Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-12-2016 Gestart door Van Bogaert Wim (20-12-2016 08:55:18) Gestart vanaf C:\Users\Van Bogaert Wim\Downloads Windows 10 Home Versie 1607 (X64) (2016-09-26 07:14:54) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3901825128-3934340089-4176255711-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3901825128-3934340089-4176255711-503 - Limited - Disabled) Gast (S-1-5-21-3901825128-3934340089-4176255711-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3901825128-3934340089-4176255711-1002 - Limited - Enabled) Van Bogaert Wim (S-1-5-21-3901825128-3934340089-4176255711-1000 - Administrator - Enabled) => C:\Users\Van Bogaert Wim ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.11.1 - Suyin Optronics Corp) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Adobe Reader XI (11.0.18) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) ATI AVIVO64 Codecs (Version: 10.11.0.41123 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{8BEC41B0-AC4F-B2ED-C018-9EAF5F899B64}) (Version: 3.0.750.0 - ATI Technologies, Inc.) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Belfius Smart Card Reader Chrome-App (HKU\S-1-5-21-3901825128-3934340089-4176255711-1000\...\{22723509-aab9-4276-8b57-734560faf359}) (Version: 2.3.2.0 - VASCO Data Security) Belfius Smart Card Reader Chrome-App (x32 Version: 2.3.2.0 - VASCO Data Security) Hidden Belgium e-ID middleware 4.1.16 (build 1723) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71723}) (Version: 4.1.1723 - Belgian Government) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - ) Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - ) Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) ccc-core-static (x32 Version: 2009.1123.1057.19591 - Uw bedrijfsnaam) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DIGIPASS Native Bridge 2.2.1 (HKU\S-1-5-21-3901825128-3934340089-4176255711-1000\...\{4aab1a61-0721-464e-a15b-929ce852a1d4}) (Version: 2.2.1 - VASCO Data Security) DIGIPASS Native Bridge 2.2.1 (x32 Version: 2.2.1 - VASCO Data Security) Hidden eID Chrome Middleware (HKLM-x32\...\eID Chrome Middleware 1.1.0) (Version: 1.1.0 - e-Contract.be BVBA) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG) Freemake Audio Converter versie 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation) Freemake Video Converter versie 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.1 - Ellora Assets Corporation) Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.0 - Ellora Assets Corporation) Gebruikersregistratie voor Canon MG5200 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5200 series) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.) Google Photos Backup (HKU\S-1-5-21-3901825128-3934340089-4176255711-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.29.02 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.02 - Acer Inc.) MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{DF3CA45F-A7FC-4FF1-B0BF-3E1283BF42FF}) (Version: 7.0.1.29 - MAGIX AG) MAGIX Speed burnR (MSI) (Version: 7.0.1.29 - MAGIX AG) Hidden MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{9AF04633-AA10-49EC-8969-2792531D34BA}) (Version: 13.0.0.28 - MAGIX AG) MAGIX Video deluxe 2014 Premium (Version: 13.0.0.28 - MAGIX AG) Hidden Malware Protection Live (HKLM-x32\...\MalwareProtectionLive) (Version: - ) <==== AANDACHT MergeModule_x64 (Version: 9.3.00 - Sony Corporation) Hidden MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3901825128-3934340089-4176255711-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 35.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 nl)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Music Manager (HKU\S-1-5-21-3901825128-3934340089-4176255711-1000\...\MusicManager) (Version: - Google, Inc.) Nuvoton CIR Device Drivers (HKLM-x32\...\{FBC79D04-051E-4367-8051-1DB0C893FBE0}) (Version: 8.60.2002 - Nuvoton Technology Corporation) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.) PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation) PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden PMB_ServiceUploader (x32 Version: 10.1.00 - Sony Corporation) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30103 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated) Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - ) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) VASCO Card Reader Plug-In (64-Bit) (Version: 3.2.3.4 - VASCO Data Security) Hidden VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-3901825128-3934340089-4176255711-1000\...\{c77cb28d-ddd3-46f7-b51a-14a599127ba7}) (Version: 3.2.3.4 - VASCO Data Security) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.) YTD Video Downloader 4.8.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== AANDACHT ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3901825128-3934340089-4176255711-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3901825128-3934340089-4176255711-1000_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\Van Bogaert Wim\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll (VASCO Data Security) CustomCLSID: HKU\S-1-5-21-3901825128-3934340089-4176255711-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3901825128-3934340089-4176255711-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {00A60A48-F2E9-4BF8-940C-25914EF1BA7B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {05696E4F-43A7-48AF-88F2-0B65DE852427} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {05723B5D-71B4-43E4-BA2A-11B5E7882DA4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {0AB08378-A344-4723-8B6E-3B5C9B3AFFCB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {0CB2E24B-3EA5-4AF0-98F8-80A00331B313} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0EF7C788-DD98-40A8-B368-F40F8AC9F5A5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1078A7BA-E6FA-4403-8886-60D00FB3AE06} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {126A5AC0-785B-47B1-988D-422275C26BC3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {13D32670-4676-4243-8E37-23C7F300BC5B} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe Task: {15F13414-084D-4CAD-AE8D-DBE64C0C8F5F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1670B4B9-64FE-4E84-BB6F-CEFD539B30B8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1A387C7D-0473-48D3-9D70-C362759A065E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1A9D97F0-9F33-4B2F-8AB7-ADBB01ED6FC1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1DAEB26D-A00F-4B53-890C-5B61C4E33024} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {260BC673-E332-4997-A540-6112E9D28304} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {2980B49F-1160-4316-8125-2AC850C37993} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3301EB40-6193-4128-95E9-A5D35B0A11F8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {3538F68E-F76B-45DE-A3E4-73DB282DDF72} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {365B36C5-7873-41EC-95F3-15083EDD6916} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {385693B5-C105-491C-BC01-A5E20585BB9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {421C158A-CFA9-42D4-913B-912900F23B97} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {46A19EC5-BEA7-41D0-8653-D368FDBF8052} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation) Task: {50EB46DF-D643-4251-B058-1EA70E282697} - System32\Tasks\{5E8B9BE4-44AF-4562-AEB1-84E2304D5251} => pcalua.exe -a "C:\Users\Van Bogaert Wim\Downloads\AVM_FRITZ_WLAN_Repeater_300E_Assistent.exe" -d "C:\Users\Van Bogaert Wim\Downloads" Task: {524AAA27-4C0A-4D37-9C15-5493CD271546} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {5A0E62DC-831A-4E10-844D-5FEE24BBDECE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {5AEEC964-4DB5-4739-9054-7D21D98B09F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {5E8D0D0E-C063-4318-A84F-3E2F7AB3CCB3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated) Task: {7A58A94A-1DE3-4132-95F4-1923DB9BA358} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3901825128-3934340089-4176255711-1000UA1d2584cc6a952 => C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {7AC969E9-0A2A-4DC3-B029-C3DCD1720E0F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {7E3DB979-84B9-4AAE-8295-FC63E9C4A232} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {894FDDA9-770C-4829-BBAB-FED8232342E8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3901825128-3934340089-4176255711-1000UA => C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {8A5280AF-EA72-4802-B059-E3F30AE8A79F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8CB3304C-B33D-460D-AB75-9F73F3775B85} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {9C24310F-3F1C-4E9E-8F58-A8EC498F59DA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {9C2FD44F-694A-4E41-BE71-1CA895D4CDA8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {A832D502-52A4-404F-B9F5-D88A1A548A9D} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe Task: {A879D482-D7C4-4106-ABB4-0E4B3932F798} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AB2CE1BC-1584-40BD-A468-248C4101DA3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {AD19F7DB-F841-44A4-82B3-6EE9571CF59A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {B2DFE955-4147-4A6F-A45A-6A0F8476E148} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3901825128-3934340089-4176255711-1000Core1d2584c9b04ee => C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {BDD712D5-2CCA-4740-81E6-36CFA73DE897} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {C043F2F3-0A0B-471F-816B-74A5E560B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3901825128-3934340089-4176255711-1000Core => C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {C7761D2F-A092-4ED4-98E6-7F273A7A3999} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {CE80005F-8EAC-49E9-974D-AE9B6306FFCC} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {D3B2C536-ADD8-4D6C-8CED-4D9DD1EFB0B4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D5A71856-898D-408E-9C88-C1B385C66487} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {DC66DD17-C6DE-44D6-AFE1-E5707C1A5C9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated) Task: {E3D517DD-8CE9-4A1F-A342-C61893E45101} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {F76A2AB3-FCE0-4AD5-A437-936E9C5D6E60} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {FD9F1F33-B000-4966-BCBE-42A414A1AC7A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3901825128-3934340089-4176255711-1000Core.job => C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3901825128-3934340089-4176255711-1000UA.job => C:\Users\Van Bogaert Wim\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Van Bogaert Wim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi ==================== Geladen Modules (gefilterd) ============== 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 20:54 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-12-14 20:54 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-14 20:54 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-12-15 23:30 - 2016-12-15 23:30 - 01678560 _____ () C:\Users\Van Bogaert Wim\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_2\amd64\ClientTelemetry.dll 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-09-26 07:16 - 2016-09-26 07:16 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-12-14 20:54 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-11-09 18:18 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-09 18:18 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-09 18:18 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-09 18:18 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-09 18:18 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-06-16 15:42 - 2009-12-14 09:06 - 00206072 _____ () C:\Windows\PLFSetI.exe 2016-12-06 15:09 - 2016-12-06 15:09 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2016-11-11 19:04 - 2016-11-11 19:04 - 01187360 _____ () C:\Users\Van Bogaert Wim\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe 2016-11-23 09:41 - 2016-11-23 09:42 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-11-23 09:41 - 2016-11-23 09:42 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-04 09:59 - 2016-06-04 09:59 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-11-23 09:41 - 2016-11-23 09:42 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2016-11-23 09:41 - 2016-11-23 09:42 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll 2016-02-02 01:01 - 2016-02-02 01:01 - 00117248 _____ () C:\Users\Van Bogaert Wim\AppData\Local\Programs\Google\MusicManager\libaacdec.dll 2016-02-02 01:00 - 2016-02-02 01:00 - 00234496 _____ () C:\Users\Van Bogaert Wim\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll 2016-02-02 01:00 - 2016-02-02 01:00 - 00253440 _____ () C:\Users\Van Bogaert Wim\AppData\Local\Programs\Google\MusicManager\libid3tag.dll 2016-02-02 00:59 - 2016-02-02 00:59 - 00344064 _____ () C:\Users\Van Bogaert Wim\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll 2016-12-15 23:30 - 2016-12-15 23:30 - 01244376 _____ () C:\Users\Van Bogaert Wim\AppData\Local\Microsoft\OneDrive\17.3.6720.1207_2\ClientTelemetry.dll 2016-11-11 18:13 - 2016-11-11 18:13 - 00931872 _____ () C:\Users\Van Bogaert Wim\AppData\Local\MalwareProtectionLive\mplsettings.dll 2016-12-20 08:31 - 2016-12-20 08:31 - 00098816 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32api.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00110080 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\pywintypes27.dll 2016-12-20 08:31 - 2016-12-20 08:31 - 00364544 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\pythoncom27.dll 2016-12-20 08:31 - 2016-12-20 08:31 - 00320512 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32com.shell.shell.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00914432 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\_hashlib.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 01176576 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\wx._core_.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00806400 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\wx._gdi_.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00816128 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\wx._windows_.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 01067008 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\wx._controls_.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00733184 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\wx._misc_.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00682496 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\pysqlite2._sqlite.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00088064 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\_ctypes.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00686080 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\unicodedata.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00119808 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32file.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00108544 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32security.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00007168 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\hashobjs_ext.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00017920 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\thumbnails_ext.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00088064 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\usb_ext.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00012800 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\common.time34.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00018432 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32event.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00167936 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32gui.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00046080 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\_socket.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 01303552 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\_ssl.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00128512 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\_elementtree.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00127488 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\pyexpat.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00038912 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32inet.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00036864 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\_psutil_windows.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00524248 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\windows._lib_cacheinvalidation.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00011264 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32crypt.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00123392 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\wx._wizard.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00077312 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\wx._html2.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00027648 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\_multiprocessing.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00020480 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\_yappi.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00035840 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32process.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00078848 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\wx._animate.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00024064 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32pipe.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00010240 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\select.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00025600 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32pdh.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00017408 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32profile.pyd 2016-12-20 08:31 - 2016-12-20 08:31 - 00022528 ____R () C:\Users\Van Bogaert Wim\AppData\Local\Temp\_MEI46682\win32ts.pyd 2016-12-14 16:06 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-14 16:06 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3901825128-3934340089-4176255711-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 195.130.131.2 - 195.130.130.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808 FirewallRules: [{7303EB36-6735-4910-98E8-20BAE4BC28FF}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{F94742DD-31E7-4D1D-9EE6-FD956D4E97B8}] => LPort=1900 FirewallRules: [{2C7B1443-B962-4D4A-809F-07BDBA896A0B}] => LPort=2869 FirewallRules: [{59B42900-E62C-4804-A377-4E77C2BB9048}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [UDP Query User{8C0DE238-F4BE-43B5-8319-72D14546B231}C:\program files (x86)\sonos\sonos.exe] => C:\program files (x86)\sonos\sonos.exe FirewallRules: [TCP Query User{C80A7F7A-3043-473D-B281-AF8209A252F4}C:\program files (x86)\sonos\sonos.exe] => C:\program files (x86)\sonos\sonos.exe FirewallRules: [TCP Query User{95A0F0EB-840A-4F4B-89BA-88EEA0BDB446}C:\program files (x86)\synology\assistant\dsassistant.exe] => C:\program files (x86)\synology\assistant\dsassistant.exe FirewallRules: [UDP Query User{56CE73E3-62F5-4CA3-87D7-01695A77401D}C:\program files (x86)\synology\assistant\dsassistant.exe] => C:\program files (x86)\synology\assistant\dsassistant.exe FirewallRules: [TCP Query User{ED05902D-2D4D-4321-89A3-9743BB1BAEB5}D:\windows\dsassistant\dsassistant.exe] => D:\windows\dsassistant\dsassistant.exe FirewallRules: [UDP Query User{4639F37C-66CB-4159-B1C4-395186629FA3}D:\windows\dsassistant\dsassistant.exe] => D:\windows\dsassistant\dsassistant.exe FirewallRules: [{A526A0B3-459B-4081-A35E-4F7694FB1FDF}] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{0ABE16DB-9D36-493E-A2B2-5C94AE50C2D9}] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe FirewallRules: [{DC1100D7-549F-4035-A4BA-D6AAF0BCB822}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{25F0C3AA-0ED4-4188-B4EB-FE1949772A82}] => C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{41C80C71-C4F4-4934-A0EB-20AE8AFDF406}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F1D32531-A256-4BD8-96BE-E0F992741903}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{485E0D23-6CBF-4960-85A2-A1DBC704D171}C:\program files\vuze\azureus.exe] => C:\program files\vuze\azureus.exe FirewallRules: [UDP Query User{38C1E3D5-6B51-46DE-A917-85B83F8488D9}C:\program files\vuze\azureus.exe] => C:\program files\vuze\azureus.exe FirewallRules: [{2A787A4D-642D-41A3-A84A-6AE9C811A320}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C1D0DADB-894F-43F2-9C49-460FAB13BA24}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4218C016-40A0-40FD-A305-7C97CAA4E4A3}] => C:\Program Files\iTunes\iTunes.exe FirewallRules: [{42BE5CE5-1139-4E7C-8F49-3A3ADCA9EEC3}] => C:\Program Files\Vuze\Azureus.exe FirewallRules: [{D75881FB-624C-4B5F-AA26-87AAE46FCB43}] => C:\Program Files\Vuze\Azureus.exe FirewallRules: [{3403AD80-7C2A-46B6-9375-46009862E87F}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 06-12-2016 12:21:37 Gepland controlepunt 10-12-2016 16:54:28 Windows Update 14-12-2016 20:58:52 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= Name: Nuvoton CIR Transceiver Description: Nuvoton CIR Transceiver Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Nuvoton Technology Corporation Service: nuvotoncir Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (12/20/2016 12:24:20 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma SoftwareUpdate.exe, versie 2.1.3.127 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 788 Starttijd: 01d25a2b1bd566f3 Eindtijd: 6 Toepassingspad: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe Rapport-id: 38020d89-c642-11e6-87f1-00269ee31097 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (12/20/2016 12:23:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: VanBogaertWim) Description: Het pakket Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App is beëindigd omdat het onderbreken te lang duurde. Error: (12/20/2016 12:23:24 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12296657 Error: (12/20/2016 12:23:24 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 12296657 Error: (12/20/2016 12:23:24 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/16/2016 06:59:36 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3536547 Error: (12/16/2016 06:59:36 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3536547 Error: (12/16/2016 06:59:36 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/15/2016 08:35:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2251328 Error: (12/15/2016 08:35:45 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2251328 Systeemfouten: ============= Error: (12/20/2016 12:24:48 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Error: (12/20/2016 12:24:39 AM) (Source: DCOM) (EventID: 10010) (User: VanBogaertWim) Description: De server {D63B10C5-BB46-4990-A94F-E40B9D520160} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (12/20/2016 12:24:39 AM) (Source: DCOM) (EventID: 10010) (User: VanBogaertWim) Description: De server {D63B10C5-BB46-4990-A94F-E40B9D520160} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (12/20/2016 12:24:39 AM) (Source: DCOM) (EventID: 10010) (User: VanBogaertWim) Description: De server {D63B10C5-BB46-4990-A94F-E40B9D520160} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (12/20/2016 12:24:39 AM) (Source: DCOM) (EventID: 10010) (User: VanBogaertWim) Description: De server {D63B10C5-BB46-4990-A94F-E40B9D520160} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (12/19/2016 08:58:29 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (12/19/2016 08:12:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/19/2016 08:12:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/19/2016 08:12:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/19/2016 08:12:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2016-12-20 08:55:28.499 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-20 08:55:28.497 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-16 11:53:29.214 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-12-15 16:06:00.172 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-12-15 16:05:59.996 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-12-15 16:05:59.861 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-12-15 16:05:59.744 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-12-15 16:05:59.698 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-12-15 16:05:59.657 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-12-15 16:05:48.429 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz Percentage geheugen in gebruik: 61% Totaal fysiek RAM-geheugen: 4028.55 MB Beschikbaar fysiek RAM-geheugen: 1531.66 MB Totaal Virtueel geheugen: 8124.55 MB Beschikbaar Virtual geheugen: 4999.31 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:465.22 GB) (Free:218.77 GB) NTFS Drive e: () (Removable) (Total:3.72 GB) (Free:3.62 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2D0DC8C2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=3.7 GB) - (Type=0C) ==================== Eind van Addition.txt ============================