Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 09-06-2019 01 Gestart door Gebruiker (09-06-2019 21:45:54) Gestart vanaf C:\Users\Gebruiker\Desktop Windows 10 Home Versie 1903 18362.145 (X64) (2019-06-07 20:48:56) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-174024158-2494943481-3666029650-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-174024158-2494943481-3666029650-503 - Limited - Disabled) Gast (S-1-5-21-174024158-2494943481-3666029650-501 - Limited - Disabled) Gebruiker (S-1-5-21-174024158-2494943481-3666029650-1001 - Administrator - Enabled) => C:\Users\Gebruiker marij (S-1-5-21-174024158-2494943481-3666029650-1002 - Limited - Enabled) => C:\Users\marij WDAGUtilityAccount (S-1-5-21-174024158-2494943481-3666029650-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: BullGuard Antivirus (Enabled - Up to date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: BullGuard Antispyware (Enabled - Up to date) {B73BE81F-4345-B6C3-E5AB-80F647E9AA59} FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated) Belgium e-ID middleware 4.3.2 (build 3551) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73551}) (Version: 4.3.3551 - Belgian Government) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BullGuard Internet Security (HKLM\...\BullGuard) (Version: 19.0 - BullGuard Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform) CpuCoreParking (HKLM-x32\...\{523A6610-C6A5-4868-BF18-206DD33827C3}) (Version: 2.1.4.0 - CpuCoreParking) Discord (HKU\S-1-5-21-174024158-2494943481-3666029650-1001\...\Discord) (Version: 0.0.305 - Discord Inc.) Discord (HKU\S-1-5-21-174024158-2494943481-3666029650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019212935973\...\Discord) (Version: 0.0.305 - Discord Inc.) Eid Reader plugin 1.1.2 (HKLM\...\2008-1418-6737-7883) (Version: 1.1.2 - ) Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.90 - Riot Games, Inc.) HP DeskJet 3630 series Basissoftware van het apparaat (HKLM\...\{92AF5329-0849-487A-8827-8F9C3FD531CE}) (Version: 40.13.1176.1978 - HP Inc.) HP DeskJet 3630 series Help (HKLM-x32\...\{084F0EAA-EB34-4CC3-9CED-B7FF666AF300}) (Version: 35.0.0 - Hewlett Packard) HP Dropbox Plugin (HKLM-x32\...\{0D802565-B80C-48C4-B91D-0A295773EA55}) (Version: 40.13.54.81239 - HP) HP Google Drive Plugin (HKLM-x32\...\{6931A5F5-6F6E-40B8-88BA-11EAA4B901B7}) (Version: 40.13.54.81239 - HP) HP OfficeJet 4650 series Basissoftware van het apparaat (HKLM\...\{D94D89DE-3943-4745-95B7-61D12BCB2F2C}) (Version: 40.11.1122.1796 - HP Inc.) HP OfficeJet 4650 series Help (HKLM-x32\...\{39A98F5E-A206-49F4-A03B-6145F07375DE}) (Version: 36.0.0 - Hewlett Packard) HP PC Hardware Diagnostics Windows (HKLM-x32\...\{DF16F6E3-6550-468A-9C0C-306B4F60D501}) (Version: 1.5.8.0 - HP Inc.) HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.7.50.3 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{1D488BAD-A0A4-42FB-8EB4-E6245A29B113}) (Version: 12.10.49.21 - HP Inc.) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - Uw bedrijfsnaam) HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.88.3 - HTC) Intel Driver && Support Assistant (HKLM-x32\...\{6B7317BC-26B2-4A86-8803-90667591A0B7}) (Version: 19.5.22.9 - Intel) Hidden Intel(R) Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.2.1002 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{095f4f8f-86d6-47ee-81ed-c0fcd299ad1c}) (Version: 19.5.22.9 - Intel) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC) Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) Malwarebytes versie 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft OneDrive (HKU\S-1-5-21-174024158-2494943481-3666029650-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-174024158-2494943481-3666029650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019212935973\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-174024158-2494943481-3666029650-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019213011844\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - ) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.6 - Notepad++ Team) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11629.20214 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20214 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20214 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.11629.20214 - Microsoft Corporation) Hidden OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc) Opera Stable 60.0.3255.124 (HKU\S-1-5-21-174024158-2494943481-3666029650-1001\...\Opera 60.0.3255.124) (Version: 60.0.3255.124 - Opera Software) Opera Stable 60.0.3255.124 (HKU\S-1-5-21-174024158-2494943481-3666029650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019212935973\...\Opera 60.0.3255.124) (Version: 60.0.3255.124 - Opera Software) PingPlotter 5 (HKLM-x32\...\{F513FFE3-ED3B-4DC1-BB41-DABEBCAE2F6F}) (Version: 5.5.14.4908 - Pingman Tools, LLC) Hidden PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.5.14.4908) (Version: 5.5.14.4908 - Pingman Tools, LLC) Popcorn-Time (HKU\S-1-5-21-174024158-2494943481-3666029650-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time) Popcorn-Time (HKU\S-1-5-21-174024158-2494943481-3666029650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019212935973\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time) Productverbeteringsonderzoek voor HP DeskJet 3630 series (HKLM\...\{25131317-52DF-4554-BB09-9CDCCF49ECDA}) (Version: 40.13.1176.1978 - HP Inc.) Productverbeteringsonderzoek voor HP OfficeJet 4650 series (HKLM\...\{12F91AD5-7233-4466-A4DA-433DF107929E}) (Version: 40.11.1122.1796 - HP Inc.) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8544 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.) RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd) Skype versie 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.10168 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation) Windows-stuurprogrammapakket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-03-19] (HP Inc.) Mail en Agenda -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad] Microsoft News: Gratis nieuws app voor België -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-07] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.4032.0_x86__8wekyb3d8bbwe [2019-04-14] (Microsoft Studios) [MS Ad] MSN weer -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0 [2019-06-07] (Spotify AB) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-174024158-2494943481-3666029650-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2019-05-31] (BullGuard Ltd. -> BullGuard Ltd.) ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2019-05-31] (BullGuard Ltd. -> BullGuard Ltd.) ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2019-05-31] (BullGuard Ltd. -> BullGuard Ltd.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> ) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [bgshellext] -> {F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E} => C:\Program Files\BullGuard Ltd\BullGuard\BgShellExt.dll [2019-05-31] (BullGuard Ltd. -> BullGuard Ltd.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2019-03-20 18:20 - 2016-07-21 11:54 - 000137728 _____ () [Bestand niet getekend] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2019-03-20 18:20 - 2016-10-08 17:48 - 001506304 _____ () [Bestand niet getekend] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2013-10-17 16:27 - 2013-10-17 16:27 - 000166912 _____ () [Bestand niet getekend] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2018-12-19 20:01 - 2018-12-19 20:01 - 001878528 _____ (SQLite Development Team) [Bestand niet getekend] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000035328 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000047104 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000027136 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll 2019-04-29 18:00 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll 2019-04-29 18:01 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll 2019-04-29 18:01 - 2019-02-01 09:56 - 000037888 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll 2019-04-29 18:01 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-04-29 18:01 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll 2019-04-29 18:01 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000086016 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll 2019-04-29 18:00 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll 2019-03-20 18:20 - 2016-10-08 17:49 - 000708608 _____ (Wondershare) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-174024158-2494943481-3666029650-1001\...\sharepoint.com -> hxxps://tergroenepoorte-files.sharepoint.com IE restricted site: HKU\S-1-5-21-174024158-2494943481-3666029650-1001\...\skype.com -> hxxps://apps.skype.com IE trusted site: HKU\S-1-5-21-174024158-2494943481-3666029650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019212935973\...\sharepoint.com -> hxxps://tergroenepoorte-files.sharepoint.com IE restricted site: HKU\S-1-5-21-174024158-2494943481-3666029650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019212935973\...\skype.com -> hxxps://apps.skype.com ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2018-03-20 17:21 - 2018-05-17 09:30 - 000000595 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 92.168.137.1 DESKTOP-6N1D8G0.mshome.net # 2023 5 1 15 18 23 49 141 29 ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Gebruiker\AppData\Local\Microsoft\WindowsApps;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-174024158-2494943481-3666029650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gebruiker\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wp1934911-razer-chroma-wallpapers.png HKU\S-1-5-21-174024158-2494943481-3666029650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019212935973\Control Panel\Desktop\\Wallpaper -> C:\Users\Gebruiker\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\wp1934911-razer-chroma-wallpapers.png HKU\S-1-5-21-174024158-2494943481-3666029650-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019213011844\Control Panel\Desktop\\Wallpaper -> C:\Users\marij\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "HPRadioMgr" HKU\S-1-5-21-174024158-2494943481-3666029650-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-174024158-2494943481-3666029650-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06092019212935973\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{1A08CF89-4641-46C7-AAEC-E739924F9ACA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{2151A308-944A-43D0-955B-4AE6116337FA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [TCP Query User{8BE99953-5E75-4C54-8884-04C53FC5BB65}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe Geen bestand FirewallRules: [UDP Query User{2DA42650-7CAC-4C94-BDF9-1D0191A255BE}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.166\deploy\leagueclient.exe Geen bestand FirewallRules: [TCP Query User{A08DAB96-B490-4ED8-8209-E6047CA40B4E}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe Geen bestand FirewallRules: [UDP Query User{34936647-A83C-404C-BE41-E617EAC185A7}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.167\deploy\leagueclient.exe Geen bestand FirewallRules: [TCP Query User{AAAF4704-7DA1-451F-9034-660BB1A535C6}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe Geen bestand FirewallRules: [UDP Query User{4462BF80-5251-45B0-AD73-957DEB8D1F8F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe Geen bestand FirewallRules: [{368DC446-6996-400A-A508-2F4EC6B4C89C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8FB7DA37-ACC8-4DA1-8319-E221C7601735}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7571AC09-74A0-4EE9-A440-2E9E7095CA50}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{0FFD29B6-ABCC-4B81-96EC-53071C8595B9}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> ) FirewallRules: [{EE4D2BC5-C9A6-4049-B751-1259D6C05C1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{63496B30-8D04-478B-9F39-3E9D78F9356D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CD0C4182-3A16-4B97-B048-E3E7E829E824}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4B52A542-4B37-474E-BB10-A2A54F0DD2DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{65C3DCB6-32C4-437E-9BEF-96ECCF2A0B35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7E04267E-2F9C-444F-877D-8B66B8A13CF0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F561174A-4931-4B9F-9536-BE5DDEE8FA94}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{627722D9-20C5-4FB7-9170-718560696834}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.108.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{871B450A-6C9D-4C17-87BC-95366AA9CFE5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe Geen bestand FirewallRules: [{26C43A13-F47C-4A6B-80FE-9440551FE8CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe Geen bestand ==================== Herstelpunten ========================= 08-06-2019 01:08:45 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (06/09/2019 08:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15797 Error: (06/09/2019 08:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15797 Error: (06/09/2019 08:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/08/2019 09:16:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1734 Error: (06/08/2019 09:16:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1734 Error: (06/08/2019 09:16:22 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (06/08/2019 05:22:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: svchost.exe_GraphicsPerfSvc, versie: 10.0.18362.1, tijdstempel: 0x32d6c210 Naam van module met fout: ucrtbase.dll, versie: 10.0.18362.1, tijdstempel: 0x5cbddb81 Uitzonderingscode: 0xc0000409 Foutmarge: 0x000000000006d3be Id van proces met fout: 0x90c Starttijd van toepassing met fout: 0x01d51e0decfd9824 Pad naar toepassing met fout: C:\WINDOWS\System32\svchost.exe Pad naar module met fout: C:\WINDOWS\System32\ucrtbase.dll Rapport-id: 991ac800-1448-4515-875f-35b4aeb643b1 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (06/08/2019 12:49:05 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma opera.exe, versie 60.0.3255.124 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 1e20 Starttijd: 01d51de6585df691 Eindtijd: 10 Toepassingspad: C:\Users\Gebruiker\AppData\Local\Programs\Opera\60.0.3255.124\opera.exe Rapport-id: bea56ad4-5b64-4eb1-8008-19402ae88215 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Unknown Systeemfouten: ============= Error: (06/09/2019 08:38:04 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: De Windows Search-service is bij het starten vastgelopen. Error: (06/09/2019 08:36:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Security Center-service is gestopt met de volgende foutcode: %%16389. Error: (06/09/2019 08:34:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: De Orchestrator-service bijwerken-service is bij het starten vastgelopen. Error: (06/09/2019 08:31:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: De Downloaded Maps Manager-service is bij het starten vastgelopen. Error: (06/09/2019 08:29:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {B91D5831-B1BD-4608-8198-D72E155020F7} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (06/09/2019 08:29:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: De HP Support Solutions Framework Service-service is bij het starten vastgelopen. Error: (06/09/2019 08:27:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {B91D5831-B1BD-4608-8198-D72E155020F7} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (06/09/2019 08:27:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: De Energy Server Service queencreek-service is bij het starten vastgelopen. CodeIntegrity: =================================== Date: 2019-06-09 21:47:22.632 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-06-09 21:47:22.626 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-06-09 21:47:22.620 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-06-09 21:47:22.614 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-06-09 21:47:22.605 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-06-09 21:38:10.094 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe) attempted to load \Device\HarddiskVolume4\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-06-09 21:38:09.983 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe) attempted to load \Device\HarddiskVolume4\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-06-09 21:38:09.974 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe) attempted to load \Device\HarddiskVolume4\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== BIOS: Insyde F.46 11/16/2018 Motherboard: HP 81EB Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz Percentage geheugen in gebruik: 61% Totaal fysiek RAM-geheugen: 6034.91 MB Beschikbaar fysiek RAM-geheugen: 2316.66 MB Totaal Virtueel geheugen: 7698.91 MB Beschikbaar Virtueel geheugen: 3484.91 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:846.85 GB) (Free:755.43 GB) NTFS Drive d: (Oude Windows) (Fixed) (Total:82.48 GB) (Free:13.94 GB) NTFS \\?\Volume{e7d00bc5-2282-45dc-8d32-bcb0cb93bf0c}\ (Herstel) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{391b4db8-d900-43f1-a6a0-dc7c5615bff7}\ () (Fixed) (Total:0.63 GB) (Free:0.08 GB) NTFS \\?\Volume{00d40886-c3a4-4005-a485-8674ae6fe3f1}\ () (Fixed) (Total:0.95 GB) (Free:0.34 GB) NTFS \\?\Volume{6ec0c210-910f-4592-8a4b-d5d57c3ca2f1}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1A31702E) Partition: GPT. ==================== Einde van Addition.txt ============================