Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 15.11.2018 Gestart door Rudi (17-11-2018 10:15:24) Gestart vanaf E:\ Windows 10 Home Versie 1803 17134.407 (X64) (2018-05-18 19:20:21) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1110841881-1274814628-13942943-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1110841881-1274814628-13942943-503 - Limited - Disabled) Gast (S-1-5-21-1110841881-1274814628-13942943-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1110841881-1274814628-13942943-1003 - Limited - Enabled) Rudi (S-1-5-21-1110841881-1274814628-13942943-1001 - Administrator - Enabled) => C:\Users\Rudi WDAGUtilityAccount (S-1-5-21-1110841881-1274814628-13942943-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 4Team Sync2 (HKLM-x32\...\{7496F038-B040-4842-9A52-F7196BF74D4A}) (Version: 2.74.2782 - 4Team Corporation) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Allway Sync version 12.0.0 (HKLM-x32\...\Allway Sync_is1) (Version: - Botkind Inc) ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Ashampoo Burning Studio 15 v.15.0.4 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.4 - Ashampoo GmbH & Co. KG) Ashampoo Photo Commander 15 (HKLM-x32\...\{0A11EA01-E0CE-916E-BC94-74670FA71836}_is1) (Version: 15.1.0 - Ashampoo GmbH & Co. KG) Ashampoo Photo Converter v.1.0.1 (HKLM-x32\...\Ashampoo Photo Converter_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG) Ashampoo Slideshow Studio HD 2 2.0.1 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.1 - ashampoo GmbH & Co. KG) Ashampoo Snap 10 (HKLM-x32\...\{0A11EA01-7909-E272-BFA6-BC39E55F240A}_is1) (Version: 10.0.7 - Ashampoo GmbH & Co. KG) Ashampoo Video Styler v.1.0.1 (HKLM-x32\...\{91B33C97-3197-5D05-4176-1BD0B43C7AD8}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG) AxCrypt 1.7.3180.0 (HKLM\...\{302F28C9-8FF9-4941-A8CE-8F35EF7576D6}) (Version: 1.7.3180.0 - Axantum Software AB) Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.) Belgium e-ID middleware 4.1.18 (build 1730) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71730}) (Version: 4.1.1730 - Belgian Government) BitComet 1.46 (HKLM-x32\...\BitComet_x64) (Version: 1.46 - CometNetwork) BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 3.56.76.1867 - BlueStack Systems, Inc.) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.) Click Install if prompted (HKLM-x32\...\{40830C8E-936E-4E08-AE37-240FF3343927}) (Version: 1.0.6.0 - ExpressVpn) Hidden Connective Signing Plugins (HKLM-x32\...\{58ACA8CB-5499-4F50-88D1-4FE63A4D3920}) (Version: 2.0.3.296 - Connective) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd) Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden ExpressVPN (HKLM-x32\...\{5DC0F67F-922B-482F-A141-5AA248915DF7}) (Version: 6.7.0.4772 - ExpressVPN) Hidden ExpressVPN (HKLM-x32\...\{a9ea11c1-b4be-4fa4-aa3c-61e8b0d12ae7}) (Version: 6.7.0.4772 - ExpressVPN) Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.) HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software) Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation) Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1110841881-1274814628-13942943-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.) MKVToolNix 10.0.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 10.0.0 - Moritz Bunkus) Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 59.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 59.0.2 (x64 nl)) (Version: 59.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla) MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Norton Security (HKLM-x32\...\NGC) (Version: 22.16.0.247 - Symantec Corporation) NVIDIA 3D Vision stuurprogramma 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) Split Tunneling Driver (HKLM-x32\...\{F078B0B5-2F41-42C2-9162-B8C628D5E6FE}) (Version: 1.0.0.0 - ExpressVpn) Hidden Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation) USB Drive Letter Manager (x64) (HKLM\...\{0305A034-797B-4373-879D-AD900C63526E}) (Version: 5.2.8.0 - uwe-sieber.de) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - ) WhatsApp (HKU\S-1-5-21-1110841881-1274814628-13942943-1001\...\WhatsApp) (Version: 0.2.6968 - WhatsApp) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.30 beta 5 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.5 - win.rar GmbH) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\buShell.dll [2018-10-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\buShell.dll [2018-10-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\buShell.dll [2018-10-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\buShell.dll [2018-10-05] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\buShell.dll [2018-10-05] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\buShell.dll [2018-10-05] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2016-07-04] (Axantum Software AB) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\buShell.dll [2018-10-05] (Symantec Corporation) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\NavShExt.dll [2018-10-05] (Symantec Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-10-26] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-10-26] (Alexander Roshal) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\NavShExt.dll [2018-10-05] (Symantec Corporation) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google) ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation) ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\ShellExt.dll [2016-07-04] (Axantum Software AB) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\buShell.dll [2018-10-05] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\NavShExt.dll [2018-10-05] (Symantec Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-10-26] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-10-26] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0A8BDA10-0E44-4A7D-AEBA-B531A57DD38F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-21] (Dropbox, Inc.) Task: {1D81AA8B-7CB9-4AE1-B34A-FF10DE6D9F27} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated) Task: {368FB5E2-766F-4629-BFFE-8CD219DF86C3} - System32\Tasks\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.12.1.14\SymErr.exe Task: {3851A7A4-128A-46BB-B0D8-8232E3768143} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {4B985A0F-9583-40D2-A3F4-B29CC855F218} - System32\Tasks\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.12.1.14\SymErr.exe Task: {5F736020-21C7-4A1A-B808-C7B7BED5299F} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\SymErr.exe [2018-10-05] (Symantec Corporation) Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {74527BC1-8D59-4673-B932-BBAF1905765E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-21] (Google Inc.) Task: {7ABB05A9-9B49-4FD5-B147-FC6C83C2FE4F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-10-05] (Symantec Corporation) Task: {8D1859EA-E29E-4FAB-B4DA-BD527565B54E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {903607A0-7044-4D80-9343-75AC35C86E08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-21] (Google Inc.) Task: {9B471317-2C4A-4BB3-A964-24B5AFFA341D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\WSCStub.exe [2018-10-05] (Symantec Corporation) Task: {AFED10AF-7BC4-472E-AEB6-FD31ACE62819} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-21] (Dropbox, Inc.) Task: {B68FB688-C70A-40C4-8251-E3E4916B7C24} - System32\Tasks\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.12.1.14\SymErr.exe Task: {BF137D8D-0D75-4553-9D3E-91E75217D63B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-10-24] () Task: {D2F51E37-5436-43E9-BBC0-D20373F77907} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-11-14] (Microsoft Corporation) Task: {D3ADA824-09CD-4557-8748-0BBB9B51A683} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [2018-06-26] (BlueStack Systems, Inc.) Task: {EDD28415-8851-4A7F-AE8A-5B3EF3D58045} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\SymErr.exe [2018-10-05] (Symantec Corporation) Task: {FF6EC877-5DCC-4606-AFC1-3A1FA890B7E1} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.16.0.247\SymErr.exe [2018-10-05] (Symantec Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2018-07-03 11:11 - 2018-07-03 11:11 - 000339168 _____ () C:\Program Files (x86)\ExpressVPN\bootstrap\AMD64\nssm.exe 2018-07-03 11:12 - 2018-07-03 11:12 - 008749184 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\xvpnd.exe 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-11-14 19:38 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-01-07 18:57 - 2017-08-30 12:29 - 000260752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2015-10-29 18:13 - 2011-12-27 12:53 - 000094112 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe 2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe 2018-11-17 09:57 - 2018-11-17 09:57 - 000113664 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\_ctypes.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000080896 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\bz2.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 001792512 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\_hashlib.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000128512 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32api.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000137728 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\pywintypes27.dll 2018-11-17 09:57 - 2018-11-17 09:57 - 000548864 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\pythoncom27.dll 2018-11-17 09:57 - 2018-11-17 09:57 - 000689664 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\unicodedata.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000438784 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32com.shell.shell.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 001489408 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\wx._core_.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 001007104 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\wx._gdi_.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 001039872 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\wx._windows_.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 001325056 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\wx._controls_.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000916992 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\wx._misc_.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 001084416 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\pysqlite2._sqlite.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000149504 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32file.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000136192 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32security.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000007680 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\hashobjs_ext.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000020992 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\thumbnails_ext.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000118784 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\usb_ext.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000047616 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\_socket.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 002224640 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\_ssl.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000014848 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\common.time34.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000023040 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32event.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000034304 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\windows.conditional.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000020480 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\windows.winwrap.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000110080 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\windows.volumes.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000223232 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32gui.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000173568 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\_elementtree.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000169472 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\pyexpat.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000048128 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32inet.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000103424 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\wx._html2.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000046080 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\_psutil_windows.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000633272 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\windows._cacheinvalidation.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000011776 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32crypt.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000301568 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\PIL._imaging.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000032256 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\_multiprocessing.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 005752320 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\cello.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000026112 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\_yappi.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000044032 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32process.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000027648 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32pipe.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000010752 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\select.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000029696 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32pdh.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000038400 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\windows.connectivity.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000073216 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\windows.device_monitor.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000020480 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32profile.pyd 2018-11-17 09:57 - 2018-11-17 09:57 - 000026624 _____ () C:\Users\Rudi\AppData\Local\Temp\_MEI101642\win32ts.pyd 2018-10-17 19:53 - 2018-10-17 19:53 - 004310312 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2018-11-14 17:23 - 2018-11-08 23:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll 2018-11-14 17:23 - 2018-11-08 23:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll 2018-07-03 11:12 - 2018-07-03 11:12 - 005929088 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\expressvpn-browser-helper.exe 2018-01-07 18:57 - 2017-02-21 17:19 - 000083136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000019648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000090816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2017-05-14 19:29 - 2016-03-07 17:08 - 001291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2017-05-14 19:29 - 2004-10-05 02:08 - 000055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2018-01-07 18:57 - 2017-08-30 12:25 - 000183440 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000163520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll 2018-01-07 18:57 - 2017-08-30 12:27 - 000055952 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2018-01-07 18:57 - 2017-08-30 12:25 - 000061072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2018-01-07 18:57 - 2017-09-04 17:39 - 000699024 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuActiveOnline.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000487568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL 2018-01-07 18:57 - 2017-08-30 12:26 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\fsclog.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000085648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000032912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000070800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000160400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000296592 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000078528 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000305808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000026304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000074432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000142016 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2018-01-07 18:57 - 2017-09-11 14:28 - 000085136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000844944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000195776 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000414400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000162448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000029376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000114368 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000022720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000034448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000054464 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000066240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2018-01-07 18:57 - 2017-08-30 12:25 - 000026768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2018-01-07 18:57 - 2017-08-30 12:26 - 000072848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000221376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000079040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2018-01-07 18:57 - 2017-08-30 12:25 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000138432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000021696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2018-01-07 18:57 - 2017-08-30 12:27 - 000074896 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlExBrowser.dll 2018-01-07 18:57 - 2017-08-30 12:27 - 000585872 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000045248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2018-01-07 18:57 - 2017-08-30 12:25 - 000367760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll 2018-01-07 18:57 - 2017-08-30 12:25 - 000141456 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000149184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000052416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000064192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll 2017-05-14 19:29 - 2016-12-06 01:43 - 000091840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000058560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2018-07-03 11:12 - 2018-07-03 11:12 - 007483072 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\libxvclient.dll 2018-07-03 11:12 - 2018-07-03 11:12 - 000014976 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.NetworkUtils.dll 2018-07-03 11:11 - 2018-07-03 11:11 - 000303104 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.SplitTunnel.dll 2018-07-03 11:12 - 2018-07-03 11:12 - 000444032 _____ () C:\Program Files (x86)\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll 2017-05-14 19:29 - 2016-12-06 01:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2015-10-29 18:13 - 2011-12-27 12:31 - 007726080 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll 2017-08-15 17:34 - 2017-06-12 10:10 - 000261008 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 10\CrashRpt1403.dll 2017-08-15 17:34 - 2017-06-12 10:10 - 000078224 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 10\MouseHook.dll 2017-10-04 15:16 - 2017-10-04 15:16 - 000148480 _____ () C:\Program Files (x86)\4Team Corporation\Sync2\win8status_wrapper.dll 2018-10-17 19:59 - 2018-10-17 19:59 - 004310296 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2017-10-04 15:17 - 2017-10-04 15:17 - 000124416 _____ () C:\Program Files (x86)\4Team Corporation\Sync2\google_tasks.dll 2017-10-04 15:16 - 2017-10-04 15:16 - 000148992 _____ () C:\Program Files (x86)\4Team Corporation\Sync2\backup_lib_wrapper.dll 2018-11-08 18:26 - 2018-11-06 14:06 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-11-08 18:26 - 2018-11-06 14:06 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2018-05-09 17:46 - 2018-11-06 14:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:06 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll 2018-05-09 17:46 - 2018-11-06 14:06 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:06 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll 2018-11-08 18:26 - 2018-11-06 14:08 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000061792 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:06 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd 2018-08-02 08:23 - 2018-11-06 14:09 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:06 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 011144016 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-11-08 18:26 - 2018-11-06 14:08 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000272208 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2018-05-09 17:46 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-05-09 17:46 - 2018-11-06 14:09 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-11-08 18:26 - 2018-11-06 14:08 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2018-05-09 17:46 - 2018-11-06 14:09 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd 2018-10-27 08:38 - 2018-11-06 14:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd 2018-09-14 13:55 - 2018-11-06 14:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd 2018-05-09 17:46 - 2018-11-06 14:09 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd 2018-11-08 18:26 - 2018-11-06 14:08 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd 2015-11-11 02:42 - 2015-11-11 02:42 - 001045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2015-10-28 19:42 - 2015-10-28 19:41 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-1110841881-1274814628-13942943-1001\Control Panel\Desktop\\Wallpaper -> F:\(2) My Jack Daniels folder\2. Jack Daniels Divers pictures\Divers JD\Bureaublad.jpg DNS Servers: 195.130.131.1 - 195.130.130.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKU\S-1-5-21-1110841881-1274814628-13942943-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{F12A4C39-7A0F-42B2-8018-B63BA6D6DEBC}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe FirewallRules: [{1E91AFF0-A739-4AFE-9D77-2DE43DA092E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4CB82952-069A-4AF8-A5BD-9523A846A8DC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F98E4AEE-3279-4514-AF77-20693AC26945}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{5C31EB80-05FC-4804-8369-7F3A6F931CF6}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{D3149874-90DF-4642-AD13-9CC96EBAD0AA}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{78915350-C7D9-4E7B-90D6-B53A0C30693F}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{2ED4D7C6-2271-4BA0-963D-215F874E0C1B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{A3FA3AAF-A77D-47D0-8112-281998C251CA}] => (Allow) LPort=2869 FirewallRules: [{0149C221-738A-4F18-9D72-A2C8B893ECDE}] => (Allow) LPort=1900 FirewallRules: [{E8229AC1-5BB9-4AE9-B454-3D527FFBA5F2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{0701D837-A146-41DE-BCEB-2F079D9C287C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{251703FE-E2EF-4AB9-84BF-EB27021F9E64}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{5BA25BEE-34F8-4C67-B6EF-BFB469958E24}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{537A3215-A3A3-4CF6-9D97-02D9916D48BD}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{CBC3B3B5-272A-4B24-933D-47BD06340847}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{4223463C-DECC-45CC-A50E-D5720EB58D2E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{890D9626-375D-48DE-9AC1-7B334E19F5AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 14-11-2018 21:02:00 Back up 14-11-2018 ==================== Defecte Apparaatbeheer Apparaten ============= Name: ExpressVPN Tap Adapter Description: ExpressVPN Tap Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: ExpressVPN Service: tapexpressvpn Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: WinTV MiniStick Description: WinTV MiniStick Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/16/2018 04:32:09 PM) (Source: nssm) (EventID: 1018) (User: ) Description: Failed to read registry value AppDirectory: De bewerking is voltooid. Error: (11/15/2018 05:24:59 PM) (Source: nssm) (EventID: 1018) (User: ) Description: Failed to read registry value AppDirectory: De bewerking is voltooid. Error: (11/04/2018 09:35:20 AM) (Source: ESENT) (EventID: 553) (User: ) Description: SettingSyncHost (10416,P,98) {ED1675D4-C9FE-451D-A57B-931BF5B4FA9E}: Failed looking up restore-map entry for database C:\Users\Rudi\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032. Error: (11/04/2018 09:35:20 AM) (Source: ESENT) (EventID: 489) (User: ) Description: SettingSyncHost (10416,P,98) {ED1675D4-C9FE-451D-A57B-931BF5B4FA9E}: Een poging het bestand C:\Users\Rudi\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb te openen voor alleen-lezen is mislukt. Systeemfout 32 (0x00000020): Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt. . Tijdens het openen van het bestand treedt fout -1032 (0xfffffbf8) op. Error: (11/04/2018 09:35:10 AM) (Source: ESENT) (EventID: 553) (User: ) Description: SettingSyncHost (10416,P,98) {BBA205E9-4205-472C-971F-F963682B347A}: Failed looking up restore-map entry for database C:\Users\Rudi\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032. Error: (11/04/2018 09:35:10 AM) (Source: ESENT) (EventID: 489) (User: ) Description: SettingSyncHost (10416,P,98) {BBA205E9-4205-472C-971F-F963682B347A}: Een poging het bestand C:\Users\Rudi\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb te openen voor alleen-lezen is mislukt. Systeemfout 32 (0x00000020): Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt. . Tijdens het openen van het bestand treedt fout -1032 (0xfffffbf8) op. Error: (11/04/2018 09:35:00 AM) (Source: ESENT) (EventID: 553) (User: ) Description: SettingSyncHost (10416,P,98) {0DF5E094-4F8C-404D-A091-4C63DB1B6147}: Failed looking up restore-map entry for database C:\Users\Rudi\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb with unexpected error -1032. Error: (11/04/2018 09:35:00 AM) (Source: ESENT) (EventID: 489) (User: ) Description: SettingSyncHost (10416,P,98) {0DF5E094-4F8C-404D-A091-4C63DB1B6147}: Een poging het bestand C:\Users\Rudi\AppData\Local\Microsoft\Windows\SettingSync\metastore\meta.edb te openen voor alleen-lezen is mislukt. Systeemfout 32 (0x00000020): Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt. . Tijdens het openen van het bestand treedt fout -1032 (0xfffffbf8) op. Systeemfouten: ============= Error: (11/17/2018 09:57:56 AM) (Source: DCOM) (EventID: 10016) (User: RUUD) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker Ruud\Rudi SID (S-1-5-21-1110841881-1274814628-13942943-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/17/2018 09:57:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/17/2018 09:57:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/16/2018 08:15:07 PM) (Source: Tcpip) (EventID: 4199) (User: ) Description: Het systeem heeft een adresconflict gevonden voor het IP-adres 192.168.0.212, waarbij het systeem het netwerkhardwareadres 9C-8C-6E-D5-1B-B4 heeft. Hierdoor kan de werking van het netwerk op dit systeem verstoord zijn. Error: (11/16/2018 04:34:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscBrokerManager en APPID Niet beschikbaar aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/16/2018 04:32:35 PM) (Source: DCOM) (EventID: 10016) (User: RUUD) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker Ruud\Rudi SID (S-1-5-21-1110841881-1274814628-13942943-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/16/2018 04:32:11 PM) (Source: DCOM) (EventID: 10016) (User: RUUD) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {7022A3B3-D004-4F52-AF11-E9E987FEE25F} en APPID {ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D} aan de gebruiker Ruud\Rudi SID (S-1-5-21-1110841881-1274814628-13942943-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/16/2018 04:32:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2018-07-25 10:17:54.777 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20180724.062\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-24 09:25:14.306 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20180723.061\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-19 19:38:16.825 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20180718.063\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-18 19:35:30.610 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20180717.061\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-17 19:32:07.658 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20180716.061\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-14 09:45:26.617 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20180713.062\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-13 15:46:04.098 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20180712.061\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-11 18:29:55.784 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Norton Security\NortonData\22.6.0.142\Definitions\IPSDefs\20180710.061\IPSEng64.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz Percentage geheugen in gebruik: 17% Totaal fysiek RAM-geheugen: 32720.5 MB Beschikbaar fysiek RAM-geheugen: 27039.48 MB Totaal Virtueel geheugen: 37584.5 MB Beschikbaar Virtueel geheugen: 31217.42 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:116.09 GB) (Free:12.01 GB) NTFS Drive d: (Elements) (Fixed) (Total:3725.99 GB) (Free:3354.2 GB) NTFS Drive e: (Jack) (Fixed) (Total:200.3 GB) (Free:182.25 GB) NTFS Drive f: (Daniels) (Fixed) (Total:1662.47 GB) (Free:1290.04 GB) NTFS Drive n: (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.3 GB) FAT32 \\?\Volume{f33bfd00-7cb9-457a-bbde-fae2aa56c729}\ (Windows RE tools) (Fixed) (Total:1 GB) (Free:0.7 GB) NTFS \\?\Volume{f4c69e09-6716-4b06-8f9b-7a3c95e0ddaf}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS \\?\Volume{cbbcddb2-3806-4d4f-a520-f6460cc56df9}\ () (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 153BA1F4) Partition: GPT. ======================================================== Disk: 1 (Size: 1863 GB) (Disk ID: E1239EF9) Partition: GPT. ======================================================== Disk: 2 (Size: 3726 GB) (Disk ID: 16F2A91F) Partition: GPT. ==================== Eind van Addition.txt ============================