Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 21-10-2017 Gestart door wilfr (23-10-2017 13:15:00) Gestart vanaf C:\Users\wilfr\Downloads Windows 10 Home Versie 1607 14393.1770 (X64) (2016-10-22 11:52:38) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1228691392-3513963491-2876946990-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1228691392-3513963491-2876946990-503 - Limited - Disabled) Gast (S-1-5-21-1228691392-3513963491-2876946990-501 - Limited - Disabled) wilfr (S-1-5-21-1228691392-3513963491-2876946990-1003 - Administrator - Enabled) => C:\Users\wilfr ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-1228691392-3513963491-2876946990-1003\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated) AVG PC TuneUp (HKLM-x32\...\{96B9AAE8-99A8-46C6-8438-5F4E1E95AAC1}) (Version: 16.63.4 - AVG Technologies) Hidden B110 (HKLM-x32\...\{CC2917EA-96EC-41D1-9756-760C32AF6F12}) (Version: 140.0.353.000 - Hewlett-Packard) Hidden Black Bird Cleaner (HKLM-x32\...\Black Bird Cleaner) (Version: 1.0.3.8 - Black Bird Cleaner Software) BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Crystal Security (HKLM-x32\...\{7CBAC602-1220-46C5-B2B9-1DFABDB9813D}) (Version: 3.5.0.175 - Kardo Kristal) Hidden Crystal Security (HKLM-x32\...\Crystal Security 3.5.0.175) (Version: 3.5.0.175 - Kardo Kristal) Cybereason RansomFree 2.4.1.0 (HKLM-x32\...\{88BF86F8-A656-4397-B4CE-9C5956E82B1A}) (Version: 2.4.1.0 - Cybereason Inc.) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Duplicate Cleaner Free 4.0.5 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 4.0.5 - DigitalVolcano Software Ltd) <==== AANDACHT Facebook Gameroom 1.9.6443.18496 (HKLM-x32\...\{2BA6B7D9-1D15-44FE-BC95-94FA4DB19B75}) (Version: 1.9.6443.18496 - Facebook) FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - ) FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.59.922 - Digital Wave Ltd) Free Youtube to MP3 Downloader (HKLM-x32\...\{01F45A69-A8E6-4293-8896-2DBB339992C1}) (Version: 2.0 - Free Youtube to MP3 Downloader) Freemake Audio Converter versie 1.1.8 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation) Freemake Video Converter versie 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation) Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.4 - Ellora Assets Corporation) Funny Photo Maker 2.4.2 (HKLM-x32\...\Funny Photo Maker_is1) (Version: - Funny-Photo-Maker.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{C63184F3-8343-408F-A948-DDB0AC969A99}) (Version: 14.0 - HP) HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Solutions Framework (HKLM-x32\...\{FE8457A5-748D-41ED-A1E6-78CFDC0629D7}) (Version: 12.8.37.11 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPAppStudio (HKLM-x32\...\{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}) (Version: 140.0.95.000 - Hewlett-Packard) Hidden HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden Image Resizer for Windows (64 bit) (HKLM\...\{617CA6E9-D5FB-4017-8130-82E68C56C34D}) (Version: 3.0.4802.35565 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson) Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security) Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) KB4023057 (HKLM\...\{0C050BEE-16BE-4998-8959-2A421433DB6E}) (Version: 2.5.0.0 - Microsoft Corporation) Malwarebytes Anti-Malware versie 1.80.2.1012 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.80.2.1012 - Malwarebytes Corporation) Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft OneDrive (HKU\S-1-5-21-1228691392-3513963491-2876946990-1003\...\OneDriveSetup.exe) (Version: 17.3.7073.1013 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 56.0 (x64 nl) (HKLM\...\Mozilla Firefox 56.0 (x64 nl)) (Version: 56.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla) Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden OSDownloader (HKLM-x32\...\{C02C8C82-197C-46C1-AD18-EB0F5BF49F8A}_is1) (Version: 1.5 - OpenSubtitles.org) PS_AIO_07_B110_SW_Min (HKLM-x32\...\{C0974FF0-282B-4730-A50C-B112FA263E17}) (Version: 140.0.365.000 - Hewlett-Packard) Hidden QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.876.867.092115 - REALTEK Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0277 - REALTEK Semiconductor Corp.) Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.) SmartWebPrinting (HKLM-x32\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.214.000 - Hewlett-Packard) Hidden Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.256.000 - Hewlett-Packard) Hidden Sweepi 5.4.00 (HKLM-x32\...\Sweepi_is1) (Version: 5.4.00 - YooApplications) TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom) Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-1228691392-3513963491-2876946990-1003_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\wilfr\AppData\Local\Microsoft\OneDrive\17.3.7073.1013\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1228691392-3513963491-2876946990-1003_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Geen bestand ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Geen bestand ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Geen bestand ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => -> Geen bestand ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corporation) ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2013-02-23] (Brice Lambson) ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Geen bestand ContextMenuHandlers1: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => C:\Program Files (x86)\SlimCleaner\SlimShell64.dll [2013-07-10] (Slimware Utilities, Inc.) ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2015-10-22] (Malwarebytes Corporation) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Geen bestand ContextMenuHandlers3: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => C:\Program Files (x86)\SlimCleaner\SlimShell64.dll [2013-07-10] (Slimware Utilities, Inc.) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => -> Geen bestand ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => -> Geen bestand ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Geen bestand ContextMenuHandlers4: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => C:\Program Files (x86)\SlimCleaner\SlimShell64.dll [2013-07-10] (Slimware Utilities, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-04] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2017-03-14] (AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2015-10-22] (Malwarebytes Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {071252E2-2625-4052-ABC3-211230F226F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-01] (Google Inc.) Task: {217F2C6A-9D40-442B-BC0C-57071BF16BA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-01] (Google Inc.) Task: {2441E6C6-8755-4AD5-A812-D48079F5A213} - System32\Tasks\CMPCUAC => C:\Program Files\CleanMyPC\CleanMyPC.exe Task: {2B963734-B1B9-4ED6-BBE6-879DB5A7DAA5} - \Start Registry Reviver Update -> Geen bestand <==== AANDACHT Task: {33832C4F-9B4A-4D27-B3B7-6B6043233AEE} - \AVGPCTuneUp_Task_BkGndMaintenance -> Geen bestand <==== AANDACHT Task: {7609B2F0-4A39-4289-BA42-BEBF2A08AF86} - System32\Tasks\Cybereason RansomFree Keepalive => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-10-08] (Cybereason) Task: {82B27749-8DB6-4BB7-AFCC-1037DEE1A9E5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16] (Adobe Systems Incorporated) Task: {883F1208-CB4D-45A2-8D98-E644F0A9C69C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated) Task: {9D876C54-0FD6-4B45-8D73-D1F8D799CE53} - \AVG EUpdate Task -> Geen bestand <==== AANDACHT Task: {AC1338B8-4786-4694-9483-0D98320803A3} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation) Task: {B1A15A7B-2480-4250-A4B1-8993BD1CEF01} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe Task: {B35DE195-3617-44D5-A3E1-EB163D2F57F8} - \Start Registry Reviver Schedule -> Geen bestand <==== AANDACHT Task: {BBF9731A-CAE7-4182-8E62-4A6142121DF9} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\wilfr\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {C05E232E-18AA-4881-A59E-7D7C9EE1CFE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {D9B0C32C-C728-4023-BA45-FC18E971B83F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.) Task: {DD37A3E4-EF24-4C28-B4E8-E221AF77123E} - System32\Tasks\{6A928232-8771-55B2-EC83-06DE8898076D} => C:\WINDOWS\system32\regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\4633a2dc\771869da.dll" <==== AANDACHT Task: {F558714B-0C30-4457-BEE3-BF67FDF133B7} - System32\Tasks\Cybereason RansomFree Autostart => C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe [2017-10-08] (Cybereason) Task: {F7499EEA-6E03-4E94-BF93-311A9C1FA7B6} - \KMSAutoNet -> Geen bestand <==== AANDACHT (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\wilfr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\µTorrent\µTorrent Homepage.lnk -> hxxp://www.utorrent.com ShortcutWithArgument: C:\Users\wilfr\Desktop\user0 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="ChromeDefaultData" ==================== Geladen Modules (gefilterd) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-09-13 12:49 - 2017-09-07 08:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-04-11 16:08 - 2017-04-11 16:08 - 000495616 _____ () C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe 2016-10-22 14:37 - 2016-10-22 14:37 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-16 13:47 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-04-04 16:36 - 2017-04-04 16:36 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe 2017-03-16 13:47 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-16 13:47 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-16 13:47 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-10-11 14:00 - 2017-09-18 04:14 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-10-11 14:00 - 2017-09-18 04:16 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-08-23 12:39 - 2017-08-23 12:39 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-23 12:39 - 2017-08-23 12:39 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-23 12:39 - 2017-08-23 12:39 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-23 12:39 - 2017-08-23 12:39 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2017-10-11 14:03 - 2017-10-11 14:04 - 034988544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17083.18321.0_x64__8wekyb3d8bbwe\Music.UI.exe 2017-10-11 14:03 - 2017-10-11 14:03 - 009214464 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17083.18321.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-08-23 12:40 - 2017-08-23 12:40 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17083.18321.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2017-09-26 12:40 - 2017-09-26 12:40 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17083.18321.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-10-11 14:03 - 2017-10-11 14:04 - 013224960 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17083.18321.0_x64__8wekyb3d8bbwe\Music.Visuals.dll 2017-08-08 12:32 - 2017-08-08 12:32 - 000019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-08-08 12:32 - 2017-08-08 12:32 - 028986880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-08-08 12:32 - 2017-08-08 12:32 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-08-08 12:32 - 2017-08-08 12:32 - 020510208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2017-08-08 12:32 - 2017-08-08 12:32 - 002339328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-08-08 12:32 - 2017-08-08 12:32 - 003041792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-06-08 12:33 - 2017-06-08 12:33 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-15 12:42 - 2017-06-15 12:42 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2017-08-08 12:32 - 2017-08-08 12:32 - 001361920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-10-11 14:03 - 2017-10-11 14:04 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll 2017-04-07 10:37 - 2017-04-07 10:37 - 001695440 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8600.40525.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll 2016-06-28 00:19 - 2016-06-28 00:19 - 000865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll 2017-09-22 20:41 - 2017-09-14 14:56 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2017-09-22 20:41 - 2017-09-14 14:56 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2017-09-22 20:41 - 2017-09-14 14:56 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2017-09-22 20:41 - 2017-09-14 14:56 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2014-09-11 17:06 - 2014-09-11 17:06 - 000878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 000036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll 2014-09-11 17:06 - 2014-09-11 17:06 - 000038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll 2014-09-11 17:05 - 2014-09-11 17:05 - 000204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll 2014-09-11 17:08 - 2014-09-11 17:08 - 000015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll 2014-09-11 17:14 - 2014-09-11 17:14 - 000015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 000307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 000014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll 2014-09-11 17:15 - 2014-09-11 17:15 - 000252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll 2017-09-22 20:41 - 2017-09-22 18:33 - 000042984 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\jansson.dll 2017-08-21 14:25 - 2017-08-21 14:25 - 001157632 _____ () C:\Users\wilfr\AppData\Local\Facebook\Games\CefSharp.Core.dll 2017-08-21 14:25 - 2017-08-21 14:25 - 068178432 _____ () C:\Users\wilfr\AppData\Local\Facebook\Games\libcef.dll 2017-08-21 14:25 - 2017-08-21 14:25 - 000748032 _____ () C:\Users\wilfr\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll 2017-08-21 14:25 - 2017-08-21 14:25 - 002246144 _____ () C:\Users\wilfr\AppData\Local\Facebook\Games\libglesv2.dll 2017-08-21 14:25 - 2017-08-21 14:25 - 000079360 _____ () C:\Users\wilfr\AppData\Local\Facebook\Games\libegl.dll 2016-05-17 15:42 - 2016-11-16 15:48 - 014447630 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avcodec-54.dll 2016-05-17 15:42 - 2016-11-16 15:48 - 000190990 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avutil-52.dll 2016-05-17 15:42 - 2016-11-16 15:48 - 003028494 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avformat-54.dll 2016-05-17 15:42 - 2016-11-16 15:48 - 001078557 _____ () C:\Program Files (x86)\Freemake\COM\1.1\xvidcore.dll 2016-05-17 15:42 - 2016-11-16 15:48 - 000333838 _____ () C:\Program Files (x86)\Freemake\COM\1.1\swscale-2.dll 2016-05-17 15:42 - 2016-11-16 15:47 - 000234717 _____ () C:\Program Files (x86)\Freemake\COM\1.1\libdvdnav.dll 2016-05-17 15:42 - 2016-11-16 15:48 - 000138766 _____ () C:\Program Files (x86)\Freemake\COM\1.1\avresample-1.dll 2016-05-17 15:42 - 2016-11-16 15:47 - 000054182 _____ () C:\Program Files (x86)\Freemake\COM\1.1\libdvdcss-2.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2016-12-10 07:46 - 2017-09-20 17:36 - 000000746 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-1228691392-3513963491-2876946990-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\wilfr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\Run: => "BtServer" HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8" HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "cmsc" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-1228691392-3513963491-2876946990-1003\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{0D6D63A4-07BC-4468-B0AB-637DF113E125}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{4B1C6659-D1FD-4258-A06E-BD84E13A7EDE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{8A73A461-D108-4791-BA56-ECF0EFB04865}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FB3C9C48-279E-42E7-8F50-DC57B9EB193B}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D9335644-F2CE-4F65-945F-49DD82C45926}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{A97F7DFB-5A7A-4321-B21F-61BAE30077F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{499BA8A0-2322-4640-A51E-7FA55735E6A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{AB9680B7-A976-4AF2-875F-622148519F35}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{415F2BB3-07F5-4DE1-A486-2088413113F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{8F6FD170-49D9-4181-BBD3-633E44B2A273}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{0CBA0052-396C-4CC7-90FD-C18DDA6C91E2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{273657BD-9098-4BAC-ADC2-ECE3C5CCF2BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{4DA49997-8DD7-4125-BC2F-CA4359118026}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{74C839FC-A8E8-4182-87DA-77BB6DF7542E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{3D616419-4214-43E4-906F-D5D6C173A3C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{498D9858-3C7D-47E8-9E14-B9AE7BAA2C69}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{2003D3EC-6FAE-47A6-860B-32BE08D08824}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{D26141B7-4F30-4521-8DA3-715CE9B38E85}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe FirewallRules: [{A407C115-A3BD-4D32-9E21-60BA38D1C536}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe FirewallRules: [{73B90A19-A03C-4EFA-BB4F-0863AB69CBD9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A3F6BB91-2433-491E-BFF7-56A756528CDE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{03DF8511-11F9-43EF-B8CC-AC38869A2EE2}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{63E81149-6C6E-4F16-9DF1-E77F09FFDAA2}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{83792F09-41F4-44F3-80EB-C01A296A308A}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{AA12F982-CB48-4763-9C4B-EA8F6EBE49B0}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{97431653-0706-4A45-BC5F-0CF8190459A7}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4FD1E62C-BEE8-42D2-B2D0-5785BA4F82EA}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BA2D5182-2A96-4162-8087-721987A20A98}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{66F98F79-8469-450E-B9B5-1C12382AB94F}] => (Allow) C:\Users\wilfr\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9701943D-FB2B-4D58-844A-1BE2410E4576}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 13-10-2017 12:43:01 Windows Update 18-10-2017 12:31:02 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (10/23/2017 08:04:04 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-0GEVP4A) Description: 7.488: Kan geen gebruiker inrichten voor EDP. Foutcode: 0x80070005. Error: (10/23/2017 07:05:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: FreemakeUtilsService.exe, versie: 1.0.0.0, tijdstempel: 0x5959e92d Naam van module met fout: KERNELBASE.dll, versie: 10.0.14393.1770, tijdstempel: 0x59bf2bcf Uitzonderingscode: 0xe0434352 Foutmarge: 0x000daa12 Id van proces met fout: 0x9e8 Starttijd van toepassing met fout: 0x01d34bbc89e94f99 Pad naar toepassing met fout: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 0176fe85-13ee-4555-9253-96fb30fec09a Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (10/23/2017 07:05:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: FreemakeUtilsService.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.IO.FileNotFoundException bij FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs() bij FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs) bij FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs) bij System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs) bij System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object) bij System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bij System.Threading.ThreadPoolWorkQueue.Dispatch() bij System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (10/22/2017 07:49:33 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-0GEVP4A) Description: 7.488: Kan geen gebruiker inrichten voor EDP. Foutcode: 0x80070005. Error: (10/22/2017 07:45:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: FreemakeUtilsService.exe, versie: 1.0.0.0, tijdstempel: 0x5959e92d Naam van module met fout: KERNELBASE.dll, versie: 10.0.14393.1770, tijdstempel: 0x59bf2bcf Uitzonderingscode: 0xe0434352 Foutmarge: 0x000daa12 Id van proces met fout: 0xa50 Starttijd van toepassing met fout: 0x01d34af8ec1d5a37 Pad naar toepassing met fout: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: f92cb638-44f1-488f-a90a-a48509a711b9 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (10/22/2017 07:45:12 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: FreemakeUtilsService.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.IO.FileNotFoundException bij FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs() bij FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs) bij FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs) bij System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs) bij System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object) bij System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bij System.Threading.ThreadPoolWorkQueue.Dispatch() bij System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (10/21/2017 03:19:46 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-0GEVP4A) Description: 7.488: Kan geen gebruiker inrichten voor EDP. Foutcode: 0x80070005. Error: (10/21/2017 03:17:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: FreemakeUtilsService.exe, versie: 1.0.0.0, tijdstempel: 0x5959e92d Naam van module met fout: KERNELBASE.dll, versie: 10.0.14393.1770, tijdstempel: 0x59bf2bcf Uitzonderingscode: 0xe0434352 Foutmarge: 0x000daa12 Id van proces met fout: 0xb4c Starttijd van toepassing met fout: 0x01d34a6ef57aa2c4 Pad naar toepassing met fout: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 28b1fcd1-fa9f-45e5-acaa-18f4df98c901 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (10/21/2017 03:17:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: FreemakeUtilsService.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.IO.FileNotFoundException bij FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs() bij FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs) bij FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs) bij System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs) bij System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object) bij System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bij System.Threading.ThreadPoolWorkQueue.Dispatch() bij System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (10/21/2017 03:16:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-0GEVP4A) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Systeemfouten: ============= Error: (10/23/2017 08:01:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/23/2017 07:05:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Freemake Improver-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (10/23/2017 07:05:25 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY) Description: Het DLL-meldingsbestand "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" voor wachtwoorden kan niet worden geladen door de fout 126. Controleer of het pad van het DLL-meldingsbestand dat is gedefinieerd in het register (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages), verwijst naar een juist en absoluut pad (:\\.) en niet naar een relatief of ongeldig pad. Als het pad van het DLL-bestand juist is, controleert u of eventuele ondersteunende bestanden zich in dezelfde map bevinden en of het systeemaccount over leestoegang beschikt voor zowel het pad van het DLL-bestand als eventuele ondersteunende bestanden. Neem contact op met de leverancier van het DLL-meldingsbestand voor aanvullende ondersteuning. Meer informatie vindt u op de webpagina http://go.microsoft.com/fwlink/?LinkId=245898. Error: (10/22/2017 08:28:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0GEVP4A) Description: De server Windows.Media.Capture.Internal.AppCaptureShell heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (10/22/2017 08:28:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/22/2017 07:47:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/22/2017 07:45:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Freemake Improver-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (10/22/2017 07:45:08 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY) Description: Het DLL-meldingsbestand "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" voor wachtwoorden kan niet worden geladen door de fout 126. Controleer of het pad van het DLL-meldingsbestand dat is gedefinieerd in het register (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages), verwijst naar een juist en absoluut pad (:\\.) en niet naar een relatief of ongeldig pad. Als het pad van het DLL-bestand juist is, controleert u of eventuele ondersteunende bestanden zich in dezelfde map bevinden en of het systeemaccount over leestoegang beschikt voor zowel het pad van het DLL-bestand als eventuele ondersteunende bestanden. Neem contact op met de leverancier van het DLL-meldingsbestand voor aanvullende ondersteuning. Meer informatie vindt u op de webpagina http://go.microsoft.com/fwlink/?LinkId=245898. Error: (10/21/2017 10:40:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0GEVP4A) Description: De server Windows.Media.Capture.Internal.AppCaptureShell heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (10/21/2017 10:40:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2017-10-20 11:50:05.377 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\$WINDOWS.~BT\NewOS\Windows\WinSxS\amd64_microsoft-windows-s..ty-aadcloudapplugin_31bf3856ad364e35_10.0.14393.1715_none_982d10b96595b60d\aadcloudap.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-20 11:50:05.361 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\$WINDOWS.~BT\NewOS\Windows\WinSxS\amd64_microsoft-windows-s..ty-aadcloudapplugin_31bf3856ad364e35_10.0.14393.1715_none_982d10b96595b60d\aadcloudap.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-20 11:50:05.355 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\$WINDOWS.~BT\NewOS\Windows\WinSxS\amd64_microsoft-windows-s..ty-aadcloudapplugin_31bf3856ad364e35_10.0.14393.1715_none_982d10b96595b60d\aadcloudap.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz Percentage geheugen in gebruik: 59% Totaal fysiek RAM-geheugen: 8107.52 MB Beschikbaar fysiek RAM-geheugen: 3301.06 MB Totaal Virtueel geheugen: 9387.52 MB Beschikbaar Virtual geheugen: 3253.04 MB ==================== Schijven ================================ Drive c: (Boot) (Fixed) (Total:117.64 GB) (Free:54.39 GB) NTFS Drive d: (Wilfried) (Fixed) (Total:1803 GB) (Free:1766.22 GB) NTFS Drive e: (Recover) (Fixed) (Total:60.02 GB) (Free:31.82 GB) NTFS Drive f: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF Drive h: () (Removable) (Total:1.96 GB) (Free:0.05 GB) FAT Drive k: (My Book) (Fixed) (Total:2794.49 GB) (Free:1754.35 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: 8F00F597) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 2. ======================================================== Disk: 5 (Size: 2 GB) (Disk ID: 444768B6) Partition 1: (Not Active) - (Size=2 GB) - (Type=06) ==================== Eind van Addition.txt ============================