Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 09-08-2016 01 Gestart door Marina (2016-08-10 09:54:30) Gestart vanaf C:\Users\Marina\Desktop Windows 10 Home Versie 1607 (X64) (2016-08-07 10:00:46) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-192893622-2068937732-1280758114-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-192893622-2068937732-1280758114-503 - Limited - Disabled) Gast (S-1-5-21-192893622-2068937732-1280758114-501 - Limited - Disabled) Marina (S-1-5-21-192893622-2068937732-1280758114-1001 - Administrator - Enabled) => C:\Users\Marina ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 1 Moment of Time - Silentville (HKLM-x32\...\1 Moment of Time - Silentville_is1) (Version: 1.0 - MyPlayCity, Inc.) 4 Elements II (HKLM-x32\...\4 Elements II_is1) (Version: 1.0 - Playrix Entertainment) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Aeris Calendar (HKLM-x32\...\Aeris Calendar) (Version: - Mortal Universe) AnVir Task Manager (HKLM-x32\...\AnVir Task Manager) (Version: - AnVir Software) AnVir Task Manager Free (HKLM-x32\...\AnVir Task Manager Free) (Version: - AnVir Software) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS) AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies) AVG (Version: 16.91.7690 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4633 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.91.7690 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies) AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden Awakening: The Skyward Castle (x32 Version: 3.0.2.118 - WildTangent) Hidden Barn Yarn (HKLM-x32\...\Barn Yarn_is1) (Version: 1.0 - Playrix Entertainment) Blue Jet Button versie 2.2.0.2 (HKLM-x32\...\Blue Jet Button_is1) (Version: 2.2.0.2 - Ixide Tools.) Brink of Consciousness - The Lonely Hearts Murders (HKLM-x32\...\Brink of Consciousness - The Lonely Hearts Murders_is1) (Version: 1.0 - Playrix Entertainment) Call of Atlantis Treasures of Poseidon (HKLM-x32\...\Call of Atlantis Treasures of Poseidon_is1) (Version: 1.0 - Playrix Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) ChristmasTree 1.8 (HKLM-x32\...\ChristmasTree_is1) (Version: - Respectsoft Company) Cradle of Rome (HKLM-x32\...\Cradle of Rome_is1) (Version: 1.0 - MyPlayCity, Inc.) Double Agent (HKLM\...\{8BA1FDE3-3851-4F1E-ACDD-723822E31E1E}) (Version: 1.2.0.56 - Cinnamon Software Inc.) Exorcist (HKLM-x32\...\Exorcist_is1) (Version: 1.0 - MyPlayCity, Inc.) Fall of the New Age (HKLM-x32\...\Fall of the New Age_is1) (Version: 1.0 - Playrix Entertainment) Farm to Fork (HKLM-x32\...\Farm to Fork_is1) (Version: 1.0 - Playrix Entertainment) Fishdom 3 (HKLM-x32\...\Fishdom 3_is1) (Version: 1.0 - Playrix Entertainment) FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden Fort Defense (HKLM-x32\...\FortDefense) (Version: - ) Game Explorer Categories - casual (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Game Explorer Categories - enthusiast (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Game Explorer Categories - family (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Game Explorer Categories - kids (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Game Explorer Categories - touch (x32 Version: 3.2.0.6 - WildTangent, Inc.) Hidden Gardenscapes (HKLM-x32\...\Gardenscapes_is1) (Version: 1.0 - Playrix Entertainment) Gardenscapes 2 (HKLM-x32\...\Gardenscapes 2_is1) (Version: 1.0 - Playrix Entertainment) Gardenscapes Mansion Makeover (HKLM-x32\...\Gardenscapes Mansion Makeover_is1) (Version: 1.0 - Playrix Entertainment) Ghost Whisperer (HKLM-x32\...\Ghost Whisperer_is1) (Version: 1.0 - MyPlayCity, Inc.) Glary Utilities PRO 5.55 (HKLM-x32\...\Glary Utilities 5) (Version: 5.55.0.76 - Glarysoft Ltd) Golden Trails versie 1.0 (HKLM-x32\...\{67A506B9-AE7F-4B80-A050-361D76E1ECB3}_is1) (Version: 1.0 - Gametop) Goodgame Empire (HKLM-x32\...\Goodgame Empire_is1) (Version: 1.0 - MyPlayCity, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Haunting Mysteries The Island of Lost Souls (HKLM-x32\...\Haunting Mysteries The Island of Lost Souls_is1) (Version: 1.0 - Playrix Entertainment) House of 1000 Doors - Family Secrets (HKLM-x32\...\House of 1000 Doors - Family Secrets_is1) (Version: 1.0 - MyPlayCity, Inc.) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Jigsaw Puzzle Platinum Edition (HKLM-x32\...\Jigsaw Puzzle Platinum Edition) (Version: - ) Living Legends Ice Rose (HKLM-x32\...\Living Legends Ice Rose_is1) (Version: 1.0 - Playrix Entertainment) London Time Clock 1.1 (HKLM-x32\...\London Time Clock_is1) (Version: - Respectsoft Company) Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.) Macrium Reflect Free Edition (Version: 6.1.1000 - Paramount Software (UK) Ltd.) Hidden Mahjong Secrets (HKLM-x32\...\Mahjong Secrets_is1) (Version: 1.0 - Playrix Entertainment) Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MonstaFish! (HKLM-x32\...\{E8B0A7D2-0D12-4D81-8BC2-1945C94225D0}) (Version: 1.0.3 - Ironsun Studios) Mozilla Firefox 43.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 en-US)) (Version: 43.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3 - Mozilla) Multilingual Speaking Clock ver 2.6 (HKLM-x32\...\Multilingual Speaking Clock_is1) (Version: 2.6 - Lux Aeterna Software) My Sunny Resort (HKLM-x32\...\My Sunny Resort_is1) (Version: 1.0 - MyPlayCity, Inc.) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger) Nearwood (HKLM-x32\...\Nearwood_is1) (Version: 1.0 - Playrix Entertainment) NextUp-ScanSoft Claire Netherlands Dutch Voice (HKLM-x32\...\{125A9FAE-8F13-4CF6-9AD0-3EDE722D71DC}) (Version: 4.0.0 - NextUp.com) OpenOffice 4.1.1 (HKLM-x32\...\{89FD914D-4472-4E4F-8638-69E857E82DC9}) (Version: 4.11.9775 - Apache Software Foundation) Pahelika Rrevelations (HKLM-x32\...\Pahelika Rrevelations_is1) (Version: 1.0 - Playrix Entertainment) Panopticon - Path of Reflections (HKLM-x32\...\Panopticon - Path of Reflections_is1) (Version: 1.0 - MyPlayCity, Inc.) POP Peeper (HKLM-x32\...\POP Peeper) (Version: - Esumsoft) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Reg Organizer version 6.11 (HKLM-x32\...\Reg Organizer_is1) (Version: 6.11 - ChemTable Software) Relics of Fate - A Penny Macey Mystery (HKLM-x32\...\Relics of Fate - A Penny Macey Mystery_is1) (Version: 1.0 - Playrix Entertainment) Sacra Terra - Angelic Night (HKLM-x32\...\Sacra Terra - Angelic Night_is1) (Version: 1.0 - MyPlayCity, Inc.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.) Snark Busters - High Society (HKLM-x32\...\Snark Busters - High Society_is1) (Version: 1.0 - MyPlayCity, Inc.) Solitaire Mystery - Four Seasons (HKLM-x32\...\Solitaire Mystery - Four Seasons_is1) (Version: 1.0 - Playrix Entertainment) Spotify (HKU\S-1-5-21-192893622-2068937732-1280758114-1001\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB) Star Defender 2 version 1.0 (HKLM-x32\...\{5E204C01-4B1E-4ECD-995A-EE218E7138DD}_is1) (Version: 1.0 - Gametop) Star Defender 3 version 1.0 (HKLM-x32\...\{1562B872-856D-4B25-B2F2-C722FE03C81F}_is1) (Version: 1.0 - Gametop) Talking Alarm Clock 2.0 (HKLM\...\{A26791D3-EF9C-41D5-A526-D5C6CF70CE8E}) (Version: 2.0.6.110 - Cinnamon Software Inc.) The Lake House - Children of Silence (HKLM-x32\...\The Lake House - Children of Silence_is1) (Version: 1.0 - MyPlayCity, Inc.) The Path of Hercules (HKLM-x32\...\The Path of Hercules_is1) (Version: 1.0 - Playrix Entertainment) The Rise Of Atlantis (HKLM-x32\...\The Rise Of Atlantis_is1) (Version: 1.0 - MyPlayCity, Inc.) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) TTSReader 1.30 (HKLM-x32\...\TTSReader) (Version: 1.30 - SpheNet) VistaClock 1.2 (HKLM-x32\...\VistaClock_is1) (Version: - Respectsoft Company) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN) Waterfox 40.0.2 (x64 en-US) (HKLM\...\Waterfox 40.0.2 (x64 en-US)) (Version: 40.0.2 - Mozilla) Weather Clock 4.5 (HKLM-x32\...\Weather Clock_is1) (Version: - Respect Soft) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) Windows 10-upgradeassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation) Windows-stuurprogrammapakket - ASUS (ATP) Mouse (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) Wise Auto Shutdown 1.51 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.51 - WiseCleaner.com, Inc.) YoWindow (HKLM-x32\...\yowindow) (Version: 3 - RepkaSoft) Zimbra Desktop (HKLM-x32\...\{B88E669F-9435-4677-A308-2D2690301754}) (Version: 7.2.5.12038 - Zimbra) ZOODomino (HKLM-x32\...\ZOODomino_is1) (Version: 1.0 - MyPlayCity, Inc.) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-192893622-2068937732-1280758114-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {024914B6-4892-4C5B-9417-BBFEF5FF2D7B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.) Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation) Task: {03A19C8B-65C6-437B-AF44-4BD62D280D0C} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager\anvir.exe [2016-05-15] (AnVir Software) Task: {0563D6B0-7056-4C72-B42A-FAF4DDD69FF5} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {0E794929-288A-4C5F-BAE1-506F99047D85} - System32\Tasks\AVG-SSU_0616avz => C:\ProgramData\Avg_Update_0616avz\AVG-Secure-Search-Update_0616avz.exe Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task Task: {17723261-65B1-4020-AFC7-47B0361D2018} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-07-08] (Glarysoft Ltd) Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange Task: {1900FD40-97E8-4F15-A345-C065432B419A} - \WPD\SqmUpload_S-1-5-21-192893622-2068937732-1280758114-1001 -> Geen bestand <==== AANDACHT Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task Task: {23DB636E-46FF-41AA-98F8-B0F23918F0B8} - System32\Tasks\Cinnamon\Talking Alarm Clock\en%46%%46%%46%heb je ze nu al gepoetst => C:\Program Files\Alarm Clock\Alarm.exe [2015-08-28] (Cinnamon Software Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe Task: {35B30926-D179-476B-89C7-F415CA4AC652} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {3C552EBD-C760-405E-B705-DAAA1BA8875F} - System32\Tasks\Cinnamon\Talking Alarm Clock\boccia => C:\Program Files\Alarm Clock\Alarm.exe [2015-08-28] (Cinnamon Software Inc.) Task: {3C95FA7B-7ADE-4B3B-8FB1-C4B9AB351767} - System32\Tasks\{4CB257F9-030C-4677-86D6-01E27A76884E} => pcalua.exe -a C:\Games\FarmFrenzy3AmericanPie_Game\FarmFrenzy3AmericanPie.exe -d C:\Games\FarmFrenzy3AmericanPie_Game Task: {3EC4BCB2-F635-4B8E-9216-EAFC463CA906} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {3F81CB43-0C52-4027-94B1-84E2DE5BEAA2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {4CFA0A66-6274-4377-9C0A-1988C03CEE69} - System32\Tasks\{8433010D-5181-41D8-A9EB-9411150B91F7} => pcalua.exe -a C:\Games\Aquitania_Game\Aquitania.exe -d C:\Games\Aquitania_Game Task: {4ED81CE9-C03E-44B1-9FB6-96014A84A4AD} - System32\Tasks\{E802F980-00AB-4D65-961F-8ACD6546BC18} => Firefox.exe hxxp://ui.skype.com/ui/0/7.21.0.100/nl/abandoninstall?source=lightinstaller&page=tsInstall Task: {4F802092-DBF3-4A95-87F8-F577E9C97B2D} - System32\Tasks\WiseCleaner\WASSkipUAC => C:\Program Files (x86)\Wise\Wise Auto Shutdown\WiseAutoShutdown.exe [2015-09-15] (WiseCleaner.COM) Task: {4FEBE9E0-903E-4C74-A004-3884B727C361} - System32\Tasks\{C1257708-4367-405A-8B99-E88A8A25B814} => pcalua.exe -a "C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe" -c /PROMPT /UNINSTALL Task: {510A809F-D795-4859-A4AB-2FD363E4B9CF} - System32\Tasks\{FA68E343-0BB8-4E16-998E-38B961C89BA0} => pcalua.exe -a "C:\Program Files (x86)\Playrix Entertainment\Brink of Consciousness - The Lonely Hearts Murders\BrinkOfConsciousness_LonelyHeartsMurders.exe" -d "C:\Program Files (x86)\Playrix Entertainment\Brink of Consciousness - The Lonely Hearts Murders" Task: {5630A7CB-BF57-47D0-86E5-4989E699BEAD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {5748D9DA-3439-40E0-904E-49197CB89842} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-13] (Microsoft Corporation) Task: {5A983988-381D-45D4-AB7C-887E1F9324A7} - System32\Tasks\GlaryOneClickOptimizer 5 => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [2016-07-08] (Glarysoft Ltd) Task: {5BE91AA6-4313-4E4B-9C09-33DBE53D8152} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation) Task: {5D37E832-5563-49FB-90F4-0DF9C81A2484} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand Task: {6335A2A7-F97E-4AFB-B4C1-4A86E67B1D84} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {67626540-7397-4BE8-9355-2FF9979D8FD1} - System32\Tasks\{0B813BA8-A222-4D2B-89BF-5496E4136419} => pcalua.exe -a C:\Games\Sawoid_Game\Sawoid.exe -d C:\Games\Sawoid_Game Task: {68DFD9CD-C3B2-464E-B829-A048E7C62272} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.) Task: {691E50D8-6279-404C-AD47-C709FE49B334} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe Task: {6AF875E6-7395-4407-9F00-3B1A8D289E99} - System32\Tasks\RegOrganizerQuickLaunch => -RegistryEditor -ForceForeground -NoSplash Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand Task: {7A888A7E-0B8B-449E-B508-FF1525C8703E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense Task: {7BF03386-F94D-4333-BD68-74C54E8135B7} - System32\Tasks\AVG-SSU_0616avz_DELETE => C:\ProgramData\Avg_Update_0616avz\AVG-Secure-Search-Update_0616avz.exe Task: {80D9F702-CA71-4390-8BC5-2D815F5FD602} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {8CF4BE1D-3E21-48A5-A10C-6C2815AC4B56} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {8E99CFC9-45E7-4E3B-9CC1-2F4726E215D0} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {8F91CF12-95BD-412A-8104-422E9C64C4D0} - System32\Tasks\Cinnamon\Talking Alarm Clock\pilletje nemen => C:\Program Files\Alarm Clock\Alarm.exe [2015-08-28] (Cinnamon Software Inc.) Task: {95C5CD53-DFFC-4EBF-9960-27BA3AB21DB8} - System32\Tasks\Cinnamon\Talking Alarm Clock\tanden poetsen => C:\Program Files\Alarm Clock\Alarm.exe [2015-08-28] (Cinnamon Software Inc.) Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-07-16] (Microsoft Corporation) Task: {9B55C06C-3052-47DB-9C3C-3F06EC1784B9} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-07-08] (Glarysoft Ltd) Task: {ACAFED1B-31B0-42E5-88EF-81098E66C4B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {AD671572-70A2-4FD2-B371-492FF723CE4A} - System32\Tasks\Anvirlauncher => C:\Program Files (x86)\AnVir Task Manager\anvirlauncher.exe [2016-02-28] (AnVir Software) Task: {AF13494E-63E6-4886-9C36-16578460FB56} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {B1014EDD-C260-4E6A-BF7C-03C868EC2CC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28] (Google Inc.) Task: {B62009C4-21F1-4DBC-918E-5BD290A3BBB3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-07-16] (Microsoft Corporation) Task: {B8256D96-6404-4080-93E3-114F9736D6A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-26] (Adobe Systems Incorporated) Task: {B948C1DD-4179-480F-A498-83C01F8CC317} - System32\Tasks\{40F69436-0E22-485C-8C14-597D0367986D} => pcalua.exe -a C:\Games\VikingBrothers_Game\VikingBrothers.exe -d C:\Games\VikingBrothers_Game Task: {BB550DB3-D04E-4BED-A5B9-AD226AB3E1C4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {BD0367C3-7395-41DE-85AC-18804E4D4539} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {C57E0D0B-1708-4275-A121-979FC7C6279C} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-06-24] (Realtek Semiconductor) Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation) Task: {CD62066F-9E45-4828-81DC-5E07C5F67B45} - System32\Tasks\{16682D47-0551-4F7E-9C3C-4B51EE992D11} => pcalua.exe -a "C:\Program Files (x86)\Playrix Entertainment\Gardenscapes Mansion Makeover\Gardenscapes Mansion Makeover.exe" -d "C:\Program Files (x86)\Playrix Entertainment\Gardenscapes Mansion Makeover" Task: {D20AE861-1A83-499C-A652-6D175B7A64F3} - System32\Tasks\{60D37762-0A2C-4233-B62D-D0E299B34F5A} => pcalua.exe -a "C:\Program Files (x86)\MyPlayCity.com\Goodgame Empire\unins000.exe" Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation) Task: {D731807D-A104-4D70-94D6-256C4E369AE8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange Task: {DCB7FBDF-8387-4619-BAB4-4838A07987A0} - System32\Tasks\{51B1F8F8-4C03-4E2D-9B09-9CCC65AC86A3} => pcalua.exe -a "C:\Program Files (x86)\MyPlayCity.com\The Rise Of Atlantis\unins000.exe" Task: {DFF22A6F-36A4-49F0-A69A-105EB21869A8} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24] (Realtek Semiconductor) Task: {E34E2AAE-D3DD-4666-BE53-185963DFD0D7} - System32\Tasks\Cinnamon\Talking Alarm Clock\naar jeroen bellen => C:\Program Files\Alarm Clock\Alarm.exe [2015-08-28] (Cinnamon Software Inc.) Task: {E5BAB5E7-5E86-497B-A6B4-85B71D7FBC14} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS) Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe Task: C:\WINDOWS\Tasks\GlaryOneClickOptimizer 5.job => C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep ShortcutWithArgument: C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ShortcutWithArgument: C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Word Search Puzzle Game.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=jninklaodadoeedinndhhlcflpmagfhd ==================== Geladen Modules (gefilterd) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-08-07 12:08 - 2016-08-07 12:08 - 00959168 _____ () C:\Users\Marina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-08-07 12:06 - 2016-08-07 12:06 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-08-07 12:06 - 2016-08-07 12:06 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-08-07 12:06 - 2016-08-07 12:06 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-08-07 12:06 - 2016-08-07 12:06 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-08-07 12:06 - 2016-08-07 12:06 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2013-12-19 18:36 - 2016-01-06 15:13 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll 2015-12-08 21:25 - 2015-12-08 21:25 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll 2014-08-28 22:23 - 2014-08-28 22:23 - 00142416 _____ () C:\Program Files (x86)\POP Peeper\zip.dll 2014-07-07 04:19 - 2014-07-07 04:19 - 00354896 _____ () C:\Program Files (x86)\POP Peeper\sqlite3.dll 2016-08-07 12:07 - 2016-08-07 12:07 - 00679624 _____ () C:\Users\Marina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll 2011-02-19 02:10 - 2011-02-19 02:10 - 01806336 _____ () C:\Program Files (x86)\MyPhoneExplorer\IconLib.dll 2016-01-17 11:12 - 2016-01-17 11:12 - 00241664 _____ () C:\Program Files (x86)\Speaking Clock\voice\Dutch (female).dll 2015-10-24 14:14 - 2016-04-08 11:25 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134] AlternateDataStreams: C:\ProgramData\TEMP:D24294C1 [286] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) HKU\S-1-5-21-192893622-2068937732-1280758114-1001\Software\Classes\exefile: <===== AANDACHT ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2016-07-16 10:11 - 2016-07-16 10:29 - 00000851 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 keystone.mwbsys.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-192893622-2068937732-1280758114-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marina\Desktop\13876106_1389525554396211_5756599828120424343_n.jpg DNS Servers: 195.130.130.4 - 195.130.131.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-192893622-2068937732-1280758114-1001\...\StartupApproved\Run: => "BingSvc" HKU\S-1-5-21-192893622-2068937732-1280758114-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_97B3868208EAEC6153686BA79EFCF192" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe FirewallRules: [{7B1C9DF5-92F4-4E07-9E45-C654D1678712}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{17B92BC3-43FC-433F-8E9C-CB9498A33DBC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{CD6E93AC-DC73-4A67-A222-1E55B13FC3A9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{19528B6F-E711-453A-A362-FF17A5852F72}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{FEA842A5-4B6F-4FA9-A8BC-18FA5F7187D4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{8AE847AF-0254-4F36-A9A3-5CB5890A5C34}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [UDP Query User{69A6D2F9-4B44-493B-A7DA-B8BA9437ECF3}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{B5129961-581B-4AED-98B7-A4B17422F216}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [{88810134-8E2C-41D8-AE64-6B787A572287}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [UDP Query User{4EA4E154-8042-4E71-85DF-1343EA6CA345}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{6A26D46E-2199-45E4-81DA-A1947137E52F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{146F8470-8C03-4D5C-A067-551A2A9398BE}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [TCP Query User{B1B8E55F-8E73-4F68-8A8C-DFC31DBF177C}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [TCP Query User{DB2C7689-AB8A-49DF-8B9F-2BA414CD9A55}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{CB8198AD-9C78-4B5C-995C-85B90A9C7CCB}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{B2EF3C8D-2E21-4AE7-A70C-F38675DFA112}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{F8EF7403-3188-453A-87DF-0567EB3EDF77}C:\users\marina\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marina\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{5BF3FA3E-2A0E-405B-8712-0E3299BB7FD3}C:\users\marina\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marina\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{48E60A31-B9C3-4E15-9DE5-88472957300C}C:\users\marina\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marina\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E5058A69-47F8-4872-87CA-6E52EC727566}C:\users\marina\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marina\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{1537C9FD-E538-4DFF-80AC-4524A3603520}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [UDP Query User{8EAC2218-6D6D-4DC1-82E0-95B25DB4136E}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe FirewallRules: [{EAE5364A-13D3-4FB7-B7DC-61F5B65E52BA}] => (Allow) C:\Program Files\Waterfox\waterfox.exe FirewallRules: [{0349427E-D54B-4FE8-9B8C-9E946E06F4A4}] => (Allow) C:\Program Files\Waterfox\waterfox.exe FirewallRules: [TCP Query User{AB803247-68A5-4D12-BEBF-7406DADF7802}C:\program files\waterfox\plugin-container.exe] => (Allow) C:\program files\waterfox\plugin-container.exe FirewallRules: [UDP Query User{170C4817-B60A-45B0-AC41-081C4CB7B5E2}C:\program files\waterfox\plugin-container.exe] => (Allow) C:\program files\waterfox\plugin-container.exe FirewallRules: [{6B2395BE-D056-49DC-950F-EDE8D792E296}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{81544619-D1EB-4166-B48E-0980DCB6AF08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{617052B1-2CC1-4ACF-8339-FCC6FFEFB555}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{4349FC7F-EA93-45C0-BAF3-7744CDDCBFFB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (08/09/2016 10:11:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (08/09/2016 06:19:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (08/09/2016 06:05:46 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (08/09/2016 12:30:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MARINAD) Description: Het pakket Facebook.317180B0BB486_79.525.6584.0_x86__8xx8rvfyw5nnt+App is beëindigd omdat het onderbreken te lang duurde. Error: (08/09/2016 10:14:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MARINAD) Description: Het pakket Facebook.317180B0BB486_79.525.6584.0_x86__8xx8rvfyw5nnt+App is beëindigd omdat het onderbreken te lang duurde. Error: (08/09/2016 10:13:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MARINAD) Description: Het pakket Facebook.317180B0BB486_79.525.6584.0_x86__8xx8rvfyw5nnt+App is beëindigd omdat het onderbreken te lang duurde. Error: (08/08/2016 08:10:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARINAD) Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2147023673. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (08/08/2016 07:13:38 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService GetDisplayBrightnessFromPowerSettings: Could not inform driver of current brightness value. Error: (08/08/2016 07:13:38 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetBrightnessSettingInDriver: p_handle is NULL. Error: (08/08/2016 07:13:38 PM) (Source: DptfEvent) (EventID: 1) (User: ) Description: DptfParticipantDisplayService SetDisplayBrightnessViaPowerSettings: Could not obtain brightness value to set from driver. Systeemfouten: ============= Error: (08/10/2016 09:33:27 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor Description is niet geslaagd vanwege deze fout: %%5 = Toegang geweigerd.. Error: (08/10/2016 09:33:27 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor Start is niet geslaagd vanwege deze fout: %%5 = Toegang geweigerd.. Error: (08/10/2016 09:33:27 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor Description is niet geslaagd vanwege deze fout: %%5 = Toegang geweigerd.. Error: (08/10/2016 09:33:27 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor Start is niet geslaagd vanwege deze fout: %%5 = Toegang geweigerd.. Error: (08/10/2016 09:33:27 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor DelayedAutostart is niet geslaagd vanwege deze fout: %%5 = Toegang geweigerd.. Error: (08/10/2016 09:33:27 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor Description is niet geslaagd vanwege deze fout: %%5 = Toegang geweigerd.. Error: (08/10/2016 09:33:27 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor Start is niet geslaagd vanwege deze fout: %%5 = Toegang geweigerd.. Error: (08/10/2016 09:33:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: toepassingsspecifiekLokaalActiveren{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar Error: (08/09/2016 10:23:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: avgsvc. Error: (08/09/2016 05:21:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExW-oproep voor Description is niet geslaagd vanwege deze fout: %%5 = Toegang geweigerd.. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentage geheugen in gebruik: 35% Totaal fysiek RAM-geheugen: 8075.65 MB Beschikbaar fysiek RAM-geheugen: 5206.28 MB Totaal Virtueel geheugen: 9355.65 MB Beschikbaar Virtual geheugen: 6384.59 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:200.99 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:214.1 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 8DBCA721) Partition: GPT. ==================== Eind van Addition.txt ============================