Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17.02.2018 Gestart door Marleen (18-02-2018 19:04:47) Gestart vanaf C:\Users\Marleen\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads Windows 10 Home Versie 1709 16299.248 (X64) (2018-01-30 12:26:12) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3445387815-1031962335-2888548658-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-3445387815-1031962335-2888548658-503 - Limited - Disabled) Gast (S-1-5-21-3445387815-1031962335-2888548658-501 - Limited - Disabled) Herman (S-1-5-21-3445387815-1031962335-2888548658-1014 - Limited - Enabled) => C:\Users\Herman HomeGroupUser$ (S-1-5-21-3445387815-1031962335-2888548658-1006 - Limited - Enabled) Marleen (S-1-5-21-3445387815-1031962335-2888548658-1001 - Administrator - Enabled) => C:\Users\Marleen vanda_000 (S-1-5-21-3445387815-1031962335-2888548658-1007 - Limited - Enabled) => C:\Users\vanda_000 WDAGUtilityAccount (S-1-5-21-3445387815-1031962335-2888548658-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D} AS: Norton Security (Enabled - Up to date) {589C5C7B-A77A-1B8E-C99B-B02AE9B836F0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.011.20036 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated) Aldfaer (HKU\S-1-5-21-3445387815-1031962335-2888548658-1014\...\Aldfaer) (Version: - ) ANT Drivers Installer x64 (HKLM\...\{D7BFF9DB-7CD7-4F34-ADD9-D17481A91A82}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Belgium e-ID middleware 4.3.2 (build 3551) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73551}) (Version: 4.3.3551 - Belgian Government) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3305 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3201 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden EasyPDFCombine Internet Explorer Homepage and New Tab (HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\EasyPDFCombineTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== AANDACHT Elevated Installer (HKLM-x32\...\{B18AA903-4BA9-45C4-BE06-F90EE091CA01}) (Version: 6.0.0.0 - Garmin Ltd or its subsidiaries) Hidden Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) EPSON-printersoftware (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation) Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries) Garmin City Navigator Europe NTU 2016.10 (HKLM-x32\...\{4DE11D48-DC9D-46FD-9CDA-314BFF6145AD}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{5d118c52-30ad-455d-bc77-2b4dec81cce5}) (Version: 6.0.0.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{5F35EB8B-5E1D-46A1-A5C3-FAA408AB61D4}) (Version: 6.0.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (HKLM-x32\...\{A1A340BC-E833-454E-9EBE-D3B8B147783E}) (Version: 6.0.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{F5120027-B9BF-4A48-86E9-63F7F79A5263}) (Version: 1.1.0.0 - Hewlett-Packard) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{D2FFE8A1-980E-4CF9-A48F-453D767BA661}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 5520 series Help (HKLM-x32\...\{193C95A3-E4D5-4482-A9C9-1510E29849E4}) (Version: 27.0.0 - Hewlett Packard) HP Photosmart 5520 series Productverbeteringsonderzoek (HKLM\...\{ABDD5DC4-E37C-40E1-AB1C-601AA7F7D383}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{F283E29B-0B9B-492B-A4BF-5585D996E5AF}) (Version: 12.8.47.1 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.00.57 - Softex Inc.) Hidden Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.57 - Softex Inc.) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation) Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks) MailStore Home 10.2.3.12921 (HKLM-x32\...\MailStore Home_universal1) (Version: 10.2.3.12921 - MailStore Software GmbH) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0413-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - nl-nl (HKLM\...\ProPlusRetail - nl-nl) (Version: 16.0.9001.2138 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3445387815-1031962335-2888548658-1014\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 58.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 58.0.2 (x64 nl)) (Version: 58.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla) Mozilla Thunderbird 52.6.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 52.6.0 (x86 nl)) (Version: 52.6.0 - Mozilla) Norton Security (HKLM-x32\...\NGC) (Version: 22.12.0.104 - Symantec Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden Pulse Secure Setup Client (HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\Juniper_Setup_Client) (Version: 8.1.5.60701 - Pulse Secure, LLC) Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC) Pulse Secure Terminal Services Client (HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\Juniper_Term_Services) (Version: 8.1.5.38093 - Pulse Secure, LLC) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.29.8105 - Mediatek) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.20 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.) Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Stuurprogrammapakket voor Windows - Fedict SmartCard (11/30/2016 4.1.9) (HKLM\...\A9FBB4D4E267FA9BF2CEBF564F02DB39E147B466) (Version: 11/30/2016 4.1.9 - Fedict) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.45 - Synaptics Incorporated) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Topografische fietskaarten Vlaanderen (HKLM-x32\...\{BDF60B9B-1D23-4859-875C-82A6CA8D1499}) (Version: 2.14.000 - ) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation) Windows Driver Package - Silicon Laboratories (silabenm) Ports (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\buShell.dll [2018-01-25] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\buShell.dll [2018-01-25] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\buShell.dll [2018-01-25] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\buShell.dll [2018-01-25] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\buShell.dll [2018-01-25] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\buShell.dll [2018-01-25] (Symantec Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\buShell.dll [2018-01-25] (Symantec Corporation) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (Cyberlink) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\NavShExt.dll [2018-01-25] (Symantec Corporation) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-06] (Cyberlink) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\NavShExt.dll [2018-01-25] (Symantec Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\buShell.dll [2018-01-25] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\NavShExt.dll [2018-01-25] (Symantec Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0C32E1A5-42C3-48F6-B871-BA8C94BA57E5} - \Microsoft\Windows\RemovalTools\MRT_HB -> Geen bestand <==== AANDACHT Task: {0D21BBCE-5FF6-4613-B62C-48148CA6EAA1} - \Microsoft\Windows\RAC\RacTask -> Geen bestand <==== AANDACHT Task: {0E04C723-B343-48CA-BFD2-01A5AB303480} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3445387815-1031962335-2888548658-1012 Task: {0E9D4BBC-8EE8-48F3-B354-EB29DFECE073} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Geen bestand <==== AANDACHT Task: {0FC9A304-D880-4829-AFBF-714248818B43} - \CLMLSvc_P2G8 -> Geen bestand <==== AANDACHT Task: {10A99A99-7318-42DD-9872-07C7F978CEDB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-12] (Microsoft Corporation) Task: {14C9CD75-0AEF-4767-A5A0-6E2A5096B793} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {1A4230A2-E136-4936-9B22-DDF624BB8332} - \Microsoft\Windows\IME\SQM data sender -> Geen bestand <==== AANDACHT Task: {1B0B2E7E-CC89-4DEB-AB40-68C51E1B616E} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\SymErr.exe [2018-01-25] (Symantec Corporation) Task: {1B1098AA-B45D-4DEE-8600-3180D392940B} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {1C725F3E-B7C4-4C92-A86E-65359130F3CB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {1C8DF987-E0CC-491D-8014-2D0D4375564F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-12] (Microsoft Corporation) Task: {22C4FC15-2044-413C-8EEE-2CE235F2BD48} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {2D42DCBA-682C-44BC-A979-95C4E2ACAD7E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {2EB0D4E2-1E22-4948-BEA2-04873D144BA1} - \Microsoft\Office\OfficeTelemetryAgentFallBack2016 -> Geen bestand <==== AANDACHT Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join -> Geen bestand <==== AANDACHT Task: {3EBB0251-8F12-4629-A7DE-F5345DCE1BA0} - \Microsoft\Office\OfficeTelemetryAgentLogOn2016 -> Geen bestand <==== AANDACHT Task: {3FBCD743-C421-4E64-8ED7-7340FE813FC0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd) Task: {42D58937-3190-4717-9DDB-088D79616FAB} - \Microsoft\Windows\WindowsUpdate\AUFirmwareInstall -> Geen bestand <==== AANDACHT Task: {46FE2307-15AD-444C-9261-8BDC9FE5DF45} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.) Task: {483F0329-2E68-41EF-8610-6718249D847C} - \Microsoft\Windows\MUI\Mcbuilder -> Geen bestand <==== AANDACHT Task: {4BE3459E-55E5-4361-A387-16DAEC437E5A} - \Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon -> Geen bestand <==== AANDACHT Task: {4E0E6E4D-A715-4036-BCA9-44A6BB368ADC} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\SymErr.exe [2018-01-25] (Symantec Corporation) Task: {4F35DEAB-641B-4BEC-ADE9-AC106B16E994} - \Microsoft OneDrive Auto Update Task-S-1-5-21-3445387815-1031962335-2888548658-1001 -> Geen bestand <==== AANDACHT Task: {591CB5A0-B5DE-4F5F-8FCB-15546D7DF2B0} - \Norton WSC Integration -> Geen bestand <==== AANDACHT Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - \Microsoft\Windows\Customer Experience Improvement Program\BthSQM -> Geen bestand <==== AANDACHT Task: {5B20D222-8B62-4A7C-9CA4-82E39232831B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd) Task: {5B85AC99-4F11-4913-AB0F-610CB9AC3B9A} - \Hewlett-Packard\HP Support Assistant\PC Health Analysis -> Geen bestand <==== AANDACHT Task: {5DDE09A7-D746-4250-8495-0A0F046AA21D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {5DFF4374-81AE-4755-8C1E-8078AEA988EB} - \Microsoft\Windows\Setup\gwx\rundetector -> Geen bestand <==== AANDACHT Task: {6A88A6DB-42B2-40F2-A89A-BE4A5034C330} - System32\Tasks\GoogleUpdateTaskMachineUA1d25f75922887a2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task -> Geen bestand <==== AANDACHT Task: {752D4054-9117-4B7B-A37A-CA3878C2273B} - \Optimize Start Menu Cache Files-S-1-5-21-3445387815-1031962335-2888548658-500 -> Geen bestand <==== AANDACHT Task: {775A5621-6CD7-4A02-A9E6-DF6D3B3796B6} - \Optimize Start Menu Cache Files-S-1-5-21-3445387815-1031962335-2888548658-1007 -> Geen bestand <==== AANDACHT Task: {843C7C2E-3B4E-4341-9709-5CF5CE253FE4} - \HPCustParticipation HP Photosmart 5520 series -> Geen bestand <==== AANDACHT Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - \Microsoft\Windows\SkyDrive\Routine Maintenance Task -> Geen bestand <==== AANDACHT Task: {8C222EF9-6F4A-43D6-9A6A-A97288A7981A} - \Microsoft\Office\Office ClickToRun Service Monitor -> Geen bestand <==== AANDACHT Task: {8D87E7AC-DB89-4E56-AAAB-FEDCC6A20CBB} - \Optimize Start Menu Cache Files-S-1-5-21-3445387815-1031962335-2888548658-1001 -> Geen bestand <==== AANDACHT Task: {93BF9DA7-D876-436A-84AC-3BE7B5CE5B58} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {9A5887E2-6FA9-4B31-A79E-51D2918FC7A1} - \Microsoft\Windows\WindowsUpdate\AUScheduledInstall -> Geen bestand <==== AANDACHT Task: {9F7BCB86-D73D-4850-9DD1-8E7CD6722A6B} - \GarminUpdaterTask -> Geen bestand <==== AANDACHT Task: {A38BD7AB-98B8-4AC0-B8C0-B3D43D969B39} - \Microsoft\Windows\MUI\Lpksetup -> Geen bestand <==== AANDACHT Task: {A837E61C-2249-43B4-A020-044B047AFEE6} - \GoogleUpdateTaskMachineUA -> Geen bestand <==== AANDACHT Task: {AA239E30-D4FF-43D9-B061-9DEB700A7335} - \Remediation\AntimalwareMigrationTask -> Geen bestand <==== AANDACHT Task: {AC80F063-504A-463C-BA4D-C74BAADEB6D8} - \Microsoft\Office\Office Automatic Updates -> Geen bestand <==== AANDACHT Task: {AD358D84-A674-45B8-9835-57A41F4AD61F} - \Microsoft\Windows\WindowsUpdate\Scheduled Start With Network -> Geen bestand <==== AANDACHT Task: {AE365DD5-251F-4065-87E6-E7428E0B01DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d25f75921b86b4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {B44CE190-ECC4-409D-BFA3-0A084C2BFC48} - \CLVDLauncher -> Geen bestand <==== AANDACHT Task: {B50E2CDC-27E7-4411-81D4-06E74197AC6C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {BC1C791E-D480-4470-8E79-D4D53CC34BEE} - \Microsoft\Windows\WindowsUpdate\AUSessionConnect -> Geen bestand <==== AANDACHT Task: {BCAADBE5-768D-470B-A80D-3F9A2632EC1D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler -> Geen bestand <==== AANDACHT Task: {C74F3412-2903-4BB5-A6C2-0AA8BDDA5DAC} - \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task -> Geen bestand <==== AANDACHT Task: {CAE94966-5965-42A2-B6CF-A804A2CCAE35} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.12.0.104\SymErr.exe [2018-01-25] (Symantec Corporation) Task: {CBFE43C2-AB2D-4D70-97C2-F638930A4940} - \Microsoft\Windows\Setup\EOONotify -> Geen bestand <==== AANDACHT Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> Geen bestand <==== AANDACHT Task: {CE618F3B-7804-4C37-A359-5345B076B487} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {D18FCC09-BF85-45E0-9C86-17AFBA449A2E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT Task: {D312D608-EE3D-43A4-8AF9-1ABA9EB51A10} - \Hewlett-Packard\HP Support Assistant\HP Active Health Launcher -> Geen bestand <==== AANDACHT Task: {D68155DE-765F-48EA-8464-E5DFB6312058} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {DCAD537D-0C61-4ECC-A338-EBAB0CC24EFE} - \HPCeeScheduleForMarleen -> Geen bestand <==== AANDACHT Task: {DF83BF63-2AE5-4E6A-90FD-86DCA4F85756} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {E0F1F76D-30B9-4D1A-BB85-DD14AA2D3259} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT Task: {E46F474C-977E-4A52-BCE6-54FBB588BCA6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {E57A1FC7-0D88-4030-85B5-7FE5835C213B} - \Microsoft\Windows\Shell\FamilySafetyUpload -> Geen bestand <==== AANDACHT Task: {E6080B40-7C5B-40DB-BB26-3F166B5B1B35} - \Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) -> Geen bestand <==== AANDACHT Task: {EACD7135-48CC-4595-BE2D-CC66EAD664ED} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Geen bestand <==== AANDACHT Task: {F6BD897C-E0D7-4F2B-8A0E-4B5724291E71} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> Geen bestand <==== AANDACHT Task: {F88B896A-D6AB-42E8-A78D-3E87E752CCBB} - \GoogleUpdateTaskMachineCore -> Geen bestand <==== AANDACHT Task: {F8EC67E7-6BFC-44D0-90D8-797A21AF959E} - \Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources -> Geen bestand <==== AANDACHT Task: {F90E53BE-45E7-4511-8A4E-51B3AF4FC8D0} - \Adobe Acrobat Update Task -> Geen bestand <==== AANDACHT (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\HPCeeScheduleForMarleen.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2013-10-14 10:23 - 2013-10-14 10:23 - 000109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe 2013-10-14 10:24 - 2013-10-14 10:24 - 000627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll 2013-10-14 10:25 - 2013-10-14 10:25 - 002541056 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 000035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 000055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2013-10-14 10:22 - 2013-10-14 10:22 - 000021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2013-10-14 10:35 - 2013-10-14 10:35 - 000306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2013-10-14 10:35 - 2013-10-14 10:35 - 001297296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2018-01-30 12:21 - 2018-01-30 12:21 - 000975872 _____ () C:\WINDOWS\system32\FaceProcessor.dll 2018-01-30 12:21 - 2018-01-30 12:21 - 000269696 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 001357464 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll 2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-02-13 21:21 - 2018-02-10 05:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-02-13 21:21 - 2018-02-10 05:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2013-10-14 10:30 - 2013-10-14 10:30 - 000065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2018-01-30 10:38 - 2018-01-30 11:07 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2018-01-30 10:38 - 2018-01-30 11:07 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-01-30 10:38 - 2018-01-30 11:07 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2018-01-30 10:38 - 2018-01-30 11:07 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll 2018-02-06 08:31 - 2018-02-06 08:32 - 001231536 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll 2018-01-30 10:38 - 2018-01-30 11:07 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-02-07 18:47 - 2018-02-07 18:47 - 000090496 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2013-11-20 00:35 - 2013-08-09 13:25 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\uzbrussel.be -> hxxps://uzbrussel.be ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marleen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dsc01303.jpg HKU\S-1-5-21-3445387815-1031962335-2888548658-1014\Control Panel\Desktop\\Wallpaper -> c:\users\herman\pictures\pictures\bureaubladfoto's\img442.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run: => "SimplePass" HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop" HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\StartupApproved\Run: => "EPSON Stylus DX4400 Series (Kopie 1)" HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\StartupApproved\Run: => "EPSON Stylus DX4400 Series" HKU\S-1-5-21-3445387815-1031962335-2888548658-1001\...\StartupApproved\Run: => "Skype" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{181F8EFD-2290-4F4B-8CDA-89C00EDD1ECE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4EB1B64E-EBCF-43AB-AFDD-4288CF7E798F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CFC2C7C5-B6D5-4C90-9685-61278EF39FED}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{37F26539-90F6-450C-886F-652107B2B2A1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{8462EAF4-4F85-4B0A-86F3-BB73A10C5E9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{7380DD07-9AFA-449E-B641-267C3C35017F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{A0B94D70-B93A-4A3C-B7B8-9556429E1599}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{5234A329-0B0E-436B-9511-B45F372DD4EB}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{FAA13C1C-5A49-4492-BDE8-ED1D505F9225}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{1C40EEB3-229E-459D-A137-EEC271F98C48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{175D5505-63F5-4BAC-9062-BFA71E121615}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A9C68086-331E-43D0-95A2-28796D3EA727}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6D1D922F-3F92-4F88-BD5B-2984F9BBDE32}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{7D180E96-8F6B-410F-A528-7E17B896C62D}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe FirewallRules: [{B7E0EFEB-7DE2-4EDE-B6E1-2005702C4C84}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{8D7C981B-A9B0-46FC-B40C-00E0BD932BA2}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{640737D7-F76D-4D09-B99E-7377500A8C75}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{42AC89D9-39EE-4A35-B358-5426564561EB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{27C802B4-0980-47FC-923F-EA6153CC04D3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{47EAC5AE-0E55-4CB8-BA43-C5924EFD9B37}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{4AC69530-FE03-4ED9-895D-B73579C65196}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{0F7C374F-FFCB-48AE-B257-110BD3F1A3F3}] => (Allow) LPort=2869 FirewallRules: [{563C178C-A664-497C-8186-318386249CF3}] => (Allow) LPort=1900 FirewallRules: [{BFFF455F-A098-4C22-848A-920B8236ED0F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CF091833-7D7A-4A0E-AE20-B043B623DBE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{41D93EDF-976A-45B7-A6BF-A0A5A1DE594D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6A95EAA4-5CC6-4A8E-B96B-736C4D47812D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{9AF1826F-5190-431D-870C-3389BEEDCD18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{0DA6CD11-7B34-4D5E-B2C4-4C000305E311}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{7180A58C-D9C0-4448-9F8D-91125F2B98AF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{C1225E36-F754-4A7D-98B1-B69FD8C8A5BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{D6197639-A142-43F7-B722-8A4881E09474}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{4141895A-26EF-4D43-9B08-49E467B0429E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{77C58091-1761-41D8-8D4A-C69401DE9CFE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{5153D5B1-D0F7-491A-940B-1630BE2BA50F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{4CD8F21B-C97C-4853-BE59-2812319DE77C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{B6D06720-18EA-4BEB-9A85-628D835449EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{F8CC3595-69EF-4841-BDC0-704687946FD4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 15-02-2018 18:55:59 Gepland controlepunt 16-02-2018 17:16:17 Nieuw herstelpunt 16-02-2018 17:19:19 Herstelbewerking ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (02/18/2018 02:29:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15625 Error: (02/18/2018 02:29:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15625 Error: (02/18/2018 02:29:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/18/2018 08:17:56 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname marleen-PC.local already in use; will try marleen-PC-2.local instead Error: (02/18/2018 08:17:56 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 marleen-PC.local. Addr 192.168.1.2 Error: (02/18/2018 08:17:56 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.2:5353 16 marleen-PC.local. AAAA 2A02:A03F:508C:1300:7C30:7713:1257:DA86 Error: (02/17/2018 09:11:36 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname marleen-PC.local already in use; will try marleen-PC-2.local instead Error: (02/17/2018 09:11:36 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 16 marleen-PC.local. AAAA 2A02:A03F:508C:1300:E928:E4C0:A183:CAD8 Systeemfouten: ============= Error: (02/18/2018 06:56:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/18/2018 06:47:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/18/2018 06:41:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/18/2018 06:41:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/18/2018 06:41:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/18/2018 06:41:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/18/2018 06:41:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/18/2018 06:41:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Windows Defender: =================================== Date: 2018-02-07 22:09:11.846 Description: Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Systeem voor netwerkinspectie Foutcode: 0x8007045b Foutbeschrijving: Systeem wordt afgesloten. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. Date: 2018-02-07 22:09:11.846 Description: Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Gedragscontrole Foutcode: 0x8007045b Foutbeschrijving: Systeem wordt afgesloten. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. Date: 2018-02-07 22:09:11.846 Description: Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Bij toegang Foutcode: 0x8007045b Foutbeschrijving: Systeem wordt afgesloten. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. CodeIntegrity: =================================== Date: 2018-02-18 19:02:25.514 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-18 19:02:25.510 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-18 19:02:20.743 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-18 19:02:20.740 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-18 18:47:09.510 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-18 18:47:09.508 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-18 18:47:07.520 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-02-18 18:47:07.518 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz Percentage geheugen in gebruik: 65% Totaal fysiek RAM-geheugen: 3988.27 MB Beschikbaar fysiek RAM-geheugen: 1376.64 MB Totaal Virtueel geheugen: 8084.27 MB Beschikbaar Virtual geheugen: 4921.04 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:447.55 GB) (Free:348.86 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:16.59 GB) (Free:1.62 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive f: (Samsung S2 Draagbare Externe HD) (Fixed) (Total:465.76 GB) (Free:266.24 GB) NTFS \\?\Volume{617a6690-3454-436f-b4e8-68e059c941fc}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.09 GB) NTFS \\?\Volume{3eb59003-6a2a-44d5-8d44-08f0e08e75f3}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32 \\?\Volume{ef36af23-578f-4438-9944-5cd8480e23de}\ () (Fixed) (Total:0.85 GB) (Free:0.3 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 7FD21DE5) Partition: GPT. ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: A97C81A6) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================