Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 14-09-2019 Gestart door Sarah Schutters (17-09-2019 01:57:46) Gestart vanaf C:\Users\Sarah Schutters\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads Windows 10 Education Versie 1803 17134.1006 (X64) (2018-06-04 10:37:11) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1328750869-1351487529-4200884072-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-1328750869-1351487529-4200884072-503 - Limited - Disabled) Gast (S-1-5-21-1328750869-1351487529-4200884072-501 - Limited - Disabled) Sarah Schutters (S-1-5-21-1328750869-1351487529-4200884072-1003 - Administrator - Enabled) => C:\Users\Sarah Schutters WDAGUtilityAccount (S-1-5-21-1328750869-1351487529-4200884072-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Symantec Endpoint Protection (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Symantec Endpoint Protection (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) µTorrent (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.8.2 - Advanced Micro Devices, Inc.) ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Bang & Olufsen Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.230.2 - Conexant) Belgium e-ID middleware 4.4.4 (build 3838) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73838}) (Version: 4.4.3838 - Belgian Government) Belgium e-ID viewer 4.4.9 (build 3962) (HKLM-x32\...\{F3DC7F06-92FF-4C98-87F5-72C0B7863962}) (Version: 4.4.3962 - Belgian Government) BitTorrent (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\BitTorrent) (Version: 7.10.4.44633 - BitTorrent Inc.) Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden Citrix Receiver 4.8 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.8.0.1010 - Citrix Systems, Inc.) ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) CrystalDiskInfo 7.6.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\Discord) (Version: 0.0.301 - Discord Inc.) Dragon Nest EU (HKLM-x32\...\{0153649B-A995-4FDB-92D0-2EA3DC6CD070}) (Version: 1.290.0000 - Shanda Games International) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) Eddie - OpenVPN UI (HKLM-x32\...\AirVPN) (Version: - AirVPN - hxxps://airvpn.org) Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden f.lux (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\Flux) (Version: - f.lux Software LLC) Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HP Dropbox Plugin (HKLM-x32\...\{6AB2D92E-A579-4DE8-AEF2-F5656902A262}) (Version: 49.1.321.0 - HP) HP EmailSMTP Plugin (HKLM-x32\...\{E72547C9-F8FC-47BF-B21D-920FD1DF3260}) (Version: 49.1.321.0 - HP) HP FTP Plugin (HKLM-x32\...\{EB68F74A-A2A4-490D-A9A8-4DFF09E50F00}) (Version: 49.1.321.0 - HP) HP Google Drive Plugin (HKLM-x32\...\{2B2C6232-008A-4235-84BC-BFB8415E15EB}) (Version: 49.1.321.0 - HP) HP OfficeJet Pro 8020 series Basissoftware van het apparaat (HKLM\...\{6A73DC81-D92F-435D-8508-BFF541DD8F3E}) (Version: 49.3.4475.19206 - HP Inc.) HP Officejet Pro 8620 Basissoftware van het apparaat (HKLM\...\{777F86BC-8222-43DB-A2E0-08866CCF77CD}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP Officejet Pro 8620 Help (HKLM-x32\...\{239ED685-E6B1-4C80-9061-D511D0B4FE26}) (Version: 32.0.0 - Hewlett Packard) HP PC Hardware Diagnostics Windows (HKLM-x32\...\{DF16F6E3-6550-468A-9C0C-306B4F60D501}) (Version: 1.5.8.0 - HP Inc.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP) HP SFTP Plugin (HKLM-x32\...\{1A3B3517-5C77-4382-9915-B8F0C2AB691F}) (Version: 49.1.321.0 - HP) HP SharePoint Plugin (HKLM-x32\...\{C8668825-EE66-4F40-87D3-55CC4CEB2E8B}) (Version: 49.1.321.0 - HP) HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.8.24.33 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{52CA6EA8-5F81-42B7-9ADB-35D83B692917}) (Version: 12.12.32.3 - HP Inc.) HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1045 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6472 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{CA25D7BD-CDAD-4119-B9F5-7A30234589C8}) (Version: 19.30.1649.0953 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation) Jackett (HKLM-x32\...\{C2A9FC00-AA48-4F17-9A72-62FBCEE2785B}_is1) (Version: 0.10.398.0 - Jackett) LAV Filters 0.68.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.68.1 - Hendrik Leppkes) Logitech Options (HKLM\...\LogiOptions) (Version: 7.12.43 - Logitech) Logitech Unifying-software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech) Malwarebytes versie 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.11929.20300 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox 69.0 (x64 nl) (HKLM\...\Mozilla Firefox 69.0 (x64 nl)) (Version: 69.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 3.10060.10442.30 - NXP Semiconductors) OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.11929.20300 - Microsoft Corporation) Hidden Online Plug-in (HKLM-x32\...\{C8A8EF1C-D0EC-42B5-866D-AEEACFCBD336}) (Version: 14.8.0.1010 - Citrix Systems, Inc.) Hidden Opera Stable 63.0.3368.88 (HKLM-x32\...\Opera 63.0.3368.88) (Version: 63.0.3368.88 - Opera Software) Patient HealthViewer 6.1.3 (HKLM-x32\...\2683-5993-8159-9128) (Version: 6.1.3 - Nationaal Intermutualistisch College) Productverbeteringsonderzoek voor HP OfficeJet Pro 8020 series (HKLM\...\{1CA9C203-A70A-482C-8CD9-FBBB01CC5EF9}) (Version: 49.3.4475.19206 - HP Inc.) Productverbeteringsonderzoek voor HP Officejet Pro 8620 (HKLM\...\{F4381053-6971-4DBC-ADDA-0DC61C5AFD9F}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) PS4 Remote Play (HKLM-x32\...\{4FF1804C-3582-47AB-9813-8435FDF34FBA}) (Version: 2.8.0.03041 - Sony Interactive Entertainment Inc.) PXL-Bibliotheek databanken (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\storeservi-ee876895@@XenApp.PXL-Bibliotheek dat) (Version: 1.0 - Delivered by Citrix) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.148 - Realtek Semiconductor Corp.) Self-service Plug-in (HKLM-x32\...\{FAA1C01E-3318-495F-B729-30AE8C05BE48}) (Version: 4.8.0.16700 - Citrix Systems, Inc.) Hidden Skype versie 8.30 (HKLM-x32\...\Skype_is1) (Version: 8.30 - Skype Technologies S.A.) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Symantec Endpoint Protection (HKLM\...\{ECC5E55A-D73D-47A3-A183-37B60F6B05A6}) (Version: 14.2.3335.1000 - Symantec Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.70 - Synaptics Incorporated) Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-23733 - Synology) TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - ) Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.0.13880 - TeamViewer) TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: - Gameforge 4D GmbH) Twitch (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.) van Dale (HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\storeservi-ee876895@@XenApp.van Dale) (Version: 1.0 - Delivered by Citrix) VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Web Companion (HKLM-x32\...\{ccfa2e20-0cc9-42ea-8237-a6cd3dbfa6d1}) (Version: 4.2.1846.3481 - Lavasoft) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare) Wondershare Video Converter Ultimate(Build 10.2.2.161) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.2.2.161 - Wondershare Software) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Ys VIII Lacrimosa of Dana (HKLM-x32\...\Ys VIII Lacrimosa of Dana_is1) (Version: - ) Packages: ========= Bubble Shooter POP! Bubbles -> C:\Program Files\WindowsApps\46728SweetCandyKingdom.BubbleShooterPOPBubbles_1.5.0.1000_x64__ncv0abr25ncwe [2018-04-11] (Sweet Candy Kingdom) [MS Ad] Foto's-invoegtoepassing -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation) Ghostery – Privacy Ad Blocker -> C:\Program Files\WindowsApps\Ghostery.Ghostery_8.4.2.0_neutral__kzkqe0pn505dg [2019-08-31] (Ghostery) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-22] (HP Inc.) HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.13.0_x64__v10z8vjag6ke6 [2019-06-30] (HP Inc.) KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_1.2.1.0_neutral__s63fsn2sety0r [2019-03-16] (KONICA MINOLTA INC) Mail en Agenda -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-31] (Microsoft Studios) [MS Ad] MSN weer -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad] ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-1328750869-1351487529-4200884072-1003_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0 CustomCLSID: HKU\S-1-5-21-1328750869-1351487529-4200884072-1003_Classes\CLSID\{04271989-C4D2-40B6-9500-C386E3DDA3F7} -> [OneDrive - PXL] => C:\Users\Sarah Schutters\OneDrive - PXL [2017-09-21 09:56] CustomCLSID: HKU\S-1-5-21-1328750869-1351487529-4200884072-1003_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Sarah Schutters\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1328750869-1351487529-4200884072-1003_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Sarah Schutters\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\vpshell2.dll [2019-05-15] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers2: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\vpshell2.dll [2019-05-15] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxDTCM.dll [2019-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\vpshell2.dll [2019-05-15] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2018-03-11 21:49 - 2016-07-21 11:54 - 000137728 _____ () [Bestand niet getekend] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2018-03-11 21:49 - 2017-03-23 10:49 - 001506304 _____ () [Bestand niet getekend] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000017920 _____ () [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 003598336 _____ () [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 001441280 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll 2019-08-23 13:38 - 2019-08-23 13:38 - 005999104 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 006413824 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 001141760 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 000339968 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 004143104 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 003840000 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 000332800 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 000113152 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 000349184 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2019-01-08 12:59 - 2019-01-08 12:59 - 080959488 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 005622272 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000463360 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000190464 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 002825216 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000053760 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000059392 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000017408 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000330752 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000137216 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000090112 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-01-08 13:00 - 2019-01-08 13:00 - 000017920 _____ (The Qt Company Ltd.) [Bestand niet getekend] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2018-03-11 21:49 - 2017-03-23 10:52 - 000708608 _____ (Wondershare) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\Users\Sarah Schutters\afwezigheidsattest 6-12-17 Sarah Schutters 2MMA 3MMA.jpeg:3or4kl4x13tuuug3Byamue2s4b [97] AlternateDataStreams: C:\Users\Sarah Schutters\afwezigheidsattest 6-12-17 Sarah Schutters 2MMA 3MMA.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\Sarah Schutters\afwezigheidsattest.jpeg:3or4kl4x13tuuug3Byamue2s4b [97] AlternateDataStreams: C:\Users\Sarah Schutters\afwezigheidsattest.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\Sarah Schutters\Desktop\studietoelage 3.jpeg:3or4kl4x13tuuug3Byamue2s4b [97] AlternateDataStreams: C:\Users\Sarah Schutters\Desktop\studietoelage 3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSettings_{32447444-08D5-4B62-AF83-EE909CE470C6}.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSettings_{C54D76E6-7423-47FD-84BA-DA73F3C0958F}.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\sharepoint.com -> hxxps://hogeschoolpxl-files.sharepoint.com ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2018-10-04 15:42 - 2019-02-11 23:12 - 000000458 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 169.254.117.190 5CG62127RB-SarahElitebookG3.mshome.net # 2024 2 6 10 21 12 25 17 ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\HP\Common\HPDestPlgIn\ HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\Control Panel\Desktop\\Wallpaper -> D:\pistoes\P6290088.JPG DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\StartupApproved\Run: => "HP Officejet Pro 8620 (NET)" HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\StartupApproved\Run: => "Skype for Desktop" HKU\S-1-5-21-1328750869-1351487529-4200884072-1003\...\StartupApproved\Run: => "Lync" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{5CDB6B66-725A-45BE-A152-2D1F16D832D4}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3929.1200.105\Bin\ccSvcHst.exe Geen bestand FirewallRules: [{46792B2B-6499-40C6-B693-54F041B59DFA}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3929.1200.105\Bin\ccSvcHst.exe Geen bestand FirewallRules: [{E3D22B39-3BA5-4CDB-8D1C-0F0802A0F5CE}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{0315E4E0-405E-486F-8B73-55E81F50DA05}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.) FirewallRules: [{0175B7BB-AA02-4AEE-809E-DE2B1E2959B0}] => (Allow) D:\SteamLibrary\steamapps\common\Dungeons & Dragons HD\ManaGame.exe () [Bestand niet getekend] FirewallRules: [{9A57A667-5234-4BAC-A61A-6E669BD6BCEB}] => (Allow) D:\SteamLibrary\steamapps\common\Dungeons & Dragons HD\ManaGame.exe () [Bestand niet getekend] FirewallRules: [{F72AEDE8-E306-4647-85EC-185A241996D9}] => (Allow) D:\SteamLibrary\steamapps\common\The Cat Games\The Cat Games.exe ( ) [Bestand niet getekend] FirewallRules: [{94DFD455-40C3-4D45-9CE5-7A04A982147D}] => (Allow) D:\SteamLibrary\steamapps\common\The Cat Games\The Cat Games.exe ( ) [Bestand niet getekend] FirewallRules: [{EFA80808-EC0C-4E68-B68D-B7400B86F647}] => (Allow) D:\SteamLibrary\steamapps\common\Aura Kingdom\Launcher.exe (X-Legend Entertainment CO., LTD. -> X-LEGEND ENTERTAINMENT) FirewallRules: [{8B05B334-7B7A-449F-8C0E-7A85B86B06D1}] => (Allow) D:\SteamLibrary\steamapps\common\Aura Kingdom\Launcher.exe (X-Legend Entertainment CO., LTD. -> X-LEGEND ENTERTAINMENT) FirewallRules: [{0C2F5EB1-1EED-4C62-AD99-AD5337067DAB}] => (Block) D:\ontspanningstoepassingen\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{B96A51A4-E5A0-40D9-AFA3-3FB759B1F483}] => (Block) D:\ontspanningstoepassingen\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{C424E6E4-D26B-4AA7-8585-F10AE37522AB}D:\ontspanningstoepassingen\diablo iii\x64\diablo iii64.exe] => (Allow) D:\ontspanningstoepassingen\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{A7B5852F-CF75-47AC-9A12-86D63A3312C8}D:\ontspanningstoepassingen\diablo iii\x64\diablo iii64.exe] => (Allow) D:\ontspanningstoepassingen\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{90D64A9C-5000-488B-9B4C-24AF5888504A}] => (Allow) D:\Steam\Steam.exe Geen bestand FirewallRules: [{541B2314-B6C1-42D3-BE34-1CB8A312FF80}] => (Allow) D:\Steam\Steam.exe Geen bestand FirewallRules: [{A940F8F0-C840-437E-AE43-C1D8CC317985}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3119CC76-6D59-4A65-92BB-81CA6AB68A81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{96531F19-7CFD-4BAF-9EE8-22889CD9E69E}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe Geen bestand FirewallRules: [{851E5423-A364-402D-AD07-2F90FA0E3534}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe Geen bestand FirewallRules: [{3ECD07A8-B51D-4BFD-834C-0BB14BC0DCA1}] => (Allow) C:\Users\Sarah Schutters\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{9933FF25-42DE-4389-9D80-8467F2641953}] => (Allow) C:\Users\Sarah Schutters\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{582F15C6-31E6-4536-9D7F-5CF08CA95EB2}] => (Allow) C:\Users\Sarah Schutters\Steam\bin\cef\cef.win7\steamwebhelper.exe Geen bestand FirewallRules: [{66759E13-5F8F-4ECB-8A30-3D37D30412D0}] => (Allow) C:\Users\Sarah Schutters\Steam\bin\cef\cef.win7\steamwebhelper.exe Geen bestand FirewallRules: [{16229148-4968-43CB-9748-68E936A5B7A8}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Bestand niet getekend] FirewallRules: [{F1E3FCA3-9788-4355-9653-0D6EC37222C9}] => (Allow) D:\SteamLibrary\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [Bestand niet getekend] FirewallRules: [{201E007F-778C-4E4F-A24F-479177617E33}] => (Allow) D:\SteamLibrary\steamapps\common\NeverAlone\Never_Alone.exe (E-Line Ventures, LLC -> ) FirewallRules: [{CC43D66E-AC78-4C1C-BB75-BA97EF64B5C1}] => (Allow) D:\SteamLibrary\steamapps\common\NeverAlone\Never_Alone.exe (E-Line Ventures, LLC -> ) FirewallRules: [{551780F6-E2CC-4AFE-A518-7BFB10490893}] => (Allow) D:\SteamLibrary\steamapps\common\ContraptionMaker\ContraptionMaker.exe () [Bestand niet getekend] FirewallRules: [{E38CBE31-B863-4B87-A0E1-26F8FEDF1EBA}] => (Allow) D:\SteamLibrary\steamapps\common\ContraptionMaker\ContraptionMaker.exe () [Bestand niet getekend] FirewallRules: [{E573A873-D2AF-4E0C-A9BF-2B89ACB81CCB}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [Bestand niet getekend] FirewallRules: [{7F8EB953-BC64-4AE6-A836-BA28DA69773C}] => (Allow) D:\SteamLibrary\steamapps\common\Portal 2\portal2.exe () [Bestand niet getekend] FirewallRules: [{90ABF68E-AA70-4EDF-8886-B60D2F816D50}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{FD538C57-CD0A-44C7-B93F-7122B309D745}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{18AB3F5E-42BF-49A2-99E0-9FFC2CE41C0E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{F94A31CF-3408-446D-952C-9352A2AE9E20}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{6D4724E3-3FCD-4529-B642-F40FF3A626F4}] => (Allow) LPort=5357 FirewallRules: [{4B1C40D2-B75E-4198-A130-794324C2BB6D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) FirewallRules: [{D4B1D7DA-ED99-4EAF-B8D4-5C209FA52AB7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F42018E5-9691-4B9C-ACDE-455205A868DF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DAA5EE97-8FE8-42B5-BA53-A7071E4A0703}] => (Allow) C:\Users\Sarah Schutters\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{A284A3E5-7677-4FEE-9395-20EDF0B6F063}] => (Allow) C:\Users\Sarah Schutters\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{5645E7BA-2370-437A-857D-E3273218CC1B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{450B0BFE-5401-4F6E-B7E1-ED91C9B9EC49}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D062ACFB-904D-4EEE-9776-3BE5C3729F1B}] => (Allow) C:\Program Files\AirVPN\Eddie-CLI.exe (AIR DI PAOLO BRINI -> hxxps://eddie.website) FirewallRules: [{647D8275-1D1F-4CCB-98A8-86E8095373F9}] => (Allow) C:\Program Files\AirVPN\Eddie-CLI.exe (AIR DI PAOLO BRINI -> hxxps://eddie.website) FirewallRules: [{5137B714-A705-45EF-B840-73B5D62D8DB5}] => (Allow) C:\Program Files\AirVPN\Eddie-CLI.exe (AIR DI PAOLO BRINI -> hxxps://eddie.website) FirewallRules: [{6891AED0-771C-44A2-A9C2-9F7801807B12}] => (Allow) C:\Program Files\AirVPN\Eddie-CLI.exe (AIR DI PAOLO BRINI -> hxxps://eddie.website) FirewallRules: [{9DA8FE5A-567C-4959-BE53-C1053BF0F354}] => (Allow) C:\Program Files\AirVPN\Eddie-UI.exe (AIR DI PAOLO BRINI -> hxxps://eddie.website) FirewallRules: [{65240476-AA15-4319-939B-2337F0F9A32D}] => (Allow) C:\Program Files\AirVPN\Eddie-UI.exe (AIR DI PAOLO BRINI -> hxxps://eddie.website) FirewallRules: [{DCA08901-E160-460D-AE08-F89B55C34FCF}] => (Allow) C:\Program Files\AirVPN\Eddie-UI.exe (AIR DI PAOLO BRINI -> hxxps://eddie.website) FirewallRules: [{2F08C5BE-1C22-4680-85D7-18E85B9D53BF}] => (Allow) C:\Program Files\AirVPN\Eddie-UI.exe (AIR DI PAOLO BRINI -> hxxps://eddie.website) FirewallRules: [{93521E10-67D8-4321-B2DC-2E659A688A69}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A4DE2590-9959-4CFD-94D7-DCA4ED529ECE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{20763CED-9663-4614-8296-96483BDE827E}] => (Allow) C:\Program Files\Vuze\Azureus.exe Geen bestand FirewallRules: [{38E9B7C0-6C65-466D-B026-AD4634D9B6BA}] => (Allow) C:\Program Files\Vuze\Azureus.exe Geen bestand FirewallRules: [{3608F476-D213-465B-B2E4-9E12E6EA2DDC}] => (Allow) C:\Users\Sarah Schutters\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{AA6104AF-1D46-40F3-A841-1DE6EA2AC1D7}] => (Allow) C:\Users\Sarah Schutters\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{AD9C52A4-FF2B-41C4-8D2C-466416B53A16}] => (Allow) C:\Users\Sarah Schutters\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B5595F32-CB0C-4DC7-9E3D-28CE21403979}] => (Allow) C:\Users\Sarah Schutters\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{3840F629-E546-4D6B-A96D-12C515678255}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{614F8523-EC9C-4D60-AA60-47F9FD556732}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{740CBA7A-15B7-4F4B-B75A-4B1B608E0B9F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{EE12B05A-3AE1-4777-8701-BC885B997EEE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{9440CC17-7A86-4636-9914-FF257D6CCF00}] => (Allow) D:\SteamLibrary\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe (Telltale Games) [Bestand niet getekend] FirewallRules: [{EB580B69-8AFD-4B7B-930B-D50E9FD919F6}] => (Allow) D:\SteamLibrary\steamapps\common\Poker Night at the Inventory\CelebrityPoker.exe (Telltale Games) [Bestand niet getekend] FirewallRules: [{67CD3A01-A75F-4170-99CD-DCFA320FAD4C}] => (Allow) D:\Ontspanningstoepassingen\TERA\TERA-Launcher.exe (Gameforge 4D GmbH -> Gameforge 4D GmbH) FirewallRules: [{06A71C2A-2139-49EB-9C26-CB1DF6B21D83}] => (Allow) D:\Ontspanningstoepassingen\TERA\TERA-Launcher.exe (Gameforge 4D GmbH -> Gameforge 4D GmbH) FirewallRules: [{1637E51B-3382-45C5-9FD0-F68490FBEB16}] => (Allow) D:\Ontspanningstoepassingen\TERA\TERA-Launcher.exe (Gameforge 4D GmbH -> Gameforge 4D GmbH) FirewallRules: [{13260C89-7619-4508-9E25-B5E17D6AFB3B}] => (Allow) D:\Ontspanningstoepassingen\TERA\TERA-Launcher.exe (Gameforge 4D GmbH -> Gameforge 4D GmbH) FirewallRules: [{41271F3F-5BE2-4715-8936-6B328804F1FC}] => (Allow) D:\Ontspanningstoepassingen\TERA\Client\TERA.exe Geen bestand FirewallRules: [{D739A916-948F-4C37-AE63-42D2897998FD}] => (Allow) D:\Ontspanningstoepassingen\TERA\Client\TERA.exe Geen bestand FirewallRules: [{669C8A68-1828-4B81-8BC8-426D0C1EF0EA}] => (Allow) D:\Ontspanningstoepassingen\TERA\Client\TERA.exe Geen bestand FirewallRules: [{F1B1BA5A-CE41-4D2F-B057-D7F65EEA2FA4}] => (Allow) D:\Ontspanningstoepassingen\TERA\Client\TERA.exe Geen bestand FirewallRules: [{D8D34A85-FD1B-472E-8E96-6A9E09A2A6DA}] => (Allow) D:\Ontspanningstoepassingen\TERA\Client\TL.exe (Bluehole, Inc. -> ) FirewallRules: [{85BF5018-809A-49A6-92C3-0A559ED3894A}] => (Allow) D:\Ontspanningstoepassingen\TERA\Client\TL.exe (Bluehole, Inc. -> ) FirewallRules: [{567EC67A-C8CE-40CA-BD08-11E27E05AFAF}] => (Allow) D:\Ontspanningstoepassingen\TERA\Client\TL.exe (Bluehole, Inc. -> ) FirewallRules: [{1307550C-6F33-4B9D-B50D-545E9736D3F5}] => (Allow) D:\Ontspanningstoepassingen\TERA\Client\TL.exe (Bluehole, Inc. -> ) FirewallRules: [{47D561B0-CD51-4A93-AA44-C9F5C5B3EE4C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{D2F87BEA-C90B-4126-B921-0A1BA5351C60}] => (Allow) D:\Ontspanningstoepassingen\CherryDeGames\Dragon Nest EU\DragonNest.exe (Eyedentity Games) [Bestand niet getekend] FirewallRules: [{17456A0B-454B-4A18-8411-8D5FE624B90F}] => (Allow) D:\Ontspanningstoepassingen\CherryDeGames\Dragon Nest EU\DragonNest.exe (Eyedentity Games) [Bestand niet getekend] FirewallRules: [{A3D248F9-A8A6-426D-A187-9015999266BF}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{CEB54B52-EFDD-459C-8291-EDCEF631DE39}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{4B58952A-A58F-4C77-A432-E6EAA0F4A04F}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{FFDD56D8-DF38-4ACA-84B7-2E274FC9F6C2}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{0A5EA073-846A-464F-A4D5-F3F3E5D4D10E}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{B1C00EEA-F5DE-46E5-A8ED-2B4232449ED7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8F4118BD-C973-4085-8597-44B00897F8B9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BB588D18-3D93-4019-9A05-1141698C7F19}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.) FirewallRules: [{7DD371F6-6A59-4FA5-B40F-F0F301C1C9E6}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin\ccSvcHst.exe (Symantec Corporation -> Symantec Corporation) FirewallRules: [{D42BCF46-319B-4ED1-BF64-D9B7D4213258}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin\ccSvcHst.exe (Symantec Corporation -> Symantec Corporation) FirewallRules: [{00B0AE26-6EA3-4F7F-A436-ED622211CB50}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\snac64.exe (Symantec Corporation -> Symantec Corporation) FirewallRules: [{25B4003A-6428-4419-9EB5-C6C52FF9CB88}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.2.3335.1000.105\Bin64\snac64.exe (Symantec Corporation -> Symantec Corporation) FirewallRules: [{2C75C765-E8D0-40AB-B729-D1644310BE02}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{CA20DFE8-D128-4421-B56B-FF60F66629D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{539E4DAD-8052-4DDB-9280-3F3DB1D85EDC}] => (Allow) C:\Program Files\Opera\63.0.3368.71\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{D051D1C5-310B-487A-B723-B8576DDADCDB}] => (Allow) C:\Program Files\Opera\63.0.3368.88\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{45748799-46FA-4589-9100-7F7BA7FE87DD}] => (Allow) C:\Users\Sarah Schutters\AppData\Local\Temp\7zS30E3\HP.EasyStart.exe (HP Inc. -> HP) FirewallRules: [{3B90DD0F-8A9A-44E6-A416-A4CCF3F47A76}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8020 series\bin\FaxApplications.exe (HP Inc -> HP Inc.) FirewallRules: [{85D6380C-100F-4B5D-A374-8C538B0CD178}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8020 series\bin\DigitalWizards.exe (HP Inc -> HP Inc.) FirewallRules: [{26A6A7A2-260B-4A37-92F8-C410C4B22B9E}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8020 series\bin\SendAFax.exe (HP Inc -> HP Inc.) FirewallRules: [{2FB64B52-B2EC-4EA9-8A33-595E2E73D8FE}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8020 series\bin\FaxPrinterUtility.exe (HP Inc -> HP Inc.) FirewallRules: [{3AFD347F-5381-4F5C-8859-E3F513B02BAE}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8020 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.) FirewallRules: [{CFF20874-E03C-4066-9EFA-87A337EA5061}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8020 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.) ==================== Herstelpunten ========================= 15-09-2019 15:43:40 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= Name: Microsoft Wi-Fi Direct Virtual Adapter #2 Description: Microsoft Wi-Fi Direct Virtual Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (09/17/2019 01:57:29 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: SmartAudio3.exe, versie: 3.0.54.19, tijdstempel: 0x5c180b3d Naam van module met fout: KERNELBASE.dll, versie: 10.0.17134.1006, tijdstempel: 0x2a97fa2d Uitzonderingscode: 0xe0434352 Foutmarge: 0x000000000003a388 Id van proces met fout: 0x31c8 Starttijd van toepassing met fout: 0x01d56cea7ee0e625 Pad naar toepassing met fout: C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 544eaadd-a0d4-4845-be72-868b3578047e Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/17/2019 01:57:29 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: SmartAudio3.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.BadImageFormatException bij SmartAudio3.EntryPoint.Main(System.String[]) Error: (09/17/2019 01:55:59 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: SmartAudio3.exe, versie: 3.0.54.19, tijdstempel: 0x5c180b3d Naam van module met fout: KERNELBASE.dll, versie: 10.0.17134.1006, tijdstempel: 0x2a97fa2d Uitzonderingscode: 0xe0434352 Foutmarge: 0x000000000003a388 Id van proces met fout: 0xfea0 Starttijd van toepassing met fout: 0x01d56cea493a801c Pad naar toepassing met fout: C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 699855d1-3393-42f5-b571-075ba97f4d38 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/17/2019 01:55:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: SmartAudio3.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.BadImageFormatException bij SmartAudio3.EntryPoint.Main(System.String[]) Error: (09/17/2019 01:54:30 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: SmartAudio3.exe, versie: 3.0.54.19, tijdstempel: 0x5c180b3d Naam van module met fout: KERNELBASE.dll, versie: 10.0.17134.1006, tijdstempel: 0x2a97fa2d Uitzonderingscode: 0xe0434352 Foutmarge: 0x000000000003a388 Id van proces met fout: 0xcefc Starttijd van toepassing met fout: 0x01d56cea139b804c Pad naar toepassing met fout: C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: db0012c8-377f-4f40-ab1b-cab7646f0992 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/17/2019 01:54:29 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: SmartAudio3.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.BadImageFormatException bij SmartAudio3.EntryPoint.Main(System.String[]) Error: (09/17/2019 01:53:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: SmartAudio3.exe, versie: 3.0.54.19, tijdstempel: 0x5c180b3d Naam van module met fout: KERNELBASE.dll, versie: 10.0.17134.1006, tijdstempel: 0x2a97fa2d Uitzonderingscode: 0xe0434352 Foutmarge: 0x000000000003a388 Id van proces met fout: 0xd524 Starttijd van toepassing met fout: 0x01d56ce9de05cc51 Pad naar toepassing met fout: C:\Program Files\Conexant\SA3\HP-NB-AIO\SmartAudio3.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 4e6a2d34-19cf-477e-af32-104e272b6e49 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/17/2019 01:52:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: SmartAudio3.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.BadImageFormatException bij SmartAudio3.EntryPoint.Main(System.String[]) Systeemfouten: ============= Error: (09/17/2019 01:40:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscBrokerManager en APPID Niet beschikbaar aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/17/2019 01:37:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/17/2019 01:37:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/17/2019 01:30:11 AM) (Source: DCOM) (EventID: 10010) (User: 5CG62127RB-SARA) Description: De server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/17/2019 01:07:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/17/2019 01:06:14 AM) (Source: DCOM) (EventID: 10010) (User: 5CG62127RB-SARA) Description: De server Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe!ContentProcess#{000B1402-0079-0000-E8F2-871600000000} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (09/17/2019 01:04:17 AM) (Source: DCOM) (EventID: 10016) (User: 5CG62127RB-SARA) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker 5CG62127RB-SARA\Sarah Schutters SID (S-1-5-21-1328750869-1351487529-4200884072-1003) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/17/2019 12:54:39 AM) (Source: DCOM) (EventID: 10016) (User: 5CG62127RB-SARA) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker 5CG62127RB-SARA\Sarah Schutters SID (S-1-5-21-1328750869-1351487529-4200884072-1003) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Windows Defender: =================================== Date: 2019-05-08 21:09:07.292 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van de engine. Nieuwe engineversie: 1.1.15900.4 Vorige engineversie: 1.1.15700.8 Gebruiker: NT AUTHORITY\SYSTEM Foutcode: 0x80509004 Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. Date: 2019-02-09 22:40:39.760 Description: Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Gedragscontrole Foutcode: 0x80508023 Foutbeschrijving: Op dit apparaat is geen malware en andere mogelijk ongewenste software gevonden. Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten. Date: 2019-02-03 22:28:20.693 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.285.660.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15600.4 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2019-02-03 22:28:20.692 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.285.660.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiSpyware Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15600.4 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2019-02-03 22:28:20.692 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.285.660.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15600.4 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet CodeIntegrity: =================================== Date: 2019-06-15 05:11:25.456 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\backup elitebook G3\D schijf elitebook G3 15-06\bestanden pxl\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.15063.413_none_de3f6336c1e9ffaf\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-15 05:11:25.442 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\backup elitebook G3\D schijf elitebook G3 15-06\bestanden pxl\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.15063.413_none_de3f6336c1e9ffaf\GamePanel.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-15 04:50:38.167 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\backup elitebook G3\D schijf elitebook G3 15-06\bestanden pxl\Windows\WinSxS\amd64_microsoft-windows-a..recognitionadapters_31bf3856ad364e35_10.0.15063.502_none_91e24837c75e85f6\FaceRecognitionSensorAdapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-15 04:50:38.157 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\backup elitebook G3\D schijf elitebook G3 15-06\bestanden pxl\Windows\WinSxS\amd64_microsoft-windows-a..recognitionadapters_31bf3856ad364e35_10.0.15063.502_none_91e24837c75e85f6\FaceRecognitionSensorAdapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-15 04:50:38.129 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\backup elitebook G3\D schijf elitebook G3 15-06\bestanden pxl\Windows\WinSxS\amd64_microsoft-windows-analog-voice-adapters_31bf3856ad364e35_10.0.15063.0_none_b5570f05a35e44e0\NUIVoiceWBSAdapters.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-15 04:50:38.123 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\backup elitebook G3\D schijf elitebook G3 15-06\bestanden pxl\Windows\WinSxS\amd64_microsoft-windows-analog-voice-adapters_31bf3856ad364e35_10.0.15063.0_none_b5570f05a35e44e0\NUIVoiceWBSAdapters.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-15 04:50:38.068 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\backup elitebook G3\D schijf elitebook G3 15-06\bestanden pxl\Windows\WinSxS\amd64_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_10.0.15063.0_none_24c5a15aae47ee62\winbiosensoradapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2019-06-15 04:50:38.066 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume9\backup elitebook G3\D schijf elitebook G3 15-06\bestanden pxl\Windows\WinSxS\amd64_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_10.0.15063.0_none_24c5a15aae47ee62\winbiosensoradapter.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Geheugen info =========================== BIOS: HP N75 Ver. 01.39 04/16/2019 Motherboard: HP 8079 Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz Percentage geheugen in gebruik: 23% Totaal fysiek RAM-geheugen: 16264.59 MB Beschikbaar fysiek RAM-geheugen: 12449.75 MB Totaal Virtueel geheugen: 18696.59 MB Beschikbaar Virtueel geheugen: 15003.74 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:235.48 GB) (Free:19.42 GB) NTFS Drive d: (Windows) (Fixed) (Total:1843.78 GB) (Free:454.01 GB) NTFS \\?\Volume{5a81b7de-1c33-41f3-b241-535bcfd7f827}\ (Recovery) (Fixed) (Total:18.62 GB) (Free:18.19 GB) NTFS \\?\Volume{76c39e4b-3f08-4a01-a424-76242941de35}\ (Recovery) (Fixed) (Total:2.38 GB) (Free:1.85 GB) NTFS \\?\Volume{2735fbe9-8cd1-45a3-bdb8-33db77792721}\ (BOOT) (Fixed) (Total:0.48 GB) (Free:0.48 GB) FAT32 \\?\Volume{986f21a5-e646-43a6-aeea-77df84c1f760}\ (BOOT) (Fixed) (Total:0.48 GB) (Free:0.39 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 5CDF8E86) Partition: GPT. ======================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: 3B3FA470) Partition: GPT. ==================== Einde van Addition.txt ============================