Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 18-02-2017 01 Gestart door vanessa (19-02-2017 20:59:05) Gestart vanaf C:\Users\vanessa\Desktop Windows 10 Home Versie 1607 (X64) (2016-09-17 02:44:38) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3158286090-3323772245-4144222817-500 - Administrator - Disabled) ASPNET (S-1-5-21-3158286090-3323772245-4144222817-1004 - Limited - Enabled) DefaultAccount (S-1-5-21-3158286090-3323772245-4144222817-503 - Limited - Disabled) Gast (S-1-5-21-3158286090-3323772245-4144222817-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3158286090-3323772245-4144222817-1002 - Limited - Enabled) vanessa (S-1-5-21-3158286090-3323772245-4144222817-1000 - Administrator - Enabled) => C:\Users\vanessa ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-3158286090-3323772245-4144222817-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.) Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0530.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software) Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.) clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated) Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ETS3 Professional (HKLM-x32\...\ETS3 Professional) (Version: 3.0.00990.0 - KNX Association) ETS3 Professional (x32 Version: 3.0.00990.0 - KNX Association cvba) Hidden Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) Explor@ Park (HKLM-x32\...\VTechDownloadManager) (Version: - VTech) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC) Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden F-Secure Client Security - Browsing protection (HKLM-x32\...\F-Secure Browsing Protection) (Version: 2.00.492 - F-Secure Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.) LAV Filters 0.55.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3158286090-3323772245-4144222817-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Moveslink2 (HKU\S-1-5-21-3158286090-3323772245-4144222817-1000\...\09caaf8ee8bfbd57) (Version: 1.4.4.199 - Suunto) Mozilla Firefox 51.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 nl)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden OpenOffice 4.1.1 (HKLM-x32\...\{89FD914D-4472-4E4F-8638-69E857E82DC9}) (Version: 4.11.9775 - Apache Software Foundation) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.) Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden SketchUp 2015 (HKLM\...\{C630FC42-E196-4B6D-B12B-4CB8D5F399D7}) (Version: 15.1.106 - Trimble Navigation Limited) Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated) Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden Web Companion (HKLM-x32\...\{16ced7d6-04c5-4281-9b5f-123b9860a9dc}) (Version: 2.3.1479.2868 - Lavasoft) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3158286090-3323772245-4144222817-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1B0DD044C0A8}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3158286090-3323772245-4144222817-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0083C0FA-48C6-425F-9714-2BC9439E9889} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {05EF5E49-EBFC-471A-B890-54FC29D13BB1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {089860B7-D934-42D0-9903-77EB56FB7725} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {0AAA434F-7F3B-4BF4-B72C-038BB5191984} - System32\Tasks\{E09CD5CE-1A08-41B1-8989-0AF2EC336903} => pcalua.exe -a C:\Users\vanessa\Downloads\PEB_Installer-windows-x64_5.0.5.exe -d C:\Users\vanessa\Downloads Task: {0CB0BD5F-DB33-4E00-8E12-922EF473800C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software) Task: {0E4FE67A-45B5-4E66-B8C1-AB584BD5A27E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-18] (Adobe Systems Incorporated) Task: {11077343-5A55-44E4-80DD-9BA7DCFEC136} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe Task: {15DB02EB-D565-47C5-A2FF-88F2C682676F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {183B134C-228C-4C55-8B78-0BFF491C32C5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {1C9E6B43-0C21-4F0C-B48E-4D2BBED05487} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe Task: {1D92DE99-A140-4D98-82BF-FBE11A7BDDA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {215E0A26-9B50-446D-AE1F-37456353FE7C} - System32\Tasks\Therqoght => msiexec /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=WDCXWD5000BPVT-22HXZT1_WD-WXF1E71TPNV9TPNV9&v=2017210 /q Task: {2678AA65-5D72-4BDA-97FE-24971E6A2235} - System32\Tasks\{3B49C743-57EF-4801-944D-FD04991CD0A7} => pcalua.exe -a "C:\Program Files (x86)\Video to Video\unins000.exe" Task: {27A2691D-4B52-4D06-AC9F-8813E11DD63E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-18] (Google Inc.) Task: {2E82AB91-7B40-496B-821B-7648E468E802} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe Task: {3B9EC416-1E67-4F5B-B16A-8D7D62F677FB} - System32\Tasks\FoxTab => C:\Users\vanessa\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== AANDACHT Task: {42F1CE3E-C6B3-49C6-AA2C-EDABE320D28F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {4338D60A-5EBC-4927-9B96-9F0E2A58C352} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe Task: {44BC5C08-11E3-43FC-B2BC-91C5A2F1027B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {48A1B5C3-C015-4D90-842E-58A2F63F5713} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {49EAEB33-C750-4FC7-AA7B-D1C5B1411B21} - System32\Tasks\{D10429A3-90A4-4634-9420-22E6B0954648} => pcalua.exe -a "C:\Users\vanessa\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853 (1).exe" -d C:\WINDOWS\system32 Task: {4A9E0CE3-F5F6-495B-B2AE-491AEE85E6FB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe Task: {4E68CB32-80A9-4CCB-B9F5-6340DB0CA184} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated) Task: {56B50622-496E-4958-8517-A5D090D741D0} - System32\Tasks\{1655FE5E-FDF9-4786-83FF-3B6EDB823CC5} => pcalua.exe -a C:\Users\vanessa\Downloads\PEB_Installer-windows-x64_5.0.5(3).exe -d C:\Users\vanessa\Downloads Task: {581D1ADD-2372-4790-BCC1-8A13AA0A6398} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-10] (Microsoft Corporation) Task: {59AB7758-D7D5-41A6-9B0E-447E74CA46C7} - System32\Tasks\{983DD051-8C6A-4842-8B13-F73CF153F3DC} => pcalua.exe -a "C:\Users\vanessa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I2AEBU5B\dotnetfx.exe" -d C:\Users\vanessa\Desktop Task: {5C04455F-2EE8-476D-AB4F-E276F40FC54D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-18] (Google Inc.) Task: {5F8DF2EB-B1F8-43AB-9029-39DF477FF0C5} - System32\Tasks\{FE0C3B58-629A-40DF-9997-3D15635AFD19} => pcalua.exe -a "C:\Program Files\McAfee Security Scan\uninstall.exe" Task: {64F32E9C-556E-465C-90B6-0489BA7E8CC5} - System32\Tasks\BikaQ_FetchAndUpgrade_CanBeDel => C:\Program Files (x86)\BikaQRssReader\BikaQ.exe Task: {69A52BFF-2837-4012-8DEF-277CF1B454A2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe Task: {706A205D-4CE9-4903-B442-BD428F285AFE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe Task: {7188B59F-4C34-4070-924F-365D37F0EFFF} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.) Task: {7393F15D-B8F9-4422-96DA-08DB9C74C021} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\vanessa\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {7DC258D3-9597-4AE8-B17B-D32C7944D5C9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe Task: {86063057-714F-49BA-890D-35D6CA58F967} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {89B6332D-D8BF-4F89-B0C8-979BB1EE40C5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe Task: {8A64210F-1E82-4A3A-B08F-C7CEF5B5EF0A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe Task: {8A9E64F0-D3DB-4298-916D-DF8605FF5BFE} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe Task: {8EAB414A-1081-4EE1-97F6-745528465E3D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {9442AFF2-AD6A-44B2-A3AB-F497035D4B85} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {96888C8A-D6EE-4CF3-8490-B2071BD07F72} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe Task: {9EBC554F-0CC0-449C-B2D7-C8F3EEC3C41B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {A50557C7-713C-423F-A965-1C006EB1935B} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink) Task: {AC5C1383-7C54-4B68-B451-497BEAA1B97D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-11] (AVAST Software) Task: {B179E463-EBA8-4891-BCFC-0D0E7C49D62A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {B43A1BAA-812E-4D2D-8B67-8BA26C39F6B9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe Task: {B7923AFF-F1B6-4C53-85D7-191AABC14559} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {B9BC8D8D-A7ED-47BD-9495-7FA1B2DA5B28} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {BA02D130-B815-43BA-ABBE-C0006AE378EE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {BC55924A-1A94-41BA-A40E-2F5E69BE285A} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-02-07] () Task: {C573CE49-B905-4CE0-B004-058AA2AF030F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe Task: {C63734A2-1184-4778-A190-92C66021FA18} - System32\Tasks\{C4CEC978-8CCC-4085-BFCA-1BF2BFA616CC} => pcalua.exe -a "C:\Program Files (x86)\Common Files\VoyaQvosoft\uninstall.exe" -c shuz -f "C:\Program Files (x86)\Common Files\VoyaQvosoft\uninstall.dat" -a uninstallme C1457568-24FC-45DD-BC7B-DE8223E364A0 DeviceId=465fbaee-88a9-f0e3-1ae1-1f6520cee8df BarcodeId=51198003 ChannelId=3 DistributerName=APSFWakeNet Task: {CA7890C5-CD1D-42B2-96E6-6A467359A707} - System32\Tasks\{7724308E-8CE2-4E33-9C1B-9DF779038E9E} => C:\Users\vanessa\Downloads\PEB_Installer-windows-x64_5.0.5.exe Task: {CB66CCA8-7B9B-48C7-A780-52CD1333DE0D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe Task: {CBC17E0A-C2F3-4070-8C20-F85ED9DB733C} - System32\Tasks\AdobeAAMUpdater-1.0-vanessa-PC-vanessa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {D7422635-9C09-4942-8FE6-4AA8B09F4ACD} - System32\Tasks\{01F1E57A-37F9-4A44-BBA7-27938229975D} => pcalua.exe -a C:\Users\vanessa\Downloads\PEB_Installer-windows_5.0.5.exe -d C:\Users\vanessa\Downloads Task: {D840CD15-5947-4ADE-8BAE-A5E4A9A6FF76} - System32\Tasks\Tuwishprikudom Agent => C:\Program Files (x86)\Plizoy\planut.exe [2017-02-10] (Glarysoft Ltd) Task: {DA3C7900-622B-485D-8158-1A3C059F67B1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe Task: {DAA094BC-6C91-4380-88C2-509FDE50A5DD} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-08-09] (Acer) Task: {DF7D08AB-E02E-46F4-91D9-FE3A4EA0B480} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {E1CF6648-D37A-449A-9C3C-BBE2A4C6F74B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe Task: {E4B9E00D-3490-40E1-BD00-2D6391895C5A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {E78A8338-9F3A-4752-BD99-59AFA43E3029} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {E8BC65C5-842A-404C-B190-CE822FEE3D7A} - System32\Tasks\{49BE4066-2E71-45E7-8F70-E898CB954BBA} => C:\Users\vanessa\Downloads\PEB_Installer-windows-x64_5.0.5.exe Task: {EB1D65F4-04A7-4E71-8249-C8D5864D1AB4} - System32\Tasks\{AF7B81CD-4CC2-4344-99AE-1708A2C5C118} => pcalua.exe -a C:\DotNet\dotnetfx.exe -d C:\DotNet Task: {EF663637-E476-4A3C-949A-EA525C383DDE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\FoxTab.job => C:\Users\vanessa\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== AANDACHT ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Standuck\Application\chrome.exe (Google Inc.) ==================== Geladen Modules (gefilterd) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-13 20:49 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-02-10 18:38 - 2017-02-10 18:38 - 00312832 _____ () C:\Program Files (x86)\Tuwishprikudom Agent\local64spl.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00025232 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe 2016-09-18 09:11 - 2016-11-24 22:16 - 00017048 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00037016 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll 2016-12-13 20:49 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-05-22 18:33 - 2016-05-22 18:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2016-09-17 03:57 - 2016-09-17 03:57 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-10 20:15 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-10 20:14 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-10 20:14 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-10 20:14 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-10 20:14 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-10 20:15 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2012-11-26 22:54 - 2012-11-26 22:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2016-02-24 10:43 - 2016-01-18 13:48 - 00317824 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe 2016-05-22 18:32 - 2016-05-22 18:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2017-02-17 20:08 - 2017-02-17 03:01 - 00162992 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe 2016-10-20 17:37 - 2016-10-20 17:37 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-10-20 17:37 - 2016-10-20 17:37 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-10-20 17:37 - 2016-10-20 17:37 - 35253760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-02-11 13:23 - 2017-02-11 13:26 - 00455168 _____ () C:\Program Files (x86)\Common Files\Services\iThemes.dll 2017-02-17 20:07 - 2017-02-17 07:20 - 00111104 _____ () c:\programdata\apple\apple application support\support.dll 2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00129680 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00058512 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Common.Platform.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00018064 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.UpdateComponents.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00300688 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00030352 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AvastWrapper.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00059032 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll 2016-09-18 09:11 - 2016-11-24 22:16 - 00128152 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll 2016-10-28 18:37 - 2016-10-28 18:37 - 06950432 _____ () C:\Users\vanessa\AppData\Local\Apps\2.0\DCH1PDD5.R5Y\DCMGTOXB.9EZ\move..tion_391e8feca7b0cf78_0001.0004_6f8afc924d2bed6c\BLLWrapper.DLL 2016-02-24 10:43 - 2015-12-14 07:05 - 00120832 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll 2016-02-24 10:43 - 2014-04-22 03:14 - 00065536 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll 2016-02-24 10:43 - 2014-05-06 06:39 - 00861184 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll 2016-02-24 10:43 - 2014-05-06 06:38 - 00021504 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll 2016-02-24 10:43 - 2014-05-06 06:38 - 00020992 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll 2016-02-24 10:43 - 2014-05-06 06:38 - 00204800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll 2016-02-24 10:43 - 2014-05-06 11:44 - 00218112 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll 2016-02-24 10:43 - 2014-05-06 06:58 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll 2016-02-24 10:43 - 2014-05-06 11:44 - 00015360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll 2016-02-24 10:43 - 2014-05-06 11:44 - 00307712 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll 2016-02-24 10:43 - 2014-05-06 11:44 - 00014848 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll 2016-02-24 10:43 - 2014-05-06 07:31 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll 2016-02-24 10:43 - 2014-05-06 06:38 - 00036352 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll 2016-02-24 10:43 - 2014-05-06 06:38 - 00038912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll 2016-08-24 07:45 - 2016-08-24 07:45 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2017-02-11 15:39 - 2017-02-11 15:39 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-09-29 18:32 - 2016-09-29 18:32 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-02-11 15:38 - 2017-02-11 15:38 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-02-11 15:39 - 2017-02-11 15:39 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-06-07 23:10 - 2016-06-07 23:10 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-06-07 23:10 - 2016-06-07 23:10 - 00205824 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-06-07 23:10 - 2016-06-07 23:10 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2016-06-07 23:10 - 2016-06-07 23:10 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-08-24 07:24 - 2016-08-24 07:24 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-06-07 23:10 - 2016-06-07 23:10 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-3158286090-3323772245-4144222817-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3158286090-3323772245-4144222817-1000\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-09-06 19:22 - 2017-02-11 13:30 - 00000370 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3158286090-3323772245-4144222817-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\vanessa\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{a396c3f4-c9f7-40ed-bd21-08a0ba2626a7}.JPG DNS Servers: 195.130.131.4 - 195.130.130.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{1DA5FA8E-7C48-449C-B37A-F8C33C8838A2}] => (Allow) C:\Users\vanessa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{87A9B2C0-8378-4238-A1EF-E7E3E2751F7E}] => (Allow) C:\Users\vanessa\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{24A761CE-8FAD-48B2-8B52-235FB48C0DAB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe FirewallRules: [{9A059F07-43C6-4654-9F6C-886C119C7A59}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe FirewallRules: [{11F0EFDA-3B55-482B-AC87-E089A2DA7112}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{1D8C502D-0892-4084-AD68-C3D81C7EAC8B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{93607197-A61A-4DA7-87FA-6EFB8EDECC02}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{06CA11E6-3B59-4900-9EA6-ECCFACDDEED2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe FirewallRules: [{9B36FD0E-BF23-4CAF-A5D1-38EA43A607A5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{F3835B5D-2BA7-4813-89D7-00670FAA8EDA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe FirewallRules: [{98155CAB-3ADE-4DA3-BFC0-8EB3C446DC8D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{F20738DD-E8F8-4411-B2CB-97ADF05CF572}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{987CF2ED-5794-4829-B05B-5F86B7AF652E}] => (Allow) LPort=1900 FirewallRules: [{D077A715-AEEC-4579-B137-89EC67DEB5A7}] => (Allow) LPort=2869 FirewallRules: [{09AFAD88-7D01-4305-A706-025EF2C12AB7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{657B6721-50DE-45AA-B01F-2DA024949CFD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{C7990334-44D6-4965-9124-609A03D37D4C}C:\users\vanessa\appdata\local\programs\lnv\stremio\stremio.exe] => (Allow) C:\users\vanessa\appdata\local\programs\lnv\stremio\stremio.exe FirewallRules: [UDP Query User{D07E4187-C069-47AE-86B4-6104E4C133CF}C:\users\vanessa\appdata\local\programs\lnv\stremio\stremio.exe] => (Allow) C:\users\vanessa\appdata\local\programs\lnv\stremio\stremio.exe FirewallRules: [{D47941CA-64B1-43D5-AD40-A2F542E5DEFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{611681DF-111D-4D3D-A2FE-1F483B678F2C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{FF9E804B-CBCB-4F94-AC6F-7370BF3AF127}] => (Allow) C:\Program Files (x86)\Standuck\Application\chrome.exe FirewallRules: [{87ED7276-D228-4C54-80AB-6F3C3C2476CB}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{CC10CB45-E223-497E-A0AC-9045CF04E730}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe ==================== Herstelpunten ========================= 25-01-2017 17:36:23 Windows Update 02-02-2017 23:14:26 Removed File Association Helper 10-02-2017 18:27:30 WinZip 21.0 is verwijderd 10-02-2017 20:23:48 Herstelbewerking 18-02-2017 17:31:55 Removed BikaQ Rss Reader 19-02-2017 18:11:11 Removed Java 7 Update 65 ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (02/19/2017 08:56:15 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Alleen informatie. (Patch task for {90140011-0066-0413-0000-0000000FF1CE}): DownloadLatest Failed: Error: (02/19/2017 08:19:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x80070006, De ingang is ongeldig. . Bewerking: Asynchrone bewerking uitvoeren Context: Huidige status: DoSnapshotSet Error: (02/19/2017 08:17:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (02/19/2017 08:17:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary YAC NDIS Driver. System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (02/19/2017 08:17:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary YAC Ring3 Driver. System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (02/19/2017 08:17:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary YAC Mini-Filter Driver. System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (02/19/2017 08:17:24 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Kan activeringscontext voor c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. Onderdeel 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Error: (02/19/2017 08:01:25 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x80070006, De ingang is ongeldig. . Bewerking: Asynchrone bewerking uitvoeren Context: Huidige status: DoSnapshotSet Error: (02/19/2017 08:00:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (02/19/2017 08:00:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary YAC NDIS Driver. System Error: Het systeem kan het opgegeven bestand niet vinden. . Systeemfouten: ============= Error: (02/19/2017 08:54:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:54:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:54:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:54:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:53:17 PM) (Source: DCOM) (EventID: 10010) (User: vanessa-PC) Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (02/19/2017 08:51:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Install Service(FirefoxDL)-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (02/19/2017 08:50:44 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {4991D34B-80A1-4291-83B6-3328366B9097} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (02/19/2017 08:50:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:50:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:50:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2017-02-18 20:12:09.354 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 20:02:34.467 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 19:51:04.652 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 19:40:51.367 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 19:21:26.768 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 18:51:26.633 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 18:36:26.674 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 18:29:45.959 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 18:07:01.993 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-02-18 17:48:41.502 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz Percentage geheugen in gebruik: 45% Totaal fysiek RAM-geheugen: 5812.86 MB Beschikbaar fysiek RAM-geheugen: 3182.68 MB Totaal Virtueel geheugen: 11700.86 MB Beschikbaar Virtual geheugen: 9020.5 MB ==================== Schijven ================================ Drive c: (Acer) (Fixed) (Total:451.43 GB) (Free:218.21 GB) NTFS Drive d: (CD Manuals) (CDROM) (Total:0.47 GB) (Free:0 GB) CDFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3CB50FE7) Partition 1: (Not Active) - (Size=13 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=451.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=799 MB) - (Type=27) ==================== Eind van Addition.txt ============================