Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 29-05-2023 Gestart door benni (02-06-2023 10:50:49) Gestart vanaf C:\Users\benni\Dropbox\pc\Downloads Microsoft Windows 11 Home Versie 22H2 22621.1778 (X64) (2022-10-06 08:34:04) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-3118109506-1931748487-131078026-500 - Administrator - Disabled) benni (S-1-5-21-3118109506-1931748487-131078026-1001 - Administrator - Enabled) => C:\Users\benni DefaultAccount (S-1-5-21-3118109506-1931748487-131078026-503 - Limited - Disabled) Gast (S-1-5-21-3118109506-1931748487-131078026-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3118109506-1931748487-131078026-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) µTorrent (HKLM-x32\...\uTorrent) (Version: 1.6 - ) 1001 Jigsaw Cute Cats 2 1.0 (HKLM-x32\...\1001 Jigsaw Cute Cats 2 1.0) (Version: 1.0 - AleAda) 3D PUZZLE Old House (HKLM-x32\...\3D PUZZLE Old House) (Version: - TiNYiSO) 4 Elements II Premium Edition (HKLM-x32\...\4 Elements II Premium Edition) (Version: - ) 64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden 8GadgetPack (HKLM-x32\...\{952B0AC7-B572-4FE4-8556-AA72DE8C67F2}) (Version: 36.0.0 - 8GadgetPack.net) Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer) Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer) Acronis Drivers (HKLM\...\{ED15711E-0469-4064-B4C1-19EB5AE88266}) (Version: 25.10.39287 - Acronis) Hidden Acronis True Image (HKLM-x32\...\{BF03AD52-D850-47B8-8AD5-ECA38FEACCC1}) (Version: 25.10.39287 - Acronis) Hidden Acronis True Image (HKLM-x32\...\{BF03AD52-D850-47B8-8AD5-ECA38FEACCC1}Visible) (Version: 25.10.39287 - Acronis) Adobe Animate 2023 (HKLM-x32\...\FLPR_23_0_1) (Version: 23.0.1 - Adobe Inc.) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.1.102.62 - Adobe Systems Incorporated) Any DVD Converter Professional 5.9.5 (HKLM-x32\...\Any DVD Converter Professional_is1) (Version: - Any-DVD-Converter.com) AquaSoft Stages 14.2.05 (HKLM\...\AquaSoft Stages_is1) (Version: 14.2.05 - LR) ArtPlus Clock 'n' Count 1.0 (HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\ArtPlus ClocknCount) (Version: 1.0.9.10 - Art Plus Marketing & Publishing) Ashampoo Snap 12 (HKLM-x32\...\{0A11EA01-46CF-28A6-16E6-7D9E6E52EB79}_is1) (Version: 12.0.6 - Ashampoo GmbH & Co. KG) Ashampoo Snap 14 (HKLM\...\{0A11EA01-06C3-B92C-3E8D-DE830CB13715}_is1) (Version: 14.0.9 - Ashampoo GmbH & Co. KG) AVS Document Converter 4.2.6 (HKLM-x32\...\AVS Document Converter_is1) (Version: 4.2.6.271 - Online Media Technologies Ltd.) AVS Image Converter 5.5.3 (HKLM-x32\...\AVS Image Converter_is1) (Version: 5.5.3.322 - Online Media Technologies Ltd.) AVS Photo Editor 3.2.6 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 3.2.6.170 - Online Media Technologies Ltd.) AVS Registry Cleaner 4.1.7 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 4.1.7.293 - Online Media Technologies Ltd.) AVS Video Converter 12.5.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 12.5.1.698 - Online Media Technologies Ltd.) AVS Video Editor 9.8.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 9.8.1.401 - Online Media Technologies Ltd.) AVS Video ReMaker 6.7.3 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 6.7.3.266 - Online Media Technologies Ltd.) Baking Bustle. Collector's Edition (HKLM-x32\...\Baking Bustle. Collector's Edition_is1) (Version: 1.0 - GameTop Pte. Ltd.) BluffTitler (HKLM-x32\...\BluffTitler) (Version: - Outerspace Software) BluffTitler 15.5.0.4 (HKLM\...\BluffTitler_is1) (Version: 15.5.0.4 - LRepacks) BrickShooter (HKLM-x32\...\BrickShooter) (Version: - ) Bright Gems Rus 1.0 (HKLM-x32\...\Bright Gems Rus 1.0) (Version: 1.0 - AleAda) BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 4.94 - MOJOSOFT) By Click Downloader (HKLM-x32\...\{24DF2D32-D7F6-4D7C-8B4F-CAE0AD4298B5}) (Version: 2.3.34 - ByClick) Hidden By Click Downloader (HKLM-x32\...\By Click Downloader 2.3.34) (Version: 2.3.34 - ByClick) Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated) Chainz (HKLM-x32\...\{F31E0805-0D51-4601-889D-955EE765038E}_is1) (Version: - Zylom) Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine) Documentation Manager (HKLM\...\{17C797EF-1D27-41CF-8A52-024F33A8A8FE}) (Version: 22.80.1.1 - Intel Corporation) Hidden Dr. Folder versie 2.8.6.7 (HKLM\...\{1E989158-7B7C-4A69-9038-B010AF3F775A}_is1) (Version: 2.8.6.7 - YL Computing) Dropbox (HKLM-x32\...\Dropbox) (Version: 175.4.5569 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.761.1 - Dropbox, Inc.) Hidden eID Web Browser Middleware (HKLM\...\eID Web Browser Middleware) (Version: 1.3.5 - e-Contract.be BV) ePix Calendar (HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\Fotosafari ePix) (Version: 6.6.9.701 - ePixEditions.com) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Expert PDF 15 Edit Module (HKLM\...\{5EABF880-ADD5-4E12-8B42-DC9450A2F243}) (Version: 15.0.76.1 - Avanquest Software) Expert PDF 15 OCR Module (HKLM\...\{363794BC-DBEE-4122-ABC0-1988C2B772D3}) (Version: 15.0.76.1 - Avanquest Software) Expert PDF 15 OCR TESS Module (HKLM\...\{1C2689C3-F33D-4F4C-96D5-DB96C6AECACD}) (Version: 15.0.76.1 - Avanquest Software) Expert PDF 15 View Module (HKLM\...\{F0736A45-E458-430A-83D5-1F0B62B7D53B}) (Version: 15.0.76.1 - Avanquest Software) Flipbook Maker Pro 4.3.4 (HKLM\...\Kvisoft Flipbook Maker Pro_is1) (Version: 4.3.4 - kvisoft.com) FolderIco 7.0.5 (HKLM\...\{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1) (Version: - Teorex) FolderSizes 9 (HKLM\...\{3C350C10-C51D-4CAE-B2A6-8AD209B34840}) (Version: 9.5.422 - Key Metric Software) FoneLab for Android 5.0.12 (HKLM-x32\...\FoneLab for Android_is1) (Version: 5.0.12 - LR) Foxit PhantomPDF (HKLM-x32\...\{7910276E-2DB7-11EB-BD55-54BF64A63C26}) (Version: 10.1.1.37576 - Foxit Software Inc.) Freemake Video Converter 4.1.13.138 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.13.138 - LR) future.dj pro 2.1.6.0 (HKLM\...\XYLIOfdp_is1) (Version: 2.1.6.0 - XYLIO) Gevarengrot (HKLM-x32\...\Gevarengrot) (Version: - ) Golden Dozen Solitaire (HKLM-x32\...\Golden Dozen Solitaire_is1) (Version: 1.0 - GameTop Pte. Ltd.) Google Chrome (HKLM\...\{5D2950AA-215F-3C0E-ACFB-21E215FD6304}) (Version: 113.0.5672.129 - Google LLC) Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google) Heroes of Hellas Origins Part One (HKLM-x32\...\Heroes of Hellas Origins Part One_is1) (Version: 1.0 - GameTop Pte. Ltd.) hott notes 4 (HKLM-x32\...\hott notes 4) (Version: 4.1 - Joel Riley) Intel® Software Installer (HKLM-x32\...\{741cd892-0384-4ac9-929f-e3a263d9dc07}) (Version: 22.80.1.1 - Intel Corporation) Hidden Iron Order 1919 (HKLM-x32\...\Iron Order 1919_is1) (Version: 1.0 - GameTop Pte. Ltd.) Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation) Jewel Quest 6 The Sapphire Dragon Collector's Edition version 1.0 (HKLM-x32\...\{941C1DCA-C3F3-4473-97FA-813711123E02}_is1) (Version: 1.0 - ThreeZ) Jewel Quest 7 1.00 (HKLM-x32\...\Jewel Quest 7 1.00) (Version: 1.00 - Chloe) Kerish Doctor 2023 (HKLM-x32\...\{EF70A54F-E09E-4570-8F21-C7674CDDB5B6}_is1) (Version: 4.91 - Kerish Products) Lucky Solitaire (HKLM-x32\...\Lucky Solitaire_is1) (Version: 1.0 - GameTop Pte. Ltd.) Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.1.2524 - Macgo Inc.) Macromedia Flash Player 8 (HKLM-x32\...\{6815FCDD-401D-481E-BA88-31B4754C2B46}) (Version: 8.0.22.0 - Macromedia) Macrorit Partition Expert 7.3.2 (HKLM\...\Macrorit Partition Expert_is1) (Version: 7.3.2 - LR) Mahjong World Contest (HKLM-x32\...\Mahjong World Contest_is1) (Version: 1.0 - GameTop Pte. Ltd.) Mailbird (HKLM\...\{5E5A3E4C-7E99-43A8-AF4B-F608273E95C0}) (Version: 2.9.79 - Mailbird) Malwarebytes version 4.5.28.266 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.28.266 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.57 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.57 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\Microsoft EdgeWebView) (Version: 113.0.1774.57 - Microsoft Corporation) Microsoft Office Professioneel Plus 2021 - nl-nl (HKLM\...\ProPlus2021Retail - nl-nl) (Version: 16.0.16327.20248 - Microsoft Corporation) Microsoft Ondersteunings- en herstelassistent (HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\1411bee0b739e9b9) (Version: 17.0.9663.2 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.101.0514.0001 - Microsoft Corporation) Microsoft Photo Premium 10 (HKLM-x32\...\PictureItPrem_v10) (Version: 10.0.0706 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM-x32\...\{c7984cd8-d837-4988-a30d-8da7822bc716}) (Version: 7.0.5.32327 - Microsoft Corporation) Movavi Screen Recorder 22.5.0 (HKLM-x32\...\Movavi Screen Recorder_is1) (Version: 22.5.0 - Movavi) Mozilla Firefox (x64 nl) (HKLM\...\Mozilla Firefox 113.0.2 (x64 nl)) (Version: 113.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 113.0.2 - Mozilla) Nitro Pro (HKLM\...\{A54726FB-B0EF-4894-9102-03CF6DDC6189}) (Version: 13.67.0.45 - Nitro) NIUBI Partition Editor 9.3.7 (HKLM\...\NIUBI Partition Editor_is1) (Version: 9.3.7 - LR) NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation) NVIDIA GeForce Experience 3.26.0.160 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.160 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 531.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.18 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden PDF Shaper Professional v13.0 (HKLM\...\PDF Shaper Professional_is1) (Version: 13.0 - Burnaware (RePack by Dodakaedr)) PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd) Puzzle Vacations Christmas version 1.0 (HKLM-x32\...\{EB24CCE9-6E47-42E4-935C-8512545848CC}_is1) (Version: 1.0 - AleAda) Q-Dir (HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\Q-Dir) (Version: - ) Rainbow Folders (HKLM-x32\...\{2AEA17BA-FAB3-49D2-BB85-0669D14DC9BC}_is1) (Version: 2.05 - Piotr Chodzinski) RAR Password Unlocker (HKLM-x32\...\{69B77D45-F5AD-4AB9-933D-352703324469}_is1) (Version: - RAR Password Unlocker, Inc.) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9261.1 - Realtek Semiconductor Corp.) Resilio Sync (HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\Resilio Sync) (Version: 2.7.3 - Resilio, Inc.) SimBoePro (HKLM-x32\...\SimBoePro) (Version: - ) Star Stable Online 2.13.0 (HKLM-x32\...\8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.13.0 - Star Stable Entertainment AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stones of Rome (HKLM-x32\...\Stones of Rome_is1) (Version: 1.0 - GameTop Pte. Ltd.) Super Cubes 1.2 (HKLM-x32\...\Super Cubes_is1) (Version: - ) TeamViewer 15.40.8.0 (HKLM-x32\...\TeamViewer_is1) (Version: 15.40.8.0 - LR) TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.53.0 - TechPowerUp) Togethershare Data Recovery Trial 6.0.0 (HKLM-x32\...\Togethershare Data Recovery Trial 6.1.0_is1) (Version: - Togethershare) TreeSize 8.6.1.1764 (HKLM\...\TreeSize_is1) (Version: 8.6.1.1764 - LR) TunePat Spotify Converter 1.9.3 (HKLM-x32\...\TunePat Spotify Converter_is1) (Version: 1.9.3 - LR) TunePat Spotify Converter 1.9.5 (HKLM-x32\...\TunePat Spotify Converter) (Version: 1.9.5 - Tunepat) UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3012 - Acer Incorporated) VirtualDJ 2021 (HKLM\...\{50686D21-D301-4534-8ED3-81B5BF162202}) (Version: 8.5.5920.0 - Atomix Productions) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) VSO ConvertXtoVideo Ultimate 2 (HKLM-x32\...\{3852A371-F5ED-491A-86C3-998CD0688D4A}_is1) (Version: 2.0.0.100 - VSO Software) Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation) Windows Subsystem for Linux WSLg Preview (HKLM\...\{3CBDE512-7510-4F90-B1C0-7C4EB9DD7C26}) (Version: 1.0.27 - Microsoft Corporation) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Wondershare Data Recovery 6.6.0.21 (HKLM-x32\...\Wondershare Data Recovery_is1) (Version: 6.6.0.21 - Wondershare) Wondershare Filmora 12(Build 12.0.12.1450) (HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\Wondershare Filmora 12_is1) (Version: - Wondershare Software) Yahtzee Deluxe (HKLM-x32\...\Yahtzee Deluxe) (Version: - ) Packages: ========= Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-05-30] (Acer Incorporated) Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2023-05-30] (0) DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2023.2.2.0_x64__t5j2fzbtdg37r [2023-05-20] (DTS, Inc.) DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.11.14.0_x64__t5j2fzbtdg37r [2023-03-31] (DTS, Inc.) File Analyzer -> C:\Program Files\WindowsApps\BitberrySoftware.FileAnalyzer_2.0.0.0_x64__2js97y2b9kjke [2023-03-09] (Bitberry Software) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1870.16.215.0_x64__8xx8rvfyw5nnt [2023-05-26] (Meta) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-03-02] (Microsoft Corp.) ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-30] (Microsoft Corporation) [Startup Task] ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.60961.0_x64__8wekyb3d8bbwe [2023-05-17] (Microsoft Corporation) ms-resource:ClassicAppStoreName -> C:\Program Files\WindowsApps\Microsoft.PhotosLegacy_2023.11030.27002.0_x64__8wekyb3d8bbwe [2023-04-23] (Microsoft Corporation) ms-resource:LegacyPackageStoreName -> C:\Program Files\WindowsApps\Microsoft.LegacyPhotosMediaEngineAdd-on_2022.2206.0.0_x64__8wekyb3d8bbwe [2023-03-02] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-09] (NVIDIA Corp.) One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2023.508.1.0_x64__8kea50m9krsh2 [2023-05-20] (Code Spark) One Photo Viewer -> C:\Program Files\WindowsApps\48914EllipticPhenomena.OnePhotoViewer_1.17.2.0_neutral__8w313s78tpvfc [2023-04-20] (Elliptic Phenomena) PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.6428.0_x64__ypz87dpxkv292 [2023-03-02] (CYBERLINK COM CORP) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.30.258.0_x64__dt26b99r8h8gj [2023-03-02] (Realtek Semiconductor Corp) User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3012.0_x64__48frkmn4z8aw4 [2023-03-02] (Acer Incorporated) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2319.7.0_x64__cv1g1gvanyjgm [2023-05-26] (WhatsApp Inc.) [Startup Task] WinRAR -> C:\Program Files\WinRAR [2022-11-14] (0) ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\benni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\benni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{581FFA00-FC33-0003-0702-95003A5CDE89}\InprocServer32 -> C:\Users\benni\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll () [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{581FFA01-FC33-0003-0702-95003A5CDE89}\InprocServer32 -> C:\Users\benni\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll () [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\benni\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\benni\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\benni\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0xF14A909F96D9D8010572909F96D9D801010000001200000000000000 => Geen bestand CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{95D62648-8AE6-4299-937F-FBBFA5DB852F} -> [Mega] => D:\Mega [2022-10-06 11:13] CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{9CCE22DC-79C6-42A2-B005-864842A35AF3}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{A4FEF2CE-E494-419e-ABCC-B2E993FB6BC0}\InprocServer32 -> C:\Users\benni\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GlassyCPUMonitor.gadget\Release\ProcessMonitor64.dll (TODO: ) [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> geen bestandpad CustomCLSID: HKU\S-1-5-21-3118109506-1931748487-131078026-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\benni\OneDrive\Documenten\Dropbox\Dropbox [2022-11-13 11:46] ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\benni\AppData\Local\MEGAsync\ShellExtX64.dll [2023-05-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\benni\AppData\Local\MEGAsync\ShellExtX64.dll [2023-05-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\benni\AppData\Local\MEGAsync\ShellExtX64.dll [2023-05-18] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll [2022-01-05] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll [2022-01-05] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll [2022-01-05] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_10_39287.dll [2022-01-05] (Acronis International GmbH -> ) ShellIconOverlayIdentifiers: [ YandexDisk1 SyncDone] -> {C5F6CDD1-FB7B-4971-A53F-4B00757F756B} => -> Geen bestand ShellIconOverlayIdentifiers: [ YandexDisk2 SyncProgress] -> {75EF3512-D401-4172-BA0F-00E000DCBCE4} => -> Geen bestand ShellIconOverlayIdentifiers: [ YandexDisk3 SyncDisabled] -> {8EEE3CD5-1F70-4B63-B19D-A5F1457761DB} => -> Geen bestand ShellIconOverlayIdentifiers: [ YandexDisk4 SyncError] -> {9CE04609-A360-4266-9937-9D799E8D2D5A} => -> Geen bestand ShellIconOverlayIdentifiers: [ YandexDisk5 SyncPart] -> {63ADB0D1-6DA0-46A2-89D0-E0CE44536E32} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.3Done] -> {581FFA04-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2023-06-01] () [Bestand niet getekend] ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.3RO] -> {581FFA03-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2023-06-01] () [Bestand niet getekend] ShellIconOverlayIdentifiers: [ !Resilio Sync 2.7.3RW] -> {581FFA02-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2023-06-01] () [Bestand niet getekend] ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.3Done] -> {581FFA04-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2023-06-01] () [Bestand niet getekend] ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.3RO] -> {581FFA03-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2023-06-01] () [Bestand niet getekend] ShellIconOverlayIdentifiers-x32: [ !Resilio Sync 2.7.3RW] -> {581FFA02-FC33-0003-0702-95003A5CDE89} => C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll [2023-06-01] () [Bestand niet getekend] ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-06-01] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [ExpertPDF14_ManagerExt] -> {45BC3587-4C32-4F66-AAB0-C6FF48EC83A9} => C:\Program Files\Expert PDF 15\context-menu.dll [2023-01-31] (AVANQUEST SOFTWARE SAS -> Avanquest Software) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\benni\AppData\Local\MEGAsync\ShellExtX64.dll [2023-05-18] (Mega Limited -> ) ContextMenuHandlers1: [Nitro.Pro.ShellExtension.Shim] -> {211B6F25-950C-49CD-AB86-A448EF85686A} => C:\Program Files\Common Files\Nitro\Nitro.Pro.ShellExtension.Shim.dll [2022-05-20] (Nitro Software, Inc. -> Nitro Software, Inc.) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2022-06-06] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> Geen bestand ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\benni\AppData\Local\MEGAsync\ShellExtX64.dll [2023-05-18] (Mega Limited -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-12] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\benni\AppData\Local\MEGAsync\ShellExtX64.dll [2023-05-18] (Mega Limited -> ) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-06-01] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [DrFolderExtension] -> {4ca4fa65-0669-3a6b-8c16-f5c69eaf9fc9} => C:\Program Files\Dr. Folder\DrFolderExtension.DLL [2021-12-10] () [Bestand niet getekend] ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\benni\AppData\Local\MEGAsync\ShellExtX64.dll [2023-05-18] (Mega Limited -> ) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-06-01] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.61.0.dll [2023-03-04] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaei.inf_amd64_f4946054dccab44f\nvshext.dll [2023-02-25] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Folderico] -> {CC0C45C5-EFDE-4B8A-A8B0-9ED733D9E6AC} => C:\Program Files\FolderIco\FolderIco.dll [2022-02-07] (Maxim Gapchenko -> TeoreX) ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [FSShellExt] -> {56160A70-D083-4856-9998-F565ABC03F86} => C:\Program Files\Key Metric Software\FolderSizes 9\FSShellExt.dll [2023-03-30] (Key Metric Software LLC -> Key Metric Software, LLC.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-12] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd) ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> Geen bestand ContextMenuHandlers1_S-1-5-21-3118109506-1931748487-131078026-1001: [Resilio Sync 2.7.3] -> {581FFA00-FC33-0003-0702-95003A5CDE89} => C:\Users\benni\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll [2023-06-01] () [Bestand niet getekend] ContextMenuHandlers4_S-1-5-21-3118109506-1931748487-131078026-1001: [Resilio Sync 2.7.3] -> {581FFA00-FC33-0003-0702-95003A5CDE89} => C:\Users\benni\AppData\Roaming\Resilio Sync\ShellExtensionPath64_565.dll [2023-06-01] () [Bestand niet getekend] ContextMenuHandlers4_S-1-5-21-3118109506-1931748487-131078026-1001: [Yandex.Disk.3] -> {847202AE-CDE0-469A-AF10-8798E02DED83} => -> Geen bestand ==================== Codecs (gefilterd) ==================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [196608 2022-05-07] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent\µTorrent Homepage.lnk -> hxxp://www.utorrent.com ==================== Geladen Modules (gefilterd) ============= 2023-05-23 06:35 - 2023-05-23 06:35 - 001159680 _____ () [Bestand niet getekend] [Bestand is in gebruik] C:\Program Files\Mailbird\x64\CefSharp.BrowserSubprocess.Core.dll 2023-05-23 06:35 - 2023-05-23 06:35 - 001784320 _____ () [Bestand niet getekend] [Bestand is in gebruik] C:\Program Files\Mailbird\x64\CefSharp.Core.Runtime.dll 2023-05-20 16:26 - 2021-12-24 23:08 - 000016896 _____ () [Bestand niet getekend] C:\Program Files (x86)\TeamViewer\rfv.dll 2023-01-25 01:35 - 2023-01-25 01:35 - 196560384 _____ () [Bestand niet getekend] C:\Program Files\Mailbird\x64\libcef.dll 2023-01-24 23:12 - 2023-01-24 23:12 - 004945920 _____ () [Bestand niet getekend] C:\Program Files\Mailbird\x64\vk_swiftshader.dll 2023-06-01 10:00 - 2023-06-01 10:00 - 002585600 _____ () [Bestand niet getekend] C:\ProgramData\Resilio Sync\ShellExtensionOverlay64_565.dll 2022-01-05 16:21 - 2023-02-22 20:33 - 026728768 _____ (Acronis International GmbH -> ) [Bestand niet getekend] [Bestand is in gebruik] C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll 2023-02-12 12:23 - 2023-02-11 08:05 - 004046848 _____ (Avanquest Software) [Bestand niet getekend] C:\Program Files\Expert PDF 15\bl.dll 2023-01-03 19:13 - 2023-01-03 19:13 - 001093120 _____ (Microsoft Corporation) [Bestand niet getekend] C:\WINDOWS\WinSxS\Fusion\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_none_bd39c11e9405d29b\8.0\8.0.50727.6195\MFC80U.DLL 2023-05-23 06:29 - 2023-05-23 06:29 - 001614336 _____ (Robert Simpson, et al.) [Bestand niet getekend] C:\Program Files\Mailbird\x64\SQLite.Interop.dll 2023-01-24 23:30 - 2023-01-24 23:30 - 001412608 _____ (The Chromium Authors) [Bestand niet getekend] C:\Program Files\Mailbird\x64\chrome_elf.dll 2020-06-30 17:37 - 2020-06-30 17:37 - 000460288 _____ (The curl library, hxxps://curl.haxx.se/) [Bestand niet getekend] C:\Program Files\Expert PDF 15\libcurl.dll 2022-06-23 02:43 - 2022-06-23 02:43 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Bestand niet getekend] C:\Users\benni\AppData\Local\MEGAsync\Qt5Core.dll 2023-05-20 16:26 - 2020-10-19 13:25 - 000091648 _____ (TVTools by Finder54) [Bestand niet getekend] C:\Program Files (x86)\TeamViewer\tvtools.dll ==================== Alternate Data Streams (gefilterd) ======== (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\Users\benni:zylomtest [0] AlternateDataStreams: C:\Users\benni:zylomtr{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVJJ} [32] AlternateDataStreams: C:\Users\benni:zylomtr{00009BV5-V6E6-N99D-O8SF-9VRP3OLUMVJQ} [34] AlternateDataStreams: C:\Users\benni:zylomtr{00013KEU-UKQE-K6V0-JVCJ-27VV7P3D0VVE} [36] AlternateDataStreams: C:\Users\benni:zylomtr{000HQ7FF-AD7A-3FG1-7LLS-22TDACKJ0VTH} [38] AlternateDataStreams: C:\Users\benni:zylomtr{000HQ7FF-AD7A-3FG1-RTNH-21IOLNPESVVF} [38] AlternateDataStreams: C:\Users\benni:zylomtr{000HQ7FF-AD7A-3FG2-Q64S-2675H2E5QVUI} [34] AlternateDataStreams: C:\Users\benni:zylomtr{000HQ7FF-AD7A-3FG3-T5UV-256BMHGDKVV8} [36] AlternateDataStreams: C:\Users\benni:zylomtr{000HQ7FF-AD7A-3FG4-0ANJ-25JQU97JCVVQ} [36] AlternateDataStreams: C:\Users\benni:zylomtr{000HQ7FF-AD7A-3FG6-3908-27H0TJJBSVUC} [36] AlternateDataStreams: C:\Users\benni:zylomtr{000HQ7FF-AD7A-3FG6-S7TH-22P2K55U4VV3} [36] AlternateDataStreams: C:\Users\benni:zylomtr{000HQ7FF-AD7A-3FG7-DNQC-2227NIQAQVVF} [36] AlternateDataStreams: C:\ProgramData\TEMP:EC1207D7 [133] AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8 [158] AlternateDataStreams: C:\Users\benni\OneDrive\Documenten\323776570_1225672768157189_452323042121975322_n.jpg:SummaryInformation [0] AlternateDataStreams: C:\Users\benni\OneDrive\Documenten\323776570_1225672768157189_452323042121975322_n.jpg:Updt_SummaryInformation [151] AlternateDataStreams: C:\Users\benni\OneDrive\Documenten\323776570_1225672768157189_452323042121975322_n.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\benni\OneDrive\Documenten\Benny.jpg:SummaryInformation [0] AlternateDataStreams: C:\Users\benni\OneDrive\Documenten\Benny.jpg:Updt_SummaryInformation [151] AlternateDataStreams: C:\Users\benni\OneDrive\Documenten\Benny.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt2 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\fsproflt2 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== HKU\S-1-5-21-3118109506-1931748487-131078026-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.ya.ru/?win=591&clid=2761555-72 SearchScopes: HKU\S-1-5-21-3118109506-1931748487-131078026-1001 -> DefaultScope 5727203c-e721-11ed-a470-88aedd2045f8 URL = hxxps://yandex.ru/search/?win=591&clid=2761556-72&text={searchTerms} SearchScopes: HKU\S-1-5-21-3118109506-1931748487-131078026-1001 -> 5727203c-e721-11ed-a470-88aedd2045f8 URL = hxxps://yandex.ru/search/?win=591&clid=2761556-72&text={searchTerms} SearchScopes: HKU\S-1-5-21-3118109506-1931748487-131078026-1001 -> {590160DD-B856-4326-BBCF-330073537418} URL = BHO: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files\Nitro\Pro\13\npnitroie.dll [2022-05-20] (Nitro Software, Inc. -> Nitro Software, Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2022-12-13] (Oracle America, Inc. -> Oracle Corporation) BHO: Expert PDF 15 Helper -> {80595B6E-5C2C-4B93-B611-D4FA203B1ED0} -> C:\Program Files\Expert PDF 15\creator\plugins\IEAddin\creator-ie-helper.dll [2023-01-31] (AVANQUEST SOFTWARE SAS -> Avanquest Software) BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> ) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-12-13] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files (x86)\Nitro\Pro\13\npnitroie.dll [2022-05-20] (Nitro Software, Inc. -> Nitro Software, Inc.) BHO-x32: Expert PDF 15 Helper -> {80595B6E-5C2C-4B93-B611-D4FA203B1ED0} -> C:\Program Files (x86)\Expert PDF 15\creator\plugins\IEAddin\creator-ie-helper.dll [2023-01-31] (AVANQUEST SOFTWARE SAS -> Avanquest Software) BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM - Expert PDF 15 Toolbar - {2EEED833-94D7-4C67-A028-903C77EE83AD} - C:\Program Files\Expert PDF 15\creator\plugins\IEAddin\creator-ie-plugin.dll [2023-01-31] (AVANQUEST SOFTWARE SAS -> Avanquest Software) Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM-x32 - Expert PDF 15 Toolbar - {2EEED833-94D7-4C67-A028-903C77EE83AD} - C:\Program Files (x86)\Expert PDF 15\creator\plugins\IEAddin\creator-ie-plugin.dll [2023-01-31] (AVANQUEST SOFTWARE SAS -> Avanquest Software) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2023-03-20 09:03 - 2023-03-31 10:07 - 000004529 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 license.piriform.com 127.0.0.1 www.license.piriform.com 127.0.0.1 speccy.piriform.com 127.0.0.1 www.speccy.piriform.com 127.0.0.1 recuva.piriform.com 127.0.0.1 www.recuva.piriform.com 127.0.0.1 defraggler.piriform.com 127.0.0.1 www.defraggler.piriform.com 127.0.0.1 ccleaner.piriform.com 127.0.0.1 www.ccleaner.piriform.com 127.0.0.1 license-api.ccleaner.com 0.0.0.0 www.aomeitech.com 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 fitgirl-repack.com # Fake FitGirl site 109.94.209.70 fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repack.net # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site 109.94.209.70 fitgirlpack.site # Fake FitGirl site 109.94.209.70 www.fitgirlpack.site # Fake FitGirl site 2022-10-27 11:01 - 2023-03-03 10:54 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.17.144.1 BennyBervoets.mshome.net # 2028 3 3 1 8 54 54 637 ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files\dotnet\ HKU\S-1-5-21-3118109506-1931748487-131078026-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\benni\AppData\Roaming\Art Plus\Desktop\wallpaper.png DNS Servers: 195.130.130.3 - 195.130.131.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor" HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\StartupFolder: => "Sidebar113.lnk" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\Run: => "Mailbird" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C817A2B76D5BA130A13FF650D25A9E9E" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\Run: => "vidnotifier.exe" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\Run: => "ScreenHunter 7 Pro" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\Run: => "YandexDisk2" HKU\S-1-5-21-3118109506-1931748487-131078026-1001\...\StartupApproved\Run: => "AshSnap" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [TCP Query User{DF7013F4-8DDA-48D0-BAF5-5AD24B63989A}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{3D391E2D-ADCC-490A-A6B8-B2986C459918}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe () [Bestand niet getekend] FirewallRules: [{5953C4BC-12E3-4330-9313-4474BD10241B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH) [Bestand niet getekend] FirewallRules: [{8DFD13F2-41DC-4FB2-8C21-FD8C69AC5BEF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) [Bestand niet getekend] FirewallRules: [{A610EFD2-E92C-4C67-A8C7-7ACC02B379F9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) [Bestand niet getekend] FirewallRules: [{90903036-D41A-4D9C-A4B1-E2E18A0E8912}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH) [Bestand niet getekend] FirewallRules: [{136F106D-3398-4D6D-8AEB-DF7B652650BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) [Bestand niet getekend] FirewallRules: [{ED711093-BFE6-4568-8978-722C98B73D84}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH) [Bestand niet getekend] FirewallRules: [{0954EF2C-1168-4D59-AB20-C47AC1159794}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH) [Bestand niet getekend] FirewallRules: [{046B3BDB-B2B3-48BD-B993-9C10F28ED7D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH) [Bestand niet getekend] FirewallRules: [{A8277B7F-25CF-4E9B-97DF-40716F4F7E64}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{65F67625-F2F5-4C7E-B523-07D7D6249F90}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{31951D25-144D-43B0-8EF5-97D85E4EAA36}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{EC87B664-F9A0-46AD-9B6D-E67B7CBE7937}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5E4CDB0C-1707-4D66-8615-7EFFF6C812DB}] => (Allow) D:\SteamLibrary\steamapps\common\SnowRunner\Sources\Bin\SnowRunner.exe (Focus Entertainment SA -> Focus Home Interactive) FirewallRules: [{5D47622C-78AA-4A77-9875-071C958C2087}] => (Allow) D:\SteamLibrary\steamapps\common\SnowRunner\Sources\Bin\SnowRunner.exe (Focus Entertainment SA -> Focus Home Interactive) FirewallRules: [{6DAD2557-C786-48A6-A6A3-4BCCF577B864}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D667D44B-7CF2-42DC-A0A2-61F6DB77FA4C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D90AD48C-AC53-4346-B2CC-305DB620FFDA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{15119ADE-7ED5-4BEC-82C1-AA2F03B83A9D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{2842C61A-9623-4FBE-AAD6-8B4A0262F86F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{8E06256A-3C02-464D-A6F6-F2566FAD5FA3}] => (Allow) C:\Users\benni\AppData\Roaming\Resilio Sync\Resilio Sync.exe (Resilio, Inc. -> Resilio, Inc.) FirewallRules: [{E1CF70A1-1CD9-456E-BEDB-ACED83B07A1B}] => (Allow) C:\Users\benni\AppData\Roaming\Resilio Sync\Resilio Sync.exe (Resilio, Inc. -> Resilio, Inc.) FirewallRules: [{44022165-05F7-441F-8278-F12FEF613098}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Herstelpunten ========================= 10-05-2023 16:41:00 Revo Uninstaller Pro's restore point - Folder Marker Pro v4.5.1.0 18-05-2023 10:50:10 Gepland controlepunt 23-05-2023 08:27:42 Installed Mailbird 27-05-2023 08:24:52 Kerish Doctor 2023 herstelpunt 28-05-2023 13:18:46 Installatieprogramma voor Windows-modules 28-05-2023 13:19:56 Installatieprogramma voor Windows-modules ==================== Defecte Apparaatbeheer Apparaten ============ Name: Logitech Cordless Device Description: Logitech Cordless Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Logitech Cordless Device Description: Logitech Cordless Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (06/01/2023 07:40:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: BENNYBERVOETS) Description: Scheduler failed to run task with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 193 (%1 is geen geldige Win32-toepassing). Error: (06/01/2023 08:46:11 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY) Description: Programma explorer.exe versie 10.0.22621.1778 communiceert niet meer met Windows en is gesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, controleert u de probleemgeschiedenis in het configuratiescherm van Beveiliging en onderhoud. Error: (05/31/2023 08:41:29 PM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 29) (User: BENNYBERVOETS) Description: Het controleren op wijzigingen in opties voor de spellingcontrole is mislukt: -2147023878. Het spellingcontroleprogramma blijft beschikbaar, maar wijzigingen worden niet gerapporteerd. Error: (05/31/2023 07:40:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: BENNYBERVOETS) Description: Scheduler failed to run task with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 193 (%1 is geen geldige Win32-toepassing). Error: (05/30/2023 11:30:25 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden Error: (05/30/2023 11:30:25 PM) (Source: DbxSvc) (EventID: 281) (User: ) Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden Error: (05/28/2023 01:49:22 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (05/27/2023 07:40:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: BENNYBERVOETS) Description: Scheduler failed to run task with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 193 (%1 is geen geldige Win32-toepassing). Systeemfouten: ============= Error: (06/02/2023 10:48:53 AM) (Source: DCOM) (EventID: 10010) (User: BENNYBERVOETS) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (06/01/2023 10:57:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80073d02: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop. Error: (06/01/2023 07:44:40 AM) (Source: DCOM) (EventID: 10010) (User: BENNYBERVOETS) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/31/2023 04:26:03 PM) (Source: nvlddmkm) (EventID: 0) (User: ) Description: Event-ID 0 Error: (05/31/2023 06:23:03 AM) (Source: DCOM) (EventID: 10010) (User: BENNYBERVOETS) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/30/2023 08:25:35 AM) (Source: DCOM) (EventID: 10010) (User: BENNYBERVOETS) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/28/2023 01:52:18 PM) (Source: DCOM) (EventID: 10010) (User: BENNYBERVOETS) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/28/2023 01:49:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De jhi_service-service is afhankelijk van de iphlpsvc-service, die vanwege de volgende fout niet kan worden gestart: Kan de service niet starten omdat deze is uitgeschakeld of omdat het geen ingeschakelde apparaten met zich heeft verbonden. Windows Defender: ================ Date: 2023-05-28 12:47:55 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Naam: HackTool:Win32/Keygen Ernst: Hoog Categorie: Hulpprogramma Pad: file:_E:\MEGAsync\Setups december\Movavi Screen Recorder 22.5 RePack (& Portable) by TryRooM\Movavi.Screen.Recorder.22.5.0.exe Detectieoorsprong: Lokale computer Detectietype: Snel pad Detectiebron: Systeem Gebruiker: NT AUTHORITY\SYSTEM Procesnaam: Unknown Versie van beveiligingsinformatie: AV: 1.389.2555.0, AS: 1.389.2555.0, NIS: 1.389.2555.0 Engineversie: AM: 1.1.23050.3, NIS: 1.1.23050.3 Date: 2023-05-28 12:47:20 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack&threatid=2147734096&enterprise=0 Naam: HackTool:Win32/Crack Ernst: Hoog Categorie: Hulpprogramma Pad: file:_E:\MEGAsync\Setups december\WhatsApp 2.2245.9 RePack (& Portable) by elchupacabra\WhatsApp 2.2245.9.exe; file:_E:\MEGAsync\Setups december\Wondershare Recoverit Ultimate 8.2.3.5 RePack (& portable) by elchupacabra\Wondershare Recoverit 8.2.3.5.exe Detectieoorsprong: Lokale computer Detectietype: Snel pad Detectiebron: Realtime-beveiliging Gebruiker: BennyBervoets\benni Procesnaam: C:\Windows\explorer.exe Versie van beveiligingsinformatie: AV: 1.389.2555.0, AS: 1.389.2555.0, NIS: 1.389.2555.0 Engineversie: AM: 1.1.23050.3, NIS: 1.1.23050.3 Date: 2023-05-28 12:47:18 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack&threatid=2147734096&enterprise=0 Naam: HackTool:Win32/Crack Ernst: Hoog Categorie: Hulpprogramma Pad: file:_E:\MEGAsync\Setups december\WhatsApp 2.2245.9 RePack (& Portable) by elchupacabra\WhatsApp 2.2245.9.exe Detectieoorsprong: Lokale computer Detectietype: Snel pad Detectiebron: Realtime-beveiliging Gebruiker: BennyBervoets\benni Procesnaam: C:\Windows\explorer.exe Versie van beveiligingsinformatie: AV: 1.389.2555.0, AS: 1.389.2555.0, NIS: 1.389.2555.0 Engineversie: AM: 1.1.23050.3, NIS: 1.1.23050.3 Date: 2023-05-28 12:47:07 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack!MTB&threatid=2147745913&enterprise=0 Naam: HackTool:Win32/Crack!MTB Ernst: Hoog Categorie: Hulpprogramma Pad: file:_E:\MEGAsync\Setups december\TreeSize Professional 8.6.1.1764 (x64) RePack (& Portable) by elchupacabra\TreeSize 8.6.1.1764.exe Detectieoorsprong: Lokale computer Detectietype: Snel pad Detectiebron: Realtime-beveiliging Gebruiker: BennyBervoets\benni Procesnaam: C:\Windows\explorer.exe Versie van beveiligingsinformatie: AV: 1.389.2555.0, AS: 1.389.2555.0, NIS: 1.389.2555.0 Engineversie: AM: 1.1.23050.3, NIS: 1.1.23050.3 Date: 2023-05-28 12:47:06 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack&threatid=2147734096&enterprise=0 Naam: HackTool:Win32/Crack Ernst: Hoog Categorie: Hulpprogramma Pad: file:_E:\MEGAsync\Setups december\Spotify 1.2.2.582 (Repack & Portable) by Elchupacabra\Spotify 1.2.2.582.exe Detectieoorsprong: Lokale computer Detectietype: Snel pad Detectiebron: Realtime-beveiliging Gebruiker: BennyBervoets\benni Procesnaam: C:\Windows\explorer.exe Versie van beveiligingsinformatie: AV: 1.389.2555.0, AS: 1.389.2555.0, NIS: 1.389.2555.0 Engineversie: AM: 1.1.23050.3, NIS: 1.1.23050.3 Event[0] Date: 2023-03-01 10:19:55 Description: Realtime-beveiligingsonderdeel van Microsoft Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Bij toegang Foutcode: 0x8007043c Foutbeschrijving: Deze service kan niet in veilige modus worden gestart. Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten. Date: 2023-03-01 07:30:39 Description: Microsoft Defender Antivirus heeft een fout gevonden tijdens het bijwerken van beveiligingsinformatie en zal proberen terug te keren naar een eerdere versie. Geprobeerde beveiligingsinformatie: Huidig Foutcode: 0x80070003 Foutbeschrijving: Het systeem kan het opgegeven pad niet vinden. Versie van beveiligingsinformatie: 0.0.0.0;0.0.0.0 Engineversie: 0.0.0.0 CodeIntegrity: =============== Date: 2023-05-27 16:27:09 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-05-20 17:15:10 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-05-20 15:13:18 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. R01-A4 05/20/2022 Moederbord: Acer Predator PO7-640 Processor: 12th Gen Intel(R) Core(TM) i9-12900K Percentage geheugen in gebruik: 13% Totaal fysiek RAM-geheugen: 65379.77 MB Beschikbaar fysiek RAM-geheugen: 56776.17 MB Totaal Virtueel geheugen: 65379.77 MB Beschikbaar Virtueel geheugen: 55322.1 MB ==================== Schijven ================================ Drive c: (Acer) (Fixed) (Total:952.59 GB) (Free:725.56 GB) (Model: NVMe SAMSUNG MZVL21T0HCLR-00B07) NTFS Drive d: (Prulschijf) (Fixed) (Total:1863.02 GB) (Free:1511.68 GB) (Model: ST2000DM008-2FR102) NTFS Drive e: (Data2) (Fixed) (Total:953.87 GB) (Free:367.51 GB) (Model: NVMe SAMSUNG MZVL21T0HCLR-00B07) NTFS \\?\Volume{3bc66c21-9e25-4ff3-aaf7-aae2fd18f7fe}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.47 GB) NTFS \\?\Volume{fb2c8fc4-4493-4034-ae8d-00aaff17b4f8}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 953.9 GB) (Disk ID: C9271EA3) Partition: GPT. ========================================================== Disk: 1 (Size: 1863 GB) (Disk ID: A256F5FF) Partition: GPT. ========================================================== Disk: 2 (Size: 953.9 GB) (Disk ID: A256F5EB) Partition: GPT. ==================== Einde van Addition.txt =======================