Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 11.11.2018 Gestart door Angel (11-11-2018 21:26:53) Gestart vanaf C:\Users\Angel\Downloads Windows 10 Home Versie 1803 17134.345 (X64) (2018-05-18 15:32:36) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3176563166-3555445023-4250302826-500 - Administrator - Disabled) Angel (S-1-5-21-3176563166-3555445023-4250302826-1001 - Administrator - Enabled) => C:\Users\Angel DefaultAccount (S-1-5-21-3176563166-3555445023-4250302826-503 - Limited - Disabled) Gast (S-1-5-21-3176563166-3555445023-4250302826-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3176563166-3555445023-4250302826-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated) Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.) Aptana Studio (HKLM-x32\...\{2D6C1116-78C6-469C-9923-3E549218773F}) (Version: 3.6.0 - Appcelerator) Hidden Aptana Studio (HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\...\Aptana Studio 3.6.0) (Version: 3.6.0 - Appcelerator) ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.1 - ASUS) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Call of Duty Black Ops 4 (HKLM-x32\...\Call of Duty Black Ops 4) (Version: - Blizzard Entertainment) CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform) CCSDK (HKLM-x32\...\{964ACF65-2550-4B28-8E45-606A618C64EE}) (Version: 3.0.0.16 - Lenovo) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd) DB Browser for SQLite (HKLM-x32\...\DB Browser for SQLite) (Version: 3.10.1 - DB Browser for SQLite Team) Discord (HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\...\Discord) (Version: 0.0.301 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.34 - NVIDIA Corporation) Hidden Dolby Audio X2 Windows API SDK (HKLM\...\{68B3293E-612B-48B4-BC0F-4CCFBF83AB96}) (Version: 0.8.2.76 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{DBC4388A-9417-41DB-85CF-DF4993B84D5A}) (Version: 0.7.5.67 - Dolby Laboratories, Inc.) Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.02.1125 - Lenovo) Elgato Game Capture HD (HKLM\...\{9D641DAE-3777-46ED-B47D-6BEC29593B75}) (Version: 3.70.13.3013 - Elgato Systems GmbH) Epic Games Launcher (HKLM-x32\...\{E7B62E3F-0F70-4119-89A2-28DE1C3873CC}) (Version: 1.1.163.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden Game Capture HD v1.0.0.1 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 1.0.0.1 - Elgato Systems) Git version 1.8.4-preview20130916 (HKLM-x32\...\Git_is1) (Version: 1.8.4-preview20130916 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) Killer Bandwidth Control Filter Driver (HKLM\...\{B43B588A-D7D9-47DB-9984-AE3B903E8A0C}) (Version: 1.1.63.1142 - Rivet Networks) Hidden Killer E240x Drivers (HKLM\...\{D186534E-CB1C-4F5E-A362-299B2A031B9F}) (Version: 1.1.63.1142 - Rivet Networks) Hidden Killer Network Manager (HKLM\...\{550B02BE-27F7-4DA8-BA61-A8AA139C0037}) (Version: 1.1.63.1142 - Rivet Networks) Hidden Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.63.1142 - Rivet Networks) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lenovo App Explorer (HKU\S-1-5-19\...\Host App Service) (Version: 0.272.1.266 - SweetLabs for Lenovo) <==== AANDACHT Lenovo App Explorer (HKU\S-1-5-20\...\Host App Service) (Version: 0.272.1.266 - SweetLabs for Lenovo) <==== AANDACHT Lenovo App Explorer (HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\...\Host App Service) (Version: 0.273.2.941 - SweetLabs for Lenovo) <==== AANDACHT Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo) Lenovo Calliope USB Keyboard (HKLM\...\{520AA862-0064-4B41-B777-1FAFC1AD1293}) (Version: 1.10 - Lenovo) Lenovo Essential Wireless Keyboard (HKLM\...\Lenovo Essential Wireless Keyboard) (Version: 1.0 - Lenovo) Lenovo Nerve Center (HKLM-x32\...\{46FA670A-575B-4BAA-B5C0-42B9A9763A6E}) (Version: 1.50.1216 - Lenovo) Hidden Lenovo Nerve Center (HKLM-x32\...\{93EA1F94-3617-47CE-9EB2-B8DC3AC0B880}) (Version: 1.50.1216 - Lenovo) Lenovo Service Bridge (HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.5 - Lenovo) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0070 - Lenovo) Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.) Logitech-webcamsoftware (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.11001.20074 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) Node.js (HKLM\...\{58964DD2-0B8D-48A7-A63D-A908AAD24671}) (Version: 0.10.13 - Joyent, Inc. and other Node contributors) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5 - Notepad++ Team) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden NVIDIA 3D Vision controllerstuurprogramma 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 416.34 - NVIDIA Corporation) NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.34 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.37.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.5 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.11001.20074 - Microsoft Corporation) Hidden OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd) Printer EPSON SX430 Series verwijderen (HKLM\...\EPSON SX430 Series) (Version: - SEIKO EPSON Corporation) Python 2.7.13 (64-bit) (HKLM\...\{4A656C6C-D24A-473F-9747-3A8D00907A04}) (Version: 2.7.13150 - Python Software Foundation) Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10332 - Qualcomm Atheros) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.242 - Qualcomm Atheros) QuickTime (HKLM-x32\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.) RuneMate (HKLM-x32\...\5153-2584-1271-2038) (Version: 2.90.0.0 - Team RuneMate) RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) SQLiteManager (HKLM\...\{26BC5D6B-E05F-4505-9BF1-6C9374F5B309}) (Version: 4.6.10 - SQLabs) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries Engine 3.13.0 (HKLM\...\SteelSeries Engine 3) (Version: 3.13.0 - SteelSeries ApS) Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony) Voxengo Marvel GEQ (HKLM\...\Voxengo Marvel GEQ_is1) (Version: 1.4 - Voxengo) Windows 10-upgradeassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation) WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) YouTube (HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\...\HostAppService_322460fb8f47d8cb14cd883b17b5e0dd233a7768) (Version: v1.0.1 - YouTube) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3176563166-3555445023-4250302826-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll () ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Notepad++\NppShell_06.dll [2017-08-15] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-14] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-14] (Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-11] (NVIDIA Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-14] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-14] (Alexander Roshal) ContextMenuHandlers1_S-1-5-21-3176563166-3555445023-4250302826-1001: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2013-09-16] () ContextMenuHandlers2_S-1-5-21-3176563166-3555445023-4250302826-1001: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2013-09-16] () ContextMenuHandlers4_S-1-5-21-3176563166-3555445023-4250302826-1001: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2013-09-16] () ContextMenuHandlers5_S-1-5-21-3176563166-3555445023-4250302826-1001: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2013-09-16] () ContextMenuHandlers6_S-1-5-21-3176563166-3555445023-4250302826-1001: [Git-Cheetah] -> {ca586c80-7c84-4b88-8537-726724df6929} => C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll [2013-09-16] () ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {01157CC3-B983-42E1-92D9-18E78310A71F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\308dcc48-54dd-428d-84f0-bd5baf247d23 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited) Task: {1F489A70-711B-490B-A887-30BC5D65FB04} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-12-12] () Task: {270C6D09-4CB0-4D0D-A3FA-5C315A51F6E4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-12] (NVIDIA Corporation) Task: {2EBC66B3-C4D4-4CB0-9B10-C1D0CCBD0C60} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-31] (Microsoft Corporation) Task: {339BD131-5F5E-499B-A5A6-04ED62E40C33} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-12] (NVIDIA Corporation) Task: {3A4D4413-7573-4F29-96D4-4E37043E63C5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-05-16] (Lenovo Group Limited) Task: {42FFCE59-DF93-45EB-ACA3-8E6804E7639E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation) Task: {4FB3C746-BFD8-4DB0-B7C1-2DC004FD4AEE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-31] (Microsoft Corporation) Task: {517DBF7A-B992-4631-B71F-4632C9F617D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation) Task: {540A1336-096A-4F4D-B76D-B1B3801CAE7D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-24] (Microsoft Corporation) Task: {54A3BE18-1F4B-42D8-954B-352F792C2F50} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4ad51345-adad-483f-af8b-9145c1d98ac0 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited) Task: {54E7B017-19E7-4722-88F7-A938494F3253} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {61F0EEBE-BD78-413A-9EB9-FA4D47C87C66} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation) Task: {6220A84F-D596-420E-9FF6-A6C3E5F7B98F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6694E3FD-21D8-4D8B-8B80-C15162432E67} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a0def38a-e542-408f-bf72-92e8b79998d3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited) Task: {66A0AD53-295A-4D63-B5CB-3EE31A5C7957} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation) Task: {68248DA0-294C-4D54-8B69-D9796E61AE04} - System32\Tasks\App Explorer => C:\Users\Angel\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2018-10-20] (SweetLabs, Inc) <==== AANDACHT Task: {6A07762A-4AB5-4239-838D-703BBB3B7877} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-10] (Google Inc.) Task: {6A3086DC-3641-4DD9-96A7-5B8E92F092AA} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService Task: {787499A8-86D1-43ED-8AFC-849985AE335D} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation) Task: {822FEAD8-3BF7-4C57-946E-D0BB14FB09C6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-10-23] (Piriform Ltd) Task: {84232B70-470A-4F4F-B9CD-7D19C46858F3} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation) Task: {8661E1B2-5373-4C55-B199-A863022516DF} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation) Task: {8FEB90A2-7B90-4851-9AF9-A32192CE6BBB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd) Task: {9638ABDF-45D7-4C06-A66F-53D6D7B40C73} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation) Task: {971C3C43-BF32-48D9-81F8-91A9105028B0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation) Task: {999F7F6A-4014-4204-9C73-753C443062CE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-12] (NVIDIA Corporation) Task: {A288FD9B-F02B-4CAD-8D43-D7E5E4C8E984} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-31] (Microsoft Corporation) Task: {AB84D669-9FD7-43F6-9759-B1B5FF7FD512} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation) Task: {ABCDE294-B440-436A-8EA7-03F094B05CFB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-12] (NVIDIA Corporation) Task: {B0AB4B8B-7538-4163-82B4-24DF26B3A3DD} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-12-12] () Task: {B8707B27-D89C-4217-A7DC-388514B5EC13} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-angelojorissen@live.nl => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated) Task: {C322ADE8-3291-4042-A7E0-86975B27D7B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation) Task: {D3171001-E23E-414A-A4E7-91035A49F288} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\34af9582-f4e0-4568-869d-76b274f566fe => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited) Task: {DA9CDA34-02F7-40B5-8989-4889D37C748E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-12] (NVIDIA Corporation) Task: {DB35C53C-C5E2-494B-B016-1DC14366E507} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-12] (NVIDIA Corporation) Task: {DDC8B30B-CF62-41F6-87A3-D9B9CA21E5D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.) Task: {E0B50244-DB6D-42C4-BE15-3BD095372A99} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3176563166-3555445023-4250302826-1001 => C:\Users\Angel\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2018-10-29] (Lenovo Group Limited) Task: {E964013D-F87F-4FDA-A61E-7298A07C2CAF} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-angelojorissen@live.nl => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated) Task: {ED4BD9E9-7EB4-4BE8-AA63-1074F8570B24} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {F7B01D69-BAC5-4C62-8984-9F9FFEE373B4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-31] (Microsoft Corporation) Task: {F92363D0-985F-4563-9EFD-5AE67B864A4F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-31] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\gxx speed launcher.job => C:\Program Files (x86)\Garena\Garena\Garena.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube.lnk -> C:\Users\Angel\AppData\Local\Host App Service\Engine\WebAppHelper.exe (SweetLabs, Inc) -> /NAME"YouTube" /APPID"322460fb8f47d8cb14cd883b17b5e0dd233a7768" /URL"hxxps://www.youtube.com/?gl=US" ShortcutWithArgument: C:\Users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "D:\Website build\nodevars.bat" ShortcutWithArgument: C:\Users\Angel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Users\Angel\AppData\Local\Host App Service\Engine\WebAppHelper.exe (SweetLabs, Inc) -> /NAME"YouTube" /APPID"322460fb8f47d8cb14cd883b17b5e0dd233a7768" /URL"hxxps://www.youtube.com/?gl=US" ==================== Geladen Modules (gefilterd) ============== 2018-04-12 00:34 - 2018-04-12 00:34 - 000444416 _____ () c:\windows\system32\SSDM.dll 2017-03-07 20:54 - 2011-08-17 05:46 - 000032768 _____ () C:\Windows\jmesoft\Service.exe 2018-05-30 16:06 - 2018-09-12 12:45 - 001315024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-02-08 12:06 - 2017-12-12 10:25 - 000023920 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-10-10 14:25 - 2018-09-20 04:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-08-12 20:07 - 2016-11-30 13:39 - 000443192 ____N () C:\Program Files\Lenovo\Lenovo Essential Wireless Keyboard\KBOSD.exe 2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2017-08-18 10:01 - 2017-08-18 10:01 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2017-08-18 10:01 - 2017-08-18 10:01 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2018-09-18 19:40 - 2018-09-18 19:40 - 098275328 _____ () D:\Games\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll 2018-09-18 19:40 - 2018-09-18 19:40 - 003922432 _____ () D:\Games\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll 2018-09-18 19:40 - 2018-09-18 19:40 - 000092672 _____ () D:\Games\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll 2017-03-07 20:54 - 2011-08-17 05:46 - 000024576 _____ () C:\Windows\jmesoft\JME_LOAD.exe 2012-09-13 00:38 - 2012-09-13 00:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe 2018-11-10 19:21 - 2018-11-10 19:21 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-11-10 19:21 - 2018-11-10 19:21 - 066031616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-10-05 12:07 - 2017-10-05 12:07 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-11-10 19:21 - 2018-11-10 19:21 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-11-10 19:21 - 2018-11-10 19:21 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-11-10 19:21 - 2018-11-10 19:21 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-08-21 16:20 - 2018-08-21 16:20 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-08-21 16:20 - 2018-08-21 16:20 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-04-05 17:30 - 2018-04-05 17:31 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-11-10 19:21 - 2018-11-10 19:21 - 014094848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-11-10 19:21 - 2018-11-10 19:21 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-11-10 19:21 - 2018-11-10 19:21 - 002863104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-08-30 15:53 - 2018-08-30 15:54 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-07-27 19:31 - 2018-07-27 19:31 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-11-10 19:21 - 2018-11-10 19:21 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\SKU.dll 2018-11-10 19:21 - 2018-11-10 19:21 - 000048128 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.16610.0_x64__8wekyb3d8bbwe\ImageDecoding.dll 2018-08-30 14:55 - 2018-08-30 14:55 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll 2017-07-11 10:10 - 2017-07-11 10:10 - 000817152 _____ () C:\Program Files\Elgato\GameCapture\CFLite.dll 2018-06-05 13:20 - 2018-06-05 13:20 - 000515072 _____ () C:\Program Files\Elgato\GameCapture\librtmp.dll 2017-07-11 10:10 - 2017-07-11 10:10 - 091514368 _____ () C:\Program Files\Elgato\GameCapture\libcef.dll 2018-10-26 11:55 - 2018-10-23 22:24 - 002669400 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\swiftshader\libglesv2.dll 2018-10-26 11:55 - 2018-10-23 22:24 - 000151384 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\swiftshader\libegl.dll 2016-12-19 08:38 - 2016-12-19 08:38 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2018-05-30 16:06 - 2018-09-12 12:45 - 001032912 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2017-03-07 20:54 - 2011-05-17 22:27 - 000028672 _____ () C:\Windows\jmesoft\hidhook.dll 2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\Add-in Express:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194] AlternateDataStreams: C:\Users\Angel\OneDrive\Documents\ClownfishSoundTemp:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194] AlternateDataStreams: C:\Users\Public\AppData:CSM [480] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: ========================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2016-07-16 12:47 - 2017-08-10 14:20 - 000001023 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg DNS Servers: 62.179.104.196 - 213.46.228.196 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "Elgato Sound Capture" HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3176563166-3555445023-4250302826-1001\...\StartupApproved\Run: => "EADM" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [UDP Query User{7B744090-2644-4F9A-B05A-18B64C4FF228}C:\users\angel\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe] => (Allow) C:\users\angel\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe FirewallRules: [TCP Query User{D975C2EA-8C0A-43D1-B2C1-4EA7CF7D8EA8}C:\users\angel\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe] => (Allow) C:\users\angel\appdata\roaming\appcelerator\aptana studio\aptanastudio3.exe FirewallRules: [{D4BEA696-8113-4218-91A4-4DBD3334D608}] => (Allow) C:\Program Files (x86)\Garena\Garena\2.0.1804.2618\gxxsvc.exe FirewallRules: [UDP Query User{5E42D2AA-D3F4-4247-A122-47B1BC36506B}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe FirewallRules: [TCP Query User{D6D9377B-1B9E-4DF8-A585-8A1F84F0094B}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe FirewallRules: [UDP Query User{869B1883-B3BB-49C5-B930-99CBBA535F2B}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [TCP Query User{53899DC0-519E-461A-87B7-18D6A4F41EAA}D:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{C47BE48D-0E75-4069-8945-3F9FF45E22A5}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe FirewallRules: [TCP Query User{73F12629-0531-4D5E-B587-962FD5D402EF}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe FirewallRules: [{82BD6E92-B343-46D5-AF7D-EF3EC07E8D83}] => (Allow) D:\Youtube\Twitch\Bot\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{A639570D-F394-4D2B-B777-C7C7E7024F6D}] => (Allow) D:\Youtube\Twitch\Bot\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{4A21F1CC-AB52-41FD-A83A-32EF7E5B4F9B}] => (Allow) D:\Youtube\Twitch\Bot\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{2F9F3C60-F37B-47AD-903F-3C91D1D81337}] => (Allow) D:\Youtube\Twitch\Bot\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{B4708461-25AB-4AC2-AEE4-9D93CEA05F6F}] => (Allow) D:\Youtube\Twitch\Bot\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{1B15E6F2-D3AA-43A8-BE8F-2E2D4D3E2498}] => (Allow) D:\Youtube\Twitch\Bot\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{27FE6DCE-9A23-418F-9C2D-058AAA39B9E4}] => (Allow) D:\Steam\steamapps\common\Battalion 1944\Launcher\BattalionLauncher.exe FirewallRules: [{88E3FCB9-A995-4331-9AE4-F60E73E17032}] => (Allow) D:\Steam\steamapps\common\Battalion 1944\Launcher\BattalionLauncher.exe FirewallRules: [{3DC44A7D-C4CA-4398-8858-5A0747522F05}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [{2C3FC2CF-EFFF-42EF-860C-9670B775063E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe FirewallRules: [UDP Query User{4D69391F-4C1D-4127-A32E-C4E4805A876D}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [TCP Query User{BEB4D62F-72E1-4D51-BAC7-5F5AC96ED778}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{EABF3156-D1E4-4388-97EB-1B513ACC6F97}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe FirewallRules: [TCP Query User{1F7BF615-8931-4866-ADED-F20B68046512}D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe FirewallRules: [{C665EC3A-43BC-404A-A76F-69577B3E1CB3}] => (Allow) D:\Steamsandy\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{26996B02-8323-4E79-8930-E4B22AABA84D}] => (Allow) D:\Steamsandy\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{90F40ACD-02DF-4553-902C-375C49B4698B}] => (Allow) D:\Steamsandy\Steam.exe FirewallRules: [{69CD2722-FBEA-4C68-ACAF-A188D03627B1}] => (Allow) D:\Steamsandy\Steam.exe FirewallRules: [{97E9D2F8-C7A3-4954-B112-1794C6F3AA55}] => (Allow) D:\BOTTWITCH\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{AA18F9B1-0D53-4632-A157-14375FB37269}] => (Allow) D:\BOTTWITCH\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{CBCC2BA1-06BD-4A23-8C73-25B094FCA408}] => (Allow) D:\BOTTWITCH\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [{E5F9B5F8-F9C7-4ED1-9CF2-2BBA2861BE21}] => (Allow) D:\BOTTWITCH\Streamlabs Chatbot\Streamlabs Chatbot.exe FirewallRules: [UDP Query User{3A90B498-8E6A-48F5-BE8B-5FB7738B006A}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe FirewallRules: [TCP Query User{513F93A7-B262-46C0-8D13-BB5D16D2CB3C}D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{02C12317-BE79-47E6-9836-B9C27CEB88B2}D:\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steam\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [TCP Query User{E85C3E1B-43D0-47F3-99B3-2E8AA03448E7}D:\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steam\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [{8B9D6A7F-C772-4E43-912A-7F98D0CB05F7}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{EA6E2D92-90FC-49B7-AC16-9D43B8E407A2}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{2C68267E-B30A-45E9-AE8C-5D5AE471BEB9}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{FA85A217-6A88-4518-8D36-83786A73A2B8}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{3958E5DC-50D9-492D-8073-0F547BF07349}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{EECB189C-005B-48BB-9C03-B15D49615D84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A4BB3940-F137-4346-9533-7D578484D284}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{87F1E235-D924-4460-A61A-E9FD7CA2C524}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{68EB84A3-19F2-44A9-A7C3-09E0950DEFA3}] => (Block) D:\Photoshop\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [TCP Query User{0BBFC546-21CF-478F-99E7-54CC07080155}D:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo 3\diablo iii\x64\diablo iii64.exe FirewallRules: [UDP Query User{711E34F2-EF97-4B56-AE11-FCE9108540EB}D:\diablo 3\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo 3\diablo iii\x64\diablo iii64.exe FirewallRules: [TCP Query User{02294E4A-4DFF-4B4B-A5F7-1F13D0F84A4E}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{2A0EDE40-8EC7-418D-97CA-CC59D2100D67}D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{4B10A675-C074-423C-8200-8C58383171DB}D:\smartcam\smartcam.exe] => (Allow) D:\smartcam\smartcam.exe FirewallRules: [UDP Query User{F42CA3F2-FFE0-42D5-AE3D-16DCF736DA02}D:\smartcam\smartcam.exe] => (Allow) D:\smartcam\smartcam.exe FirewallRules: [{35C22373-5D54-4CC1-8178-E45D85C4E803}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [TCP Query User{891A4907-8AC8-460A-9C22-0465271D4D26}D:\steam\steamapps\common\hide vs. seek\hideandseek\binaries\win64\hideandseek-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\hide vs. seek\hideandseek\binaries\win64\hideandseek-win64-shipping.exe FirewallRules: [UDP Query User{08FE0747-70BF-4E05-9620-94E6ACAD145C}D:\steam\steamapps\common\hide vs. seek\hideandseek\binaries\win64\hideandseek-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\hide vs. seek\hideandseek\binaries\win64\hideandseek-win64-shipping.exe FirewallRules: [TCP Query User{72D06DBE-8476-4711-9978-305B611E0303}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [UDP Query User{24C0CF20-1333-49AD-959B-640808A35887}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [{123D77F8-6F6F-413C-B0B4-F5436E8CC216}] => (Block) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [{4F7657BA-6D4B-499E-9146-22BF6F603979}] => (Block) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe FirewallRules: [TCP Query User{48346DA0-8825-4C8E-96B3-5E85A0B1C6E0}C:\programdata\oracle\java\javapath_target_510390\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_510390\java.exe FirewallRules: [UDP Query User{1445B5BA-2B7F-4835-AD3D-F679F4CB125B}C:\programdata\oracle\java\javapath_target_510390\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_510390\java.exe FirewallRules: [{149064A3-B3AA-4241-89ED-787CF4E99C9A}] => (Block) C:\programdata\oracle\java\javapath_target_510390\java.exe FirewallRules: [{8D109A71-50E6-4319-ABEE-58A36D89FA72}] => (Block) C:\programdata\oracle\java\javapath_target_510390\java.exe FirewallRules: [TCP Query User{3BA5BECE-AC4B-4B5B-9328-E6674098DF38}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [UDP Query User{CA7F27CE-E341-4877-96CE-554F3EFD70C1}C:\program files\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [{C420BBF1-4F45-40E7-BF12-C157979FD3C7}] => (Block) C:\program files\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [{0528FF01-D865-442F-9859-579057E64B44}] => (Block) C:\program files\java\jre1.8.0_144\bin\javaw.exe FirewallRules: [TCP Query User{543CF52D-28D2-4035-9C63-FD76D0E0C6BC}C:\programdata\oracle\java\javapath_target_420405562\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_420405562\java.exe FirewallRules: [UDP Query User{107763AA-4B94-40A9-B34A-54E0F6EF8E9C}C:\programdata\oracle\java\javapath_target_420405562\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_420405562\java.exe FirewallRules: [{D87BA0E6-81C1-4C9A-BF7C-146669AAA5E3}] => (Block) C:\programdata\oracle\java\javapath_target_420405562\java.exe FirewallRules: [{0FF5A7EB-C4B4-4604-8AC6-436FB3CD0307}] => (Block) C:\programdata\oracle\java\javapath_target_420405562\java.exe FirewallRules: [{5667152D-57ED-48F5-B5CB-C6F075682C7C}] => (Allow) C:\Users\Angel\AppData\Local\Temp\EPSON SX430 Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe FirewallRules: [{61B21E67-1595-4781-8839-B7391869DC93}] => (Allow) C:\Users\Angel\AppData\Local\Temp\EPSON SX430 Series_Home\Network\EpsonNetSetup\EpsonNetSetup3_4_1_FC_1_0_WW_Direct\ENEasyApp.exe FirewallRules: [{65B9BB83-FC41-4CB0-B0C5-CC8DF04C3B2B}] => (Allow) C:\Users\Angel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C96D216B-479E-4078-A6A4-22E8CC2EC2A4}] => (Allow) C:\Users\Angel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{20077CE5-BA09-48F9-89E3-9CB993DFAF2C}D:\deadisland\dead island\deadislandgame.exe] => (Allow) D:\deadisland\dead island\deadislandgame.exe FirewallRules: [UDP Query User{F3B412E4-5834-4FAA-8307-1ED2CFBE43AA}D:\deadisland\dead island\deadislandgame.exe] => (Allow) D:\deadisland\dead island\deadislandgame.exe FirewallRules: [{D6A53305-6AD0-41D8-B07F-000F6056E824}] => (Block) D:\deadisland\dead island\deadislandgame.exe FirewallRules: [{F7A69819-CEF0-405D-B6AB-61241E5A1CF3}] => (Block) D:\deadisland\dead island\deadislandgame.exe FirewallRules: [{E974693A-DD9E-40AF-AD78-80D27B712546}] => (Allow) D:\Steam\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe FirewallRules: [{7B469208-8B4B-43AF-9F6C-7916BFBDAAEC}] => (Allow) D:\Steam\steamapps\common\Call of Duty WWII Beta\s2_mp64_ship.exe FirewallRules: [TCP Query User{8B17B7E0-50C4-4E22-9430-62FC3B57D7C9}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{B788C581-07F6-4573-9805-DEE32D66FD87}D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{536C68D9-6500-4DD1-BA9A-51AE219CAEC2}] => (Block) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{F2775637-8836-43A2-A2E5-95C8B5442308}] => (Block) D:\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{FE6373DD-4C7C-45F4-BF50-DF563F13ED2B}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{61EC1BF8-FCB1-4606-BA15-235B2F754ADA}D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{9E13E977-FF3D-4FE1-B1A5-02475CACEB4C}] => (Block) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{EF7FE8EB-637C-4114-9B79-F58A3B6253DD}] => (Block) D:\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{415D2470-1E20-4641-A57C-0B99D89E581E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{C11A8189-8197-4793-8F6A-97F632170DAA}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{190B73B4-1964-4E73-8D47-2ED4493CED65}] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{8F5AE7F6-B41C-4819-9CF1-90A4751E18BA}] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{F4CF3D06-DE6D-4F3A-908D-57EBA998694F}C:\programdata\oracle\java\javapath_target_2853760437\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_2853760437\java.exe FirewallRules: [UDP Query User{86EE932C-0F69-4A09-8BCC-014949FD7FD9}C:\programdata\oracle\java\javapath_target_2853760437\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_2853760437\java.exe FirewallRules: [TCP Query User{6222B655-C334-45D3-B7FC-2D1B3D396FF1}D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{02601B1A-F643-46CB-966E-BFE55EC66499}D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{9A00FB6B-0F4E-4CEB-BE53-DBDF6ECF21B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F6EBFA7C-4A94-4C87-80C5-B910D237C625}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{FBD98F28-A5FD-4533-A538-8DCBDB65922D}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{8D4E0254-D91D-4071-B588-2DE659D51ABF}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [TCP Query User{39495A34-B3C3-4D2B-97B7-7B4CCB0B0EFF}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe FirewallRules: [UDP Query User{B19AB025-CA47-4776-8E64-F8C6E514F1EF}D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) D:\steam\steamapps\common\realm royale\binaries\win64\realm.exe FirewallRules: [TCP Query User{2B52FFE0-844D-4AD4-9525-E28F637E8E27}D:\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\utils\wowvoiceproxy.exe FirewallRules: [UDP Query User{06ACDDE5-F606-4D77-8DC7-AFAA1FD45338}D:\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) D:\world of warcraft\utils\wowvoiceproxy.exe FirewallRules: [TCP Query User{15E6D21B-EC48-4861-87DD-114AACE3C684}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{8A9BB520-87C8-438A-9628-089CB2135A7C}D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{EA48EB5F-2EBB-46BD-94B6-15BFC1CAB747}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{C6E8754B-F648-4317-A3DF-658D21DDDB75}D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{980A4AF0-6E8D-4A32-933A-7B11FBA75459}D:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{3CE1B3CD-37D7-484E-A2EA-0D01F1FE9314}D:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{F628F667-95E9-4706-96FE-1998BF430B74}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [TCP Query User{A929169F-F8D7-4457-B896-2750DA8168AC}D:\call of duty black ops 4\blackops4.exe] => (Allow) D:\call of duty black ops 4\blackops4.exe FirewallRules: [UDP Query User{964D5117-6937-4E6B-A2B7-0F20CEC72943}D:\call of duty black ops 4\blackops4.exe] => (Allow) D:\call of duty black ops 4\blackops4.exe FirewallRules: [{4212C219-8B96-41D8-A279-21439AF8C4FB}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{500331D9-B247-46D3-8160-5019ACE62D77}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [TCP Query User{C367857C-F284-4203-929C-C562704FE074}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [UDP Query User{807B79FF-46EA-40B1-9A4A-F086DA4F1C02}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe FirewallRules: [{ADFEDAC4-E286-4483-AB6A-3CD4843A600C}] => (Allow) D:\Steam\steamapps\common\Aimtastic\Aimtastic.exe FirewallRules: [{51BD336B-E423-4B13-85BA-B42313B9BD74}] => (Allow) D:\Steam\steamapps\common\Aimtastic\Aimtastic.exe FirewallRules: [{5826899E-776C-4A1C-AD0A-6A36A087CB3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{012A48A7-0592-4DD3-B96F-56EEA6A1A584}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{203922A0-99ED-4514-9E74-D81B846FD93E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{3A55B9AC-1E73-42E8-BB77-C086DEF904E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{D0993209-24D2-402F-BF0E-BA57C9B3F3F3}D:\games\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\games\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe FirewallRules: [UDP Query User{D6293196-88CD-40DC-BEB0-F3873D4965B0}D:\games\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) D:\games\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe FirewallRules: [{6FF31760-4B8D-4FDA-A813-4038E761D32E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{CB6EB1BA-8671-422D-8443-EE5CEB7D7CB9}C:\users\angel\jagexcache\jagexlauncher\bin\jagexlauncher.exe] => (Allow) C:\users\angel\jagexcache\jagexlauncher\bin\jagexlauncher.exe FirewallRules: [UDP Query User{43DA12E0-41F6-4058-AE55-69F16BF9EA06}C:\users\angel\jagexcache\jagexlauncher\bin\jagexlauncher.exe] => (Allow) C:\users\angel\jagexcache\jagexlauncher\bin\jagexlauncher.exe FirewallRules: [{43F86821-0C1E-4FD6-BC42-506BF631E1FD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{75A449A2-230A-4A01-B089-53DF36B502B9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe ==================== Herstelpunten ========================= 27-10-2018 13:10:04 Installatieprogramma voor Windows-modules 29-10-2018 08:29:45 Installatieprogramma voor Windows-modules 30-10-2018 11:08:03 Installatieprogramma voor Windows-modules 31-10-2018 13:10:03 Installatieprogramma voor Windows-modules 01-11-2018 15:08:40 Installatieprogramma voor Windows-modules 03-11-2018 20:09:50 Installatieprogramma voor Windows-modules 05-11-2018 09:29:29 Installed OldSchool RuneScape Launcher 1.2.7 06-11-2018 12:09:50 Installatieprogramma voor Windows-modules 07-11-2018 14:12:12 Installatieprogramma voor Windows-modules 08-11-2018 16:13:19 Installatieprogramma voor Windows-modules 10-11-2018 20:11:52 Installatieprogramma voor Windows-modules ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/11/2018 09:23:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: taskmgr.exe, versie: 10.0.17134.1, tijdstempel: 0xe3592b68 Naam van module met fout: taskmgr.exe, versie: 10.0.17134.1, tijdstempel: 0xe3592b68 Uitzonderingscode: 0xc0000409 Foutmarge: 0x0000000000018961 Id van proces met fout: 0xfc Starttijd van toepassing met fout: 0x01d479faafdb7fc4 Pad naar toepassing met fout: C:\WINDOWS\system32\taskmgr.exe Pad naar module met fout: C:\WINDOWS\system32\taskmgr.exe Rapport-id: 442728ee-27f9-4ab4-82df-b37c9c5e01a0 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (11/11/2018 02:03:32 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UB6PIOM) Description: brave hendrikbrave hendrik-2147467263 Error: (11/11/2018 02:03:19 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UB6PIOM) Description: brave hendrikbrave hendrik-2147467263 Error: (11/11/2018 01:46:39 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Kan DLL voor uitbreidbare items rdyboost niet laden. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de Windows-foutcode. Error: (11/11/2018 01:46:39 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (11/11/2018 01:28:24 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UB6PIOM) Description: brave hendrikbrave hendrik-2147467263 Error: (11/11/2018 01:28:01 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UB6PIOM) Description: brave hendrikbrave hendrik-2147467263 Error: (11/11/2018 01:26:31 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-UB6PIOM) Description: brave hendrikbrave hendrik-2147467263 Systeemfouten: ============= Error: (11/11/2018 09:23:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UB6PIOM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-UB6PIOM\Angel SID (S-1-5-21-3176563166-3555445023-4250302826-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/11/2018 09:20:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UB6PIOM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-UB6PIOM\Angel SID (S-1-5-21-3176563166-3555445023-4250302826-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/11/2018 09:11:50 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UB6PIOM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-UB6PIOM\Angel SID (S-1-5-21-3176563166-3555445023-4250302826-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/11/2018 09:03:08 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UB6PIOM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-UB6PIOM\Angel SID (S-1-5-21-3176563166-3555445023-4250302826-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/11/2018 07:53:19 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UB6PIOM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} en APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} aan de gebruiker DESKTOP-UB6PIOM\Angel SID (S-1-5-21-3176563166-3555445023-4250302826-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/11/2018 07:52:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/11/2018 07:52:11 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UB6PIOM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-UB6PIOM\Angel SID (S-1-5-21-3176563166-3555445023-4250302826-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/11/2018 07:52:03 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UB6PIOM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-UB6PIOM\Angel SID (S-1-5-21-3176563166-3555445023-4250302826-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0 SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Windows Defender: =================================== Date: 2018-10-22 15:56:25.766 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {773A6096-4FEB-4903-9AB8-4A704E71DE53} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2018-10-18 18:23:47.768 Description: Windows Defender Antivirus heeft verdacht gedrag gedetecteerd. Naam: Informational:Behavior/ModifiedKernel Id: 4226887427 Ernst: Laag Categorie: Verdacht gedrag Gevonden pad: process:_0 Detectieoorsprong: Onbekend Detectietype: Verdacht Detectiebron: Real-timebeveiliging Status: Uitvoeren Gebruiker: Unknown\Unknown Procesnaam: Unknown Handtekening-id: 717259538435 Handtekeningversie: AV: 1.279.32.0, AS: 1.279.32.0 Engineversie: 1.1.15400.4 Kwaliteitslabel: Laag Naam doelbestand: Date: 2018-10-03 17:13:46.806 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {F431FE18-0B5F-44BA-98F3-1D481192B5A5} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz Percentage geheugen in gebruik: 51% Totaal fysiek RAM-geheugen: 16337.97 MB Beschikbaar fysiek RAM-geheugen: 7927.68 MB Totaal Virtueel geheugen: 25041.97 MB Beschikbaar Virtueel geheugen: 14455.54 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:237.12 GB) (Free:140.9 GB) NTFS Drive d: () (Fixed) (Total:901.02 GB) (Free:207.21 GB) NTFS \\?\Volume{b2cf67f4-1499-45be-934e-5e885a76f93f}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.59 GB) NTFS \\?\Volume{80603b77-f234-409a-ba5d-de8e786316ba}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.77 GB) NTFS \\?\Volume{9ddba68e-0bcd-4294-ba2c-bf20d920c5dc}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: B6DA6D4A) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: B6DA6D66) Partition: GPT. ==================== Eind van Addition.txt ============================