Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 14.03.2018 Gestart door PC1 (28-03-2019 09:28:33) Gestart vanaf C:\Users\PC1\Downloads Windows 10 Home Versie 1803 17134.648 (X64) (2018-08-07 09:39:27) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1103111412-233727958-2618637648-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1103111412-233727958-2618637648-503 - Limited - Disabled) Gast (S-1-5-21-1103111412-233727958-2618637648-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1103111412-233727958-2618637648-1002 - Limited - Enabled) PC1 (S-1-5-21-1103111412-233727958-2618637648-1000 - Administrator - Enabled) => C:\Users\PC1 WDAGUtilityAccount (S-1-5-21-1103111412-233727958-2618637648-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated) Aldfaer (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\Aldfaer) (Version: - ) Allmyapps (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\Allmyapps) (Version: 2.0.0.24 - Allmyapps) ATI Catalyst Install Manager (HKLM\...\{576A97E3-1A79-6215-49DE-AA358AF47420}) (Version: 3.0.769.0 - ATI Technologies, Inc.) Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.210.0 - Autodesk) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.) Canon Hulpprogramma Snelkiezen (HKLM-x32\...\Speed Dial Utility) (Version: - ) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.) Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.) Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version: - ) Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version: - ) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.) ccc-core-static (HKLM-x32\...\{DF9B7D24-4C6E-C773-3E58-D2FEF49ADD74}) (Version: 2010.0406.2133.36843 - Uw bedrijfsnaam) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DWG TrueView 2015 - English (HKLM\...\{5783F2D7-E028-0409-0100-0060B0CE6BBA}) (Version: 20.0.210.0 - Autodesk) Hidden Fotoservice (HKLM-x32\...\Fotoservice) (Version: 6.2.6 - CEWE Stiftung u Co. KGaA) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.86.118 - Digital Wave Ltd) Gebruikersregistratie voor Canon MG5600 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5600 series) (Version: - ‭Canon Inc.) Gebruikersregistratie voor Canon MX410 series (HKLM-x32\...\Gebruikersregistratie voor Canon MX410 series) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.) Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.) Google Photos Backup (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden GOOSE VPN (HKLM-x32\...\GOOSE) (Version: 4.0.5 (55) - GOOSE Ltd.) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Malwarebytes versie 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 49.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 nl)) (Version: 49.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1043}) (Version: 8.0.182 - Nero AG) Norton Security (HKLM-x32\...\NGC) (Version: 22.17.0.183 - Symantec Corporation) Norton WiFi Privacy (HKLM-x32\...\Norton WiFi Privacy) (Version: 1.4.9 - Symantec Corporation) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Sitecom WiFi USB adapter N300 Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0201 - Sitecom Europe BV) Spotify (HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\Spotify) (Version: 1.0.73.345.g6c9971ef - Spotify AB) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45862 - TeamViewer) The Lord of the Rings FREE Trial (HKLM-x32\...\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation) Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISE_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISE_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft) Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISE_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\PC1\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1103111412-233727958-2618637648-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC1\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-09-10] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-09-10] (Autodesk) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation) ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG) ContextMenuHandlers1-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google) ContextMenuHandlers1-x32: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0A7AA876-862F-4F81-AA4B-B73950FA632C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates Task: {17133812-1891-4CFD-82AF-5DB621F49AC5} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {17AC10B6-27FB-4F04-A9E1-18CE7C3143E1} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\SymErr.exe [2019-03-07] (Symantec Corporation) Task: {18C772CD-5DA4-48AE-A720-23B5D631324A} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\SymErr.exe [2019-03-07] (Symantec Corporation) Task: {1B31D928-5585-4D3B-AB25-148012672A9C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1BF79053-DCA4-4951-B121-BF5B56F4EAA5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-03-08] (AVAST Software) Task: {205B31E9-79B7-4716-9E86-A986B36CE48F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {22D9DD31-14DD-404E-A5B8-AF6C04BE5C23} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {27B11A31-06AD-4B94-B8C2-2A3E2F48EB61} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2019-03-07] (Symantec Corporation) Task: {2822886B-276C-4154-948A-3366525824DB} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2C1448FD-68A9-4C89-97FF-10E6CE6E3BE9} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {2DC85370-A18D-4BF4-B3A4-33DE0D37231C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {359C3858-77CE-4893-AA53-9C8DD201BCB3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {3BAE3B6D-E1A1-48AB-9090-5BAE4A250E03} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {3CFF889F-9356-4369-959F-3EA5E42CE550} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\SymErr.exe [2019-03-07] (Symantec Corporation) Task: {3D16C3EC-2AD8-4692-B09B-7F2FB13EBB1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {40934089-C1B9-4347-B083-D05F8E60DDFE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {430852CB-A87C-492E-A659-075C7BF1710C} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates Task: {45E28F9D-EAC3-4302-A720-A33DB0ED6613} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4A237306-FCE1-4E58-A4F8-ACB6B336E273} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe Task: {4EED71EA-4BC4-4FDE-A2BD-12F1DDD0DBE8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {5043B562-4EF0-4E1F-A9A6-121BF2A57592} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1103111412-233727958-2618637648-1000Core => C:\Users\PC1\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {531016AA-5332-42E9-9418-0399FFF7A01E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-12-16] (Adobe Systems Incorporated) Task: {541BA5BF-1736-4A3E-B1E5-CE1C9EE13043} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates Task: {587E29DC-B8DE-4D17-A06E-8E6C14ABD1D8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5A567D2F-220F-4162-9CAE-153B0FAF98DD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {61E96BEC-1F94-4960-9AF4-46AF24AE73ED} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {63482ECF-F442-47E4-8203-34B9F8BFB86C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback Task: {65A34F07-723D-4150-B109-13BD1AE3DFAA} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {685AEAB1-F8E8-40D8-8EAA-4497ED5571E6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6CFE6A11-8FD6-4AE4-A05B-112578088E9F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {7250A82A-E8FB-4407-9CCC-9535DE5D3159} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {77A47554-5C64-46FE-BEF8-39BD9844579D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {78BABCCD-20B8-49B7-B4F8-87490C41C875} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser Task: {79B05757-DB16-492C-A096-B0725EA41F19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1103111412-233727958-2618637648-1000UA => C:\Users\PC1\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {875605CD-4969-4F99-BA48-EFA8E2634F44} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe Task: {88F71E2B-CFDF-41D1-ADFB-C06FA1320059} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8F255F88-A87A-495F-B828-A4AFEC70BDB0} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2018-04-12] (Microsoft Corporation) Task: {8F362945-6E2C-47D0-9451-F58604E59750} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-03-11] (Piriform Software Ltd) Task: {930C3271-1416-4AC2-A444-6F4ED31EEC78} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe [2019-03-16] (Microsoft Corporation) Task: {95EB55B3-80BC-4F81-B365-1A1D5F76B6BD} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation Task: {A19C50F5-AC34-4A64-87D9-3FD811A83E36} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.17.0.183\WSCStub.exe [2019-03-07] (Symantec Corporation) Task: {A8D008F1-F1D1-44CE-B41A-CC436F3C84A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-03-11] (Piriform Software Ltd) Task: {ABDBB774-0011-4CA2-9B59-7B0F3D8F5E0A} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {C0D7935E-5A96-4BCC-BAF0-6DB80B5DA5C9} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {C2098BE2-A29A-4EB1-97F6-F0C57E086D4F} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2018-08-07] (Microsoft Corporation) Task: {CBFDB194-9B28-4A3D-84B3-1AE8C4C6E260} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures Task: {D115AFB2-C9C3-49FB-B707-626ACA77F4FB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {D1CC320B-9A47-4DB4-AFE4-2BCE1A964E7A} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources Task: {D5A488DD-3FFA-4E54-B2E8-2E9DE3C00FBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.) Task: {DF25DD3B-D608-4881-B5D6-42A0FE03B0AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {E818C8EA-8A68-4A4C-8469-6445B2FB27D8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F75C3516-3B96-4439-A307-B383E08B8A52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2015-08-15 10:07 - 2013-06-28 16:28 - 000084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-12-13 10:48 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-10-30 18:26 - 2018-10-30 18:40 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2019-03-22 08:23 - 2019-03-22 08:23 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2019-03-22 08:23 - 2019-03-22 08:24 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2019-03-22 08:23 - 2019-03-22 08:23 - 010555392 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2019-03-22 08:23 - 2019-03-22 08:24 - 002941440 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\skypert.dll 2019-03-22 08:23 - 2019-03-22 08:24 - 000688640 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2019-03-25 08:32 - 2019-03-06 09:30 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2019-03-22 08:23 - 2019-03-22 08:24 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2019-03-11 16:16 - 2019-03-11 16:16 - 000109248 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2019-03-22 08:28 - 2019-03-22 08:30 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2019-03-22 08:28 - 2019-03-22 08:30 - 080792064 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2019-03-22 08:28 - 2019-03-22 08:30 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2019-03-22 08:28 - 2019-03-22 08:30 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2017-10-01 09:35 - 2017-10-01 09:36 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2019-03-22 08:28 - 2019-03-22 08:30 - 014212096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2019-03-22 08:28 - 2019-03-22 08:29 - 002872320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2019-03-22 08:28 - 2019-03-22 08:30 - 001016320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-12-07 17:04 - 2018-12-07 17:05 - 004380232 _____ () C:\Program Files\WindowsApps\Microsoft.UI.Xaml.2.0_2.1810.18004.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2019-03-22 08:28 - 2019-03-22 08:30 - 000048128 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\ImageDecoding.dll 2019-03-22 08:28 - 2019-03-22 08:30 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\SKU.dll 2018-08-23 09:09 - 2018-08-23 09:11 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-08-23 09:09 - 2018-08-23 09:11 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2019-03-22 08:31 - 2019-03-22 08:31 - 026143744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe 2019-03-22 08:31 - 2019-03-22 08:31 - 000289280 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\SharedUI.dll 2017-12-01 11:05 - 2017-12-01 11:05 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll 2018-11-29 16:00 - 2018-11-29 16:01 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2019-03-22 08:31 - 2019-03-22 08:31 - 005708800 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\EntCommon.dll 2019-03-22 08:31 - 2019-03-22 08:31 - 008948224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\EntPlat.dll 2015-09-05 13:31 - 2012-11-06 08:47 - 000114688 _____ () C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\EnumDevLib.dll 2015-12-28 23:25 - 2015-12-28 23:25 - 001540622 _____ () C:\Program Files (x86)\GOOSE\libstdc++-6.dll 2015-12-28 23:25 - 2015-12-28 23:25 - 000120334 _____ () C:\Program Files (x86)\GOOSE\libgcc_s_dw2-1.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-1103111412-233727958-2618637648-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img_2239.jpg DNS Servers: 84.116.46.21 - 84.116.46.20 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run32: => "NBKeyScan" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "BearShare" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-1103111412-233727958-2618637648-1000\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{2A35C307-4243-4F69-9385-042E3752C2DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{92770AD6-3F6E-496A-B4D8-1678DCD6C196}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{2E994AD0-7124-44F0-9874-280362FBA4DE}C:\users\pc1\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pc1\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{0F5540FA-34E5-4167-B194-3DFDC0FF38C9}C:\users\pc1\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pc1\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{20B87206-944B-4EF7-BC1F-82C2C0082D09}C:\users\pc1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc1\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{CEF4E17E-DC19-4865-B840-02AD45284543}C:\users\pc1\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc1\appdata\roaming\spotify\spotify.exe FirewallRules: [{97A247C5-BEB3-4DB5-9728-42B9368BE210}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\Rtldhcp.exe FirewallRules: [{DFC6DAC5-7F63-4B32-9D21-3FCE5B88FB6A}] => (Allow) LPort=53 FirewallRules: [{B93E53E9-9902-421F-BD75-AC4461063357}] => (Allow) LPort=53 FirewallRules: [{C11FFB59-D17B-4A02-BE07-3E127A20073D}] => (Allow) LPort=68 FirewallRules: [{57468764-00D6-4180-B38D-70BA76F4AAB4}] => (Allow) LPort=67 FirewallRules: [{748D981A-1415-45A9-967C-6AA512BA3E8E}] => (Allow) LPort=53 FirewallRules: [{E4EF3694-065B-4F36-9941-0A73874354F7}] => (Allow) LPort=1542 FirewallRules: [{769DC46A-ABE2-46A6-8B7C-B4F0A6D85BE5}] => (Allow) LPort=1542 FirewallRules: [{C55957D2-9231-4F04-A1CB-5B1063E593FA}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe FirewallRules: [{847BCDE6-80A6-4B5F-B80E-AF3184487F8E}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe FirewallRules: [{920E09C4-B738-497E-B754-7A3355870ABC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{D3583E24-712E-475A-B779-A59BFEAD4627}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C034F43C-14F7-4609-9C07-130934881D3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{553D453B-C138-4F48-8309-01325B75FCAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{53C766BE-CC5C-467F-A000-ADAE252B0AF6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C6E6710C-E80A-4EB3-8623-DF1566E7EEF5}] => (Allow) LPort=2869 FirewallRules: [{F63E5C53-C244-4CC4-86B1-E5CDD6756F3D}] => (Allow) LPort=1900 FirewallRules: [{4421819D-8017-4E70-A489-054944E421B8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{5D233059-EFA2-408C-AAF5-56C9A88BCC0B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{9B156918-77EB-4E49-953F-197927CB55EA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{F2EEF54A-117A-4827-BB00-F55436ED314C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{ADEAA441-BC67-4E46-8A56-D1583FB50E1A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{3719A563-CBDD-44B3-9081-C610EFA6F19E}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{7E3FD985-DECD-408F-A1E6-43702D53D92D}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{8331F41E-54D0-435C-A341-9CBFE73A3F60}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{62050562-30F9-416F-B47F-BEA8945AB0CC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{FEB52F4F-4400-4063-B164-7722427689B5}] => (Allow) C:\Program Files (x86)\GOOSE\GooseVPN.exe FirewallRules: [{E61D5F19-0F28-4E82-9595-2CBE085B365E}] => (Allow) C:\Program Files (x86)\GOOSE\GooseVPN.exe FirewallRules: [{0CD4B6AC-0525-405E-9966-A6ADC1C8544A}] => (Allow) C:\Program Files (x86)\GOOSE\Connection\openvpn.exe FirewallRules: [{47930E1C-24D0-4FF4-AC01-E4136C6E7DC5}] => (Allow) C:\Program Files (x86)\GOOSE\Connection\openvpn.exe FirewallRules: [{43C50164-BE24-48F1-9894-6C22936234BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 18-02-2019 09:30:11 Windows Update 08-03-2019 17:22:41 Windows Update 21-03-2019 16:56:20 Windows Update 25-03-2019 08:27:58 Windows Update 26-03-2019 11:21:25 Herstelbewerking ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (03/28/2019 08:31:23 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Google\Chrome\Application\chrome.exe' niet maken. Kan afhankelijke assembly 73.0.3683.86,language="*",type="win32",version="73.0.3683.86" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (03/28/2019 08:31:12 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: PC1-PC) Description: Overgeslagen: de validatie van Eap method DLL path is mislukt. Fout: id van type=43, id van auteur=9, id van leverancier=0, type leverancier=0 Error: (03/28/2019 08:31:12 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: PC1-PC) Description: Overgeslagen: de validatie van Eap method DLL path is mislukt. Fout: id van type=25, id van auteur=9, id van leverancier=0, type leverancier=0 Error: (03/28/2019 08:31:12 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: PC1-PC) Description: Overgeslagen: de validatie van Eap method DLL path is mislukt. Fout: id van type=17, id van auteur=9, id van leverancier=0, type leverancier=0 Error: (03/28/2019 08:31:12 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: PC1-PC) Description: Overgeslagen: de validatie van Eap method DLL path is mislukt. Fout: id van type=254, id van auteur=311, id van leverancier=14122, type leverancier=1 Error: (03/28/2019 08:31:12 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: PC1-PC) Description: Overgeslagen: de validatie van Eap method DLL path is mislukt. Fout: id van type=43, id van auteur=9, id van leverancier=0, type leverancier=0 Error: (03/28/2019 08:31:12 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: PC1-PC) Description: Overgeslagen: de validatie van Eap method DLL path is mislukt. Fout: id van type=25, id van auteur=9, id van leverancier=0, type leverancier=0 Error: (03/28/2019 08:31:12 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: PC1-PC) Description: Overgeslagen: de validatie van Eap method DLL path is mislukt. Fout: id van type=17, id van auteur=9, id van leverancier=0, type leverancier=0 Systeemfouten: ============= Error: (03/28/2019 07:56:55 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: RealtekCU. Error: (03/28/2019 07:56:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: RealtekCU. Error: (03/27/2019 03:50:45 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (03/27/2019 03:28:34 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (03/27/2019 02:22:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: RealtekCU. Error: (03/26/2019 01:34:23 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (03/26/2019 12:50:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscBrokerManager en APPID Niet beschikbaar aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (03/26/2019 12:50:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscBrokerManager en APPID Niet beschikbaar aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2019-03-28 08:43:58.233 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-28 08:43:57.236 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-28 08:43:55.957 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-28 08:43:54.285 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-28 08:43:53.454 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-28 08:43:48.467 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-28 08:43:47.044 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-28 08:43:46.137 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: AMD Athlon(tm) II X2 250 Processor Percentage geheugen in gebruik: 72% Totaal fysiek RAM-geheugen: 3069.55 MB Beschikbaar fysiek RAM-geheugen: 846.5 MB Totaal Virtueel geheugen: 6141.55 MB Beschikbaar Virtual geheugen: 2233.7 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:465.22 GB) (Free:389.68 GB) NTFS \\?\Volume{8d1ab9d8-7f9b-11e3-98a0-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{01d9bc29-0000-0000-0000-905474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 01D9BC29) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Eind van Addition.txt ============================