Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 31-07-2017 Gestart door Henk (06-08-2017 14:20:19) Gestart vanaf D:\Henk\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2010-10-16 09:37:48) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2771351034-1752285704-1091563883-500 - Administrator - Disabled) => C:\Users\Administrator Gast (S-1-5-21-2771351034-1752285704-1091563883-501 - Limited - Enabled) => C:\Users\Gast Henk (S-1-5-21-2771351034-1752285704-1091563883-1008 - Administrator - Enabled) => D:\Henk Loekie (S-1-5-21-2771351034-1752285704-1091563883-1009 - Limited - Enabled) => D:\Loekie ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKLM-x32\...\uTorrent) (Version: 1.6 - ) 7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov) Aangifte inkomstenbelasting 2010 (HKLM-x32\...\Aangifte inkomstenbelasting 2010) (Version: - Belastingdienst) Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst) Aangifte inkomstenbelasting 2012 (HKLM-x32\...\Aangifte inkomstenbelasting 2012) (Version: - Belastingdienst) Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated) Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - ) Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) ATI AVIVO64 Codecs (HKLM\...\{DADBFD45-EEDA-E6A4-469C-2F772132E251}) (Version: 11.1.0.50406 - ATI Technologies Inc.) Hidden Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform) Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation) Components Setup (HKLM-x32\...\{4FF37DAE-0D20-46DF-92FE-0949AC8314B9}) (Version: 1.00.0000 - Vimicro Corporation) Hidden Crossout Launcher 1.0.3.18 (HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\CrossOutLauncher_is1) (Version: - ) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) Dream Aquarium (HKLM-x32\...\Dream Aquarium) (Version: - ) Dream Aquarium 1.234 (HKLM-x32\...\Dream Aquarium 1.234) (Version: - ) f.lux (HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\Flux) (Version: - ) Facebook Gameroom 1.1.0.0 (HKLM-x32\...\{6099B4D5-E8FF-407A-B653-955D3F1E10EB}) (Version: 1.1.0.0 - Facebook) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Talk Plugin (HKLM-x32\...\{CCE68200-4ED0-3E0A-A7F2-504897E356AB}) (Version: 5.1.5.17733 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) HP Deskjet 1010 series Basissoftware van het apparaat (HKLM\...\{E4582B79-4010-4784-ABB2-EDE4850A12A2}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.) HP Deskjet 1010 series Help (HKLM-x32\...\{A20A7EA7-3AAC-4DFE-93B2-ED7335B6474A}) (Version: 30.0.0 - Hewlett Packard) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden HPSupportUtilities30 (HKLM-x32\...\{EFEA8B39-4A17-4112-81CA-DB66B319CE04}) (Version: 1.00.0000 - Hewlett-Packard) Hidden IM Magician (HKLM-x32\...\{2969CB97-DF91-4752-BE47-8A73AE810E6C}) (Version: 1.00.0001 - Vimisoft Studio) Insane 2 (HKLM-x32\...\Insane 2_is1) (Version: - ) Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Klaverjassen (HKLM-x32\...\Klaverjassen) (Version: - ) K-Lite Codec Pack 6.5.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.5.0 - ) Liveupdate4 (HKLM-x32\...\Liveupdate4_is1) (Version: - MSI, Inc.) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) MailWasher (HKLM-x32\...\{2D4D8914-4171-4B52-8D80-BC958CA1C046}) (Version: 7.8 - Firetrust) Malwarebytes versie 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) Microsoft .NET Framework 4.6.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) MSI Kombustor v1.0.7 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 8.0.0.8390 - MyHeritage.com) NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - ) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation) Octoshape Streaming Services (HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\Octoshape Streaming Services) (Version: - Octoshape ApS) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.25.1-r123776-release - Plays.tv, LLC) PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.) Productverbeteringsonderzoek voor HP Deskjet 1010 series (HKLM\...\{9BD05FB2-71BC-4353-8F5C-DDAB90161C6A}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc) SafeZone Stable 1.48.2066.95 (HKLM-x32\...\SafeZone 1.48.2066.95) (Version: 1.48.2066.95 - Avast Software) Hidden SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden Should I Remove It (HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 1.0.00.14080 - Sony Corporation) Sony USB Driver (HKLM-x32\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: - ) Sound Blaster X-Fi MB (HKLM-x32\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited) Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) Spotify (HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TomTom HOME (HKLM-x32\...\{B581E191-A2C1-4CE3-907E-9FE3C728750C}) (Version: 2.9.91 - Uw bedrijfsnaam) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version: - Wicked & Wild Inc.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft) Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft) Verzoek of wijziging voorlopige aanslag 2011 (HKLM-x32\...\Verzoek of wijziging voorlopige aanslag 2011) (Version: - Belastingdienst) Vimicro USB2.0 UVC PC Camera (HKLM-x32\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2009.03.18 - Vimicro Corp.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) World of Tanks (HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> D:\Henk\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> D:\Henk\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2017-07-18] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2017-07-18] (AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2017-07-18] (AVAST Software) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-23] (PowerISO Computing, Inc.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2017-07-18] (AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-23] (PowerISO Computing, Inc.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2017-07-18] (AVAST Software) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-23] (PowerISO Computing, Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {09886853-4EA4-4BA4-91A9-9E193D6F66F1} - System32\Tasks\{C001C0CA-1307-474E-8B24-4A6AFC0307B6} => D:\Henk\Downloads\asklaver52 (1).exe Task: {09B05154-3989-4E67-B91E-39CDAC665A52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {0CA4BA09-9B35-4D01-A763-D36DCF31F409} - System32\Tasks\{9086DBB6-7B13-4B9B-8DB7-B6B30CA7BE15} => C:\Windows\system32\pcalua.exe -a E:\AUTORUN.EXE -d E:\ Task: {0CD422A0-1042-47FF-A323-E4F1A67CEE15} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {0DDBABB3-9DC7-43C1-B2E3-B7C6E1132FCD} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12] (Oracle Corporation) Task: {0FFEDE38-C471-40F1-9D17-08E3AA3C5CED} - System32\Tasks\HPCustParticipation HP Deskjet 1010 series => C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {1A18D939-0499-4FCD-9BDC-0E3C88EE7B4F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated) Task: {2FDCB096-64F9-48CD-B184-33B511589855} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe [2017-07-11] (Adobe Systems Incorporated) Task: {34E16306-89E3-4322-A1A6-6C8939FDA71D} - \TuneUpUtilities_Task_BkGndMaintenance2013 -> Geen bestand <==== AANDACHT Task: {3F9EC15A-C226-4549-884B-FAAA0860CAD0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core => D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-13] (Facebook Inc.) Task: {4F68D7D6-2B7F-4D19-9085-2D13E1468F4D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA => D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {5061AA1E-73A7-4607-954F-1A1BAD9DA1A4} - System32\Tasks\{3BB48892-FCEA-491D-B095-0BA6166D4ECD} => C:\Windows\system32\pcalua.exe -a E:\Install.exe -d E:\ Task: {51BB03A3-22EF-402A-A0B6-E02A589D7CDF} - System32\Tasks\{EA54305E-0770-439D-B2B2-09E9F36B8CFA} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Chronicles of Mystery - Secret of the Lost Kingdom\MystSetupVideo.exe" -d "C:\Program Files (x86)\Chronicles of Mystery - Secret of the Lost Kingdom" Task: {5A6F3A28-E983-48C3-9F5F-E219731D2C49} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2771351034-1752285704-1091563883-1000 Task: {7590A4E9-41A5-46C0-A408-6C6F18D2D8F8} - System32\Tasks\{E49BC193-2FDC-409E-A06D-B0E65B8156C8} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\VUZE_R~1\UNWISE.EXE -c /U C:\PROGRA~2\VUZE_R~1\INSTALL.LOG Task: {78212A0D-B336-4DB1-BB83-B5DD6ECEB9F7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {79F95D65-FE78-442F-97DA-CB9E4432581B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe Task: {7B3B6198-B458-41BA-816F-0FF495F76426} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe Task: {818BAEDA-751A-4A37-A464-AC704C49493F} - System32\Tasks\{EFBB3A01-09C5-412F-8123-89935713112A} => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2017-07-26] (AVAST Software) Task: {8672694D-64CB-4710-A043-54782CC4ED77} - System32\Tasks\{C30AC2B3-8C7F-4ED9-8B85-6BBD4F78DA40} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Pirateville Deluxe\Uninstal.exe" Task: {8BE73196-858F-477A-9F07-3D635BCF94A0} - System32\Tasks\{B6CF3FF3-C4F6-4D50-8AA7-01E217811EB7} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{2969CB97-DF91-4752-BE47-8A73AE810E6C}\setup.exe" -c -runfromtemp -l0x0009 -removeonly Task: {962A2EB6-C76B-4121-9C85-DB9D7FA527F2} - System32\Tasks\Google Updater and Installer => D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {A6202941-5467-4A69-90CA-6A4A9A6CFB45} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {A77A2949-83DA-432C-AEA6-405FE3D44072} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {A809418D-5BF2-46F3-8353-00D22E5169EB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {A81C0CF4-1B67-4539-9AB7-25005763695B} - System32\Tasks\{57071926-ABBF-414D-81B0-6E9408DC5FD2} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD-uninst.exe" -c /D="C:\Program Files (x86)\SlySoft\AnyDVD" Task: {AA62D7B5-837A-4A30-B422-CA612874EE3C} - System32\Tasks\{77CFD4D3-DDEB-4AA5-B501-8E1389EA906C} => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2017-07-26] (AVAST Software) Task: {AF05F596-8BD0-48F2-8279-411D1DC65BCB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core => D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {B51D1DE8-8615-4D8A-A388-60993F5407D1} - System32\Tasks\{47D8A755-9A19-4D3E-BB07-DF076BEC5DC5} => C:\Windows\system32\pcalua.exe -a D:\Henk\Downloads\startuplite-setup-1.07.exe -d D:\Henk\Downloads Task: {C72C7810-F011-4078-9F08-B14C2C18F570} - System32\Tasks\SafeZone scheduled Autoupdate 1458737122 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-06-13] (Avast Software) Task: {C868228A-BF77-4ACD-BBD4-B07917E69174} - System32\Tasks\{7490031D-EEE6-470E-B37D-D560F5D6100E} => C:\Program Files (x86)\F1 2014\F1_2014.exe Task: {CE0727F7-92C7-4E6A-984D-2C37795E29E6} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {CE12010D-F237-4047-8377-B2D533DE5666} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2017-07-18] (AVAST Software) Task: {D8320D88-DE50-4469-AC21-439147C93278} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2771351034-1752285704-1091563883-1008 Task: {DA8FD8BE-5939-449F-8943-E4F833B9E275} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe Task: {E29A486B-DC55-427F-83FE-F284893B5D80} - \avastBCLRestartS-1-5-21-2771351034-1752285704-1091563883-1008 -> Geen bestand <==== AANDACHT Task: {E4299911-77C0-4F76-9ACC-66A48E6DDA88} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA => D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-13] (Facebook Inc.) Task: {E79D678C-E983-4431-8AF1-34106F727ADD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-12] (AVAST Software) Task: {EA21A355-6DBB-4A4F-A1E6-6752C6938D25} - System32\Tasks\{83226C37-704B-4697-B65D-CB4F61441ABE} => D:\Henk\Downloads\asklaver52 (1).exe Task: {EE0D68C2-6E8A-4BF5-8023-3062B2B9F3C2} - System32\Tasks\{259EAA8D-5E1B-4B9B-AFB9-55B6528AB9A2} => C:\Windows\system32\pcalua.exe -a "D:\Henk\Desktop\FF bewaren\Shockwave_Installer_Slim (3).exe" -d "D:\Henk\Desktop\FF bewaren" Task: {EE608B4B-0C0F-4F26-BD23-6AF39CF74BD9} - System32\Tasks\{2410C4A1-008A-4178-B0FF-2C1FB4B68B3B} => C:\Windows\system32\pcalua.exe -a "D:\Henk\Desktop\FF bewaren\Shockwave_Installer_Slim.exe" -d "D:\Henk\Desktop\FF bewaren" Task: {F320FD11-2BBF-4984-B0B2-210118E3F115} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd) Task: {F7E6F88E-5AC1-4D47-B21B-27AF2A38CFA9} - System32\Tasks\{2E64E575-0277-4D07-90E3-153A982F677A} => C:\Windows\system32\pcalua.exe -a "D:\Henk\Desktop\FF bewaren\u-torrent\download torrent klaar\Sega Fishing\Sega Marine Fishing\jssetup.exe" -d "D:\Henk\Desktop\FF bewaren\u-torrent\download torrent klaar\Sega Fishing\Sega Marine Fishing" (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008Core.job => D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2771351034-1752285704-1091563883-1008UA.job => D:\Henk\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: D:\Henk\AppData\Local\Google\Chrome\User Data\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: D:\Henk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\henk - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3" ==================== Geladen Modules (gefilterd) ============== 2017-06-11 22:16 - 2017-07-14 11:31 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-07-18 21:51 - 2017-07-18 21:51 - 000162032 _____ () c:\Program Files\Alwil Software\Avast5\x64\vaarclient.dll 2017-07-18 21:51 - 2017-07-18 21:51 - 000831664 _____ () C:\Program Files\Alwil Software\Avast5\x64\ffl2.dll 2017-07-18 21:51 - 2017-07-18 21:51 - 000276808 _____ () c:\Program Files\Alwil Software\Avast5\x64\StreamBack.dll 2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll 2017-06-30 13:22 - 2017-06-30 13:22 - 000077824 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2017-08-03 12:31 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll 2017-08-03 12:31 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll 2017-07-18 21:51 - 2017-07-18 21:51 - 000170224 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll 2017-07-18 21:51 - 2017-07-18 21:51 - 000192664 _____ () C:\Program Files\Alwil Software\Avast5\event_routing_rpc.dll 2017-07-18 21:51 - 2017-07-18 21:51 - 000224256 _____ () C:\Program Files\Alwil Software\Avast5\tasks_core.dll 2017-08-04 22:47 - 2017-08-04 22:47 - 005891448 _____ () C:\Program Files\Alwil Software\Avast5\defs\17080402\algo.dll 2017-07-18 21:51 - 2017-07-18 21:51 - 000689272 _____ () C:\Program Files\Alwil Software\Avast5\ffl2.dll 2017-07-18 21:51 - 2017-07-18 21:51 - 000231664 _____ () C:\Program Files\Alwil Software\Avast5\streamback.dll 2017-08-06 13:46 - 2017-08-06 13:46 - 005891448 _____ () C:\Program Files\Alwil Software\Avast5\defs\17080600\algo.dll 2017-06-29 20:41 - 2017-06-29 20:41 - 000033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd 2017-06-29 20:41 - 2017-06-29 20:41 - 000103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd 2017-06-29 20:41 - 2017-06-29 20:41 - 000111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll 2017-06-29 20:41 - 2017-06-29 20:41 - 000041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd 2017-06-29 20:41 - 2017-06-29 20:41 - 000405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll 2017-06-29 20:41 - 2017-06-29 20:41 - 000173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd 2017-06-29 20:41 - 2017-06-29 20:41 - 001934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd 2017-06-29 20:41 - 2017-06-29 20:41 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd 2017-06-29 20:41 - 2017-06-29 20:41 - 001780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd 2017-06-29 20:41 - 2017-06-29 20:41 - 000505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd 2017-06-29 20:41 - 2017-06-29 20:41 - 003812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd 2017-07-18 21:51 - 2017-07-18 21:51 - 001065936 _____ () C:\Program Files\Alwil Software\Avast5\AvChrome.dll 2017-06-30 18:27 - 2017-06-30 18:27 - 067109376 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll 2017-07-18 21:50 - 2017-07-18 21:50 - 000292920 _____ () C:\Program Files\Alwil Software\Avast5\gaming_mode_ui.dll 2016-05-16 20:20 - 2016-05-16 20:20 - 000061952 _____ () C:\Program Files (x86)\FireTrust\MailWasher\MWPBridgeDLL.dll 2016-05-16 20:20 - 2016-05-16 20:20 - 006000128 _____ () C:\Program Files (x86)\FireTrust\MailWasher\MWPappDLL.dll 2014-10-12 03:41 - 2014-10-12 03:41 - 000061952 _____ () C:\Program Files (x86)\FireTrust\MailWasher\FTBridge.dll 2016-01-20 17:44 - 2016-01-20 17:44 - 000272384 _____ () C:\Program Files (x86)\FireTrust\MailWasher\FTClientNode.dll 2016-05-07 15:11 - 2016-05-07 15:11 - 000324608 _____ () C:\Program Files (x86)\FireTrust\MailWasher\MWPHeaderParser.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] AlternateDataStreams: C:\ProgramData\TEMP:0F775042 [280] AlternateDataStreams: C:\ProgramData\TEMP:13765436 [250] AlternateDataStreams: C:\ProgramData\TEMP:2398E95B [139] AlternateDataStreams: C:\ProgramData\TEMP:2FBB2B9B [123] AlternateDataStreams: C:\ProgramData\TEMP:48D30F15 [103] AlternateDataStreams: C:\ProgramData\TEMP:51E83E25 [276] AlternateDataStreams: C:\ProgramData\TEMP:5E24C78B [113] AlternateDataStreams: C:\ProgramData\TEMP:61FEC5E3 [111] AlternateDataStreams: C:\ProgramData\TEMP:639BB5E9 [130] AlternateDataStreams: C:\ProgramData\TEMP:75798D9A [226] AlternateDataStreams: C:\ProgramData\TEMP:BFE54417 [127] AlternateDataStreams: C:\ProgramData\TEMP:C07A6A6B [194] AlternateDataStreams: C:\ProgramData\TEMP:DA9A88B3 [99] AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 [121] AlternateDataStreams: C:\ProgramData\TEMP:EB68CA55 [70] AlternateDataStreams: C:\ProgramData\TEMP:EBFB51F1 [124] AlternateDataStreams: C:\ProgramData\TEMP:EE198B1F [169] AlternateDataStreams: C:\ProgramData\TEMP:EF0F3F33 [122] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\microsoft.com -> hxxps://*.update.microsoft.com IE trusted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\windowsupdate.com -> hxxps://download.windowsupdate.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\...\100sexlinks.com -> 100sexlinks.com Er zijn 4792 Meer websites. ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 04:34 - 2017-07-16 11:02 - 000000853 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2771351034-1752285704-1091563883-1008\Control Panel\Desktop\\Wallpaper -> D:\Henk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 89.101.251.228 - 89.101.251.229 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\Services: sdAuxService => 3 MSCONFIG\Services: sdCoreService => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: ThreatFire => 2 MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe MSCONFIG\startupreg: Google Update => "D:\Henk\AppData\Local\Google\Update\GoogleUpdate.exe" /c ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [TCP Query User{6DA267C5-E4F4-4551-845F-E5AF280E4E4E}C:\program files (x86)\softmachine\klaverjassen\klaverjassen.exe] => (Block) C:\program files (x86)\softmachine\klaverjassen\klaverjassen.exe FirewallRules: [UDP Query User{CE645F94-2F85-4494-A49B-4151A726977B}C:\program files (x86)\softmachine\klaverjassen\klaverjassen.exe] => (Block) C:\program files (x86)\softmachine\klaverjassen\klaverjassen.exe FirewallRules: [TCP Query User{4C26EEEE-6F08-4300-A7CB-7FD2D8062FC2}D:\henk\appdata\roaming\spotify\spotify.exe] => (Allow) D:\henk\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{BBD361A2-9252-48C6-870C-8DE8E5ECC67F}D:\henk\appdata\roaming\spotify\spotify.exe] => (Allow) D:\henk\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{446AF027-1C89-4C23-9FBE-A804DD4FE39A}D:\henk\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Block) D:\henk\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe FirewallRules: [UDP Query User{989F55B6-1D54-4C86-8EAF-B72EC55E322B}D:\henk\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Block) D:\henk\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe FirewallRules: [{C8620AF7-46BE-4C7F-A51B-F6DCD1BD7F7A}] => (Allow) C:\Program Files\HP\HP Deskjet 1010 series\Bin\USBSetup.exe FirewallRules: [{44D43B95-FBC0-41EA-80D0-CD5C8061C763}] => (Allow) C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{B1671B2D-82E1-4F46-AF1E-15763C976580}] => (Allow) D:\Henk\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{84BDB7B6-29CA-46A7-A8F5-F0A8678AC39A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6E46C3C0-769E-4DDC-AB91-9C1C327DEDDC}] => (Allow) LPort=2869 FirewallRules: [{E94CA545-1616-45AE-80B2-6D4E1D4F1009}] => (Allow) LPort=1900 FirewallRules: [{6D0F7B20-2FBF-4349-BB11-DF830222E567}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CBDFC8A4-B005-47FC-9526-7AB1BE3C9CFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{206D5D15-09E0-411C-91FF-E9DE7035DCA8}] => (Allow) D:\Henk\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{F64A2CB6-A481-4CEE-B84F-5D10774BEEA9}] => (Allow) D:\Henk\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{2DEDB63F-836A-4A9A-9965-31B4AFE638E9}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{E687528E-2C91-4EFB-9018-29F80FBDB907}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe FirewallRules: [{8DF1F4EE-4C07-429D-B25A-266BE40DF529}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{ED46E1C8-7045-45EA-87A5-DFBE1BB1E938}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe FirewallRules: [{583CDDC5-C8FD-4385-AED9-8CD89E942369}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{CEF5106C-7CDB-4ABB-ACA2-7BC7A79EBFE0}] => (Allow) LPort=80 FirewallRules: [{1CD0A395-752D-4B99-8DD1-120C9567A67C}] => (Allow) LPort=443 FirewallRules: [{F185CC28-ABC0-44BE-9DC0-46DD4A7628DB}] => (Allow) LPort=20010 FirewallRules: [{1616F300-5CE3-41B8-AED0-A908FA522A3A}] => (Allow) LPort=3478 FirewallRules: [{A0027361-EA18-41BE-B20E-A104F686070A}] => (Allow) LPort=7850 FirewallRules: [{07CCCD75-1EE6-4A45-B77E-786EE33059B9}] => (Allow) LPort=7852 FirewallRules: [{CA44E846-324E-4492-A989-D46EFB7A07E7}] => (Allow) LPort=7853 FirewallRules: [{BB5BA8D3-8BE4-4972-8201-66CC26FB31D6}] => (Allow) LPort=27022 FirewallRules: [{C7DC9E47-6E8C-42DB-8E64-4D51E51668C9}] => (Allow) LPort=6881 FirewallRules: [{D9F7E228-0854-4836-8A46-84DDB23237C3}] => (Allow) LPort=33333 FirewallRules: [{EBE764D8-BA15-4B5C-95F5-5A3E247D6108}] => (Allow) LPort=20443 FirewallRules: [{C740EB28-5F12-40AD-8DB1-D4337D32E307}] => (Allow) LPort=8090 FirewallRules: [{665B882A-2A2F-4C5A-AA8F-E091276F6EE1}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe FirewallRules: [{7D6B111C-E285-40E0-A863-A125BEFF644B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe FirewallRules: [{FF50A5C6-F5A2-4382-B91C-7B71ECEA38F1}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe FirewallRules: [{F1967A6E-9ABD-49F7-8F81-0778C681CDFE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{B70E383D-E4C8-4594-B77E-EE2966A62AB5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{5E4BB181-7692-457B-8535-80819027AD68}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{FCF3A518-4D6B-4B66-85A2-23B1B17C12A5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{B126AD47-9476-4A62-AEF0-4F009089100A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{C61D7787-9557-4AA3-AC23-90AE7186F617}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{45D0B52B-B8D0-4457-8D53-D33495302626}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe FirewallRules: [{7A83C486-5AC4-4352-9726-9476B69AF45B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 22-07-2017 11:59:05 Windows Update 29-07-2017 14:24:14 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (08/06/2017 01:52:19 PM) (Source: MsiInstaller) (EventID: 11714) (User: Henk-PC) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (08/05/2017 09:22:27 PM) (Source: MsiInstaller) (EventID: 11714) (User: Henk-PC) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (08/04/2017 09:02:50 PM) (Source: MsiInstaller) (EventID: 11714) (User: Henk-PC) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (08/04/2017 04:02:42 PM) (Source: MsiInstaller) (EventID: 11714) (User: Henk-PC) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (08/04/2017 10:44:50 AM) (Source: MsiInstaller) (EventID: 11714) (User: Henk-PC) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (08/03/2017 11:02:21 PM) (Source: MsiInstaller) (EventID: 11714) (User: Henk-PC) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (08/03/2017 06:02:31 PM) (Source: MsiInstaller) (EventID: 11714) (User: Henk-PC) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (08/03/2017 12:15:45 PM) (Source: MsiInstaller) (EventID: 11714) (User: Henk-PC) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (08/03/2017 12:05:50 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: De index kan niet worden geïnitialiseerd. Details: De catalogus met de inhoudsindex is beschadigd. (HRESULT : 0xc0041801) (0xc0041801) Error: (08/03/2017 12:05:50 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: De toepassing kan niet worden geïnitialiseerd. Context: toepassing Windows Details: De catalogus met de inhoudsindex is beschadigd. (HRESULT : 0xc0041801) (0xc0041801) Systeemfouten: ============= Error: (08/06/2017 01:45:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De HP Network Devices Support-service is gestopt met de volgende foutcode: Kan opgegeven module niet vinden. . Error: (08/05/2017 10:01:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De HP Network Devices Support-service is gestopt met de volgende foutcode: Kan opgegeven module niet vinden. . Error: (08/05/2017 09:58:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Plays.tv Update Service (PlaysService)-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (08/05/2017 09:58:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Plays.tv Update Service (PlaysService). Error: (08/05/2017 09:56:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De HP Network Devices Support-service is gestopt met de volgende foutcode: Kan opgegeven module niet vinden. . Error: (08/05/2017 09:15:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De HP Network Devices Support-service is gestopt met de volgende foutcode: Kan opgegeven module niet vinden. . Error: (08/04/2017 10:49:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De HP Network Devices Support-service is gestopt met de volgende foutcode: Kan opgegeven module niet vinden. . Error: (08/04/2017 10:37:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De HP Network Devices Support-service is gestopt met de volgende foutcode: Kan opgegeven module niet vinden. . Error: (08/03/2017 12:08:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De HP Network Devices Support-service is gestopt met de volgende foutcode: Kan opgegeven module niet vinden. . Error: (08/03/2017 12:06:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. CodeIntegrity: =================================== Date: 2017-07-17 19:15:20.000 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-17 19:15:19.343 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-17 19:06:52.328 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-17 19:06:51.640 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-16 22:20:33.015 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-16 22:20:32.343 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-16 22:20:30.625 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-16 22:20:29.906 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-16 12:02:36.296 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-07-16 12:02:35.609 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\AtihdW76.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. ==================== Geheugen info =========================== Processor: AMD Athlon(tm) II X4 640 Processor Percentage geheugen in gebruik: 61% Totaal fysiek RAM-geheugen: 4095.18 MB Beschikbaar fysiek RAM-geheugen: 1593.25 MB Totaal Virtueel geheugen: 8188.54 MB Beschikbaar Virtual geheugen: 5687.75 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:221.63 GB) (Free:118.89 GB) NTFS Drive d: () (Fixed) (Total:244.04 GB) (Free:183.92 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F8EEED7A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================