Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 19-02-2017 Gestart door melle (20-02-2017 10:30:24) Gestart vanaf C:\Users\melle\Desktop Windows 10 Home Versie 1607 (X64) (2016-10-05 18:16:04) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-595942859-672628744-3623613245-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-595942859-672628744-3623613245-503 - Limited - Disabled) Gast (S-1-5-21-595942859-672628744-3623613245-501 - Limited - Disabled) LANGUARD_12_USER (S-1-5-21-595942859-672628744-3623613245-1008 - Administrator - Enabled) melle (S-1-5-21-595942859-672628744-3623613245-1003 - Administrator - Enabled) => C:\Users\melle ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov) ACARS MSFS 1.1 (HKLM-x32\...\ACARS MSFS_is1) (Version: - ) ACARSng (HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\b49d0aa97ce942a1) (Version: 2.1.4.3 - Aviation Technology Group) Active Camera 2004 2.1 for FS 2004 (updated to 9.1) (HKLM-x32\...\Active Camera 2004 2.1 for FS 2004 (updated to 9.1)) (Version: - ) Active Sky Evolution (HKLM-x32\...\{65FB3D0B-997B-41E4-9923-C4B8ED124603}) (Version: 12.00.0702 - HiFi Technologies, Inc.) Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft) aerosoft's - Approaching Innsbruck 2004 (HKLM-x32\...\{555C7DA8-8A43-4A5B-A5FB-137C07AA81D0}) (Version: 1.10 - aerosoft) aerosoft's - Heraklion (HKLM-x32\...\{5FFF0FEE-6848-4C3D-BEF4-A6DA7167CA38}) (Version: 1.00 - aerosoft) aerosoft's - Mega Airport Amsterdam (HKLM-x32\...\{CBE420E6-E7C6-427E-816A-8C51B112989C}) (Version: 1.14 - aerosoft) aerosoft's - Mega Airport Barcelona (HKLM-x32\...\{277598F9-7BC5-4C6C-A87B-85836E3680B5}) (Version: 1.02 - aerosoft) aerosoft's - Mega Airport Frankfurt 2.0 - FS2004 - FS2004 (HKLM-x32\...\Mega Airport Frankfurt 2.0 - FS2004) (Version: 2.09 - aerosoft) aerosoft's - Mega Airport London Heathrow Xtended - FS9 (HKLM-x32\...\{87A7B3F4-AF45-4BEF-A770-DE519BD676FB}) (Version: 1.00 - aerosoft) aerosoft's - Nice Cote dAzur (HKLM-x32\...\{50AE4FAB-3A8B-4640-A607-987BDB8FB863}) (Version: 1.00 - aerosoft) aerosoft's - Spanish Airports 2 - FS2004 (HKLM-x32\...\{994B62F0-5F8F-4D5C-BAC6-754CCFD03766}) (Version: - ) Airline Pack E-170 FS9/FSX (version 1.1) (HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\Airline Pack E-170 FS9/FSX (version 1.1)) (Version: - ) Airline Pack E-190 FS9/FSX (version 1.1) (HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\Airline Pack E-190 FS9/FSX (version 1.1)) (Version: - ) Ansel (Version: 376.33 - NVIDIA Corporation) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Coach 6 Full (Nederlands) (HKLM-x32\...\InstallShield_{E1A6CD72-97E5-49A9-B84C-4089D57999B4}) (Version: 201.019.00001 - CMA) Coach 6 Full (Nederlands) (x32 Version: 201.019.00001 - CMA) Hidden CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.4510 - CyberLink Corp.) CyberLink PowerRecover (Version: 5.7.0.4510 - CyberLink Corp.) Hidden E-Jets Series (FS2004) (HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\E-Jets Series (FS2004)) (Version: - ) Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.23.1.1 - SCS Software) Euro Truck Simulator 2 Demo (HKLM\...\Steam App 231120) (Version: - SCS Software) EuroScope v3.2 (HKLM-x32\...\{643D8CF6-F80A-4686-90A2-ECC4B0D63089}) (Version: 3.2 - Gergely Csernak) Flight1 Downloader (HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\Flight1 Downloader) (Version: - ) FlyTampa's - Mega Airport Vienna X - FS2004 (HKLM-x32\...\{1E8A78E3-3DC9-425B-AB11-EA9B6FE5D243}) (Version: 1.00 - FlyTampa) GAP LGTS 2014 FS9 EDITION (HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\GAP LGTS 2014 FS9 EDITION) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HP Officejet Pro 8610 Basissoftware van het apparaat (HKLM\...\{A74BCA3C-D100-4117-9259-27DD3A3C18C0}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP Officejet Pro 8610 Help (HKLM-x32\...\{82C11340-B10E-4265-9CF3-C500071A9BE5}) (Version: 32.0.0 - Hewlett Packard) HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{FEC61634-7B6D-4859-83FD-DDF2E76570F9}) (Version: 12.5.32.203 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iFly Jets - The 737NG for FS2004 (HKLM-x32\...\iFly Jets - The 737NG for FS2004) (Version: - ) Intel Extreme Tuning Utility (HKLM-x32\...\{f7b6df06-f98d-42d1-a319-3a1040d57ea2}) (Version: 6.1.2.8 - Intel Corporation) Intel Extreme Tuning Utility (x32 Version: 6.1.2.8 - Intel Corporation) Hidden Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Driver Update Utility 2.6 (x32 Version: 2.6.0.32 - Intel) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Just Flight - 757 Professional (HKLM-x32\...\{0AF36A70-69D2-460F-9939-67DD3243C863}) (Version: 1.00.000 - Just Flight) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.228 - McAfee, Inc.) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Flight Simulator 2004 A Century of Flight (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.7571.2109 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Milano Malpensa (HKLM-x32\...\{382C0492-0456-4B9D-A80A-1154F4DABC5F}) (Version: 1.0.0.0 - ISD Project) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Navigraph FMS Data Manager 1.6.0.1122 (HKLM-x32\...\{7E4D5716-374A-4DB6-90CF-D2AEB67362CE}_is1) (Version: 1.6.0.1122 - Navigraph) NVIDIA 3D Vision controllerstuurprogramma 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation) NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation) NVIDIA G-SYNC Pendulum Demo (HKLM-x32\...\G-SYNC) (Version: 1.10 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden PMDG747_400 Queen of the Skies (HKLM-x32\...\{97679567-0095-464E-B5F2-E218A1CF3421}) (Version: 1.10.0000 - Precision Manuals Development Group) Productverbeteringsonderzoek voor HP Officejet Pro 8610 (HKLM\...\{9219F09B-3A97-4380-91DA-E3BC5CD3AE0E}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Real Environment Xtreme for FS2004 (HKLM-x32\...\{EE90F444-EAAA-4A2D-B900-2902ECE23530}) (Version: 1.3.2010.1027 - Real Environment Simulations, Inc.) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.853.853.040215 - REALTEK Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0269 - REALTEK Semiconductor Corp.) RemoteFlight Server (HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\99bc7aed10c867fe) (Version: 1.0.0.46 - Inputwish) Saitek SD6 Programming Software 6.0.7.0 (HKLM\...\{83405352-1DE2-40C9-9D45-D787496D0619}) (Version: 6.0.7.0 - Saitek) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung ) smartCARS - Travel Service Virtual (en-US) (HKLM\...\{FC236B8E-2C2A-FDBA-41C1-5F875690B223_en-US}) (Version: 2.1.26.2 - TFDi Design) smartCARS - Virtual Ryanair (en-US) (HKLM\...\{DD560C2D-7875-1C8F-181A-16A9F3A1913A_en-US}) (Version: 2.1.26.2 - TFDi Design) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) SquawkBox (HKLM-x32\...\SquawkBox) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) transavia virtual dispatch manager v1.5.2 (HKLM-x32\...\transavia virtual dispatch manager_is1) (Version: - transavia.com virtual airline) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {035ED6B6-8329-466D-A3E5-49BF2DE6E899} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation) Task: {0C43EA8A-C55A-4B41-87E7-422DEB762980} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP) Task: {16528155-88B7-4E5B-9C76-A05EF36A6D50} - System32\Tasks\Opera scheduled Autoupdate 1473427140 => C:\Program Files (x86)\Opera\launcher.exe Task: {1BE5882A-5D68-4AEE-9410-AC6EFF743758} - System32\Tasks\{E81DC057-023F-462F-BF21-69E67889F44C} => pcalua.exe -a C:\NL2000V3\setup\NL2000V3.exe -d C:\NL2000V3\setup -c /uninstall Task: {20CFC9C7-CDAB-490F-8428-39326D52DB70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.) Task: {28120B4C-35F7-46CA-A51A-6A0D696FE5EB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation) Task: {2DD18A73-849C-4E97-B62D-1FABC5F01066} - \TF9thbdAQmwS -> Geen bestand <==== AANDACHT Task: {327D1142-FB05-4132-964B-D7B6561C1534} - System32\Tasks\HP AR Program Upload - 283b6a57522e48c6a079011d0bc3ea187708c2223f69427cb15da7f57a779fe0 => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [2014-07-21] (TODO: ) Task: {3600D106-F6EE-442A-9170-B287DC4A6692} - \Drarph -> Geen bestand <==== AANDACHT Task: {404D08C4-4A6F-4380-B3A3-542D6A1905E8} - \Gherotyreiferdom Engine -> Geen bestand <==== AANDACHT Task: {40658B36-288B-4213-8C35-EC45A55A9785} - System32\Tasks\{F3448A6F-7229-4E25-BD48-EE1F33F84C8D} => pcalua.exe -a "c:\Program Files (x86)\Microsoft SQL Server\110\Setup Bootstrap\SQLServer2012\x86\SetupARP.exe" -c /X86 Task: {42F38AE0-ABAE-46FA-8B54-83A9235AC236} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {4741B739-6A3D-4037-A742-7225EB078DF6} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-08-27] (CyberLink Corp.) Task: {564CAC31-AAD2-4088-A4B1-E710476A3EDD} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs" Task: {6CC3F84E-50D5-4E21-A2A5-7B6504FBA319} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.) Task: {6EA71B24-1175-4EDF-A084-98CDA4BF48C4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-05] (Google Inc.) Task: {7BE3BD1A-4CC1-4391-83CB-1B82BCC2F332} - System32\Tasks\HP AR Program Upload - 11f1651ea06f49cea8765a0f2b9fee0bbf9af3e327d942a1b097b728f2feae95 => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [2014-07-21] (TODO: ) Task: {7CC6F4C4-B060-4465-AB80-311E384CCF74} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation) Task: {850C1912-9CDA-416E-B18F-978728B1E412} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation) Task: {8A687E54-DEA7-443F-97C1-EE8A322DCD8E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {9014104A-D613-4F38-B9AB-4B7D8BB6748F} - System32\Tasks\HP AR Program Upload - 91bc0af3628543379ce7829ff031eedb23bfa657dfaa40b7a10886e09861080c => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [2014-07-21] (TODO: ) Task: {94700442-7E0C-427F-A874-6287227AC667} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd) Task: {96617012-E3BB-4C87-BB40-2D006FFE2E36} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation) Task: {9C687578-C1DE-451D-9925-87E93F484E5B} - System32\Tasks\HP AR Program Upload - 04ee7c68da1949109f5cbb18c45d2b579497210d71454ae09c88f41fa48a3c6a => C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe [2014-07-21] (TODO: ) Task: {9CB3D8F8-7E15-427E-A8D3-9CA97973B22F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {9F3E6F48-2DB0-4A29-B032-A10AA3E8E3FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.) Task: {9F9E5FFB-28DD-49FD-9069-43642E685E03} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation) Task: {A5D169C1-D977-4704-A321-50A27065AB6C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation) Task: {A608BE5A-332C-433B-9091-9A58DD2149D9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation) Task: {A6A76C65-EA7A-4118-BCE1-ED3E9B6C53B7} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation) Task: {ABCF4F14-0BA9-4712-956B-D0DC15728348} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {B44A371C-6866-46BB-94F0-64373B902036} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {B4D874F1-8B46-4828-823E-3AC6473E3987} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {B7E38DDE-C75F-4453-B3C1-3D121CEDDA91} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-melledvroome@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {BCBDB655-A896-4CD9-AC0A-F2323145E946} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {C126BE6F-F3A9-4FA9-B26C-EFDF0244E63F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {C139D634-EB3E-4F0A-9A02-D1EDF14CCB37} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation) Task: {C3FA0D04-306C-4AD3-AD43-1724204AAABD} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\melle\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {CA79AC7E-0861-447A-A998-3F846A07F821} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-05] (Google Inc.) Task: {D71C17D5-9B89-4EDE-A06F-8560FD3B33BA} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation) Task: {E561B464-B390-4CC8-A0A3-4379A37A1296} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {FEB48780-6FB1-49D2-BEE2-31704C73EE69} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-04-22 00:07 - 2016-04-22 00:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 00:07 - 2016-04-22 00:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-09-22 20:53 - 2015-03-06 14:49 - 00108248 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2016-06-08 17:04 - 2016-06-08 17:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe 2015-09-22 20:52 - 2014-12-12 17:24 - 00044760 _____ () C:\Windows\runSW.exe 2016-09-17 10:16 - 2017-01-20 19:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2016-09-17 10:16 - 2017-01-20 19:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 17:57 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-10-05 18:55 - 2016-12-29 14:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-12-14 17:57 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-14 17:57 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-05 19:43 - 2016-10-05 19:43 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 12:53 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-11 12:53 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 12:53 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-11 12:53 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 12:53 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 12:53 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-09-22 20:53 - 2014-07-03 09:22 - 00277720 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe 2016-12-21 18:49 - 2016-12-21 18:49 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2016-07-15 17:48 - 2016-06-08 17:07 - 00458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe 2016-07-15 17:48 - 2016-06-08 17:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll 2016-07-15 17:48 - 2016-06-08 17:17 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll 2017-02-18 16:31 - 2017-02-18 16:32 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-02-18 16:31 - 2017-02-18 16:32 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-02-18 16:31 - 2017-02-18 16:32 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-02-06 15:33 - 2017-02-06 15:33 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.109.0_x64__kzf8qxf38zg5c\roottools.dll 2016-11-24 13:53 - 2016-11-24 13:54 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-11-24 13:53 - 2016-11-24 13:54 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-15 21:09 - 2016-06-15 21:09 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-11-24 13:53 - 2016-11-24 13:54 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2016-11-24 13:53 - 2016-11-24 13:54 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll 2015-07-22 01:18 - 2015-07-22 01:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-09-17 10:16 - 2017-01-20 19:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-09-17 10:16 - 2017-01-20 19:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2016-09-17 10:16 - 2017-01-20 19:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2015-09-21 22:03 - 2014-12-08 08:28 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2014-12-08 16:28 - 2014-12-08 16:28 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2016-09-17 10:16 - 2017-01-20 14:36 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2016-09-17 10:16 - 2017-01-20 14:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2016-09-17 10:16 - 2017-01-20 14:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2016-09-17 10:16 - 2017-01-20 14:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2016-09-17 10:16 - 2017-01-20 14:36 - 00537656 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2016-09-17 10:16 - 2017-01-20 14:36 - 00468024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2016-09-17 10:16 - 2017-01-20 14:36 - 01066552 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2016-12-16 13:52 - 2017-01-20 14:36 - 01014840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-07-10 12:04 - 2017-02-14 09:14 - 00008603 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-595942859-672628744-3623613245-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\melle\Pictures\Naamloos.png DNS Servers: 192.168.2.254 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\StartupApproved\Run: => "Torrent2Exe" HKU\S-1-5-21-595942859-672628744-3623613245-1003\...\StartupApproved\Run: => "Steam" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{D977DE8C-5F77-4305-8292-B74B31975470}] => (Allow) C:\Users\melle\AppData\Local\Apps\2.0\KXBY4MZ5.3VO\B4QDYKYT.K8C\remo..tion_5f383c4b101aca72_0001.0000_b04a1edb59342f7f\RemoteFlightServer.exe FirewallRules: [{559F896F-5591-4417-84F7-F28DF818E608}] => (Allow) C:\Users\melle\AppData\Local\Apps\2.0\KXBY4MZ5.3VO\B4QDYKYT.K8C\remo..tion_5f383c4b101aca72_0001.0000_b04a1edb59342f7f\RemoteFlightServer.exe FirewallRules: [{26B094DC-C14C-4DC5-B793-910A8525C4E4}] => (Allow) C:\Users\melle\AppData\Local\Apps\2.0\KXBY4MZ5.3VO\B4QDYKYT.K8C\remo..tion_5f383c4b101aca72_0001.0000_b04a1edb59342f7f\RemoteFlightServer.exe FirewallRules: [{46AB55D9-3458-4CA6-BD2D-7E2315871433}] => (Allow) C:\Users\melle\AppData\Local\Apps\2.0\KXBY4MZ5.3VO\B4QDYKYT.K8C\remo..tion_5f383c4b101aca72_0001.0000_b04a1edb59342f7f\RemoteFlightServer.exe FirewallRules: [{B16AA84B-3533-46A8-A32A-65DADCD49AFF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D77DE481-24E2-4A4E-90A8-B1A03555A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{9A7DCADF-7A79-46FC-821C-0C43FAB55772}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{AF5B48BC-1E0D-44BD-9C7A-90EA2B5AE0E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{4FD584DB-7D56-4054-8778-387DD0222C84}C:\program files (x86)\euroscope\euroscope.exe] => (Allow) C:\program files (x86)\euroscope\euroscope.exe FirewallRules: [TCP Query User{8582D683-E218-4624-8A8C-580037857278}C:\program files (x86)\euroscope\euroscope.exe] => (Allow) C:\program files (x86)\euroscope\euroscope.exe FirewallRules: [UDP Query User{1FE0FFBD-9F1E-4764-806B-E9D13E7B9161}C:\program files (x86)\microsoft games\flight simulator 9\fs9.exe] => (Allow) C:\program files (x86)\microsoft games\flight simulator 9\fs9.exe FirewallRules: [TCP Query User{3718C5B2-DB39-4053-BF88-D8D9FEFBF02B}C:\program files (x86)\microsoft games\flight simulator 9\fs9.exe] => (Allow) C:\program files (x86)\microsoft games\flight simulator 9\fs9.exe FirewallRules: [UDP Query User{173BFFB2-F912-46AF-9D81-6A9B9888D2BF}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe FirewallRules: [TCP Query User{3AEB0C1C-8224-453E-BF9F-D0218E87B845}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe FirewallRules: [UDP Query User{E45E6FE6-4A01-4F4B-BEB2-2982502BA673}C:\program files (x86)\squawkbox\squawkbox_fs.exe] => (Allow) C:\program files (x86)\squawkbox\squawkbox_fs.exe FirewallRules: [TCP Query User{8B8ACF58-D6A3-46E9-9AEE-13B0778988B4}C:\program files (x86)\squawkbox\squawkbox_fs.exe] => (Allow) C:\program files (x86)\squawkbox\squawkbox_fs.exe FirewallRules: [UDP Query User{C4C00122-5B76-44DC-9EFC-846BF978D588}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{D16C223D-52BA-4FC3-A00D-98853A78C05F}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{DBE60D2F-AD20-46F5-AE88-F8F45AF3785A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{34A9C6A1-ED9D-42F6-80CE-0635215815E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{DD691217-9F4F-4D1A-8CD8-1274868D09D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4BC5371E-9CEA-42FC-B2C4-7FBCA195CC4D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{24988046-F093-4C7E-A93B-4045D245CCED}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{5851D2B2-996A-4252-8C04-A8AF942AE156}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x86\eurotrucks2.exe FirewallRules: [{C77A501D-A8B4-498D-995E-F9B5F086B067}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2 Demo\bin\win_x86\eurotrucks2.exe FirewallRules: [TCP Query User{59E9E66A-98BA-4969-BC4E-EF332C5EF309}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe FirewallRules: [UDP Query User{65FB51A0-0CEF-40C0-9F8E-348CE0A91A7E}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe FirewallRules: [{B8AE4594-10BB-44CD-9238-72C2089C2640}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{55B2ADF9-857C-4614-A10A-60D3925A7E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{23F6ACDD-BFDF-4383-90A5-1C4763F921DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{5C6D9D83-DC85-44A3-8214-D73ECC01443E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{172CC749-B354-45AC-BA76-EB848AF49FB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{928E72D5-41C2-4D1C-938F-BFCD185A51FC}] => (Block) LPort=445 FirewallRules: [{6CF2EF5C-777A-4675-9E88-F3E07CFF9403}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe FirewallRules: [{E53D4450-2C7D-45B5-9D27-B4F5DF462598}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe FirewallRules: [{491B82FD-C62F-4DF8-9274-17ECEAD99729}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe FirewallRules: [{A8ABDF96-BF7C-4144-840F-9DA5B99DB798}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe FirewallRules: [{3B2A08BA-0209-4A07-B5DA-AD490A3DD109}] => (Allow) LPort=5357 FirewallRules: [{6C877756-5E38-43D1-A864-128F4C9575C5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{2C3AA519-6CBD-416B-AE96-4DED7F8258C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{387E7E87-6E96-4EF2-B0F1-DBA90009FD19}] => (Allow) C:\WINDOWS\system32\rundll32.exe FirewallRules: [TCP Query User{82FDD6C2-9725-4A30-89CD-40168CF6B787}C:\program files (x86)\hoppie\acars-msfs\prg\broker\bin\broker.exe] => (Block) C:\program files (x86)\hoppie\acars-msfs\prg\broker\bin\broker.exe FirewallRules: [UDP Query User{4D919771-32B6-4EAE-B0A0-9BBC5F4DB9D6}C:\program files (x86)\hoppie\acars-msfs\prg\broker\bin\broker.exe] => (Block) C:\program files (x86)\hoppie\acars-msfs\prg\broker\bin\broker.exe ==================== Herstelpunten ========================= 10-02-2017 16:04:41 Windows Update 13-02-2017 10:55:06 Installed Heraklion 16-02-2017 16:26:19 Windows Update 19-02-2017 19:58:02 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (02/20/2017 10:31:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:31:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:31:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:31:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:31:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:30:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:30:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:30:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:30:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Error: (02/20/2017 10:30:00 AM) (Source: ESENT) (EventID: 483) (User: ) Description: svchost (1144) SRUJet: Een poging de map C:\WINDOWS\system32\SRU\ te maken is mislukt. Systeemfout 5 (0x00000005): Toegang geweigerd. . Tijdens het maken van de map treedt fout -1032 (0xfffffbf8) op. Systeemfouten: ============= Error: (02/20/2017 09:22:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80070003: Feedback Hub. Error: (02/20/2017 09:19:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/20/2017 09:19:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/20/2017 09:19:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:57:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:15:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:15:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:15:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:15:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/19/2017 08:13:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2017-02-20 10:27:20.946 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-20 10:27:20.945 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-19 19:15:28.619 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-02-19 19:11:22.704 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-02-19 14:55:01.767 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-19 10:21:45.121 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-02-18 16:39:21.341 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-02-17 18:31:20.380 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-02-17 17:44:07.476 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-17 17:44:07.474 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz Percentage geheugen in gebruik: 32% Totaal fysiek RAM-geheugen: 8144.57 MB Beschikbaar fysiek RAM-geheugen: 5516.26 MB Totaal Virtueel geheugen: 9424.57 MB Beschikbaar Virtual geheugen: 6593.82 MB ==================== Schijven ================================ Drive c: (Boot) (Fixed) (Total:869.8 GB) (Free:758.39 GB) NTFS Drive d: (Recover) (Fixed) (Total:60 GB) (Free:41.3 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: A8E755A2) Partition: GPT. ==================== Eind van Addition.txt ============================