Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 02.08.2018 Gestart door BertH (13-08-2018 22:45:04) Gestart vanaf C:\Users\BertH\Desktop\FARBAR RST Windows 8.1 (Update) (X64) (2015-01-25 13:57:00) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2911540654-2082715937-415091947-500 - Administrator - Disabled) BertH (S-1-5-21-2911540654-2082715937-415091947-1001 - Administrator - Enabled) => C:\Users\BertH Gast (S-1-5-21-2911540654-2082715937-415091947-501 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated) Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{69ECE411-BF4A-2984-AFD5-8EEB829C5B2C}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.10.4.1 - AppEx Networks) ANT Drivers Installer x64 (HKLM\...\{3DE56A70-06BA-4863-8FBB-45D041AF0C7A}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.227 - Broadcom Corporation) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Cut the Rope (HKLM-x32\...\WTA-3b1cc525-5645-4ed4-a50e-963d6da42aac) (Version: 3.0.2.38 - WildTangent) Hidden CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3920.05 - CyberLink Corp.) Dropbox (HKLM-x32\...\Dropbox) (Version: 54.4.90 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.5700 - DTS, Inc.) Elevated Installer (HKLM-x32\...\{B7768089-44E1-4B51-9213-737959C689E5}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden Enchanted Cavern 2 (HKLM-x32\...\WTA-c1612d4a-c435-4cae-8a97-e428df247d87) (Version: 2.2.0.110 - WildTangent) Hidden Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH) Garmin Express (HKLM-x32\...\{178D3388-656C-4326-BFFF-3607481CA5BB}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{aa902576-9ab8-4371-98d1-efde885f775b}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Garmin Express Tray (HKLM-x32\...\{C6C8A534-050C-40E9-92FC-4D06A8A487C8}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) Magic Academy (HKLM-x32\...\WTA-0c668ef2-a15d-45db-bb87-4492cf7aa8fc) (Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes versie 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.9126.2259 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2911540654-2082715937-415091947-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 61.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 61.0.2 (x64 nl)) (Version: 61.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.2.6793 - Mozilla) My Kingdom for the Princess 3 (HKLM-x32\...\WTA-1098913b-47f5-47c5-ae08-921eb7753ea4) (Version: 2.2.0.110 - WildTangent) Hidden NavDesk 7.50 (HKLM-x32\...\{AB756389-9A03-44f3-ABAF-3699C01B4868}-Navman-7.50) (Version: 7.50.0112.135 - Navman Technology NZ Limited) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.9126.2259 - Microsoft Corporation) Hidden Peggle Nights (HKLM-x32\...\WTA-124c497e-7c63-4570-8be4-83d1d74cd6fd) (Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-3c4cb72c-70dc-4b0e-9ce8-a4fa74224011) (Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (HKLM-x32\...\WTA-a2490c91-f066-4167-b955-ca0df754fb41) (Version: 2.2.0.97 - WildTangent) Hidden PSP Application (HKLM\...\{8DB698FB-2E57-A223-0169-911CA8736440}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden RAW Image Viewer (HKLM-x32\...\{3C867AA0-22EC-4B27-8C60-A354AA37D68C}_is1) (Version: - IdeaMK) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29077 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7173 - Realtek Semiconductor Corp.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.2 - Synaptics Incorporated) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.95388 - TeamViewer) TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation) TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.02.6402 - Toshiba Corporation) TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.5.0.6404 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation) TOSHIBA Password Utility (HKLM-x32\...\{2DB90351-FBAA-472B-9F12-6E1EBBB354DE}) (Version: v2.1.0.22 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.01.6400 - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation) TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.1 - Toshiba Europe GmbH) Virtual Villagers 5 - New Believers (HKLM-x32\...\WTA-7d837e0c-85e5-48f5-b8d4-041d2120531d) (Version: 3.0.2.32 - WildTangent) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Youda Jewel Shop (HKLM-x32\...\WTA-41d3ee2a-55e2-442c-b890-16e94ab3f971) (Version: 3.0.2.32 - WildTangent) Hidden ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2911540654-2082715937-415091947-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\BertH\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-02-14] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-31] (Dropbox, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2014-04-20] (IvoSoft) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {004E5B4E-DA49-437E-8488-5166AAF85728} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"] Task: {045969EA-AACF-4780-A661-EC66E72FB23C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-07-20] (Microsoft Corporation) Task: {103CB12A-A366-469D-8675-5F29E5F87316} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-20] (Microsoft Corporation) Task: {1176C40A-6F8A-4988-86F7-3656AF0B6709} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-10] (Adobe Systems Incorporated) Task: {1F940ABE-AF22-4220-B711-9D13A2A20F98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation) Task: {22D2EBAE-81C6-4E7B-95EE-E7A762B52139} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-07-20] (Microsoft Corporation) Task: {23450E95-A8A8-4BAA-9C4F-1950C21B2139} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA Corporation) Task: {266DCCA7-F4C6-4D9F-8A7B-791E0DB8364A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-07-20] (Microsoft Corporation) Task: {35454AEE-5490-4268-B09D-B9BD411D4F5C} - System32\Tasks\GarminUpdaterTask => C:\Users\BertH\Desktop\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-03-27] () Task: {3A345561-D6FD-442E-91A6-B33C3A46F861} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-10] (Adobe Systems Incorporated) Task: {435EA372-719D-43A3-806E-E38BDD568DD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation) Task: {5F3FF689-529E-4F62-A777-75E172177B45} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.) Task: {5FDF923C-7A4B-40F4-A76D-90B7E3E7C8AC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation) Task: {74B336C7-D40E-46C0-AB69-622657FF6D84} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-07-20] (Microsoft Corporation) Task: {887F03DA-A1F3-458A-8C7C-F6D21B6BFD50} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-25] (Synaptics Incorporated) Task: {95165284-61E0-4762-ABCD-851C470B18E6} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-12-24] (Toshiba Europe GmbH) Task: {A29050E8-F2F6-4E06-BBA7-A7CB9F21F19D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-30] (Microsoft Corporation) Task: {A47B2CC6-CCC1-48F3-80B1-A82831C656F4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.) Task: {A941896D-A7DE-4122-B188-4C74DECBABC1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate Task: {A941896D-A7DE-4122-B188-4C74DECBABC1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate Task: {AA3277D8-F0FA-40D9-9101-A9115A4BB045} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd) Task: {CC459829-69DA-4402-8425-34B135CB6B96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated) Task: {CE5B88AA-6E5D-4A4B-ACA2-E18FADCC560A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation) Task: {D6DCF1EB-4A28-40E8-9C89-EEB855E589F2} - System32\Tasks\RunSpeccy => C:\Users\BertH\Desktop\spsetup128\Speccy64.exe Task: {DE4F04D0-E134-4161-AB67-CC17BFF5BE57} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy Task: {DE4F04D0-E134-4161-AB67-CC17BFF5BE57} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun Task: {FEA0D6F9-90E9-4083-9C0B-D837B92F7235} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\BertH\Desktop\'BACK-UP' Externe HDD\software WesternDigital\Extras\Adobe Reader Download.lnk -> hxxp://get.adobe.com/reader ==================== Geladen Modules (gefilterd) ============== 2015-02-14 23:44 - 2015-02-14 23:44 - 000140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe 2014-02-24 23:11 - 2014-02-24 23:11 - 000021328 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2012-07-19 03:38 - 2012-07-19 03:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll 2018-07-27 10:45 - 2018-07-27 10:45 - 001459712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.UI\ea494708300f305a0bfdb9484f99e357\Windows.UI.ni.dll 2018-07-27 10:45 - 2018-07-27 10:45 - 000521216 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Data\f68d203e69c1916668d932e1718f7b08\Windows.Data.ni.dll 2018-07-27 10:45 - 2018-07-27 10:45 - 000363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\4a24a44fb848c2d1ab8bb1f5a14b2cb5\Windows.Foundation.ni.dll 2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () C:\Users\BertH\Desktop\Garmin\Device Interaction Service\GpsImgWrapper.dll 2018-03-27 16:08 - 2018-03-27 16:08 - 000073216 _____ () C:\Users\BertH\Desktop\Garmin\Device Interaction Service\FixBootSector.dll 2018-08-03 13:00 - 2018-07-31 03:25 - 001108672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-08-03 13:00 - 2018-07-31 03:25 - 002247872 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2018-08-03 13:00 - 2018-07-31 03:28 - 000021704 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000022752 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000135840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 001881816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000023768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000111760 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll 2018-08-03 13:00 - 2018-07-31 03:25 - 000103576 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000069320 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000080064 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000400016 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll 2018-08-03 13:00 - 2018-07-31 03:25 - 000024728 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000043680 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000021656 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000125080 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000114848 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000392392 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000030432 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000024736 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000175768 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000024728 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000026264 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000048800 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000058016 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000024784 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000022728 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000026336 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000070360 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000025296 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000029904 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 003866304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000089272 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 001800896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 001960640 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000028824 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000155856 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000521920 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000051400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000043720 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000131264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000220872 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000205512 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000061080 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000056536 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000024224 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000025304 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000023776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000022752 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000023768 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000028392 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000348312 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000102088 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:28 - 000024800 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000026840 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:25 - 000036496 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-08-03 13:00 - 2018-07-31 03:28 - 000023776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000181432 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-08-03 13:00 - 2018-07-31 03:28 - 000031952 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:26 - 000024752 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-08-03 13:00 - 2018-07-31 03:26 - 001638576 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2018-08-03 13:00 - 2018-07-31 03:28 - 000027352 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000547008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd 2018-08-03 13:00 - 2018-07-31 03:27 - 000360128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2911540654-2082715937-415091947-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\Services: GamesAppIntegrationService => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 HKU\S-1-5-21-2911540654-2082715937-415091947-1001\...\StartupApproved\StartupFolder: => "Verzenden naar OneNote.lnk" HKU\S-1-5-21-2911540654-2082715937-415091947-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2911540654-2082715937-415091947-1001\...\StartupApproved\Run: => "GarminExpressTrayApp" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{38115C0F-C0E1-40B3-AAF6-82D7E3B01987}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{B6213250-ADE8-4D03-A8FC-74120A4B7007}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{473751F5-7EEB-4CBE-9FEB-E3271391C18A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{0C34103E-371F-429D-880A-94CB12B28C38}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{AB944695-95F7-4FCA-B095-3F243134E3ED}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe FirewallRules: [{7AF15D3B-39DC-414A-9C28-88B0626007F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1ADF533C-B23F-41E0-8142-A3A6459167AE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{29B62C2C-26E0-4946-A4FF-8356839D1017}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{333D3DAC-6097-42B0-84BF-050408D9F06C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{C9177AF3-A983-46DA-89F7-B88BFE9AD7DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{15A1C6FB-9B3F-4E0B-B74D-D8DF4682D504}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6C63DFFB-6402-453D-BD7E-B483FB7DB450}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{B37AC5AE-56EF-4A16-AF5F-2D3928F47CAA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{E034E31E-CBEF-41B2-BC47-5D032672350F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{5B25A122-04A2-4520-88FC-B1578315715F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{C7B14B77-7278-44A6-8B19-A8DEBD7CADF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{E185E3D5-C0D2-4182-ADA5-851E7F4C37ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7D671846-8EE6-4B1C-968E-F6F79E2469CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{35A50257-22FD-4EAA-8EB5-3A3D906A81B7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{0EC59D11-59E6-402B-95F8-F9968023C64F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{B6334D69-75E7-44EB-A84D-4F6BC5102F61}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Herstelpunten ========================= 21-07-2018 15:17:44 Gepland controlepunt 13-08-2018 12:39:56 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (08/13/2018 11:34:16 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (08/12/2018 12:51:10 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (08/11/2018 10:59:43 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (08/11/2018 10:49:36 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: ) Description: Er is een onherstelbare fout (0x8898008d) opgetreden Error: (08/10/2018 01:26:33 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (08/09/2018 03:52:02 PM) (Source: ATIeRecord) (EventID: 16391) (User: ) Description: ATI EEU maximum number of session has been surpassed Error: (08/09/2018 03:51:49 PM) (Source: ATIeRecord) (EventID: 16391) (User: ) Description: ATI EEU maximum number of session has been surpassed Error: (08/09/2018 02:53:00 PM) (Source: ATIeRecord) (EventID: 16391) (User: ) Description: ATI EEU maximum number of session has been surpassed Systeemfouten: ============= Error: (08/13/2018 12:26:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/13/2018 12:15:25 PM) (Source: DCOM) (EventID: 10010) (User: Bert) Description: De server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (08/12/2018 06:22:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/12/2018 01:01:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/11/2018 10:05:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/11/2018 09:55:02 PM) (Source: DCOM) (EventID: 10010) (User: Bert) Description: De server {1B1F472E-3221-4826-97DB-2C2324D389AE} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (08/11/2018 09:42:37 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 13:03:27 op ‎11/‎08/‎2018 is onverwacht gebeurd. Error: (08/11/2018 01:03:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Windows Defender: =================================== Date: 2018-08-09 20:18:54.036 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {B31EE9DF-B287-4472-BFF1-2D2D4AD96DC9} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: Bert\BertH Date: 2018-08-08 15:21:33.135 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {9CE66470-3C6D-41B9-9845-D58F78817484} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2018-08-07 17:25:02.272 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {A6718D61-01F6-405E-B673-AAFF64784F69} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2018-08-03 15:10:41.350 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {C9A208D3-2E95-4CFF-B354-BB66D66BA774} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2018-07-24 12:00:58.587 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {FC835CAF-07FB-4456-A21E-2CDA260D1D96} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2017-09-27 11:28:43.385 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.251.1500.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiSpyware Type update: Volledig Gebruiker: Bert\BertH Huidige engineversie: Vorige engineversie: 1.1.14104.0 Foutcode: 0x80072ee2 Foutbeschrijving: Er heeft een time-out van de bewerking plaatsgevonden. Date: 2017-09-27 11:28:43.385 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.251.1500.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiVirus Type update: Volledig Gebruiker: Bert\BertH Huidige engineversie: Vorige engineversie: 1.1.14104.0 Foutcode: 0x80072ee2 Foutbeschrijving: Er heeft een time-out van de bewerking plaatsgevonden. Date: 2017-05-09 21:39:27.657 Description: Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Systeem voor netwerkinspectie Foutcode: 0x8007045b Foutbeschrijving: Systeem wordt afgesloten. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. Date: 2017-05-09 21:39:27.657 Description: Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Gedragscontrole Foutcode: 0x8007045b Foutbeschrijving: Systeem wordt afgesloten. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. Date: 2017-05-09 21:39:27.657 Description: Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Bij toegang Foutcode: 0x8007045b Foutbeschrijving: Systeem wordt afgesloten. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. ==================== Geheugen info =========================== Processor: AMD A6-6310 APU with AMD Radeon R4 Graphics Percentage geheugen in gebruik: 67% Totaal fysiek RAM-geheugen: 3545.23 MB Beschikbaar fysiek RAM-geheugen: 1145.77 MB Totaal Virtueel geheugen: 7385.23 MB Beschikbaar Virtueel geheugen: 4314.68 MB ==================== Schijven ================================ Drive c: (TI31334200A) (Fixed) (Total:453.67 GB) (Free:74.36 GB) NTFS \\?\Volume{87d1015c-e08b-11e3-ad40-d45e15489baf}\ (System) (Fixed) (Total:1 GB) (Free:0.52 GB) NTFS \\?\Volume{385cf02b-f813-11e3-a73e-008cfa82e981}\ (Recovery) (Fixed) (Total:10.87 GB) (Free:0.97 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== Eind van Addition.txt ============================