Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 01.01.2018 Gestart door Gebruiker (01-01-2018 22:37:51) Gestart vanaf C:\Users\Gebruiker\Desktop Windows 10 Home Versie 1703 15063.786 (X64) (2017-08-23 19:33:10) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-458893496-2124949986-195690109-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-458893496-2124949986-195690109-503 - Limited - Disabled) Gast (S-1-5-21-458893496-2124949986-195690109-501 - Limited - Disabled) Gebruiker (S-1-5-21-458893496-2124949986-195690109-1001 - Administrator - Enabled) => C:\Users\Gebruiker ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371} AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-458893496-2124949986-195690109-1001\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) ANIWZCS2 Service (HKLM-x32\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - ) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.25.1378 - Bitdefender) Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 22.0.1.1 - Bitdefender) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data) (Version: - ) Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data (HKLM-x32\...\Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data) (Version: - ) Canon Easy-PhotoPrint Pro (HKLM-x32\...\Easy-PhotoPrint Pro) (Version: - ) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - ) Canon MG6100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6100_series) (Version: - ) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform) CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - ) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd) D-Link Wireless G DWL-G122_DWA-110 (HKLM-x32\...\{5F753314-628E-4C13-B8AE-BFA7FD514CBE}) (Version: - D-Link) Gebruikersregistratie voor Canon MG6100 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG6100 series) (Version: - ) GiliSoft Youtube Video Downloader (HKLM-x32\...\{F7F87D0F-81E6-D85A-FE3C-5C2ADCA92479}_is1) (Version: 1.0.0 - GiliSoft International LLC.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-458893496-2124949986-195690109-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) NVIDIA 3D Vision controllerstuurprogramma 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation) NVIDIA GeForce Experience 3.0.5.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.5.22 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.0.5.22 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.0.0.0 - NVIDIA Corporation) Hidden SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0310 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.0.5.22 - NVIDIA Corporation) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {07E7580A-62DB-49D0-94FF-52ECEEDDDB9C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-02] (NVIDIA Corporation) Task: {30844CF3-FFD3-4C93-A617-D19F53A25E21} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-02] (NVIDIA Corporation) Task: {358A5A5E-35CB-442F-BACB-D277003423EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20] (Google Inc.) Task: {3D698A14-1093-449E-8899-78854E85E2A9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-02] (NVIDIA Corporation) Task: {492A8474-B619-478B-9607-66DF1A587535} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-12-16] (Bitdefender) Task: {6D2B11EF-C5FD-439C-A2E5-C0C88C2354CB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.) Task: {71F0D7EF-EE7A-4750-B13A-D16490DEAAE8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated) Task: {79D8E71C-B455-4E92-8D61-3E90B3EEA67A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.) Task: {7C4FE04A-343E-4297-9AB4-0261D08F8E06} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd) Task: {8DE1B137-D330-42E0-9745-CA56AE1C3EE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20] (Google Inc.) Task: {C00310AD-92DB-4E2D-86C6-84D06F7A8BA5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-02] (NVIDIA Corporation) Task: {E6688332-5099-4611-B451-B85ECC3C4E83} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender) Task: {E90D3AB8-959D-44F2-8AEB-684123CF8CB3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-02] (NVIDIA Corporation) Task: {EAB1D435-1A03-49BF-BFFD-FF5A62ABC363} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Gebruiker\Desktop\Burn Video to DVD.lnk -> C:\Program Files (x86)\GiliSoft\Youtube Video Downloader\downloadapp.exe () -> hxxp://download.gilisoft.com/gs/movie-dvd-creator.exe "Movie DVD Creator" "GiliSoft.com" ShortcutWithArgument: C:\Users\Gebruiker\Desktop\Convert Video.lnk -> C:\Program Files (x86)\GiliSoft\Youtube Video Downloader\downloadapp.exe () -> hxxp://download.gilisoft.com/gs/video-converter.exe "Video Converter" "GiliSoft.com" ShortcutWithArgument: C:\Users\Gebruiker\Desktop\Edit Video.lnk -> C:\Program Files (x86)\GiliSoft\Youtube Video Downloader\downloadapp.exe () -> hxxp://download.gilisoft.com/gs/video-editor.exe "Video Editor" "GiliSoft.com" ==================== Geladen Modules (gefilterd) ============== 2017-05-15 18:52 - 2017-02-07 11:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpbr.mdl 2017-05-15 18:52 - 2017-02-07 11:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpdsp.mdl 2017-05-15 18:52 - 2017-02-07 11:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttpph.mdl 2017-05-15 18:52 - 2017-02-07 11:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_001_001\ashttprbl.mdl 2016-09-20 17:49 - 2009-07-07 19:10 - 000151552 _____ () C:\WINDOWS\SysWOW64\ANIWConnService.exe 2016-09-16 17:34 - 2016-09-02 12:13 - 004488640 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-09-16 17:34 - 2016-09-02 12:13 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-09-16 17:35 - 2016-09-02 12:13 - 000418240 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll 2017-01-30 21:20 - 2010-04-05 11:55 - 000116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2010-01-09 20:17 - 2010-01-09 20:17 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 01:40 - 2010-01-21 01:40 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 21:59 - 2017-03-20 04:56 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-12-12 00:17 - 2017-12-12 00:18 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-12-12 00:17 - 2017-12-12 00:18 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-12-12 00:17 - 2017-12-12 00:18 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-12-12 00:17 - 2017-12-12 00:18 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll 2017-12-14 20:25 - 2017-12-14 20:26 - 035244544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17086.24711.0_x64__8wekyb3d8bbwe\Music.UI.exe 2017-12-14 20:25 - 2017-12-14 20:26 - 009220608 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17086.24711.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-08-23 02:24 - 2017-08-23 02:25 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17086.24711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2017-09-26 04:25 - 2017-09-26 04:25 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17086.24711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-12-14 20:25 - 2017-12-14 20:26 - 013224960 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17086.24711.0_x64__8wekyb3d8bbwe\Music.Visuals.dll 2018-01-01 21:28 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2018-01-01 21:28 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2018-01-01 21:28 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2018-01-01 21:28 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2016-09-16 17:34 - 2016-09-02 12:13 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-16 17:35 - 2016-09-02 12:00 - 000500672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-09-16 17:34 - 2016-09-02 12:00 - 000254400 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-09-16 17:34 - 2016-09-02 12:00 - 002801208 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-09-16 17:34 - 2016-09-02 12:00 - 000244672 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-09-16 17:34 - 2016-09-02 12:00 - 000428480 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-09-16 17:34 - 2016-09-02 12:00 - 000338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-09-16 17:34 - 2016-09-02 12:00 - 000375352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2017-12-08 21:38 - 2017-12-08 21:38 - 000102088 _____ () C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll 2016-09-20 17:49 - 2009-06-01 13:23 - 000315392 _____ () C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIOApi.dll 2016-09-20 17:49 - 2009-06-01 13:23 - 000315392 _____ () C:\Program Files (x86)\D-Link\DWL-G122_DWA-110\ANIOApi.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Users\Gebruiker\Downloads\T-MSX6DEUC_2001.0.exe:BDU [0] AlternateDataStreams: C:\Users\Gebruiker\Downloads\T-VAL6DEUC_1017.0(1).exe:BDU [0] AlternateDataStreams: C:\Users\Gebruiker\Downloads\T-VAL6DEUC_1017.0.exe:BDU [0] AlternateDataStreams: C:\Users\Gebruiker\Downloads\uTorrent.exe:BDU [0] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-10-30 08:24 - 2018-01-01 22:25 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-458893496-2124949986-195690109-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{8BA0F889-B308-40BB-9565-6608841E5906}] => (Allow) C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A19FD6CB-67F9-4CB6-801A-6593FC3C8B56}] => (Allow) C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D18CD8DC-AF62-4702-B5B8-1E1561384999}] => (Allow) C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{129B9B42-24D7-4199-8FE2-0A63817C1DE7}] => (Allow) C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7BA2CF72-BAC4-499B-8D17-193811323F4C}] => (Allow) C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D0915377-3796-4BFD-B8F3-CB5144913853}] => (Allow) C:\Users\Gebruiker\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{AE8B1ADF-1261-4379-9AAC-786CCE37D245}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C1F1C75F-A951-434B-9319-E09FC65E0F3D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{A878B25B-B17B-4875-A262-9CFC3AFCA0A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{0E5C8BBC-973A-40C5-AB82-3E91D869F70B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B64DF654-4FA2-4D8F-83E5-256BD7C460E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7FD89A7D-874C-4DBC-B232-C6B9E68DB42D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{98DC2440-A2A5-4C6C-88AE-546ECD38F4A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Herstelpunten ========================= 18-12-2017 09:41:19 Gepland controlepunt 24-12-2017 01:21:53 Windows Update 27-12-2017 19:28:12 Windows Update 01-01-2018 19:32:57 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (01/01/2018 10:26:04 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (01/01/2018 10:26:04 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (01/01/2018 10:24:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AH7O79P) Description: Het activeren van de app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess is mislukt door de fout -2147467259. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (01/01/2018 10:24:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AH7O79P) Description: Het activeren van de app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess is mislukt door de fout -2147467259. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (01/01/2018 10:24:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AH7O79P) Description: Het activeren van de app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess is mislukt door de fout -2147467259. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (01/01/2018 10:24:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AH7O79P) Description: Het activeren van de app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess is mislukt door de fout -2147467259. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (01/01/2018 10:23:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: dwm.exe, versie: 10.0.15063.0, tijdstempel: 0x982d0cc7 Naam van module met fout: dwmcore.dll, versie: 10.0.15063.483, tijdstempel: 0x460f87da Uitzonderingscode: 0xc00001ad Foutmarge: 0x00000000000d467e Id van proces met fout: 0x9b0 Starttijd van toepassing met fout: 0x01d38346294d83d0 Pad naar toepassing met fout: C:\WINDOWS\system32\dwm.exe Pad naar module met fout: C:\WINDOWS\system32\dwmcore.dll Rapport-id: ad8ea96b-f7a8-488c-8c7d-8047f838ebff Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (01/01/2018 10:19:28 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (01/01/2018 10:19:28 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Canon\Solution Menu EX\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (01/01/2018 10:18:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-AH7O79P) Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Systeemfouten: ============= Error: (01/01/2018 10:25:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart: De aanvraag wordt niet ondersteund. Error: (01/01/2018 10:25:36 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 22:03:26 op ‎1-‎1-‎2018 is onverwacht gebeurd. Error: (01/01/2018 10:19:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Gebruikerservice voor Connected Devices Platform_6cf503c-service kan vanwege de volgende fout niet worden gestart: Toegang geweigerd. Error: (01/01/2018 10:19:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Push Notification-gebruikersservice_6cf503c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (01/01/2018 10:19:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Access_6cf503c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (01/01/2018 10:19:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Storage_6cf503c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (01/01/2018 10:19:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Contact Data_6cf503c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (01/01/2018 10:19:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Host synchroniseren_6cf503c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (01/01/2018 10:19:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Gebruikerservice voor Connected Devices Platform_6cf503c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 3000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (01/01/2018 10:18:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Windows Error Reporting Service-service is gestopt met de volgende foutcode: Het wisselbestand is te klein voor het voltooien van deze bewerking. . CodeIntegrity: =================================== Date: 2018-01-01 22:25:39.043 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-12-27 19:23:39.882 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-12-27 19:21:33.305 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-27 19:20:44.306 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-27 18:36:01.119 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-27 18:34:05.618 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-27 18:32:18.775 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-27 18:32:18.447 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-27 18:32:18.258 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-12-27 17:26:35.577 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz Percentage geheugen in gebruik: 79% Totaal fysiek RAM-geheugen: 2039.11 MB Beschikbaar fysiek RAM-geheugen: 413.94 MB Totaal Virtueel geheugen: 8183.11 MB Beschikbaar Virtual geheugen: 5875.76 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:231.57 GB) (Free:167.9 GB) NTFS Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:911.71 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 0D85B779) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=231.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=848 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0D8D6873) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================