Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 15.11.2018 Gestart door henk (19-11-2018 21:42:51) Gestart vanaf C:\Users\henk\Downloads Windows 10 Home Versie 1803 17134.407 (X64) (2018-10-22 14:10:25) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1716136967-1173365762-3251464594-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-1716136967-1173365762-3251464594-503 - Limited - Disabled) Gast (S-1-5-21-1716136967-1173365762-3251464594-501 - Limited - Disabled) henk (S-1-5-21-1716136967-1173365762-3251464594-1000 - Administrator - Enabled) => C:\Users\henk HomeGroupUser$ (S-1-5-21-1716136967-1173365762-3251464594-1077 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-1716136967-1173365762-3251464594-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 64 Bit HP CIO Components Installer (HKLM\...\{3138F992-045B-4F55-825C-53B231E647CA}) (Version: 13.2.1 - Hewlett-Packard) Hidden Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated) Adobe Reader X (10.1.16) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP) DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.5.1.1814 - Sanford, L.P.) FileLab Plugin 1.1.33 (HKLM-x32\...\{6AC5F630-9453-433D-90FF-BB3A8E4F8960}) (Version: 1.1.33 - FileLab) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.0.14878 - Foxit Software Inc.) Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 12.0.13351.1658 - Hewlett-Packard) HP LJ300-400 color MFP M375-M475 (HKLM-x32\...\{9D1DE902-8058-4555-A16A-FBFAA49587DB}) (Version: 15.0.15188.1394 - Hewlett-Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden hpbM375M475DSService (HKLM-x32\...\{3E64C460-0FAA-4450-99CE-783B0F662B8F}) (Version: 001.001.05164 - Hewlett-Packard) Hidden HPLaserJet300-400ColorM375-M475Series_HelpLearnCenter_SI (HKLM-x32\...\{72A474E0-5AA3-4EDD-8FAA-D87CB2FD0654}) (Version: 1.01.0000 - Hewlett-Packard) HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden HPLJUTM375-M475 (HKLM-x32\...\{FA1B7AB4-9FE9-47A8-9A2F-C9FCB2F03A26}) (Version: 1.02.0013 - HP) Hidden hppFaxDrvM375M475 (HKLM-x32\...\{5145BEFE-84A6-4198-84C7-C8FBC919FE96}) (Version: 004.000.00001 - Hewlett-Packard) Hidden hppFaxDrvM375M475 (HKLM-x32\...\{B361ED10-259E-4B76-B35E-E47BB6DDDD74}) (Version: 003.000.00003 - Hewlett-Packard) Hidden hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden hppM375_M475LaserJetService (HKLM-x32\...\{CAB2848F-4E7D-4D64-B071-C1539E345C1C}) (Version: 005.021.00132 - Hewlett-Packard) Hidden hppSendFaxM375M475 (HKLM-x32\...\{430DEBC5-40AA-4F2C-AB54-A95E6FA8325A}) (Version: 004.000.00001 - Hewlett-Packard) Hidden hppSendFaxM375M475 (HKLM-x32\...\{C3E833FD-AAF9-45E2-B2CA-091C4D04203F}) (Version: 003.000.00003 - Hewlett-Packard) Hidden hppToolboxProxyM375 (HKLM-x32\...\{EAA710B0-DF9C-4202-978D-8B8C787313C6}) (Version: 035.024.006 - HP) Hidden hpStatusAlerts (HKLM-x32\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden hpStatusAlertsM375_M475 (HKLM-x32\...\{22A9EE88-99F1-48B1-8A0C-AB8E65F6C4EB}) (Version: 050.034.0131 - Hewlett-Packard) Hidden iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.) InfraRecorder 0.52 (x64 edition) (HKLM\...\{2C22EA92-CB30-4932-0052-000001000000}) (Version: 0.52.00.00 - Christian Kindahl) InstanceFinder (HKLM-x32\...\{32C0FD10-8FB4-427E-A16F-ED57C9343CF0}) (Version: 020.021.004 - HP) Hidden IObit Apps Toolbar v9.4 (HKLM-x32\...\{5FACD482-8CE2-41D5-B05F-9EE67D21ECE7}) (Version: 9.4 - Spigot, Inc.) <==== AANDACHT iTunes (HKLM\...\{A5FA22F3-4BA1-4F07-8FD4-DA8E17D020AB}) (Version: 12.7.3.46 - Apple Inc.) Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation) LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden Microsoft OneDrive (HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 63.0.3 (x64 nl) (HKLM\...\Mozilla Firefox 63.0.3 (x64 nl)) (Version: 63.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla) Mozilla Thunderbird 52.9.1 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 nl)) (Version: 52.9.1 - Mozilla) NVIDIA 3D Vision controllerstuurprogramma 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation) NVIDIA PhysX systeemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org) PdfMerge (HKLM-x32\...\{C70C90D2-D197-40E9-B712-6828BDA5F74A}) (Version: 1.18.0 - PdfMerge) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) ToolboxProxy (HKLM-x32\...\{B64E0B43-A452-4B25-93DD-E5C6645A534A}) (Version: 035.024.006 - HP) Hidden Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-03-31] (Foxit Software Inc.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-03-31] (Foxit Software Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {028B7693-50FC-454C-AC83-B3447E48FD6E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.) Task: {02B3E68F-4C24-41A5-A205-6E23040DC926} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {03FA8DE6-1310-40F1-8980-1F73FBED2A8F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {08FA9261-3D6D-4B17-938E-531D3732C142} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe Task: {0DF59239-1F6D-48F9-909E-33682DC3A4D9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {120062C2-4448-44A0-8291-2BEB6E2F5B0F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {139CE44B-5AE0-45FD-90F5-B2AA95BB2D26} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {15401E9C-E6D3-4CFE-BF7B-6E61CEE4EE4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-27] (Google Inc.) Task: {15552364-50D9-4294-A43F-5CE4B77E0BFB} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {1B0F4551-F849-4672-B695-6277C7AFE475} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {27607D26-3DB5-46B6-BF90-DB5F10193EC6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {31917496-5A6C-4DAE-A2D1-6DA08D37530B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {3EA4275F-1E26-42AF-BDD2-42BDDD9830B6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {3FF13E5A-216A-4ADB-B650-ED0B06A4A68B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4092ED7F-6CD5-4256-ACF7-77FE5E1FF1D1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-12] (AVAST Software) Task: {446D9FEE-1827-46D2-AC52-B9F2C6BDEF62} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {46677BF5-2356-4FAA-9880-4ACA43A7A855} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {4BD0C6CB-A7B3-4C6F-8C07-1C04C0428ACB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {51F16622-2467-4973-81C4-44FF9983E4DE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {56475A9C-D673-417B-9EC5-12C5EB0CB46B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_Plugin.exe [2018-11-13] (Adobe Systems Incorporated) Task: {5D76B52E-FE29-4B77-985D-857B8496DC39} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {63B55923-C666-49C1-BBB5-6AD25E246054} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {6854A6DB-3938-4F38-90AC-0D7DFF27FF86} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {714F5714-73B0-43CE-8EE3-228E8C54BED2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT-KB890830.exe [2018-07-08] (Microsoft Corporation) Task: {77B6BB31-9342-4DC9-9E23-1B38AEA104F8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {79D39FFC-7C5B-4BD2-A388-A986895BD970} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-19] (Piriform Ltd) Task: {7DE8AF5E-1759-4F08-A1DA-BF3F0D0F54C2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7E425231-323E-41ED-B2BE-25ED50ABC31E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {83E860E6-90D4-4367-8C67-292ACFA855F8} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard) Task: {86EAFFC7-F31A-47F7-83A0-8114349CFA90} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-13] (Adobe Systems Incorporated) Task: {89779FA9-364C-4F1A-9FAC-F127195BD548} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {8E30AF02-2CCB-45C0-80B5-FFC74D147D57} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-19] (Piriform Ltd) Task: {9403345D-1F98-4BC6-8696-AE64C1F157D7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {A6D2AABC-F090-4228-94E0-BEA0EEE2DED8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {A75AD81A-84B6-49C8-8910-01012A58E724} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {AEABC493-3DC2-422D-A2F3-B49E0B351036} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {B7B5E16A-7AA4-41F7-A980-16B0634E86FB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BDE047A9-C44E-4D40-A82C-3F63C03EF6A6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {C376B330-DA15-4002-9806-0FF8F7EB0EF8} - System32\Tasks\SafeZone scheduled Autoupdate 1469726082 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software) Task: {C4F9CD6A-93CB-401A-AC85-C613E2BF6D01} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {C5CE2766-71C8-4527-8D58-ACBA89F424C7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-22] (AVAST Software) Task: {C82F29E9-B551-47D2-9787-4DBB6AF650F0} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {CCF01064-124D-457D-93FB-583DDAB54AA2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {D0D58722-3034-4DDF-88A9-07AB3F23665E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {D5F52972-0D69-456B-A4D8-7718F93EA1BF} - System32\Tasks\avastBCLRestart_chrome.exe => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Task: {D637A152-907E-48D0-B7BD-501366FA8EAE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {DED95E41-AC5E-42C9-8FDE-F01CD4152976} - System32\Tasks\Opera scheduled Autoupdate 1504095977 => C:\Users\henk\AppData\Local\Programs\Opera\launcher.exe Task: {E378DD1D-5893-46DA-A30A-13C277BC4B4C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-27] (Google Inc.) Task: {E3F03803-F66F-4AE9-8F42-9CFEDD0E4B67} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EBA23340-59BD-4AD0-AFB3-C5C36BBAB2E8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F302485F-D659-45E1-BB91-055DE9C87A15} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {FA9CEAF7-2376-4A71-8272-7B8A262AA149} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll 2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-06-23 05:56 - 2018-06-23 05:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-03-24 15:58 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-11-14 11:56 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-10-23 09:09 - 2018-10-23 09:11 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-11-13 11:09 - 2018-11-13 11:10 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll 2018-11-13 11:09 - 2018-11-13 11:10 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll 2018-11-13 11:09 - 2018-11-13 11:10 - 010873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll 2018-11-13 11:09 - 2018-11-13 11:10 - 002834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll 2018-11-13 11:09 - 2018-11-13 11:10 - 000685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll 2018-11-13 11:09 - 2018-11-13 11:10 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 2018-11-16 15:08 - 2018-11-16 15:08 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2018-11-16 15:08 - 2018-11-16 15:08 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2018-11-16 15:08 - 2018-11-16 15:08 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll 2018-10-22 16:33 - 2018-10-22 16:38 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll 2018-11-16 15:08 - 2018-11-16 15:08 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2018-11-16 15:08 - 2018-11-16 15:08 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll 2018-10-22 16:33 - 2018-10-22 16:38 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll 2018-10-22 16:33 - 2018-10-22 16:38 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll 2018-10-22 16:33 - 2018-10-22 16:38 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll 2018-11-16 15:08 - 2018-11-16 15:08 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2018-11-16 15:08 - 2018-11-16 15:08 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2018-11-16 15:08 - 2018-11-16 15:08 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2018-10-22 16:33 - 2018-10-22 16:38 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2018-10-22 16:33 - 2018-10-22 16:38 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-11-10 14:10 - 2018-11-10 14:11 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2018-11-10 14:10 - 2018-11-10 14:11 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-11-10 14:10 - 2018-11-10 14:11 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll 2018-10-23 09:09 - 2018-10-23 09:11 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe 2018-10-23 09:09 - 2018-10-23 09:11 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll 2018-10-23 09:09 - 2018-10-23 09:11 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-09-30 13:06 - 2017-09-30 13:06 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2014-07-10 13:23 - 2013-10-25 11:07 - 000599840 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2018-03-15 14:16 - 2018-03-15 14:16 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2018-10-22 12:17 - 2018-10-22 12:17 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\100sexlinks.com -> 100sexlinks.com Er zijn 4788 Meer websites. ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 03:34 - 2018-11-16 14:14 - 000000829 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\henk\AppData\Roaming\Mozilla\Firefox\Bureaubladachtergrond.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Geen bestand) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. MSCONFIG\startupfolder: C:^Users^henk^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tcbhn.lnk => C:\Windows\pss\tcbhn.lnk.Startup MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun HKLM\...\StartupApproved\StartupFolder: => "TP-LINK Wireless Configuration Utility.lnk" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "DLSService" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\StartupApproved\Run: => "DymoQuickPrint" HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-1716136967-1173365762-3251464594-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{1BA408F0-AF30-4B71-BF20-8A33F6E6B4E9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{8A2A4EA4-4343-471E-9035-167DCBB12D5D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{CE5F3A48-0AC7-4BA9-881A-A2AC23BA992E}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{1753C3FA-A57F-4FF3-85DA-ED1E74C2D638}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6E296B3F-30E0-4F96-80A7-CF54CFD4BDE6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{92067FC8-82E5-4853-97B3-09C8A17BB076}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{74044AED-B918-4B3C-9786-1BBCFB967146}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5C4B120E-0FB5-405D-99AE-91C018974220}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe FirewallRules: [{04BBE5AD-47F2-4A70-AF0C-FDB06C922472}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe FirewallRules: [{A252B48B-B0F8-4CF8-B834-3F429A9AA22E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe FirewallRules: [UDP Query User{3D7E2E9B-F575-44AB-957A-269E02CEA33C}D:\doom\doom 3\doom3ded.exe] => (Block) D:\doom\doom 3\doom3ded.exe FirewallRules: [TCP Query User{EC15563F-53AD-46E7-804F-ACFEF23ABFB5}D:\doom\doom 3\doom3ded.exe] => (Block) D:\doom\doom 3\doom3ded.exe FirewallRules: [{972F732C-B3D8-4C03-888D-65C3E8539EE5}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\9D1DE902-8058-4555-A16A-FBFAA49587DB\Installer\hpbcsiInstaller.exe FirewallRules: [{6A5FAEA7-C6E1-4FDD-A319-D9B71474977A}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\9D1DE902-8058-4555-A16A-FBFAA49587DB\Installer\hpbcsiInstaller.exe FirewallRules: [{110E75B5-D9EA-4039-B0F2-6557EA6FB52D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{66D69000-7EFE-4C9B-9554-FB8C2FE97BD6}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{D83A3F2B-90D8-4ADE-8A20-F6DBB929E9D2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{DD266F8D-4EC1-41D5-B79B-A0362085CE20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{35D96F1C-C13C-42E7-8DBD-31B472847451}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{11A2B826-A5BA-4D08-A52E-29A60A107C74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{B26772FB-47EE-4E8C-B260-405C9A76F5E5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5C291219-330A-4B5A-9D3B-820CF4B645DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5DBB4BC1-18C2-448D-AF65-3BF51ACFB2BB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{D0369A86-96AC-4F4E-A6B6-9A7338B6D223}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{421D9F3D-D992-4BD1-AEFB-0FF95D18005B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{93D3968E-1F2A-4C5E-BDEB-D982705C9809}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{773A55E8-8F2D-4B60-92B9-943F195B9569}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 29-10-2018 11:10:47 Windows Back-up 06-11-2018 08:29:34 Windows Back-up 10-11-2018 15:17:13 Windows Update 10-11-2018 15:18:52 Windows Update 12-11-2018 12:27:47 Windows Back-up 16-11-2018 14:24:08 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= Name: Realtek PCIe GBE Family Controller #2 Description: Realtek PCIe GBE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: rt640x64 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/19/2018 07:32:44 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: henk-quad) Description: brave hendrikbrave hendrik-2147467263 Error: (11/19/2018 07:31:40 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: henk-quad) Description: brave hendrikbrave hendrik-2147467263 Error: (11/19/2018 07:30:29 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: henk-quad) Description: brave hendrikbrave hendrik-2147467263 Error: (11/19/2018 02:10:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Instup.exe, versie: 18.7.4041.0, tijdstempel: 0x5bbb5808 Naam van module met fout: ntdll.dll, versie: 10.0.17134.376, tijdstempel: 0x4358e406 Uitzonderingscode: 0xc0000409 Foutmarge: 0x0007ea70 Id van proces met fout: 0x1e0c Starttijd van toepassing met fout: 0x01d47f3de3bfbe45 Pad naar toepassing met fout: C:\Program Files\AVAST Software\Avast\Setup\Instup.exe Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: c91caea4-1f36-4907-9e23-48a2f373385c Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (11/19/2018 01:46:41 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/19/2018 01:46:41 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/19/2018 01:46:41 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/19/2018 01:46:41 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Systeemfouten: ============= Error: (11/19/2018 08:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Push Notifications User Service_fff13-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (11/19/2018 08:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Host synchroniseren_fff13-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (11/19/2018 08:14:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Gebruikerservice voor Connected Devices Platform_fff13-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 3000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (11/19/2018 07:56:22 PM) (Source: Disk) (EventID: 7) (User: ) Description: Beschadigd blok in apparaat \Device\Harddisk0\DR0. Error: (11/19/2018 04:26:02 PM) (Source: DCOM) (EventID: 10010) (User: henk-quad) Description: De server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/19/2018 04:25:57 PM) (Source: DCOM) (EventID: 10010) (User: henk-quad) Description: De server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/19/2018 04:22:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De NetTcpActivator-service is afhankelijk van de NetTcpPortSharing-service, die vanwege de volgende fout niet kan worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (11/19/2018 04:22:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De NetTcpPortSharing-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Windows Defender: =================================== Date: 2018-10-23 14:35:32.438 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het laden van handtekeningen en probeert terug te keren naar een juiste set handtekeningen. Geprobeerde handtekeningen: Huidig Foutcode: 0x80070002 Foutbeschrijving: Het systeem kan het opgegeven bestand niet vinden. Handtekeningversie: 0.0.0.0;0.0.0.0 Engineversie: 0.0.0.0 Date: 2018-10-22 16:09:17.056 Description: Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Gedragscontrole Foutcode: 0x80508023 Foutbeschrijving: Op dit apparaat is geen malware en andere mogelijk ongewenste software gevonden. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. CodeIntegrity: =================================== Date: 2018-11-19 16:23:18.901 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-11-19 16:22:45.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-11-19 16:20:50.637 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-11-19 15:40:32.913 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-11-19 15:40:09.254 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-11-19 14:32:38.811 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-11-19 14:22:55.263 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-11-19 14:22:25.274 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz Percentage geheugen in gebruik: 69% Totaal fysiek RAM-geheugen: 3007.18 MB Beschikbaar fysiek RAM-geheugen: 913.42 MB Totaal Virtueel geheugen: 6079.18 MB Beschikbaar Virtueel geheugen: 2759.79 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:194.45 GB) (Free:105.41 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)] Drive d: () (Fixed) (Total:931.51 GB) (Free:899.34 GB) NTFS Drive e: () (Fixed) (Total:465.75 GB) (Free:442.27 GB) NTFS Drive f: () (Fixed) (Total:270.44 GB) (Free:202.99 GB) NTFS Drive g: (backups) (Fixed) (Total:931.32 GB) (Free:452.03 GB) NTFS Drive i: (Disc) (CDROM) (Total:0.12 GB) (Free:0 GB) CDFS \\?\Volume{9fb29fb2-0000-0000-0000-009d30000000}\ () (Fixed) (Total:0.86 GB) (Free:0.34 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 9FB29FB2) Partition 1: (Active) - (Size=194.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=876 MB) - (Type=27) Partition 3: (Not Active) - (Size=270.4 GB) - (Type=0F Extended) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 771428C8) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: A017A017) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 931.5 GB) (Disk ID: 6FA37461) Partition: GPT. Partition 2: (Not Active) - (Size=931.3 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================