Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 06.10.2018 Gestart door Henk (06-10-2018 13:19:50) Gestart vanaf C:\Users\Henk\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2014-09-21 18:58:06) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4197950391-4282120674-3398511618-500 - Administrator - Disabled) Gast (S-1-5-21-4197950391-4282120674-3398511618-501 - Limited - Disabled) Henk (S-1-5-21-4197950391-4282120674-3398511618-1000 - Administrator - Enabled) => C:\Users\Henk HomeGroupUser$ (S-1-5-21-4197950391-4282120674-3398511618-1002 - Limited - Enabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) µTorrent (HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{2B2310B1-FBC0-4933-8C73-1CBAD0D7CA28}) (Version: 1.6 - Eyeo GmbH) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated) Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.170 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.) Any Video Converter 6.1.3 (HKLM-x32\...\Any Video Converter) (Version: 6.1.3 - Anvsoft) ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS) ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS) ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0013 - ASUS) ASUS FancyStart (HKLM-x32\...\{60D6618B-153F-4353-8185-908E676E5888}) (Version: 1.0.5 - ASUSTeK Computer Inc.) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS) ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS) ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus) Asus_Camera_ScreenSaver (HKLM-x32\...\Asus_Camera_ScreenSaver) (Version: 2.0.0009 - ASUS) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.) ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK) ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS) ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS) ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS) AVG (HKLM\...\{BA40B3B4-7707-437E-84FF-8C18BE5AD9B6}) (Version: 1.211.2 - AVG Technologies) Hidden BitTorrent (HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.) BOINC (HKLM\...\{1B6BCF3D-F66A-4E81-87EF-CDB97F350897}) (Version: 7.6.33 - Space Sciences Laboratory, U.C. Berkeley) BOINC (HKLM\...\{AD6DD68E-F93B-4D15-BA53-FB2DD07C68A8}) (Version: 7.12.1 - Space Sciences Laboratory, U.C. Berkeley) calibre (HKLM-x32\...\{00F91371-9FE2-4F75-9B49-8F7D1C135214}) (Version: 3.7.0 - Kovid Goyal) calibre (HKLM-x32\...\{80B99AE8-4116-4321-877D-A7A063C6D329}) (Version: 3.27.1 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform) ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS) CrystalDiskInfo 7.0.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.3 - ASUS) FMW 1 (HKLM\...\{3F8A655C-2D4D-4BAC-8384-0E937CC137C8}) (Version: 1.225.1 - AVG Technologies) Hidden Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.0.306 - Foxit Software Inc.) Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.85.827 - Digital Wave Ltd) Glary Utilities 5.85 (HKLM-x32\...\Glary Utilities 5) (Version: 5.85.0.106 - Glarysoft Ltd) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GrabIt 1.7.3 Beta (build 1010) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes) GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean) Malwarebytes versie 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) MediaHuman Audio Converter versie 1.9.6.4 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.6.4 - MediaHuman) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden NZBGet (HKLM-x32\...\NZBGet) (Version: - Andrey Prygunkov) Opera Stable 56.0.3051.36 (HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\Opera 56.0.3051.36) (Version: 56.0.3051.36 - Opera Software) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype versie 8.30 (HKLM-x32\...\Skype_is1) (Version: 8.30 - Skype Technologies S.A.) Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) Spotnet (HKLM-x32\...\{12947715-B6F0-4597-816F-5E13FB647921}_is1) (Version: 1.9.0.5 - Spotnet) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Uw bedrijfsnaam) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) TomTom MyDrive Connect 4.1.0.2658 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom) Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.6 - Tweaking.com) Unchecky v1.1 (HKLM-x32\...\Unchecky) (Version: 1.1 - Reason Software Company Inc.) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4092457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E37AFD2E-770B-4C2B-B82F-CE405CB26945}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4092457) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E37AFD2E-770B-4C2B-B82F-CE405CB26945}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4092457) 64-Bit Edition (HKLM\...\{90150000-012B-0413-1000-0000000FF1CE}_Office15.PROPLUS_{E37AFD2E-770B-4C2B-B82F-CE405CB26945}) (Version: - Microsoft) USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - ) VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{A5F3E8C0-E949-40D0-B529-D34A4BCDA43C}) (Version: 14.0.8050.1202 - Microsoft Corporation) WinFlash (HKLM-x32\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version: - ) WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS) Wise Disk Cleaner 9.56 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 9.56 - WiseCleaner.com, Inc.) Wise Registry Cleaner 9.5.1 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.5.1 - WiseCleaner.com, Inc.) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Henk\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] () ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] () ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> [CC]{A94757A0-0226-426F-B4F1-4DF381C630D3} => -> Geen bestand ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Geen bestand ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Geen bestand ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> Geen bestand ContextMenuHandlers4: [ADSMEnDecExt] -> [CC]{8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => -> Geen bestand ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> Geen bestand ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Intel Corporation) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Geen bestand ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Geen bestand ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {08C53640-2382-4BDB-9416-799F13D1AD5C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> Geen bestand <==== AANDACHT Task: {0A9AC208-577F-4B6C-8CFF-7B96D843667B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd) Task: {11BE83D3-8CCC-419F-A3E9-41B3E9A27AC9} - System32\Tasks\{4AC279A5-DE8C-4FE6-A2C6-B9564D0D6BF9} => C:\Windows\system32\pcalua.exe -a "F:\Microsoft Office 2007 Enterprise NL + lic\Microsoft Office 2007 Enterprise NL + lic\setup.exe" -d "F:\Microsoft Office 2007 Enterprise NL + lic\Microsoft Office 2007 Enterprise NL + lic" Task: {219734B5-AD26-42E7-B2C6-59E855E88C52} - System32\Tasks\{FDE74BDD-8557-4336-84EE-D63F29B876CF} => C:\Windows\system32\pcalua.exe -a "C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F4E6M6SQ\setup_toolwizcare.exe" -d C:\Users\Henk\Desktop Task: {21C2065C-DF64-417D-8373-2239F87A1433} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {272CDEB7-41F8-480B-84D2-3AEBE325D711} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe Task: {3E9D3222-7F9D-4F46-92A7-90D2D343BA97} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2018-08-17] (WiseCleaner.com) Task: {426133E3-ACF1-4D95-9307-5103510A226E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated) Task: {482E934E-04CE-4542-AF55-84022F6984B9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {545C1E67-CB13-4ECD-859E-17E755614532} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo32.exe [2016-08-30] (Crystal Dew World) Task: {56EB701E-C93C-4BFC-BB89-4E5CCC11C820} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {59DF9597-541E-44F5-B441-951E7B4DB700} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {5C33E7B4-BCEF-4DBB-9656-8FBECE6871D1} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK) Task: {60D4BF99-0714-4ED4-BD9D-4BC6E092943E} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2018-08-20] (Glarysoft Ltd) Task: {61A098B5-51A4-443D-B24A-54FFA2CD0A24} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {63471124-E70A-47CA-91A8-1A326FFAEEE2} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-07-23] () Task: {6FCAA144-24C3-4E1D-AB28-81814378EB63} - \5755280698a5da9c79a4adf9e9421fe7 -> Geen bestand <==== AANDACHT Task: {7223B2EF-5250-4CA7-9857-FB4F46ED3BFA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {72EE3CF9-6D9D-43FE-81F8-C43C423BEEEA} - System32\Tasks\{16F54697-F825-4A6B-908E-EDF6B140AFC3} => msiexec.exe /package "C:\Users\Henk\Documents\Microsoft Office 2007 Enterprise NL + lic\Microsoft Office 2007 Enterprise NL + lic\Enterprise.WW\EnterpriseWW (2).msi" Task: {87925A1E-41E0-4F76-999E-14FF4498F224} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd) Task: {88EA5DE3-1010-4503-9E0B-0885556B18FD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {8C4AD73C-EF87-439D-BA34-163EB18C7CEE} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS) Task: {8C766A0E-B260-49C8-BCD0-BA4BABAE272D} - System32\Tasks\{30CCAC32-22C6-47C3-A09C-3A01BE5AB535} => C:\Users\Henk\Downloads\PhotoScape_V3.6.1.exe [2012-03-02] (Mooii) Task: {92986B6F-866C-4709-9EB0-16827A09281E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {9908BF88-4DDF-4FF8-80AE-8F94E249BA37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {AB019DA3-5A5A-4137-B897-A7AA7B699391} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {B1129E6C-330F-4A07-B68C-189E8DAC6016} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com) Task: {C341F7EF-6A73-4A07-AB2A-2F0328A28907} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] () Task: {C72E75BB-3F48-413F-BF58-2C7F0FC305E4} - System32\Tasks\Opera scheduled Autoupdate 1534612683 => C:\Users\Henk\AppData\Local\Programs\Opera\launcher.exe [2018-10-02] (Opera Software) Task: {C82B6F86-1E92-4752-B86F-587809B54A2B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-17] (Adobe Systems Incorporated) Task: {CE1D0370-E8C2-4C5A-85EC-00A7C5F5A3FC} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [2018-09-21] (WiseCleaner.com) Task: {D5BD3420-5ACE-4FA9-ADC8-C6D09A8D7C19} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation) Task: {DABB7DF4-9E5D-47B2-9BE5-DF24995AE0CA} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] () Task: {DC0DD8DD-A9D1-4120-A6AC-D7568D19F889} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-17] (Adobe Systems Incorporated) Task: {E730D612-72C7-48D5-B2C6-F2209E2984D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {EF071978-6FD5-4BC5-BF4D-15D17814E4E0} - System32\Tasks\{21908BE2-DD86-405B-AC98-D9ACF4DAC972} => C:\Program Files (x86)\KPN Veilig\trigger.exe Task: {F31E8222-8DD0-44EB-A228-DE0A026B6F14} - System32\Tasks\{15B0EB1B-AEEB-4D1E-A250-9D2D820E3BE1} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2014-03-31] (Microsoft Corporation) Task: {FD0FD38A-70CD-418D-A65D-FC01BB01CAFD} - System32\Tasks\{D67BA874-36D0-4B55-B14B-2DBFF9D79850} => msiexec.exe /package "C:\Users\Henk\Documents\Microsoft Office 2007 Enterprise NL + lic\Microsoft Office 2007 Enterprise NL + lic\Enterprise.WW\EnterpriseWW (2).msi" Task: {FEFA5E4A-81F0-41EF-9BEF-D4B4FC746793} - System32\Tasks\{3F065E86-8CBC-4E76-8AFA-ADBF0606DEDA} => C:\Program Files (x86)\KPN Veilig\trigger.exe (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-08-04 19:57 - 2016-08-04 19:57 - 000959168 _____ () C:\Users\Henk\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2007-06-15 19:28 - 2007-06-15 19:28 - 000104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll 2007-06-02 01:52 - 2007-06-02 01:52 - 000159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll 2018-10-01 18:36 - 2018-09-12 11:35 - 002701064 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-10-01 18:36 - 2018-09-12 17:57 - 002785784 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2016-12-08 23:33 - 2017-09-13 10:32 - 000087552 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe 2013-10-17 16:48 - 2013-10-17 16:48 - 000106496 _____ () C:\Program Files\BOINC\zlib1.dll 2018-03-31 14:42 - 2018-03-31 14:43 - 053285888 _____ () C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\rosetta_4.07_windows_intelx86.exe 2018-04-04 18:20 - 2018-04-04 18:21 - 048355328 _____ () C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_3.78_windows_x86_64.exe 2018-08-19 14:50 - 2018-07-09 14:20 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2018-08-19 14:50 - 2018-07-09 14:20 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2018-08-19 14:50 - 2018-07-09 14:20 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2018-08-19 14:50 - 2018-07-09 14:20 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\webcompanion.com -> hxxp://webcompanion.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\...\100sexlinks.com -> 100sexlinks.com Er zijn 4788 Meer websites. ==================== Hosts inhoud: ========================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 04:34 - 2018-10-05 19:51 - 000002132 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-4197950391-4282120674-3398511618-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Henk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2 MSCONFIG\Services: clr_optimization_v4.0.30319_64 => 2 MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe MSCONFIG\startupreg: boinctray => "C:\Program Files\BOINC\boinctray.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe -update pepperplugin MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun MSCONFIG\startupreg: GwxControlPanelMonitor => "C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r MSCONFIG\startupreg: KiesPDLR.exe => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: MyDriveConnect.exe => "C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" -startwithoutDA MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SystemTools => "C:\Program Files (x86)\System Tools 9.0.0\SystemTools.exe" MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" MSCONFIG\startupreg: ToolwizCareFree => C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe MSCONFIG\startupreg: uTorrent => "C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED MSCONFIG\startupreg: vidnotifier.exe => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{96D86072-5B5E-4714-B65B-3B49BCD220BE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{C74EFE9A-1E9F-49C6-9CB6-26A3FDE7D1AF}] => (Allow) svchost.exe FirewallRules: [{17AA41E9-E053-4C43-9596-4A2A4CC027ED}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{6D69CAD3-53D9-4CD1-9774-ED807EC502FB}] => (Allow) C:\Users\Henk\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{531FE3BF-1F6F-4658-B09D-0F0A881C09A3}] => (Allow) C:\Users\Henk\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{EC551959-EF84-425F-92CA-5B94AB2D918A}] => (Allow) C:\Users\Henk\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{F71D2F47-B54F-4A3A-BFE1-C7522DC9715B}] => (Allow) C:\Users\Henk\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{ED873F78-B4DF-4011-BE2C-447788004FA6}] => (Allow) C:\Users\Henk\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{FB708D65-F852-4ADE-8612-E3973F677D1D}] => (Allow) C:\Users\Henk\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{FE654B6A-CB82-48AD-A6A6-5382E5F8ECE7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{DB99CF27-B818-430D-BD07-5FE035D5A137}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{AE9BB469-01F1-4312-B9BA-4AAC9D728409}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A6AF5E03-3DC1-4B82-BF14-90B510F01176}] => (Allow) LPort=2869 FirewallRules: [{7B6CFDA6-946F-4A44-8902-BA91246D0F6E}] => (Allow) LPort=1900 FirewallRules: [{045A3853-A866-4FC8-A623-3250B81B6791}] => (Allow) C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E929EDED-BEB9-4BF7-8101-00679A66B72D}] => (Allow) C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DE8BEE94-5FFA-4F7D-9A47-1CFE98149C3C}] => (Allow) C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{685BD2B1-6B03-4E5F-94D8-2AFFD529D507}] => (Allow) C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1C26BB37-F582-440E-AB32-709E4F7A8F06}] => (Allow) C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{1871631E-330C-4859-B9AB-164D55D0E45B}] => (Allow) C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3402461B-5695-497D-879A-05CE1603F9BF}] => (Allow) chrome.exe FirewallRules: [TCP Query User{42381672-75AF-48BF-9F68-50CBD73E1396}C:\program files (x86)\nzbget\nzbget.exe] => (Block) C:\program files (x86)\nzbget\nzbget.exe FirewallRules: [UDP Query User{CEC71D01-189D-453E-9F74-07923333F3BA}C:\program files (x86)\nzbget\nzbget.exe] => (Block) C:\program files (x86)\nzbget\nzbget.exe FirewallRules: [{BA4E70FB-7E32-4DEB-97B1-5AD60741C907}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{07852D7C-355A-4B26-A295-709CDBFA57D5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{773B6FB8-693E-4663-A0D6-F9E9FDBA12B8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{ED0D989F-CEDA-4E5C-A0CE-8D92AAA680D3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{EA9818E8-90E8-4253-B646-3A02507AA179}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{67C69F97-911A-4837-8693-1119754D9191}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{99B47ECD-10C3-497F-9018-6B5CAAEBCC67}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{2FBB504F-7C63-478C-9F64-56DDBD93FD64}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{4DBCE18D-CD1D-4ADD-9E05-B3708ABEB315}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{938DBA6C-AF64-4891-AC1D-749F8EF77E92}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe FirewallRules: [{D97E51F5-39FC-44F2-AAC8-795D73A4918F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{ED44A2A5-D170-4CB3-B438-66B42D461818}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{BDEB29BF-B06D-4EE2-B1CB-12D07909B2D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{788C7FF0-E39E-4693-A63D-C55F4E775518}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{CBC73C37-CF5E-4BD6-B51D-25E38DCF3BFE}] => (Allow) C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{364F2A8A-7260-4EA8-A277-E2CD34A1B735}] => (Allow) C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{3FF85BC4-BCF9-4687-A6E6-19DCDDD2F949}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{DC49BF31-74B4-492F-96DA-5441495534D0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe FirewallRules: [{734F317E-0CFB-4AAE-A574-9BF87D5CDA02}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{2A73174B-2F9F-4FAD-B158-EC1FF2CE40D0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{7C62A227-8260-4CE5-A166-D5520D1F07AE}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe FirewallRules: [{9F7E746D-5104-47FD-8E0B-8CBBC01BE0C6}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe FirewallRules: [{254E0055-39EC-42DB-B327-3286B9315A77}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe FirewallRules: [{BD0B1284-96C0-426B-BA97-AD9CBDCDA25E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld 05-10-2018 19:19:48 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= Name: f0523683962bbe7516d4c8bfc5c1bd8a Description: f0523683962bbe7516d4c8bfc5c1bd8a Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: f0523683962bbe7516d4c8bfc5c1bd8a Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: avgStm Description: avgStm Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: avgStm Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft PS/2-muis Description: Microsoft PS/2-muis Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (10/05/2018 07:57:07 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma IEXPLORE.EXE, versie 11.0.9600.19130 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: ce4 Starttijd: 01d45cd4b0101648 Eindtijd: 31 Toepassingspad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Rapport-id: Error: (10/05/2018 07:52:30 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Kan geen registerinformatie van prestatiemeteritems lezen voor WSearchIdxPi, voor exemplaar , vanwege de volgende fout: De bewerking is voltooid. 0x0. Error: (10/05/2018 07:52:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: FastBootAgent.exe, versie: 1.0.0.0, tijdstempel: 0x4a68233e Naam van module met fout: FastBootAgent.exe, versie: 1.0.0.0, tijdstempel: 0x4a68233e Uitzonderingscode: 0xc0000005 Foutoffset: 0x0000f2b1 Id van proces met fout: 0x878 Starttijd van toepassing met fout: 0x01d45cd40ff071c0 Pad naar toepassing met fout: C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe Pad naar module met fout: C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe Rapport-id: 5db73f62-c8c7-11e8-87c5-90e6ba6d2d3c Error: (10/05/2018 07:51:58 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: De prestatiemeter voor het gegevensverzamelaarobject kan niet worden geïnitialiseerd omdat de items niet zijn geladen of het gedeelde geheugen niet kan worden geopend. Dit is alleen van invloed op de beschikbaarheid van de prestatiemeteritems. Start de computer opnieuw op. Context: toepassing , catalogus SystemIndex Error: (10/05/2018 07:51:55 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: De prestatiemeter voor de gegevensverzamelaarservice kan niet worden geïnitialiseerd omdat de items niet zijn geladen of het gedeelde geheugen niet kan worden geopend. Dit is alleen van invloed op de beschikbaarheid van de prestatiemeteritems. Start de computer opnieuw op. Error: (10/05/2018 06:42:13 PM) (Source: ESENT) (EventID: 454) (User: ) Description: wlmail (5956) C:\Users\Henk\AppData\Local\Microsoft\Windows Live Mail\Calendars\alfa100@planet.nl\: Het herstellen/terugzetten van de database is mislukt vanwege de onverwachte fout -1216. Error: (10/05/2018 06:42:13 PM) (Source: ESENT) (EventID: 494) (User: ) Description: wlmail (5956) C:\Users\Henk\AppData\Local\Microsoft\Windows Live Mail\Calendars\alfa100@planet.nl\: Tijdens het herstellen van de database treedt fout -1216 op, omdat er verwijzingen zijn gevonden naar een database, C:\Users\Henk\AppData\Local\Microsoft\Windows Live Mail\Calendars\alfa100@planet.nl\DBStore\WLCalendarStore.edb, die niet meer bestaat. De database is niet in een geldige afsluitingsstaat gebracht voordat deze is verwijderd (of verplaatst of hernoemd). De database-engine staat niet toe dat de herstelbewerking voor deze sessie wordt voltooid, voordat de ontbrekende database opnieuw is geïnstalleerd. Als de database echt niet meer beschikbaar is en niet meer vereist is, zijn er procedures voor het corrigeren van deze fout beschikbaar in de Microsoft Knowledge Base of via de koppeling 'meer informatie' onder aan dit bericht. Error: (10/05/2018 06:40:25 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Kan geen registerinformatie van prestatiemeteritems lezen voor WSearchIdxPi, voor exemplaar , vanwege de volgende fout: De bewerking is voltooid. 0x0. Systeemfouten: ============= Error: (10/05/2018 11:02:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: De volgende melding van een onherstelbare fout is ontvangen: 20. Error: (10/05/2018 10:44:21 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: De volgende melding van een onherstelbare fout is ontvangen: 20. Error: (10/05/2018 09:09:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: De volgende melding van een onherstelbare fout is ontvangen: 20. Error: (10/05/2018 07:52:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: avgbdisk avgbidsdriver avgbidsh avgblog avgbuniv avgRdr avgRvrt avgSnx avgSP avgVmm f0523683962bbe7516d4c8bfc5c1bd8a VBoxNetAdp Error: (10/05/2018 07:52:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De FastBootAgent-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (10/05/2018 07:51:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De AVG Antivirus-service is afhankelijk van de avgMonFlt-service, die vanwege de volgende fout niet kan worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (10/05/2018 07:51:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De avgStm-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (10/05/2018 07:51:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De avgMonFlt-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. ==================== Geheugen info =========================== Processor: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz Percentage geheugen in gebruik: 68% Totaal fysiek RAM-geheugen: 3037.09 MB Beschikbaar fysiek RAM-geheugen: 949.13 MB Totaal Virtueel geheugen: 6072.32 MB Beschikbaar Virtueel geheugen: 3108.84 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:116.45 GB) (Free:33.42 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)] Drive d: (DATA) (Fixed) (Total:101.79 GB) (Free:24.4 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: D9B3496E) Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C) Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=101.8 GB) - (Type=0F Extended) ==================== Eind van Addition.txt ============================