Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 25-08-2019 Gestart door Henk (26-08-2019 17:09:47) Gestart vanaf C:\Users\Henk\Desktop Windows 10 Pro Versie 1803 17134.950 (X64) (2018-08-12 17:11:11) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3957663117-963798814-2176115037-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3957663117-963798814-2176115037-503 - Limited - Disabled) Gast (S-1-5-21-3957663117-963798814-2176115037-501 - Limited - Enabled) => C:\Users\Gast Henk (S-1-5-21-3957663117-963798814-2176115037-1001 - Administrator - Enabled) => C:\Users\Henk HomeGroupUser$ (S-1-5-21-3957663117-963798814-2176115037-1002 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-3957663117-963798814-2176115037-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe) Any Video Converter 6.2.8 (HKLM-x32\...\Any Video Converter) (Version: 6.2.8 - Anvsoft) Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) AuthenTec WinBio FingerPrint Software 64-bit (HKLM\...\{E33003B9-6A0D-4126-BD67-6FC62D643501}) (Version: 3.4.0.1008 - AuthenTec, Inc.) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) calibre (HKLM-x32\...\{7F1AA7AB-E4FB-46F7-AC2F-57D78D63A368}) (Version: 3.19.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.54 - Piriform) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DYMO Connect (HKLM-x32\...\{D48B070A-0FFA-4D9F-AA8A-E9F5F507DA61}) (Version: 1.1.947.47751 - DYMO) FastStone Photo Resizer 3.2 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.2 - FastStone Soft.) FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version: - ) Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: - ) HP LJ300-400 color MFP M375-M475 (HKLM-x32\...\{9D1DE902-8058-4555-A16A-FBFAA49587DB}) (Version: 15.0.16078.1402 - Hewlett-Packard) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden hpbM375M475DSService (HKLM-x32\...\{3E64C460-0FAA-4450-99CE-783B0F662B8F}) (Version: 001.001.05164 - Hewlett-Packard) Hidden HPLaserJet300-400ColorM375-M475Series_HelpLearnCenter_SI (HKLM-x32\...\{72A474E0-5AA3-4EDD-8FAA-D87CB2FD0654}) (Version: 1.01.0000 - Hewlett-Packard) HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden HPLJUTCore (HKLM-x32\...\{06C9D648-CFC6-48CC-A11B-C4A21BEDDAF1}) (Version: 018.000.0001 - HP) Hidden HPLJUTM375-M475 (HKLM-x32\...\{FA1B7AB4-9FE9-47A8-9A2F-C9FCB2F03A26}) (Version: 1.02.0013 - HP) Hidden hppFaxDrvM375M475 (HKLM-x32\...\{5145BEFE-84A6-4198-84C7-C8FBC919FE96}) (Version: 004.000.00001 - Hewlett-Packard) Hidden hppFaxDrvM375M475 (HKLM-x32\...\{B361ED10-259E-4B76-B35E-E47BB6DDDD74}) (Version: 003.000.00003 - Hewlett-Packard) Hidden hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden hppM375_M475LaserJetService (HKLM-x32\...\{CAB2848F-4E7D-4D64-B071-C1539E345C1C}) (Version: 005.021.00132 - Hewlett-Packard) Hidden hppSendFaxM375M475 (HKLM-x32\...\{430DEBC5-40AA-4F2C-AB54-A95E6FA8325A}) (Version: 004.000.00001 - Hewlett-Packard) Hidden hppSendFaxM375M475 (HKLM-x32\...\{C3E833FD-AAF9-45E2-B2CA-091C4D04203F}) (Version: 003.000.00003 - Hewlett-Packard) Hidden hppToolboxProxyM375 (HKLM-x32\...\{EAA710B0-DF9C-4202-978D-8B8C787313C6}) (Version: 035.024.006 - HP) Hidden hpStatusAlerts (HKLM-x32\...\{32DE03E8-D0B3-4D13-A885-D3EDFC959EEC}) (Version: 180.040.00267 - HP Development Company, L.P.) Hidden hpStatusAlertsM375_M475 (HKLM-x32\...\{22A9EE88-99F1-48B1-8A0C-AB8E65F6C4EB}) (Version: 050.034.0131 - Hewlett-Packard) Hidden iCloud (HKLM\...\{03742818-3BC2-45BA-B6BB-4C2D453FD033}) (Version: 7.11.0.19 - Apple Inc.) InstanceFinder (HKLM-x32\...\{32C0FD10-8FB4-427E-A16F-ED57C9343CF0}) (Version: 020.021.004 - HP) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel(R) WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless WiFi Software (HKLM\...\{E2D0B67F-8032-4E11-87C6-C8C721D331B3}) (Version: 15.01.0500.0875 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) iPhone Folders (HKLM-x32\...\{53DA6CFE-7CDE-4F72-9E23-39AAC686DE17}) (Version: 1.0.32 - Redart) iTunes (HKLM\...\{CE796E03-4418-4086-A8C3-7AEF2013CDC7}) (Version: 12.9.4.102 - Apple Inc.) Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean) Malwarebytes versie 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft Office 2010 voor Thuisgebruik en Zakelijke toepassingen (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 68.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 68.0.2 (x64 nl)) (Version: 68.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla) NVIDIA PhysX (HKLM-x32\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation) OpenShot Video Editor versie 2.4.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.1 - OpenShot Studios, LLC) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1930.429 - Trusteer) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) RICOH Media Driver v2.15.17.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.15.17.02 - RICOH) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Spotify (HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\Spotify) (Version: 1.0.86.337.ga8d5cef9 - Spotify AB) Spotify (HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\Spotify) (Version: 1.0.86.337.ga8d5cef9 - Spotify AB) Spotify (HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\Spotify) (Version: 1.0.86.337.ga8d5cef9 - Spotify AB) SRS Premium Sound Control Panel (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.1800 - SRS Labs, Inc.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) ToolboxProxy (HKLM-x32\...\{B64E0B43-A452-4B25-93DD-E5C6645A534A}) (Version: 035.024.006 - HP) Hidden TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.1 - TOSHIBA CORPORATION) TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.0.6406 - Toshiba Corporation) TOSHIBA Fingerprint Utility (HKLM\...\{62BBF381-D208-4EF0-B502-6CB6E5B9A161}) (Version: 2.0.0004.64404 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{ABB33FFD-6D6C-4670-9EF4-6181BB4D0DF2}) (Version: 1.1.15.6404 - Toshiba Corporation) TOSHIBA HDD/SSD-waarschuwing (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.14 - TOSHIBA Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.05 - TOSHIBA) TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION) TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION) TOSHIBA Mobile Broadband Device (HKLM-x32\...\{B7191DD7-E7B4-4658-9025-487916EC21C8}) (Version: 7.1.0.3 - TOSHIBA Corporation) TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.02.0000 - TOSHIBA) TOSHIBA Password Utility (HKLM\...\{CD4B9E2C-4295-4920-82F2-C87113822E32}) (Version: 9.01.00.03 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.7.52020010 - TOSHIBA CORPORATION) TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.1.0.0 - TOSHIBA) TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.11.1 - Toshiba Corporation) TOSHIBA Security Assist (HKLM-x32\...\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}) (Version: 2.0.9 - TOSHIBA) TOSHIBA Service Station (HKLM\...\{89FE9BF5-C1E8-43A2-87B3-78527013CFA9}) (Version: 2.6.16.0 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.01.0002 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.12.32002 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH) Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.1 - Toshiba Europe GmbH) TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation) TOSHIBA Wireless Display Monitor (HKLM-x32\...\{617773AE-ADBA-4479-BB04-65FE7758B35C}) (Version: 1.0.1 - TOSHIBA CORPORATION) TOSHIBA Wireless Manager (HKLM-x32\...\{6A631D31-1FD6-46B5-9337-3485C3CBB002}) (Version: 7.1.0.2 - TOSHIBA Corporation) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH) Trusteer Eindpuntbeveiliging (HKLM-x32\...\Rapport_msi) (Version: 3.5.1930.429 - Trusteer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden ViewRight Web PC 3.5.0.0 (HKLM-x32\...\{AE7DE91C-A5CE-45C1-AF68-B27E29912D8F}) (Version: 3.5.0.0 - Verimatrix, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Packages: ========= Asphalt 9: Legends -> C:\Program Files\WindowsApps\A278AB0D.Asphalt9_1.6.200.2_x86__h6adky7gbf63m [2019-07-28] (Gameloft.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-20] (HP Inc.) Mail en Agenda -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-03] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad] Microsoft Nieuws -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad] Microsoft Telefoon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-08] (Microsoft Corporation) Microsoft Telefoonassistent -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation) My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-02-08] (Ennova Research) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.7.33.0_x64__43tkc6nmykmb6 [2019-07-14] (Ookla) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-26] (Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3957663117-963798814-2176115037-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [ATFPUOverlayIcon] -> {3239DBC1-B76D-4dc7-8B29-D99CBA3C7336} => C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUOverlayIcon.dll [2012-03-16] (TOSHIBA CORPORATION -> TOSHIBA) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Software Inc.) ContextMenuHandlers1: [jZip] -> [CC]{E677C7AD-2B66-4539-AA29-3771A1CFEDA9} => -> Geen bestand ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-03-13] (Apple Inc. -> Apple Inc.) ContextMenuHandlers1: [SmartDefragExtension] -> [CC]{189F1E63-33A7-404B-B2F6-8C76A452CC54} => -> Geen bestand ContextMenuHandlers1: [TFPUContextMenu] -> {2E34EBB9-C147-4DF4-938F-90C5B0837B1E} => C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUFileShellExt.dll [2012-03-16] (TOSHIBA CORPORATION -> TOSHIBA) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [TFPUContextMenu] -> {2E34EBB9-C147-4DF4-938F-90C5B0837B1E} => C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUFileShellExt.dll [2012-03-16] (TOSHIBA CORPORATION -> TOSHIBA) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Geladen Modules (gefilterd) ============== 2015-06-02 15:51 - 2015-06-02 15:51 - 000545792 _____ () [Bestand niet getekend] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [Bestand niet getekend] C:\WINDOWS\System32\hptcpmib.dll 2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [Bestand niet getekend] C:\WINDOWS\System32\HpTcpMon.dll 2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [Bestand niet getekend] C:\WINDOWS\System32\hpzjrd01.dll 2014-06-25 00:31 - 2014-06-25 00:31 - 000041472 _____ (Hewlett-Packard Company) [Bestand niet getekend] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll 2014-06-25 00:31 - 2014-06-25 00:31 - 000073728 _____ (Hewlett-Packard Company) [Bestand niet getekend] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll 2014-06-25 00:31 - 2014-06-25 00:31 - 001222656 _____ (Hewlett-Packard Company) [Bestand niet getekend] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll 2013-04-27 12:04 - 2011-05-06 16:18 - 000342528 _____ (Hewlett-Packard Corporation) [Bestand niet getekend] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpcpp113.DLL 2016-06-15 05:36 - 2016-06-15 05:36 - 000050688 _____ (HP Inc.) [Bestand niet getekend] c:\windows\system32\hpzinw12.dll 2016-06-15 05:36 - 2016-06-15 05:36 - 000066048 _____ (HP Inc.) [Bestand niet getekend] c:\windows\system32\hpzipm12.dll 2014-06-25 00:31 - 2014-06-25 00:31 - 000034816 _____ (HP) [Bestand niet getekend] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll 2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [Bestand niet getekend] C:\WINDOWS\System32\HPTcpMUI.dll 2017-07-11 07:39 - 2019-07-10 20:06 - 001124864 _____ (Microsoft Corporation) [Bestand niet getekend] C:\WINDOWS\system32\spool\DRIVERS\x64\3\PS5UI.dll 2017-07-11 07:39 - 2019-07-10 20:06 - 001169408 _____ (Microsoft Corporation) [Bestand niet getekend] C:\WINDOWS\system32\spool\DRIVERS\x64\3\unidrvui.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\WINDOWS\SysWOW64\gm320ain.dll:ExtraData [15] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\1-se.com -> 1-se.com Er zijn 11402 Meer websites. IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\1-se.com -> 1-se.com Er zijn 11402 Meer websites. IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\1-se.com -> 1-se.com Er zijn 11402 Meer websites. ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 04:34 - 2019-08-26 16:59 - 000000846 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Windows Live\Shared;C:\Users\Henk\AppData\Local\Smartbar\Application\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\;C:\Program Files (x86)\QuickTime\QTSystem\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452092\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453449\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452123\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453480\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-3957663117-963798814-2176115037-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Henk\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\55677544-abstracte-achtergrond-van-de-route-en-de-reis-te-midden-van-de-grote-boom-en-prachtige-natuur.jpg HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\Control Panel\Desktop\\Wallpaper -> C:\Users\Henk\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\55677544-abstracte-achtergrond-van-de-route-en-de-reis-te-midden-van-de-grote-boom-en-prachtige-natuur.jpg HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\Control Panel\Desktop\\Wallpaper -> C:\Users\Henk\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\55677544-abstracte-achtergrond-van-de-route-en-de-reis-te-midden-van-de-grote-boom-en-prachtige-natuur.jpg HKU\S-1-5-21-3957663117-963798814-2176115037-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453199\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Geen bestand) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\windows\pss\Bluetooth Manager.lnk.CommonStartup MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CCleaner => "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO MSCONFIG\startupreg: HP LJ300-400 color MFP M375-M475 Series Fax => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe "HP LJ300-400 color MFP M375-M475 Series Fax" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe MSCONFIG\startupreg: StatusAlerts => "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" MSCONFIG\startupreg: uTorrent => "C:\Users\Henk\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "TecoResident" HKLM\...\StartupApproved\Run: => "TFPUService" HKLM\...\StartupApproved\Run: => "TFPUPWDBankService" HKLM\...\StartupApproved\Run: => "TCrdMain" HKLM\...\StartupApproved\Run: => "TSSSrv" HKLM\...\StartupApproved\Run: => "TosVolRegulator" HKLM\...\StartupApproved\Run: => "TosSENotify" HKLM\...\StartupApproved\Run: => "TosWaitSrv" HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger" HKLM\...\StartupApproved\Run32: => "TFPUPWDBankService" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Schermopname en Snel starten.lnk" HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3957663117-963798814-2176115037-1001\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\StartupApproved\StartupFolder: => "OneNote 2010 Schermopname en Snel starten.lnk" HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170452139\...\StartupApproved\Run: => "iCloudPhotos" HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\StartupApproved\StartupFolder: => "OneNote 2010 Schermopname en Snel starten.lnk" HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-3957663117-963798814-2176115037-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08262019170453527\...\StartupApproved\Run: => "iCloudPhotos" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{DA5EC4AD-218A-4531-BD1B-0E09CB806221}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{72D63C8D-C465-47F6-A316-D5C0528694F2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [UDP Query User{2F8A87F3-17C5-407A-9523-593A740F62AA}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Bestand niet getekend] FirewallRules: [TCP Query User{FE5F1DBB-E75D-4398-8111-77F5CECD0645}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{E3F38A12-0214-4033-BB47-59C331A90323}C:\users\henk\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\henk\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{4B2AF3FD-952E-4747-97E8-AE5A6BF2B83E}C:\users\henk\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\henk\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{CEC6C8CD-4636-4B25-9905-0DEE7113E21D}C:\users\henk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\henk\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{1967BDBB-A441-4DBD-A02A-F3CA5D3EE818}C:\users\henk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\henk\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{04A3F98D-D01E-4557-B7F9-79B9F7FB73C2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Bestand niet getekend] FirewallRules: [{946D17BA-F762-4B67-988E-227CB943B384}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Bestand niet getekend] FirewallRules: [{34BA2859-948B-4B91-9A2B-7EEA6BA4F76B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{79625071-FA5F-4A68-83B1-64EBA9923AE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E0E50FC5-D1EF-4E44-9A14-2C4AD3E3E25E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0A331050-EF90-42BA-8A0C-AA5F8DF696D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{54E2377F-D7FA-4346-9F7D-53951933CCCB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Bestand niet getekend] FirewallRules: [{958179BC-D79C-4818-8142-59287367D77A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Bestand niet getekend] FirewallRules: [UDP Query User{BE77E95B-1736-4532-A592-0FD2AADA6274}C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe] => (Block) C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe (TOSHIBA CORPORATION -> TOSHIBA CORPORATION) FirewallRules: [TCP Query User{9FA2E715-56FA-4DA8-8A15-5A0647137303}C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe] => (Block) C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe (TOSHIBA CORPORATION -> TOSHIBA CORPORATION) FirewallRules: [UDP Query User{E3A5339B-085D-4217-9162-4D8A860C63C2}C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe] => (Block) C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe (TOSHIBA CORPORATION -> TOSHIBA CORPORATION) FirewallRules: [TCP Query User{1BDBD51D-CC59-4BA0-ADC2-97986127AC80}C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe] => (Block) C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe (TOSHIBA CORPORATION -> TOSHIBA CORPORATION) FirewallRules: [{2D9E879F-C04D-42ED-9C55-D47E4C031FDA}] => (Allow) LPort=10255 FirewallRules: [{4D971E9D-C460-41C2-9F72-B64EDFC1C1E8}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\9D1DE902-8058-4555-A16A-FBFAA49587DB\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company) FirewallRules: [{5537DFA0-20E4-40DA-BF64-DD70A0888F31}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\9D1DE902-8058-4555-A16A-FBFAA49587DB\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company) FirewallRules: [{C1A4E682-54CF-43AE-B3A4-CC1B8DEB6EF3}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6E049AE7-0FED-4139-BE0E-315E9263B86E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3DF7E1CB-7BDF-41FF-943A-AF0F1815ABDA}] => (Allow) LPort=1900 FirewallRules: [{2186D50B-0271-4B48-9693-CA7AC70A62A8}] => (Allow) LPort=2869 FirewallRules: [{2FC67C31-672E-4476-9B00-D0B7EFC942AA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7E7A0196-4B7A-4710-9111-B50641728FF7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4A7D6490-E23D-4982-941A-FC9EEE42E4CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3CEAFBDF-809B-4BC8-9A70-0CC06F0FBDA5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{AFCDC1C5-73C9-4084-A61B-D8929983A230}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{F04E7C76-7B9C-460D-9874-CD2E6A2F71EA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{B0EB683F-73C3-46A5-887E-7E6B4D3E76E2}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C9DC6B8F-82E3-4083-B1F6-88F798337A0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld (Total:99.89 GB) (Free:18.29 GB) (18%) ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (08/26/2019 09:53:00 AM) (Source: COM) (EventID: 10031) (User: ) Description: Er is een unmarshaling-beleidscontrole uitgevoerd bij de unmarshaling van een aangepast marshal-object en de klasse {41FD88F7-F295-4D39-91AC-A85F3149A05B} is geweigerd Error: (08/26/2019 09:53:00 AM) (Source: COM) (EventID: 10031) (User: ) Description: Er is een unmarshaling-beleidscontrole uitgevoerd bij de unmarshaling van een aangepast marshal-object en de klasse {41FD88F7-F295-4D39-91AC-A85F3149A05B} is geweigerd Error: (08/26/2019 09:53:00 AM) (Source: COM) (EventID: 10031) (User: ) Description: Er is een unmarshaling-beleidscontrole uitgevoerd bij de unmarshaling van een aangepast marshal-object en de klasse {F6C29334-47DC-4397-9150-F549CF1D4861} is geweigerd Error: (08/24/2019 09:37:29 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: TOSHIBA) Description: brave hendrikbrave hendrik-2147467263 Error: (08/24/2019 09:16:48 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: TOSHIBA) Description: brave hendrikbrave hendrik-2147467263 Error: (08/23/2019 10:01:35 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: TOSHIBA) Description: brave hendrikbrave hendrik-2147467263 Error: (08/21/2019 03:11:26 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: TOSHIBA) Description: brave hendrikbrave hendrik-2147467263 Error: (08/21/2019 03:09:22 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: TOSHIBA) Description: brave hendrikbrave hendrik-2147467263 Systeemfouten: ============= Error: (08/26/2019 05:06:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscBrokerManager en APPID Niet beschikbaar aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/26/2019 05:06:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscDataProtection en APPID Niet beschikbaar aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/26/2019 05:05:47 PM) (Source: DCOM) (EventID: 10016) (User: TOSHIBA) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscCloudBackupProvider en APPID Niet beschikbaar aan de gebruiker TOSHIBA\Henk SID (S-1-5-21-3957663117-963798814-2176115037-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/26/2019 05:05:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/26/2019 05:04:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/26/2019 05:04:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (08/26/2019 05:04:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De NetPipeActivator-service is afhankelijk van de WAS-service, die vanwege de volgende fout niet kan worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (08/26/2019 05:04:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De W3SVC-service is afhankelijk van de WAS-service, die vanwege de volgende fout niet kan worden gestart: Het systeem kan het opgegeven bestand niet vinden. Windows Defender: =================================== Date: 2019-03-11 13:51:36.734 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {E9999C8F-5171-4D1D-AF43-BD6CED894142} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-03-11 13:42:37.699 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {C801DF29-0FB8-445A-9874-C71CD9EFB807} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-03-05 11:17:50.332 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {8081334F-1F47-4ADD-90D4-C714653A1D15} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-02-28 14:26:53.905 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {38DCE415-EAA4-498F-80ED-5552EB2CD10C} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-02-28 13:52:26.896 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {6FC628AB-EFC3-426F-B965-B07FC640FC90} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-07-12 11:16:49.979 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.289.911.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15700.9 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2019-07-12 11:16:49.978 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.289.911.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiSpyware Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15700.9 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2019-07-12 11:16:49.976 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.289.911.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15700.9 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2019-07-12 11:16:49.642 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.289.911.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15700.9 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2019-07-12 11:16:49.641 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.289.911.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiSpyware Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15700.9 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet CodeIntegrity: =================================== Date: 2019-08-26 17:05:36.240 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements. Date: 2019-08-26 16:46:58.009 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements. Date: 2019-08-26 11:08:12.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements. Date: 2019-08-26 10:00:34.087 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements. Date: 2019-08-24 09:41:03.185 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements. Date: 2019-08-24 09:31:59.551 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-08-24 09:31:56.529 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-08-24 09:31:56.468 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== BIOS: TOSHIBA Version 6.80 06/25/2013 Motherboard: TOSHIBA PORTEGE Z930 Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz Percentage geheugen in gebruik: 64% Totaal fysiek RAM-geheugen: 3990.16 MB Beschikbaar fysiek RAM-geheugen: 1405.41 MB Totaal Virtueel geheugen: 8854.16 MB Beschikbaar Virtueel geheugen: 4852.04 MB ==================== Schijven ================================ Drive c: (TI30912600A) (Fixed) (Total:99.89 GB) (Free:18.28 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] \\?\Volume{c0c4208e-9c4a-11e2-a65b-806e6f6e6963}\ (System) (Fixed) (Total:1.46 GB) (Free:0.63 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: 9FD87124) Partition 1: (Active) - (Size=1.5 GB) - (Type=27) Partition 2: (Not Active) - (Size=99.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=4 GB) - (Type=84) Partition 4: (Not Active) - (Size=13.9 GB) - (Type=17) ==================== Einde van Addition.txt ============================