Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 14.03.2018 Gestart door PC1 (23-03-2018 09:44:05) Gestart vanaf C:\Users\PC1\Downloads Windows 10 Home Versie 1709 16299.309 (X64) (2017-12-11 11:22:35) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1103111412-233727958-2618637648-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1103111412-233727958-2618637648-503 - Limited - Disabled) Gast (S-1-5-21-1103111412-233727958-2618637648-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1103111412-233727958-2618637648-1002 - Limited - Enabled) PC1 (S-1-5-21-1103111412-233727958-2618637648-1000 - Administrator - Enabled) => C:\Users\PC1 WDAGUtilityAccount (S-1-5-21-1103111412-233727958-2618637648-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Norton Security (Enabled - Up to date) {589C5C7B-A77A-1B8E-C99B-B02AE9B836F0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Aldfaer (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\Aldfaer) (Version: - ) Aldfaer (HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\Aldfaer) (Version: - ) Allmyapps (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\Allmyapps) (Version: 2.0.0.24 - Allmyapps) Allmyapps (HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\Allmyapps) (Version: 2.0.0.24 - Allmyapps) ATI Catalyst Install Manager (HKLM\...\{576A97E3-1A79-6215-49DE-AA358AF47420}) (Version: 3.0.769.0 - ATI Technologies, Inc.) Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.210.0 - Autodesk) BearShare (HKLM-x32\...\BearShare) (Version: 12.0.0.136089 - Musiclab, LLC) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.) Canon Hulpprogramma Snelkiezen (HKLM-x32\...\Speed Dial Utility) (Version: - ) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.) Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.) Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version: - ) Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version: - ) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.) ccc-core-static (HKLM-x32\...\{DF9B7D24-4C6E-C773-3E58-D2FEF49ADD74}) (Version: 2010.0406.2133.36843 - Uw bedrijfsnaam) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DWG TrueView 2015 - English (HKLM\...\{5783F2D7-E028-0409-0100-0060B0CE6BBA}) (Version: 20.0.210.0 - Autodesk) Hidden Fotoservice (HKLM-x32\...\Fotoservice) (Version: 6.2.4 - CEWE Stiftung u Co. KGaA) Gebruikersregistratie voor Canon MG5600 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5600 series) (Version: - ‭Canon Inc.) Gebruikersregistratie voor Canon MX410 series (HKLM-x32\...\Gebruikersregistratie voor Canon MX410 series) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.) Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.) Google Photos Backup (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Photos Backup (HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Malwarebytes versie 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 49.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 nl)) (Version: 49.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1043}) (Version: 8.0.182 - Nero AG) Norton Security (HKLM-x32\...\NGC) (Version: 22.12.1.15 - Symantec Corporation) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Sitecom WiFi USB adapter N300 Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0201 - Sitecom Europe BV) Spotify (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB) Spotify (HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer) The Lord of the Rings FREE Trial (HKLM-x32\...\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft) Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\PC1\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC1\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\PC1\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC1\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-09-10] (Autodesk) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation) ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG) ContextMenuHandlers1-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google) ContextMenuHandlers1-x32: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Geen bestand ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\buShell.dll [2018-03-02] (Symantec Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\NavShExt.dll [2018-03-02] (Symantec Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {034D3FBF-9A70-4422-B0C6-FEC55C27314D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {111F6C40-9F95-4993-9359-D874152E3B0E} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\SymErr.exe [2018-03-02] (Symantec Corporation) Task: {141A9E1A-0EB6-4DA5-91B6-4D8576825633} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {17133812-1891-4CFD-82AF-5DB621F49AC5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1B31D928-5585-4D3B-AB25-148012672A9C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {205B31E9-79B7-4716-9E86-A986B36CE48F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {22D9DD31-14DD-404E-A5B8-AF6C04BE5C23} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {2822886B-276C-4154-948A-3366525824DB} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2C1448FD-68A9-4C89-97FF-10E6CE6E3BE9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {2DC85370-A18D-4BF4-B3A4-33DE0D37231C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {359C3858-77CE-4893-AA53-9C8DD201BCB3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {363AF9AF-3412-444C-89F7-3C1149C80DDC} - \Microsoft\Windows\Media Center\StartRecording -> Geen bestand <==== AANDACHT Task: {3BAE3B6D-E1A1-48AB-9090-5BAE4A250E03} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {3C4F9805-7680-453D-BADB-6A4FD676644C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {3D16C3EC-2AD8-4692-B09B-7F2FB13EBB1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {40934089-C1B9-4347-B083-D05F8E60DDFE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {45E28F9D-EAC3-4302-A720-A33DB0ED6613} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4A237306-FCE1-4E58-A4F8-ACB6B336E273} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe Task: {4EED71EA-4BC4-4FDE-A2BD-12F1DDD0DBE8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {5043B562-4EF0-4E1F-A9A6-121BF2A57592} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1103111412-233727958-2618637648-1000Core => C:\Users\PC1\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {53BEE881-61B8-4412-AB66-D15625218E5E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {575D0AD3-492C-4E79-B02B-562E7A6E9A71} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {587E29DC-B8DE-4D17-A06E-8E6C14ABD1D8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5A567D2F-220F-4162-9CAE-153B0FAF98DD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5C97C376-8DC7-4A65-9D7D-B65657B2FC76} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {61E96BEC-1F94-4960-9AF4-46AF24AE73ED} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {664C3945-3896-4D36-83BA-9FD11E205848} - \{220A3F3D-1B1E-4E7C-AD4D-3F542B998F27} -> Geen bestand <==== AANDACHT Task: {685AEAB1-F8E8-40D8-8EAA-4497ED5571E6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6CFE6A11-8FD6-4AE4-A05B-112578088E9F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {705112CC-F65A-4271-AA19-9ECE1409DA49} - \{8CE16A29-C1A5-4CD4-9EA9-A944D7662001} -> Geen bestand <==== AANDACHT Task: {7250A82A-E8FB-4407-9CCC-9535DE5D3159} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {77A47554-5C64-46FE-BEF8-39BD9844579D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {79B05757-DB16-492C-A096-B0725EA41F19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1103111412-233727958-2618637648-1000UA => C:\Users\PC1\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {82CF7AA4-CA60-4A6A-8C24-280D036E4B22} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\WSCStub.exe [2018-03-02] (Symantec Corporation) Task: {875605CD-4969-4F99-BA48-EFA8E2634F44} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe Task: {88126CBD-97FA-4B7C-8570-9EB72194A44C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {88F71E2B-CFDF-41D1-ADFB-C06FA1320059} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8FE5FBD2-B294-4491-9590-5AD4E3BB8F3F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {90BD621B-D105-4A94-8827-ACCB860895A2} - \{A8E547D0-6B56-4D74-A259-937AFAC702BB} -> Geen bestand <==== AANDACHT Task: {942BEA76-975F-4148-AB91-4F009DE93DCF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {94D0ECF8-3D78-41C0-9954-DD5C7937F58A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd) Task: {98C85ABB-2C9A-4B07-A6B0-D91707332C52} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {A17DF884-2F29-4C6F-8849-604A5BD22ED4} - \{4C7328D6-584E-4D37-8741-15E6060B2106} -> Geen bestand <==== AANDACHT Task: {A33B4C48-4762-4199-A1AE-44FBA116B0A3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {A8D008F1-F1D1-44CE-B41A-CC436F3C84A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd) Task: {A9097DD2-8AB0-4050-B9AF-CD9CF94DF9DE} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-03-02] (Symantec Corporation) Task: {ABDBB774-0011-4CA2-9B59-7B0F3D8F5E0A} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {C0D7935E-5A96-4BCC-BAF0-6DB80B5DA5C9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {CE03868B-4C9E-45D2-80D0-B02DA74A9416} - \{2EB035DB-1732-487F-8FC0-6D61C961EBA1} -> Geen bestand <==== AANDACHT Task: {CF56A8DA-7359-4782-AE4A-1F0CB74D0680} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {D115AFB2-C9C3-49FB-B707-626ACA77F4FB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {D1FFA64F-3C03-4E97-92DC-B966A49EBD15} - \{82A922FE-EACA-40B3-BD5F-8520C1E1F50C} -> Geen bestand <==== AANDACHT Task: {D5A488DD-3FFA-4E54-B2E8-2E9DE3C00FBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.) Task: {DE368D2F-B1A3-41CE-9493-9F4DCC6885EB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {DF25DD3B-D608-4881-B5D6-42A0FE03B0AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {E058EA41-093C-4413-8B9E-C3677ED866C6} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\SymErr.exe [2018-03-02] (Symantec Corporation) Task: {E613A81B-840D-494C-AF3F-C4E44745C386} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.12.1.15\SymErr.exe [2018-03-02] (Symantec Corporation) Task: {E818C8EA-8A68-4A4C-8469-6445B2FB27D8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F75C3516-3B96-4439-A307-B383E08B8A52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2015-08-15 10:07 - 2013-06-28 16:28 - 000084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2018-03-21 14:51 - 2018-02-05 15:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-03-21 14:51 - 2018-03-01 11:31 - 002488608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-03-14 18:27 - 2018-02-22 01:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-03-14 18:27 - 2018-02-22 01:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-03-06 22:58 - 2018-03-06 22:58 - 000094656 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2018-03-16 17:14 - 2018-03-16 17:14 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-03-16 17:14 - 2018-03-16 17:14 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2007-03-13 11:28 - 2007-03-13 11:28 - 000823296 _____ () C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll 2015-09-05 13:31 - 2012-11-06 08:47 - 000114688 _____ () C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\EnumDevLib.dll 2009-02-26 13:46 - 2009-02-26 13:46 - 000064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 11:46 - 2011-06-22 11:46 - 000434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2015-11-11 03:41 - 2015-11-11 03:41 - 000756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090656703\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090656968\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-1103111412-233727958-2618637648-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_2239.jpg HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_2239.jpg HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090658249\Control Panel\Desktop\\Wallpaper -> DNS Servers: 84.116.46.21 - 84.116.46.20 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "BearShare" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\StartupApproved\Run: => "BearShare" HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-1103111412-233727958-2618637648-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03232018090657171\...\StartupApproved\Run: => "Spotify" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{4421819D-8017-4E70-A489-054944E421B8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{F63E5C53-C244-4CC4-86B1-E5CDD6756F3D}] => (Allow) LPort=1900 FirewallRules: [{C6E6710C-E80A-4EB3-8623-DF1566E7EEF5}] => (Allow) LPort=2869 FirewallRules: [{53C766BE-CC5C-467F-A000-ADAE252B0AF6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{553D453B-C138-4F48-8309-01325B75FCAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{C034F43C-14F7-4609-9C07-130934881D3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D3583E24-712E-475A-B779-A59BFEAD4627}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{920E09C4-B738-497E-B754-7A3355870ABC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{847BCDE6-80A6-4B5F-B80E-AF3184487F8E}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe FirewallRules: [{C55957D2-9231-4F04-A1CB-5B1063E593FA}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe FirewallRules: [{769DC46A-ABE2-46A6-8B7C-B4F0A6D85BE5}] => (Allow) LPort=1542 FirewallRules: [{E4EF3694-065B-4F36-9941-0A73874354F7}] => (Allow) LPort=1542 FirewallRules: [{748D981A-1415-45A9-967C-6AA512BA3E8E}] => (Allow) LPort=53 FirewallRules: [{57468764-00D6-4180-B38D-70BA76F4AAB4}] => (Allow) LPort=67 FirewallRules: [{C11FFB59-D17B-4A02-BE07-3E127A20073D}] => (Allow) LPort=68 FirewallRules: [{B93E53E9-9902-421F-BD75-AC4461063357}] => (Allow) LPort=53 FirewallRules: [{DFC6DAC5-7F63-4B32-9D21-3FCE5B88FB6A}] => (Allow) LPort=53 FirewallRules: [{97A247C5-BEB3-4DB5-9728-42B9368BE210}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\Rtldhcp.exe FirewallRules: [TCP Query User{F93226DB-BC94-4505-BB7B-B57CE9A5DE11}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe] => (Allow) C:\program files (x86)\bearshare applications\bearshare\bearshare.exe FirewallRules: [UDP Query User{4EBDCD48-E560-4EBC-BA26-27456C08FD9E}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe] => (Allow) C:\program files (x86)\bearshare applications\bearshare\bearshare.exe FirewallRules: [TCP Query User{CEF4E17E-DC19-4865-B840-02AD45284543}C:\users\pc1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc1\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{20B87206-944B-4EF7-BC1F-82C2C0082D09}C:\users\pc1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc1\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{0F5540FA-34E5-4167-B194-3DFDC0FF38C9}C:\users\pc1\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pc1\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{2E994AD0-7124-44F0-9874-280362FBA4DE}C:\users\pc1\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pc1\appdata\roaming\spotify\spotify.exe FirewallRules: [{92770AD6-3F6E-496A-B4D8-1678DCD6C196}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2A35C307-4243-4F69-9385-042E3752C2DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{07BB2B27-8BF5-457F-B79D-4BECCC1BF5ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 05-02-2018 16:51:05 Gepland controlepunt 15-02-2018 13:16:05 Windows Update 14-03-2018 18:25:45 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (03/23/2018 09:11:37 AM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (12756,R,0) WebCacheLocal: Fout -1032 (0xfffffbf8) is opgetreden tijdens het openen van logboekbestand C:\Users\PC1\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (03/23/2018 09:11:37 AM) (Source: ESENT) (EventID: 490) (User: ) Description: DllHost (12756,R,0) WebCacheLocal: Een poging het bestand C:\Users\PC1\AppData\Local\Microsoft\Windows\WebCache\V01.log te openen voor lees-/schrijftoegang is mislukt. Systeemfout 32 (0x00000020): Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt. . Tijdens het openen van het bestand treedt fout -1032 (0xfffffbf8) op. Error: (03/23/2018 09:11:27 AM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (12756,R,0) WebCacheLocal: Fout -1032 (0xfffffbf8) is opgetreden tijdens het openen van logboekbestand C:\Users\PC1\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (03/23/2018 09:11:27 AM) (Source: ESENT) (EventID: 490) (User: ) Description: DllHost (12756,R,0) WebCacheLocal: Een poging het bestand C:\Users\PC1\AppData\Local\Microsoft\Windows\WebCache\V01.log te openen voor lees-/schrijftoegang is mislukt. Systeemfout 32 (0x00000020): Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt. . Tijdens het openen van het bestand treedt fout -1032 (0xfffffbf8) op. Error: (03/23/2018 09:10:37 AM) (Source: ESENT) (EventID: 455) (User: ) Description: taskhostw (12312,R,0) WebCacheLocal: Fout -1032 (0xfffffbf8) is opgetreden tijdens het openen van logboekbestand C:\Users\PC1\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (03/23/2018 09:10:37 AM) (Source: ESENT) (EventID: 490) (User: ) Description: taskhostw (12312,R,0) WebCacheLocal: Een poging het bestand C:\Users\PC1\AppData\Local\Microsoft\Windows\WebCache\V01.log te openen voor lees-/schrijftoegang is mislukt. Systeemfout 32 (0x00000020): Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt. . Tijdens het openen van het bestand treedt fout -1032 (0xfffffbf8) op. Error: (03/22/2018 04:15:41 PM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (1132,R,0) WebCacheLocal: Fout -1032 (0xfffffbf8) is opgetreden tijdens het openen van logboekbestand C:\Users\PC1\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (03/22/2018 04:15:41 PM) (Source: ESENT) (EventID: 490) (User: ) Description: DllHost (1132,R,0) WebCacheLocal: Een poging het bestand C:\Users\PC1\AppData\Local\Microsoft\Windows\WebCache\V01.log te openen voor lees-/schrijftoegang is mislukt. Systeemfout 32 (0x00000020): Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt. . Tijdens het openen van het bestand treedt fout -1032 (0xfffffbf8) op. Systeemfouten: ============= Error: (03/23/2018 09:32:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De WarpJITSvc-service is onverwacht beëindigd. Dit is nu 7 keer gebeurd. Error: (03/23/2018 09:18:28 AM) (Source: DCOM) (EventID: 10016) (User: PC1-PC) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker PC1-PC\PC1 SID (S-1-5-21-1103111412-233727958-2618637648-1000) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (03/23/2018 09:07:39 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (03/23/2018 09:05:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (03/23/2018 09:05:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (03/23/2018 09:05:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (03/23/2018 09:05:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (03/22/2018 05:45:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De WarpJITSvc-service is onverwacht beëindigd. Dit is nu 6 keer gebeurd. CodeIntegrity: =================================== Date: 2018-03-23 09:38:05.058 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-03-23 09:32:59.374 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-03-23 09:32:58.243 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-03-23 09:32:26.457 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-03-23 09:32:24.477 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-03-23 09:32:18.693 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-03-23 09:32:10.754 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2018-03-23 09:32:10.433 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Geheugen info =========================== Processor: AMD Athlon(tm) II X2 250 Processor Percentage geheugen in gebruik: 71% Totaal fysiek RAM-geheugen: 3069.55 MB Beschikbaar fysiek RAM-geheugen: 860.76 MB Totaal Virtueel geheugen: 6141.55 MB Beschikbaar Virtual geheugen: 2933.8 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:465.22 GB) (Free:402.31 GB) NTFS \\?\Volume{8d1ab9d8-7f9b-11e3-98a0-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{01d9bc29-0000-0000-0000-905474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 01D9BC29) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Eind van Addition.txt ============================