-5-21-3783610813-3995635876-4157474929-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/17/2019 10:34:46 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JBBD7I) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} en APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} aan de gebruiker DESKTOP-1JBBD7I\Pieter SID (S-1-5-21-3783610813-3995635876-4157474929-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/17/2019 10:23:25 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JBBD7I) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} en APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} aan de gebruiker DESKTOP-1JBBD7I\Pieter SID (S-1-5-21-3783610813-3995635876-4157474929-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/17/2019 10:23:25 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JBBD7I) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} en APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} aan de gebruiker DESKTOP-1JBBD7I\Pieter SID (S-1-5-21-3783610813-3995635876-4157474929-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/17/2019 09:12:09 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1JBBD7I) Description: Kan geen DCOM-server starten: {0358B920-0AC7-461F-98F4-58E32CD89148}. Foutmelding "0" is opgetreden bij het uitvoeren van de opdracht C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (01/17/2019 08:19:39 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1JBBD7I) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} en APPID {15C20B67-12E7-4BB6-92BB-7AFF07997402} aan de gebruiker DESKTOP-1JBBD7I\Pieter SID (S-1-5-21-3783610813-3995635876-4157474929-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Windows Defender: =================================== Date: 2018-11-20 07:17:23.898 Description: Gebruiker: NT AUTHORITY\SYSTEM Procesnaam: C:\Windows\explorer.exe Handtekeningversie: AV: 1.281.453.0, AS: 1.281.453.0, NIS: 1.281.453.0 Engineversie: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-20 07:17:19.135 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Gebruiker: NT AUTHORITY\SYSTEM Procesnaam: C:\Windows\explorer.exe Handtekeningversie: AV: 1.281.453.0, AS: 1.281.453.0, NIS: 1.281.453.0 Engineversie: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-20 07:16:56.737 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: NT AUTHORITY\SYSTEM Procesnaam: C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe Handtekeningversie: AV: 1.281.453.0, AS: 1.281.453.0, NIS: 1.281.453.0 Engineversie: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-20 07:16:23.690 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: Detectieoorsprong: Lokale computer Detectietype: Snel pad Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-1JBBD7I\Pieter Procesnaam: C:\Windows\explorer.exe Handtekeningversie: AV: 1.281.453.0, AS: 1.281.453.0, NIS: 1.281.453.0 Engineversie: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-19 21:03:15.716 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-1JBBD7I\Pieter Procesnaam: C:\Program Files\CCleaner\CCleaner64.exe Handtekeningversie: AV: 1.281.422.0, AS: 1.281.422.0, NIS: 1.281.422.0 Engineversie: AM: 1.1.15400.5, NIS: 1.1.15400.5 Date: 2018-11-19 17:20:13.467 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het laden van handtekeningen en probeert terug te keren naar een juiste set handtekeningen. Geprobeerde handtekeningen: Huidig Foutcode: 0x80070002 Foutbeschrijving: Het systeem kan het opgegeven bestand niet vinden. Handtekeningversie: 0.0.0.0;0.0.0.0 Engineversie: 0.0.0.0 Date: 2018-11-19 14:43:37.084 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.281.411.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15400.5 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2018-11-19 14:35:38.167 Description: Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Gedragscontrole Foutcode: 0x80508023 Foutbeschrijving: Op dit apparaat is geen malware en andere mogelijk ongewenste software gevonden. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. Date: 2018-11-19 11:08:24.460 Description: Windows Defender Antivirus heeft een kritieke fout gevonden bij het ondernemen van actie tegen malware of andere mogelijk ongewenste software. Zie voor meer informatie: Actiestatus: No additional actions required Foutcode: 0x80070003 Foutbeschrijving: Het systeem kan het opgegeven pad niet vinden. Handtekeningversie: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0 Engineversie: AM: 1.1.15100.1, NIS: 1.1.15100.1 CodeIntegrity: =================================== Date: 2019-01-17 05:24:06.832 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-01-17 05:24:06.825 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-01-17 05:24:06.653 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-01-17 05:24:06.648 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-01-15 06:41:28.083 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-01-15 06:41:28.073 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-01-15 06:41:28.051 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-01-15 06:41:28.046 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVG\Antivirus\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz Percentage geheugen in gebruik: 55% Totaal fysiek RAM-geheugen: 4004.43 MB Beschikbaar fysiek RAM-geheugen: 1773.7 MB Totaal Virtueel geheugen: 4856.75 MB Beschikbaar Virtueel geheugen: 1796.71 MB ==================== Schijven ================================ Drive c: (DISK_01) (Fixed) (Total:443.41 GB) (Free:392.92 GB) NTFS Drive d: (DATA) (Fixed) (Total:425.59 GB) (Free:222.14 GB) NTFS Drive e: (RESERVE) (Fixed) (Total:60 GB) (Free:42.1 GB) NTFS \\?\Volume{0b3d39cf-eeaa-4872-bcfb-53e2b06ec7d1}\ () (Fixed) (Total:0.91 GB) (Free:0.45 GB) NTFS \\?\Volume{6777683b-71cf-49d2-8b7d-56ec981a7daf}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS \\?\Volume{d335c721-1f2a-4ef4-8987-cbd7876d033a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9AB89D49) Partition: GPT. ==================== Eind van Addition.txt ============================