Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 26-10-2017 Gestart door Honingmier (26-10-2017 15:08:53) Gestart vanaf D:\Downloads\Programma's Windows 7 Ultimate Service Pack 1 (X64) (2017-10-24 19:47:31) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-644486561-2935807977-1954826611-500 - Administrator - Disabled) Gast (S-1-5-21-644486561-2935807977-1954826611-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-644486561-2935807977-1954826611-1002 - Limited - Enabled) Honingmier (S-1-5-21-644486561-2935807977-1954826611-1000 - Administrator - Enabled) => C:\Users\Honingmier ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 64 Bit HP CIO Components Installer (HKLM\...\{BE930E38-7BB3-45B6-85B2-5251F374F844}) (Version: 6.2.2 - Hewlett-Packard) Hidden Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden Avira (HKLM-x32\...\{79C4A62C-8CC2-44AC-91FE-1299A215B4B7}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{f5da837f-e932-4f55-995c-7e97c5cbebdd}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG) Avira Safe Shopping (HKLM-x32\...\{8E42DF0E-944D-42FD-920E-4D12AC17F7C1}) (Version: 1.0.30.1406 - Avira Operations Gmbh & Co. KG) Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.2.1.6365 - Avira Operations GmbH & Co. KG) AxCrypt 1.7.2687.0 (HKLM\...\{F2D34ABB-6834-4372-8199-870FCF59EFAB}) (Version: 1.7.2687.0 - Axantum Software AB) Belgium e-ID middleware 4.0.5 (build 7363) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207363}) (Version: 4.0.7363 - Belgian Government) Belgium e-ID middleware 4.2.8 (build 3252) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73252}) (Version: 4.2.3252 - Belgian Government) Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation) Bing Bar Platform (HKLM-x32\...\{4F7177E9-2B54-48B4-AAFD-03FA1F87A542}) (Version: 5.0.1449.0 - Microsoft Corporation) Hidden BitTorrent (HKU\S-1-5-21-644486561-2935807977-1954826611-1000\...\BitTorrent) (Version: 7.10.0.44091 - BitTorrent Inc.) bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP) CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.1 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.572 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{3B4AE1A9-C026-4D08-8004-DA9A85A411A4}) (Version: 17.1.572 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - EN (x64) (HKLM\...\{3BB8EB77-737B-4B32-BAB9-08C7110C46BD}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Image Resizer for Windows (64 bit) (HKLM\...\{617CA6E9-D5FB-4017-8130-82E68C56C34D}) (Version: 3.0.4802.35565 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.7 - Intel) Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Microsoft .NET Framework 4.6.2 (HKLM\...\{63DF5C4B-E3BF-3346-A033-C57B22F44C9E}) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.1.250.0 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Mozilla Firefox 56.0.1 (x64 nl) (HKLM\...\Mozilla Firefox 56.0.1 (x64 nl)) (Version: 56.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla) NVIDIA 3D Vision stuurprogramma 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 5.18.2.0 - PureVPN) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden SoulseekQt versie 2017.2.20 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2017.2.20 - Soulseek LLC) Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) (HKLM\...\3FE3642036A0F4AEC17772437CE14BB1E67006AA) (Version: 10/04/2011 4.0.0.5 - Fedict) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Web Companion (HKLM-x32\...\{1f2d2d39-f6cb-47e7-ad99-dc15772dfd45}) (Version: 3.2.1725.3256 - Lavasoft) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\AxCryptShellExt.dll [2011-09-23] (Axantum Software AB) ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2013-02-23] (Brice Lambson) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-05] (Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\AxCryptShellExt.dll [2011-09-23] (Axantum Software AB) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-05] (Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] () ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] () ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {29B7D894-7801-46EC-89F2-1A3DA6C068CF} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-10-05] (Avira Operations GmbH & Co. KG) Task: {406433F8-9E8A-4DE1-ACE7-21DB8ADB69E7} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe Task: {4C10C31F-80F1-417D-9767-A279E19EE7FD} - System32\Tasks\Avira Safe Shopping Updater => C:\Program Files (x86)\Avira\Safe Shopping\\Updater\Updater.exe [2017-09-25] (Avira Operations Gmbh & Co. KG) Task: {7CA12AAA-836C-4684-A6A3-2CAFB72D5207} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-10-25] (Avira Operations GmbH & Co. KG ) Task: {7D06372D-A12A-46A8-823D-76BAC4DA46D8} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [2017-09-15] (Microsoft) Task: {8FD2888A-C137-4E8E-8955-C63AC848569B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2017-09-15] (Microsoft Corporation) Task: {9EB58BD9-1163-4E6D-BDF1-D92F978A15E9} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-10-05] (Avira Operations GmbH & Co. KG) Task: {B255992C-43D8-4DC7-AA1A-66D5FE393384} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2017-09-15] (Microsoft Corporation) Task: {BDE5350B-F940-4960-B4DA-FE377EED71E7} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-10-05] (Avira Operations GmbH & Co. KG) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2017-10-25 13:05 - 2017-07-06 04:04 - 004845832 _____ () C:\Program Files (x86)\PureVPN\vpnclient.exe 2017-10-25 12:23 - 2017-10-25 12:23 - 000025704 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe 2017-10-25 12:23 - 2017-10-25 12:23 - 000017000 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll 2017-10-25 12:23 - 2017-10-25 12:23 - 000036456 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll 2017-10-25 18:37 - 2011-03-02 12:40 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll 2017-10-25 13:05 - 2017-07-21 08:52 - 003296008 _____ () C:\Program Files (x86)\PureVPN\purevpn.exe 2017-10-26 10:02 - 2011-01-24 19:46 - 002435072 _____ () D:\Downloads\Fixes & Help\WinMTR-v092 Internet diagnostic tool\WinMTR-v092\WinMTR_x64\WinMTR.exe 2017-10-25 12:23 - 2017-10-25 12:23 - 000109160 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll 2017-10-25 12:23 - 2017-10-25 12:23 - 000110696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll 2017-10-25 12:23 - 2017-10-25 12:23 - 000058984 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll 2017-10-25 12:23 - 2017-10-25 12:23 - 000312424 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll 2017-10-25 12:23 - 2017-10-25 12:23 - 000084072 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll 2017-10-25 12:23 - 2017-10-25 12:23 - 000057448 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll ==================== Alternate Data Streams (gefilterd) ========= ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-644486561-2935807977-1954826611-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-644486561-2935807977-1954826611-1000\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-644486561-2935807977-1954826611-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Honingmier\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 212.224.255.252 - 212.224.255.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{01A10E08-BAE6-40F8-A7EE-1B0A9EF52076}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4C3D0AF8-1073-4C3B-8B0F-3945F2C6D0CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6A10EA6B-DD37-44AC-8A26-9802B8973779}] => (Allow) C:\Users\Honingmier\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{61131213-5787-437F-BD55-3477DB5828F0}] => (Allow) C:\Users\Honingmier\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{C3659087-C495-4149-8EAD-D79494712C95}] => (Allow) C:\Program Files (x86)\PureVPN\vpnclient.exe FirewallRules: [{19EF29BE-13D3-4279-8D4E-F036CBD6543F}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{848EDDE0-C620-4D8B-B21F-04A54D2C1DAA}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [{AE408C2C-EF83-4B45-AC60-39C47A73644C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{B2F39E98-6863-4D53-852B-2F0484AAF849}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{3E19A333-8A1C-4616-8D3F-16AF1361099F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{327929FD-9407-46D8-948B-6E05E7F8E242}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{A4873C02-0A68-4544-AC8F-82EFADB4EBE9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{57E03AA0-59B5-41D2-A204-20186E7970A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{3366D3DD-B84A-4AB6-AAF5-6F428E449F17}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{2EE50AB9-CA50-4324-ADE0-2F8C57463364}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{3D4CCFD3-1329-4F5A-824B-645C855A6B08}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{CCD33A72-EE2B-44BC-B6F3-C0C0DECC63D4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{5AABCCBF-D462-456C-B64B-903BB5281762}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{D10AD8F3-9365-4437-A772-CD0315681F67}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{6CE5B9A3-A85F-4714-ADD7-3652ED729F32}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{323858F8-FA5B-4D99-A4A1-D154E72455DC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{1B8FA0EE-981B-4C9E-9714-C1364C93B498}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{1A3C7DA1-FED4-44A1-A0DA-5A4927329879}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{1826F64B-473C-4988-B04A-8930D08B04F7}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{B0D5EC52-005D-4D20-82ED-1759CE9B75FB}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [TCP Query User{20BA5832-1C1E-423E-A4D1-05C11D45C72D}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [UDP Query User{D450D523-888B-4F9D-913D-3723D62205B9}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [{A451C565-7EA2-4EAE-988B-4A9A93BC73DF}] => (Block) C:\program files (x86)\soulseekqt\soulseekqt.exe FirewallRules: [{9F374F75-79D4-4908-ADA9-462CD158DAE7}] => (Block) C:\program files (x86)\soulseekqt\soulseekqt.exe ==================== Herstelpunten ========================= 25-10-2017 13:36:57 Installed AxCrypt 1.7.2687.0 25-10-2017 13:47:56 Microsoft Visual Studio Tools for Applications 2012 25-10-2017 15:00:42 Image Resizer for Windows 25-10-2017 15:08:15 DCInstallRestorePoint 25-10-2017 15:34:05 +printer +keyboard +background +VPN +Avira 25-10-2017 16:00:22 Removed MPM 25-10-2017 16:06:04 zonder HP Printer 8500 +Coreldraw X7 25-10-2017 17:54:47 Installatie van apparaatstuurprogramma: Fedict Smartcards 25-10-2017 18:34:17 +Eid +CDBurner +geluid check 26-10-2017 07:50:33 Windows Update 26-10-2017 13:42:13 Installatie van apparaatstuurprogramma: Fedict Smartcards ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (10/26/2017 01:16:29 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (10/26/2017 07:39:34 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (10/26/2017 04:48:13 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll' op regel 2. Ongeldige XML-syntaxis. Error: (10/26/2017 04:48:13 AM) (Source: SideBySide) (EventID: 59) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll' op regel 2. Ongeldige XML-syntaxis. Error: (10/25/2017 05:36:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (10/25/2017 04:05:05 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (10/25/2017 04:04:19 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Kan het prestatieobject voor dee Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode. Error: (10/25/2017 03:12:32 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (10/25/2017 03:11:51 PM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Kan geen prestatiegegevens voor de Server-service lezen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode. De tweede vier bytes bevatten de IOSB.Status en de volgende vier bytes bevatten de IOSB-Information. Error: (10/25/2017 02:30:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Systeemfouten: ============= Error: (10/26/2017 01:47:08 PM) (Source: WudfUsbccidDriver) (EventID: 6) (User: NT AUTHORITY) Description: Event-ID 6 Error: (10/26/2017 01:47:08 PM) (Source: SCardSvr) (EventID: 610) (User: ) Description: De smartcardlezer Generic Smart Card Reader Interface 0 heeft IOCTL 0x313520 geweigerd: Onjuiste functie.. Als deze fout aanhoudt, werkt uw smartcard of lezer mogelijk niet naar behoren. Header van opdracht: XX XX XX XX Error: (10/26/2017 01:47:07 PM) (Source: WudfUsbccidDriver) (EventID: 6) (User: NT AUTHORITY) Description: Event-ID 6 Error: (10/26/2017 01:47:07 PM) (Source: WudfUsbccidDriver) (EventID: 6) (User: NT AUTHORITY) Description: Event-ID 6 Error: (10/26/2017 01:47:07 PM) (Source: SCardSvr) (EventID: 610) (User: ) Description: De smartcardlezer Generic Smart Card Reader Interface 0 heeft IOCTL 0x313520 geweigerd: Onjuiste functie.. Als deze fout aanhoudt, werkt uw smartcard of lezer mogelijk niet naar behoren. Header van opdracht: XX XX XX XX Error: (10/26/2017 01:47:07 PM) (Source: SCardSvr) (EventID: 610) (User: ) Description: De smartcardlezer Generic Smart Card Reader Interface 0 heeft IOCTL 0x313520 geweigerd: Onjuiste functie.. Als deze fout aanhoudt, werkt uw smartcard of lezer mogelijk niet naar behoren. Header van opdracht: XX XX XX XX Error: (10/26/2017 01:47:05 PM) (Source: WudfUsbccidDriver) (EventID: 6) (User: NT AUTHORITY) Description: Event-ID 6 Error: (10/26/2017 01:47:05 PM) (Source: SCardSvr) (EventID: 610) (User: ) Description: De smartcardlezer Generic Smart Card Reader Interface 0 heeft IOCTL 0x313520 geweigerd: Onjuiste functie.. Als deze fout aanhoudt, werkt uw smartcard of lezer mogelijk niet naar behoren. Header van opdracht: XX XX XX XX Error: (10/26/2017 01:47:03 PM) (Source: WudfUsbccidDriver) (EventID: 6) (User: NT AUTHORITY) Description: Event-ID 6 Error: (10/26/2017 01:47:02 PM) (Source: WudfUsbccidDriver) (EventID: 6) (User: NT AUTHORITY) Description: Event-ID 6 ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz Percentage geheugen in gebruik: 31% Totaal fysiek RAM-geheugen: 8169.45 MB Beschikbaar fysiek RAM-geheugen: 5618.13 MB Totaal Virtueel geheugen: 16337.09 MB Beschikbaar Virtual geheugen: 12859.77 MB ==================== Schijven ================================ Drive c: (Windows 7) (Fixed) (Total:108.89 GB) (Free:53.74 GB) NTFS Drive d: (Hard Disc) (Fixed) (Total:822.14 GB) (Free:192.32 GB) NTFS Drive i: (HD errors 1TB) (Fixed) (Total:931.51 GB) (Free:68.06 GB) NTFS Drive j: (Seagate Movies 3TB) (Fixed) (Total:2794.51 GB) (Free:278.23 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 053F936A) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=108.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=822.1 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 1. ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0025FE5E) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================