Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 12-06-2017 Gestart door pilot (13-06-2017 00:59:27) Gestart vanaf C:\Users\pilot\Downloads Windows 10 Home Versie 1703 (X64) (2017-05-21 11:18:17) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3689213566-3934555256-874692408-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3689213566-3934555256-874692408-503 - Limited - Disabled) Gast (S-1-5-21-3689213566-3934555256-874692408-501 - Limited - Disabled) pilot (S-1-5-21-3689213566-3934555256-874692408-1001 - Administrator - Enabled) => C:\Users\pilot ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371} AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3027 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Albelli.be Fotoboeken (HKU\S-1-5-21-3689213566-3934555256-874692408-1001\...\{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1) (Version: 11.1.1.1680 - Albelli) Ansel (Version: 382.05 - NVIDIA Corporation) Hidden ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) Belgium e-ID middleware 4.1.10 (build 1698) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71698}) (Version: 4.1.1698 - Belgian Government) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender) Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.22.1050 - Bitdefender) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brackets (HKLM-x32\...\{0ED76FF2-9370-4437-8C51-39F27DD0361B}) (Version: 1.8 - brackets.io) Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.) Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - Canon Inc.) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.) digiCamControl (x32 Version: 2.0.49.0 - ) Hidden Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc) Elevated Installer (x32 Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden FileZilla Client 3.25.2 (HKLM-x32\...\FileZilla Client) (Version: 3.25.2 - Tim Kosse) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.0.14878 - Foxit Software Inc.) Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries) Garmin City Navigator Europe NTU 2017.30 (HKLM-x32\...\{E263CF34-AF29-40CC-A974-D2FA44789FDA}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries) Garmin City Navigator Europe NTU 2018.10 (HKLM-x32\...\{1D46D36C-7794-43DF-A157-2AB199F9FE7C}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Earth Pro (HKLM-x32\...\{DE706580-82C7-4B1A-ABA4-EA48AC15B045}) (Version: 7.1.8.3036 - Google) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) IP Camera Adapter (HKLM-x32\...\{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich) iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) JaVaWa Device Manager 3.8 (HKLM-x32\...\{4D700EE8-5A7D-43C1-B4E2-BC8A22B482DD}_is1) (Version: 3.8 - JaVaWa GPS-tools) Malwarebytes versie 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.8067.2115 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3689213566-3934555256-874692408-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Mozilla Firefox 53.0.3 (x86 nl) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 nl)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla) Mozilla Thunderbird 45.8.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 nl)) (Version: 45.8.0 - Mozilla) MyHarmony (HKU\S-1-5-21-3689213566-3934555256-874692408-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech) NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.28.0 - Nikon Corporation) NVIDIA Grafisch stuurprogramma 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden OSM generic routable (HKLM-x32\...\OSM generic routable) (Version: - ) OSM generic routable (new style) (HKLM-x32\...\OSM generic routable (new style)) (Version: - ) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDFsam Basic (HKLM-x32\...\{0F7F1493-D16D-4C7B-A271-17A12168CCC4}) (Version: 3.30.2.0 - Andrea Vacondio) PeaZip 6.0.0 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: 6.0.0 - Giorgio Tani) ph (x32 Version: 1.0.0 - Your Company Name) Hidden Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version: - Synology) Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy) Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.041 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.) RushFiles (HKU\S-1-5-21-3689213566-3934555256-874692408-1001\...\RushfilesV2) (Version: 2.0.0 - RushFiles A/S) Sena Bluetooth Device Manager 3.3 (HKLM-x32\...\Sena Bluetooth Device Manager) (Version: 3.3 - Copyright (C) 2012 ~ 2016 Sena Technologies Inc.) Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - ) Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version: - ) Skype Web Plugin (HKLM-x32\...\{2D886DF5-A285-4C69-A78E-4A441B261381}) (Version: 7.30.0.98 - Skype Technologies S.A.) Skype Web Plugin (HKLM-x32\...\{2E38DBB5-C606-475A-B0E4-E0643A037EA0}) (Version: 7.26.0.47 - Skype Technologies S.A.) Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Synology Cloud Station Drive (remove only) (HKLM\...\Synology Cloud Station Drive) (Version: 4.2.3.4385 - Synology, Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) WeatherLink 6.0.0 (HKLM-x32\...\{E86A05EC-7AAB-4F48-8878-27B565746C3E}) (Version: 6.0.0 - Davis Instruments Corp.) WeatherLink 6.0.3 (HKLM-x32\...\{AEFAC1C0-6CDF-4289-A0B4-A61262FCA39A}) (Version: 6.0.3 - Davis Instruments Corp.) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (07/01/2016 2.5.2.3) (HKLM\...\F6E7FAEC5C1773411DCE89B345BDAEEA407C921B) (Version: 07/01/2016 2.5.2.3 - Cambridge Silicon Radio Ltd.) XAMPP (HKLM-x32\...\xampp) (Version: 5.6.15-1 - Bitnami) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll () CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{33B83118-4021-4BBD-A18B-230B03CFADEB}\localserver32 -> C:\Users\pilot\AppData\Local\SkypePlugin\7.30.0.98\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: ) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: ) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{5C145051-5E59-4E7B-A256-4A589D283A86}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{95DB3AD2-951C-4714-9FA2-406FDD28AA7A}\InprocServer32 -> C:\Users\pilot\AppData\Local\SkypePlugin\7.26.0.47\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: ) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{A5660B7B-94A8-463C-8E24-0975C390215E}\localserver32 -> C:\Users\pilot\AppData\Local\SkypePlugin\7.26.0.47\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: ) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: ) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\pilot\AppData\Local\SkypePlugin\7.30.0.98\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-3689213566-3934555256-874692408-1001_Classes\CLSID\{E9FC7154-DC9D-43C6-ACF5-168E64B86DE9}\InprocServer32 -> C:\Users\pilot\AppData\Local\SkypePlugin\7.30.0.98\GatewayActiveX-x64.dll (Skype Technologies S.A.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {19AC35B2-A307-4306-AE90-F0B25B52B604} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat [2015-10-19] () <==== AANDACHT Task: {1D902C67-E574-41C8-9C48-13290B91EF5A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] () Task: {1DB55FD4-9E4E-40E6-A8E3-6B5240B8F49D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) Task: {27E44E50-A475-40BB-852A-D7F2A656FC22} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {27EE822D-5BEE-4C80-97D7-89B1A8DA53DA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {2C8ECD27-9A3C-48E3-9377-244C2A83BB67} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-28] () Task: {35DE578D-53A8-4E4F-86D5-35C3243BED7C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-11-25] () Task: {3D4432EB-C8C9-42D3-9BC2-DAD4F996C4A8} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-11-25] () Task: {40FEFB35-BF0F-461A-A4A5-0423A4D4AD2F} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender) Task: {4C45435F-B216-493E-9B77-485E158DA801} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation) Task: {57DD1E78-6D80-4A42-B1E6-5DC5CB1885F6} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.) Task: {597303EA-2C8D-4809-8577-B8634BC64B22} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-28] (Microsoft Corporation) Task: {5C299FAD-F7E8-4151-9E32-119340AB3774} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender) Task: {687039CA-CCC4-4988-8236-00D9CA5237BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-03] (Google Inc.) Task: {68A3571A-3314-4216-98A1-B9339122AB10} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-11-25] (Acer Incorporated) Task: {79224267-081F-4156-923E-56E1D4D13842} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated) Task: {A62CE208-0FA4-48CB-8619-0A460EC8BD70} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-28] () Task: {C7A144CC-9279-4C92-800F-2D315FF5B980} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-03] (Google Inc.) Task: {F680E298-A337-43C6-BC70-1F36219E2F60} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-11-25] () (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\pilot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Google Keep - notities en lijsten.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki ==================== Geladen Modules (gefilterd) ============== 2017-04-24 15:33 - 2017-04-24 15:33 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll 2017-02-07 14:39 - 2017-02-07 14:39 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl 2017-02-07 14:39 - 2017-02-07 14:39 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl 2017-02-07 14:39 - 2017-02-07 14:39 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl 2017-02-07 14:39 - 2017-02-07 14:39 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl 2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-02-23 08:03 - 2017-02-23 08:03 - 00287256 _____ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe 2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2014-11-25 05:22 - 2014-11-25 05:22 - 00035328 _____ () C:\Program Files (x86)\Synology\Photo Station Uploader\ShellExtHandler.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 01253376 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll 2016-12-19 08:16 - 2016-12-19 08:16 - 00401880 _____ () C:\WINDOWS\system32\igfxTray.exe 2017-03-18 22:59 - 2017-03-20 05:56 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-05-09 03:05 - 2017-05-09 03:05 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll 2017-05-09 03:05 - 2017-05-09 03:05 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll 2017-04-20 12:57 - 2017-04-20 12:57 - 00588648 _____ () C:\Users\pilot\AppData\Local\RushFilesV2\RfClientPCV2.exe 2012-03-13 13:07 - 2012-03-13 13:07 - 00074752 _____ () C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Symlib.dll 2017-05-30 13:24 - 2017-05-30 13:24 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\nl-nl\bdsystray.txtui 2015-11-25 12:03 - 2015-11-25 12:03 - 04644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe 2017-05-17 14:56 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-05-17 14:56 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll 2017-02-14 09:42 - 2017-02-14 09:42 - 00326144 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll 2017-05-18 10:56 - 2017-05-18 10:56 - 00073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll 2015-07-06 20:36 - 2015-07-06 20:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-06-12 23:27 - 2017-06-12 23:27 - 00098816 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32api.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00110080 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\pywintypes27.dll 2017-06-12 23:27 - 2017-06-12 23:27 - 00364544 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\pythoncom27.dll 2017-06-12 23:27 - 2017-06-12 23:27 - 00320512 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32com.shell.shell.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00914432 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\_hashlib.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 01176576 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\wx._core_.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00806400 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\wx._gdi_.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00816128 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\wx._windows_.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 01067008 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\wx._controls_.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00733184 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\wx._misc_.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00682496 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\pysqlite2._sqlite.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00088064 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\_ctypes.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00686080 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\unicodedata.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00119808 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32file.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00108544 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32security.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00007168 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\hashobjs_ext.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00017920 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\thumbnails_ext.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00088064 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\usb_ext.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00012800 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\common.time34.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00018432 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32event.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00167936 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32gui.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00046080 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\_socket.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 01303552 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\_ssl.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00128512 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\_elementtree.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00127488 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\pyexpat.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00038912 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32inet.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00036864 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\_psutil_windows.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00524248 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\windows._lib_cacheinvalidation.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00011264 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32crypt.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00123392 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\wx._wizard.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00077312 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\wx._html2.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00027648 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\_multiprocessing.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00020480 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\_yappi.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00035840 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32process.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00078848 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\wx._animate.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00024064 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32pipe.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00010240 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\select.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00025600 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32pdh.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00017408 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32profile.pyd 2017-06-12 23:27 - 2017-06-12 23:27 - 00022528 ____R () C:\Users\pilot\AppData\Local\Temp\_MEI104522\win32ts.pyd 2017-06-08 17:43 - 2017-06-08 17:43 - 00123918 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 01026062 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00524460 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 03036430 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 01798570 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00115214 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 03095505 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 21565192 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00712704 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00031744 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00046080 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00032768 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00516608 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00243200 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll 2017-06-08 17:43 - 2017-06-08 17:43 - 00431616 _____ () C:\Users\pilot\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Users\pilot\Downloads\ccsetup530.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\cells-by-column.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\cells-by-row.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\CommunicatorPlugin_420.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\fit-columns.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\FRST64.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\Garmin-InternetExplorer-Shortcut.vbs:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\GoogleEarthProSetup.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\GoogleEarthSetup (1).exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\GoogleEarthSetup.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\horizontal.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\imagesloaded.pkgd.min.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\isotope.pkgd.min.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\jquery.jeditable.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\masonry-horizontal.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\MyHarmony-App.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\packery-mode.pkgd.min.js:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\PDFsam_Basic3_Installer.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\Synology Cloud Station Drive-4.2.3-4385 (1).exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\Synology Cloud Station Drive-4.2.3-4385.exe:BDU [0] AlternateDataStreams: C:\Users\pilot\Downloads\USBDrivers_2311.exe:BDU [0] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2016-02-02 22:01 - 2017-06-13 00:09 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3689213566-3934555256-874692408-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pilot\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{9b445166-e442-45c3-9cfe-9250c398ea7d}.jpg DNS Servers: 195.130.131.5 - 195.130.130.5 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKU\S-1-5-21-3689213566-3934555256-874692408-1001\...\StartupApproved\StartupFolder: => "Verzenden naar OneNote.lnk" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{3366C65C-C835-4724-B2BE-4DD6B982F5D4}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{962C064A-687B-4A9B-83CD-5064CC3FB99C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B7608F5D-A486-44BA-9BE9-12A1002D19B9}] => (Allow) C:\Users\pilot\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7FDB0259-E8CA-4BE2-B69F-BCF5C8887B13}] => (Allow) C:\Users\pilot\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8C6A8998-16B1-4DAA-85C8-C7C4AF59A904}] => (Allow) C:\Users\pilot\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{382B8BF3-9FF8-4DDB-8B23-049F16A333A0}] => (Allow) C:\Users\pilot\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{78669E0E-E48A-4587-9EE4-9C84EEEDCDD3}] => (Allow) C:\Users\pilot\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FF31CCF7-3D29-4F7A-B4BA-A6554051883E}] => (Allow) C:\Users\pilot\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{4E85AF32-A3AB-4D0A-981B-8823ADC6758C}C:\users\pilot\appdata\local\skypeplugin\pluginhost.exe] => (Block) C:\users\pilot\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [TCP Query User{E210DCC5-4776-40A8-BBF3-5A4F00E028AE}C:\users\pilot\appdata\local\skypeplugin\pluginhost.exe] => (Block) C:\users\pilot\appdata\local\skypeplugin\pluginhost.exe FirewallRules: [TCP Query User{6A2788E9-41EC-43BC-87CC-6C55B8E5012F}C:\program files (x86)\adobe\adobe dreamweaver cs6\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs6\dreamweaver.exe FirewallRules: [UDP Query User{DE14842D-FCD2-4EC5-8A0B-2C22DF103F77}C:\program files (x86)\adobe\adobe dreamweaver cs6\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs6\dreamweaver.exe FirewallRules: [TCP Query User{16CEA154-2F14-45E9-9945-331C75CA3093}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{E861736E-FC65-4DA1-A0F6-FEB041D3C88C}E:\xampp\apache\bin\httpd.exe] => (Allow) E:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{7D3118C7-4474-4C0C-8A4F-F6C366E76301}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{C39DC28C-B9B9-4F31-A78F-B35E221E722D}E:\xampp\mysql\bin\mysqld.exe] => (Allow) E:\xampp\mysql\bin\mysqld.exe FirewallRules: [{0132C10D-A9F6-4AC6-BA8C-C11CA12E4DAA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5C802B2C-58E0-48DC-890B-2ED12ED68567}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{8F470A70-A573-4AEF-88D7-5E9B87B10417}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe FirewallRules: [UDP Query User{5E2713DF-B3B1-4AAC-BED2-379561590AA5}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe FirewallRules: [TCP Query User{DFE319C5-7DA0-4F77-9912-FB2AC497793E}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [UDP Query User{5E54531D-75EF-47BD-870C-C8B34F6B0AD6}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe FirewallRules: [TCP Query User{A5152EEC-D567-4DA2-BF74-CC1414B0534A}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe FirewallRules: [UDP Query User{8E1E90AA-F724-4718-9F67-E918DA49D405}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe FirewallRules: [{48F5FEB7-1408-4E6C-9BFC-300FDADDD64F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{0171F82C-33BA-4794-B705-2667885E3898}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A4E12165-76EC-4A43-BC0F-A8369B07E02F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{312C04B9-7CC9-4DBF-9B50-F5BFBA4A1E33}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{33F4C0C1-93FC-4857-BEF9-7928B71C635C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe ==================== Herstelpunten ========================= 30-05-2017 13:52:51 Gepland controlepunt 31-05-2017 20:40:10 Installed PDFsam Basic 08-06-2017 17:50:59 Windows Update 12-06-2017 20:34:42 Removed LisApp. ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (06/12/2017 11:47:23 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (06/12/2017 11:15:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: odslv.exe, versie: 21.0.25.92, tijdstempel: 0x5926cd66 Naam van module met fout: sciter.dll, versie: 4.0.0.7, tijdstempel: 0x59146bc0 Uitzonderingscode: 0xc0000005 Foutmarge: 0x000000000018da1b Id van proces met fout: 0x453c Starttijd van toepassing met fout: 0x01d2e3c0e82a05e4 Pad naar toepassing met fout: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe Pad naar module met fout: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll Rapport-id: 9e3bd38b-5534-403b-aca4-31f36986c94d Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (06/12/2017 11:14:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: odslv.exe, versie: 21.0.25.92, tijdstempel: 0x5926cd66 Naam van module met fout: sciter.dll, versie: 4.0.0.7, tijdstempel: 0x59146bc0 Uitzonderingscode: 0xc0000005 Foutmarge: 0x000000000018da1b Id van proces met fout: 0x3c48 Starttijd van toepassing met fout: 0x01d2e3c0c7fd0fa5 Pad naar toepassing met fout: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe Pad naar module met fout: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll Rapport-id: d7b4ebca-5424-4032-a04c-03d4e57d7606 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (06/12/2017 08:38:02 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: LAPTOP-BART) Description: Kan toepassing of service 'PDFsam Enhanced Creator' niet opnieuw starten. Error: (06/12/2017 08:37:59 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LAPTOP-BART) Description: Kan toepassing of service 'Windows Verkenner' niet afsluiten. Error: (06/12/2017 08:00:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2532 Error: (06/12/2017 08:00:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2532 Error: (06/12/2017 08:00:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/12/2017 08:00:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1297 Error: (06/12/2017 08:00:07 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1297 Systeemfouten: ============= Error: (06/12/2017 11:26:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 11:26:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 11:12:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 09:47:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 09:39:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 09:28:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 09:19:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 08:40:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 08:40:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (06/12/2017 08:39:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2017-06-12 17:09:41.986 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-08 21:16:27.950 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-01 21:18:33.133 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-06-01 10:59:48.147 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_021\avcuf64.dll that did not meet the Microsoft signing level requirements. Date: 2017-06-01 10:59:48.085 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_021\avcuf64.dll that did not meet the Microsoft signing level requirements. Date: 2017-05-30 16:23:01.153 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_021\avcuf64.dll that did not meet the Microsoft signing level requirements. Date: 2017-05-30 16:23:01.109 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_021\avcuf64.dll that did not meet the Microsoft signing level requirements. Date: 2017-05-29 15:13:01.898 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_021\avcuf64.dll that did not meet the Microsoft signing level requirements. Date: 2017-05-29 15:13:01.855 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_021\avcuf64.dll that did not meet the Microsoft signing level requirements. Date: 2017-05-28 16:35:34.231 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_021\avcuf64.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz Percentage geheugen in gebruik: 29% Totaal fysiek RAM-geheugen: 16307.27 MB Beschikbaar fysiek RAM-geheugen: 11537.58 MB Totaal Virtueel geheugen: 18739.27 MB Beschikbaar Virtual geheugen: 14015.02 MB ==================== Schijven ================================ Drive c: (Acer) (Fixed) (Total:237.23 GB) (Free:110.31 GB) NTFS Drive e: (DATA) (Fixed) (Total:912.64 GB) (Free:783.78 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 5BE33B82) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 5BE33BED) Partition: GPT. ==================== Eind van Addition.txt ============================