Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 24.12.2018 Gestart door Wim (26-12-2018 13:19:30) Gestart vanaf C:\Users\Wim\Downloads Windows 10 Home Versie 1803 17134.472 (X64) (2018-05-16 18:30:06) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3276780540-2913435075-4059969525-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3276780540-2913435075-4059969525-503 - Limited - Disabled) Gast (S-1-5-21-3276780540-2913435075-4059969525-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3276780540-2913435075-4059969525-504 - Limited - Disabled) Wim (S-1-5-21-3276780540-2913435075-4059969525-1001 - Administrator - Enabled) => C:\Users\Wim ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Security (Enabled - Up to date) {E3FDBD9F-8140-1400-F32B-8B58923F7C4D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {DBC63CBA-CB2F-1558-D874-226D6CEC3B36} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated) All My Movies (HKLM-x32\...\{DEE77D4F-249F-46DF-8176-4BC4822D68AD}_is1) (Version: 8.8 - Bolide Software) ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apowersoft Online Launcher versie 1.4.6 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.6 - APOWERSOFT LIMITED) Apowersoft Phone Manager versie 2.8.0 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.8.0 - APOWERSOFT LIMITED) Apple Application Support (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Belgium e-ID middleware 4.1.10 (build 1698) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71698}) (Version: 4.1.1698 - Belgian Government) Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden EasyCleaner (HKLM-x32\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - ToniArts) Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden EMDB 2.05 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.58.912 - Digital Wave Ltd) Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Training Center (HKLM-x32\...\{7D542452-84EB-47C0-97BA-735C523AB555}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM-x32\...\{5EF98E1C-3912-40EA-A8C1-25772D9F1762}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden Garmin WebUpdater (HKLM-x32\...\{f1c8f03d-88bd-432d-80d1-782d4fac96b2}) (Version: 2.5.7 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Earth Pro (HKLM-x32\...\{DE706580-82C7-4B1A-ABA4-EA48AC15B045}) (Version: 7.1.8.3036 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Hattrick Organizer (remove only) (HKLM-x32\...\Hattrick Organizer) (Version: - ) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKU\S-1-5-21-3276780540-2913435075-4059969525-1001\...\HP Photo Creations) (Version: 1.0.0.22082 - HP) HP Photosmart 7520 series Basissoftware van het apparaat (HKLM\...\{B35D0E89-B997-4757-98E6-F8ADA3F21B40}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photosmart 7520 series Help (HKLM-x32\...\{59FE358B-B040-4ED1-A392-7397BE6B3CA9}) (Version: 28.0.0 - Hewlett Packard) HP Photosmart 7520 series Productverbeteringsonderzoek (HKLM\...\{5C634B8E-FC0B-4863-B3BE-60AC1C3CA34F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation) iTunes (HKLM\...\{4C27D135-9BF4-4C4E-8380-420FFAA116AA}) (Version: 12.7.0.166 - Apple Inc.) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MatSpoon FileSearch 0.3.1 (HKLM-x32\...\MatSpoon - FileSearch) (Version: 0.3.1 - MatSpoon) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl (HKLM\...\HomeStudentRetail - nl-nl) (Version: 15.0.5075.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3276780540-2913435075-4059969525-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 64.0 (x64 nl) (HKLM\...\Mozilla Firefox 64.0 (x64 nl)) (Version: 64.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla) Norton Security (HKLM-x32\...\NGC) (Version: 22.16.2.22 - Symantec Corporation) NovaBench 3.0.4 (HKLM-x32\...\{88603FC0-6B3C-442D-981E-E3D49F083548}_is1) (Version: - Novawave Inc.) Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5075.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5075.1001 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0413-0000-0000000FF1CE}) (Version: 15.0.5075.1001 - Microsoft Corporation) Hidden OpenFietsMap (BNLv16-09-2017) (HKLM-x32\...\OpenFietsMap (BNL)) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel(R) Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.30 beta 5 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.5 - win.rar GmbH) WinRAR 5.30 bèta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH) Wondershare Dr.Fone for Android(Build 6.1.2.39) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 6.1.2.39 - Wondershare Software Co.,Ltd.) Wondershare Filmora(Build 7.3.0) (HKLM-x32\...\Wondershare Filmora_is1) (Version: - Wondershare Software) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\buShell.dll [2018-11-03] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\buShell.dll [2018-11-03] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\buShell.dll [2018-11-03] (Symantec Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\buShell.dll [2018-11-03] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\buShell.dll [2018-11-03] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\buShell.dll [2018-11-03] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-17] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-17] () ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-17] () ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\buShell.dll [2018-11-03] (Symantec Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\NavShExt.dll [2018-11-03] (Symantec Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-04] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-04] (Alexander Roshal) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\NavShExt.dll [2018-11-03] (Symantec Corporation) ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll [2017-11-17] () ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\buShell.dll [2018-11-03] (Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\NavShExt.dll [2018-11-03] (Symantec Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-04] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {03506E79-9039-4733-9802-596DEC1ADD87} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {06BE5B52-3565-4D51-97A2-0B74E6087150} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\SymErr.exe [2018-11-03] (Symantec Corporation) Task: {074229CF-94F8-4B57-BB3C-E1B69384682D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {0B00133C-BFF8-4C87-B2E0-924A30C382A2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-12-13] (Microsoft Corporation) Task: {0CB4B584-AD35-4785-91D8-8C809624BD2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {27FF0F59-762C-4015-BC49-01F93121093F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {286E1EE7-2D53-47F8-9406-ECC22C586934} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\SymErr.exe [2018-11-03] (Symantec Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3845FB84-5AB7-4660-9546-9F72ABDFB23E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {3E24A9D7-EF45-40CE-9229-6B28C6D8EE85} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {656B3EF4-0F98-46F1-A33D-C28345B24FA1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {69ABC721-DD28-433B-8599-976757FA17D0} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\SymErr.exe [2018-11-03] (Symantec Corporation) Task: {6A5C786B-590B-48E5-9516-FF001BC8C25B} - \WPD\SqmUpload_S-1-5-21-3276780540-2913435075-4059969525-1001 -> Geen bestand <==== AANDACHT Task: {6D418873-0FD4-4038-8AD3-1678FED4E72C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2018-11-03] (Symantec Corporation) Task: {6E7E660D-749B-4A7F-A68E-3903CB422A99} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {6F0189AA-B906-4B89-861C-C0D54CD2F18F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated) Task: {709D2B6F-7CF8-4BCB-9AB1-58B859C1529E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\WSCStub.exe [2018-11-03] (Symantec Corporation) Task: {72B17138-18AE-4B4E-B7CD-36074DF16849} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] () Task: {7A403F1D-65B7-4DC7-95A2-CBBDC11FCF00} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\SymErr.exe [2018-11-03] (Symantec Corporation) Task: {8EADBCBA-415F-474D-BDE5-ECF27E8E2B97} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {9F0A9E0E-72BF-4694-89ED-E33CD45AF4A8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {A4D29036-6FDF-4498-AA21-5FE77F090DF4} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3276780540-2913435075-4059969525-1001 => C:\Users\Wim\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-20] (Mega Limited) Task: {AC2046BE-F780-4B46-A585-A57FCC870EF2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {ACBD85A4-8F7D-4D31-8F91-CA62D0CB3E5B} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\SymErr.exe [2018-11-03] (Symantec Corporation) Task: {B6FA9E02-18A2-4CE1-A984-F195FCFFE4DC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {B8CBCB0A-DE71-455B-B132-0312057FBC26} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {BD2691CF-278D-4C49-8902-31F8471B01A3} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {C0C3278C-279B-4EE0-8739-979755DB23B6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {C6269B6C-634B-4EB1-A4CE-C792084CB5E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {DC784BA5-C8C7-4076-B771-17411F824115} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation) Task: {DE392F63-C444-4AF5-A378-40B45D15E88E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated) Task: {DEB8C2BC-E219-492F-A4F2-5AC244CC742C} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.16.2.22\SymErr.exe [2018-11-03] (Symantec Corporation) Task: {E0BE3C33-DC7D-48D7-805A-28ACE6A3967E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) Task: {FF097775-84F0-4BF2-9219-1EDA2BE51490} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2015-08-27 16:18 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-04-15 19:15 - 2014-01-28 04:16 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2014-05-01 15:13 - 2017-11-17 18:40 - 000598528 _____ () C:\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-13 18:00 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe 2018-12-20 19:19 - 2018-12-14 07:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-24 15:56 - 2018-10-24 15:56 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-12-13 17:47 - 2018-12-13 17:47 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-12-13 17:47 - 2018-12-13 17:48 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-12-13 17:47 - 2018-12-13 17:48 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-12-13 17:47 - 2018-12-13 17:48 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll 2018-12-13 17:47 - 2018-12-13 17:48 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-12-13 17:47 - 2018-12-13 17:48 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2017-09-11 13:45 - 2017-09-11 13:45 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll 2017-09-11 13:45 - 2017-09-11 13:45 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll 2018-12-13 17:51 - 2018-12-13 17:51 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-12-13 17:51 - 2018-12-13 17:51 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll 2017-12-02 14:31 - 2017-12-02 14:36 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2018-11-30 17:58 - 2018-11-30 17:58 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-12-13 17:51 - 2018-12-13 17:51 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll 2018-12-13 17:51 - 2018-12-13 17:51 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll 2016-12-06 15:09 - 2016-12-06 15:09 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2018-12-06 18:11 - 2018-12-06 18:11 - 026872832 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll 2017-04-15 19:15 - 2018-12-26 13:02 - 000035472 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2017-04-15 19:15 - 2014-01-28 04:16 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2017-09-21 10:20 - 2017-08-28 08:11 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2017-09-21 10:20 - 2017-08-28 08:11 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2017-09-21 10:20 - 2017-08-28 08:11 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2017-09-21 10:20 - 2017-08-28 08:11 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2017-09-21 10:20 - 2017-09-12 16:22 - 000042984 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\jansson.dll 2016-07-21 11:53 - 2017-11-17 18:39 - 000798208 _____ () C:\Users\Wim\AppData\Local\MEGAsync\libsodium.dll 2017-06-20 16:40 - 2017-06-20 16:40 - 000325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2016-06-15 19:57 - 2014-05-19 16:19 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2016-06-15 19:57 - 2014-09-11 17:09 - 001498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2014-04-29 15:23 - 2014-04-29 15:23 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3276780540-2913435075-4059969525-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Wim\AppData\Roaming\Microsoft\Windows Photo Viewer\Achtergrond van Windows Photo Viewer.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKU\S-1-5-21-3276780540-2913435075-4059969525-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{7A4D8811-1007-4DC0-99C7-CB8BA5C022BC}] => (Allow) C:\Users\Wim\AppData\Local\Apowersoft\Online Phone Manager\iOS Recorder.exe Geen bestand FirewallRules: [{64D5AB81-84D6-4C71-8845-C4ADCE373FB9}] => (Allow) C:\Users\Wim\AppData\Local\Apowersoft\Online Phone Manager\iOS Recorder.exe Geen bestand FirewallRules: [{9620404F-D449-45EA-940F-44A30882884C}] => (Allow) C:\Users\Wim\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () FirewallRules: [{B64AB2F3-B151-4DD3-AB70-EF1D670C0ED2}] => (Allow) C:\Users\Wim\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe () FirewallRules: [{6F94D7DE-D896-4D59-8670-60D7ED987F3B}] => (Allow) C:\Users\Wim\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft) FirewallRules: [{1D0FAC00-9959-4662-9010-E08021BDCD2A}] => (Allow) C:\Users\Wim\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft) FirewallRules: [{F8016FFA-AFED-4123-ADA0-B76DAD1F65CB}] => (Allow) C:\Users\Wim\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft) FirewallRules: [{0024D5E8-326F-4B70-8E7B-FF15990B8CA0}] => (Allow) C:\Users\Wim\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft) FirewallRules: [{E466CDEC-CD52-4C04-A547-A616BB232BC5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) FirewallRules: [{F11413A2-B981-458C-8D64-F9CF4EE2760E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) FirewallRules: [{3EED5938-7C08-4B84-953F-C9F08A62439C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{3F7CD854-DF3F-457F-88BF-64569564B9D6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{D6D2B2F3-7DF5-47A9-8287-2F0CCBB676DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{725C409F-774A-4308-B548-6844DF077329}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) FirewallRules: [{53ECF400-4544-42CD-A4EF-B8416620E51F}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2017 Editor\editor.exe (Sports Interactive) FirewallRules: [{42C5C4E0-BA0A-4956-B71C-9DC4440D20BA}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2017 Editor\editor.exe (Sports Interactive) FirewallRules: [{3B6CB44B-CD7C-4717-8640-86562AB0254C}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2017\fm.exe (Sports Interactive) FirewallRules: [{56AE088E-464E-47B6-9F86-079E7D77CA12}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2017\fm.exe (Sports Interactive) FirewallRules: [{EA07590B-5C41-4282-8167-D841DE2748F1}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2016\fm.exe (Sports Interactive) FirewallRules: [{52130DF3-F1E6-4EC8-AB47-0B9982E7E656}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2016\fm.exe (Sports Interactive) FirewallRules: [{1457426C-E7EA-49AF-B889-67F8FDAEB891}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{2A69AF18-C63D-4A27-85FD-4ED10015F43F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{C05F9A84-6EF9-4778-A335-AA57B1110714}] => (Allow) C:\Users\Wim\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe Geen bestand FirewallRules: [{A2156996-D8C8-4C6F-B9BD-F205F3E9CF1D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) FirewallRules: [{50DE7B4B-4474-4498-B23B-6B6B3CB3CA41}] => (Allow) LPort=2869 FirewallRules: [{EF8E4388-28FD-4F59-ABE1-9A83B113B4CF}] => (Allow) LPort=1900 FirewallRules: [{0B7A3903-7BCB-4C51-86E1-2134348EFF70}] => (Allow) C:\Users\Wim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) FirewallRules: [{913FB076-2081-4D33-9C22-F5CCFB01C75B}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe (Hewlett-Packard Co.) FirewallRules: [{C0DD115E-DD2D-43B9-B105-CB84966A2A1A}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe (Hewlett-Packard Co.) FirewallRules: [{D2433763-5665-411B-86FB-78501FF50CF8}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe (Hewlett-Packard Co.) FirewallRules: [{4B46BC51-43E5-4E38-967F-7629B86322D7}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe (Hewlett-Packard Co.) FirewallRules: [{690E4067-9F01-476E-9D5B-3FFBE5A4E38A}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe (Hewlett-Packard Co.) FirewallRules: [{2E4A0418-E058-4D7C-9F62-5177950E110F}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett-Packard Co.) FirewallRules: [{8023EF1F-77EB-4D10-869D-7607607FE1F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{D80714E6-BC42-4905-8312-4F3407D6808B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) FirewallRules: [{40827E5F-373C-433F-944D-2DC8776B8D3A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) FirewallRules: [{89FD8073-A574-4D9E-A1FD-8328B971C5D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) FirewallRules: [{5ECF1CA8-AD1D-4940-9BE4-B3D55CA3DA43}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Geen bestand FirewallRules: [{307719FC-DBDD-45D2-A1C4-54D07852C36F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe Geen bestand FirewallRules: [{05040D1D-285B-4AE1-9971-49B8F4C6C6BF}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2015\fm.exe (Sports Interactive) FirewallRules: [{88871625-2226-4B33-8895-8AC74196E884}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2015\fm.exe (Sports Interactive) FirewallRules: [{944DC5B7-64C1-407C-9EAC-F24E6EF6C231}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2016 Editor\editor.exe (Sports Interactive) FirewallRules: [{10181E73-D768-4339-86D8-059385EB1502}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2016 Editor\editor.exe (Sports Interactive) FirewallRules: [{94928EFD-EDE3-4F94-B4C7-945DB422C884}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.) FirewallRules: [{E07F70DC-4C15-466D-9E98-8CEF02704D92}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2018\fm.exe (Sports Interactive) FirewallRules: [{7A7547CD-A791-4B5A-AA3D-2366A43232E0}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2018\fm.exe (Sports Interactive) FirewallRules: [{E108FF63-E553-4942-8A62-06FAE8826293}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2018 Editor\editor.exe (Sports Interactive) FirewallRules: [{4C27AC5B-C762-4AEB-A9B4-0738355C4DE4}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager 2018 Editor\editor.exe (Sports Interactive) FirewallRules: [{0E6C00D2-C426-46BB-B57A-42FF7B7F5801}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager Touch 2018\fm.exe (Sports Interactive) FirewallRules: [{D5AD5C9A-EA6B-4666-A829-D7D4EE7F25F7}] => (Allow) E:\SteamLibrary\steamapps\common\Football Manager Touch 2018\fm.exe (Sports Interactive) FirewallRules: [{226F6146-6435-422F-91E3-47A595F311FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ==================== Herstelpunten ========================= 06-12-2018 18:15:05 Windows Update 13-12-2018 17:59:09 Windows Update 20-12-2018 19:18:30 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= Name: HID Non-User Input Data Filter Description: HID Non-User Input Data Filter Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Microsoft Service: NuidFltr Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48) Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (12/26/2018 11:19:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: esu.exe, versie: 1.0.0.0, tijdstempel: 0x58dac8d5 Naam van module met fout: KERNELBASE.dll, versie: 10.0.17134.441, tijdstempel: 0x3da51fd0 Uitzonderingscode: 0xe0434352 Foutmarge: 0x00111812 Id van proces met fout: 0x8b8 Starttijd van toepassing met fout: 0x01d49d0483eb4bdc Pad naar toepassing met fout: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 5d1ff411-1bd8-40b4-9ff6-4c4689613a0a Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (12/26/2018 11:19:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: esu.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.IO.FileNotFoundException bij Garmin.Omt.Service.Shared.Overrides+d__61.MoveNext() bij System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](d__61 ByRef) bij Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean) bij Garmin.Omt.Service.Shared.Overrides..cctor() Uitzonderingsinformatie: System.TypeInitializationException bij Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl() bij Garmin.Omt.Express.SelfUpdater.Program.RealMain() bij Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[]) Error: (12/25/2018 12:56:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: esu.exe, versie: 1.0.0.0, tijdstempel: 0x58dac8d5 Naam van module met fout: KERNELBASE.dll, versie: 10.0.17134.441, tijdstempel: 0x3da51fd0 Uitzonderingscode: 0xe0434352 Foutmarge: 0x00111812 Id van proces met fout: 0x2990 Starttijd van toepassing met fout: 0x01d49c48e1ac50b4 Pad naar toepassing met fout: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 89979237-ca7e-4a60-8a04-2f04cb88d3f8 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (12/25/2018 12:56:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: esu.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.IO.FileNotFoundException bij Garmin.Omt.Service.Shared.Overrides+d__61.MoveNext() bij System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](d__61 ByRef) bij Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean) bij Garmin.Omt.Service.Shared.Overrides..cctor() Uitzonderingsinformatie: System.TypeInitializationException bij Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl() bij Garmin.Omt.Express.SelfUpdater.Program.RealMain() bij Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[]) Error: (12/24/2018 03:52:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: esu.exe, versie: 1.0.0.0, tijdstempel: 0x58dac8d5 Naam van module met fout: KERNELBASE.dll, versie: 10.0.17134.441, tijdstempel: 0x3da51fd0 Uitzonderingscode: 0xe0434352 Foutmarge: 0x00111812 Id van proces met fout: 0x1cd4 Starttijd van toepassing met fout: 0x01d49b977b512987 Pad naar toepassing met fout: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 9c51e20a-f41b-4477-b01a-fa931347b16c Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (12/24/2018 03:52:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: esu.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.IO.FileNotFoundException bij Garmin.Omt.Service.Shared.Overrides+d__61.MoveNext() bij System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](d__61 ByRef) bij Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean) bij Garmin.Omt.Service.Shared.Overrides..cctor() Uitzonderingsinformatie: System.TypeInitializationException bij Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl() bij Garmin.Omt.Express.SelfUpdater.Program.RealMain() bij Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[]) Error: (12/23/2018 05:42:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: WsAppService.exe, versie: 2.2.4.1, tijdstempel: 0x5784a857 Naam van module met fout: KERNELBASE.dll, versie: 6.2.17134.441, tijdstempel: 0x428de48c Uitzonderingscode: 0xe053534f Foutmarge: 0x000000000003a388 Id van proces met fout: 0x%9 Starttijd van toepassing met fout: 0xWsAppService.exe0 Pad naar toepassing met fout: WsAppService.exe1 Pad naar module met fout: WsAppService.exe2 Rapport-id: WsAppService.exe3 Volledige pakketnaam met fout: WsAppService.exe4 Relatieve toepassings-id van pakket met fout: WsAppService.exe5 Error: (12/23/2018 01:45:12 PM) (Source: COM) (EventID: 10031) (User: ) Description: Er is een unmarshaling-beleidscontrole uitgevoerd bij de unmarshaling van een aangepast marshal-object en de klasse {41FD88F7-F295-4D39-91AC-A85F3149A05B} is geweigerd Systeemfouten: ============= Error: (12/26/2018 01:10:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOPWIM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker DESKTOPWIM\Wim SID (S-1-5-21-3276780540-2913435075-4059969525-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/26/2018 01:10:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOPWIM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker DESKTOPWIM\Wim SID (S-1-5-21-3276780540-2913435075-4059969525-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/26/2018 01:10:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOPWIM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker DESKTOPWIM\Wim SID (S-1-5-21-3276780540-2913435075-4059969525-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/26/2018 01:10:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOPWIM) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker DESKTOPWIM\Wim SID (S-1-5-21-3276780540-2913435075-4059969525-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/26/2018 01:06:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscBrokerManager en APPID Niet beschikbaar aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (12/26/2018 01:03:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De WsAppService-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (12/26/2018 01:03:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: WsAppService. Error: (12/26/2018 01:03:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Garmin Device Interaction Service-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. CodeIntegrity: =================================== Date: 2018-09-07 20:31:12.350 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-07 20:31:12.348 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-07 20:31:12.345 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Users\Wim\AppData\Local\MEGAsync\ShellExtX64.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-07 20:31:12.235 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Norton Internet Security\Engine\22.15.0.88\BuShell.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-07 20:31:12.223 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Norton Internet Security\Engine\22.15.0.88\BuShell.dll that did not meet the Microsoft signing level requirements. Date: 2018-09-07 20:31:12.211 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Norton Internet Security\Engine\22.15.0.88\BuShell.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-21 10:56:05.171 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20180720.061\IPSEng64.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-11 18:27:37.834 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20180710.061\IPSEng64.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz Percentage geheugen in gebruik: 52% Totaal fysiek RAM-geheugen: 8070.43 MB Beschikbaar fysiek RAM-geheugen: 3852.4 MB Totaal Virtueel geheugen: 9350.43 MB Beschikbaar Virtueel geheugen: 5019.37 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:540.1 GB) (Free:437.03 GB) NTFS Drive e: (NieuwVolume) (Fixed) (Total:390.62 GB) (Free:365.7 GB) NTFS Drive f: (SAMSUNG) (Fixed) (Total:931.51 GB) (Free:893.48 GB) NTFS \\?\Volume{32fad354-4b5a-11e5-824f-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS \\?\Volume{9cd3da77-0000-0000-0000-a01c87000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9CD3DA77) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=540.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: F28A6CB6) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================