Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 28-12-2019 Gestart door Installatie (02-01-2020 13:35:24) Gestart vanaf C:\Users\Installatie\Downloads Windows 10 Home Versie 1903 18362.535 (X64) (2019-08-08 07:40:18) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1681954670-4036996131-736709052-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1681954670-4036996131-736709052-503 - Limited - Disabled) Gast (S-1-5-21-1681954670-4036996131-736709052-501 - Limited - Disabled) Gebruiker (S-1-5-21-1681954670-4036996131-736709052-1002 - Limited - Enabled) => C:\Users\Gebruiker Installatie (S-1-5-21-1681954670-4036996131-736709052-1001 - Administrator - Enabled) => C:\Users\Installatie WDAGUtilityAccount (S-1-5-21-1681954670-4036996131-736709052-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Emsisoft Anti-Malware (Disabled - Up to date) {5FD8BF8F-F242-6153-61B5-8FF333E8736B} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 20/20 v2.2 (HKLM-x32\...\20/20 v2.2) (Version: - ) 4K Video Downloader 4.9 (HKLM-x32\...\{66A3F673-6062-4616-94B3-52F0F56E7DB8}) (Version: 4.9.2.3082 - Open Media LLC) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated) Adobe Bridge 2019 (HKLM-x32\...\KBRG_9_1) (Version: 9.1 - Adobe Systems Incorporated) Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0_1) (Version: 10.0.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated) Adobe Dreamweaver CS3 (HKLM-x32\...\Adobe_435a6af7459cb02a9c1138113a26e93) (Version: 9.0 - Adobe Systems Incorporated) Adobe Lightroom (HKLM-x32\...\LRCC_3_1) (Version: 3.1 - Adobe Systems Incorporated) Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated) Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_8) (Version: 20.0.8 - Adobe Systems Incorporated) Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team) AVG Driver Updater (HKLM-x32\...\{18926FB7-BEAD-4776-825E-54FD34380417}) (Version: 2.4.0 - AVG Netherlands B.V) Hidden AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.4.0 - AVG Netherlands B.V) AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies) Brave (HKU\S-1-5-21-1681954670-4036996131-736709052-1001\...\BraveSoftware Brave-Browser) (Version: 79.1.1.23 - De auteurs van Brave) calibre (HKLM-x32\...\{FD6B4DA3-5E7B-499E-841D-B797BED0CC47}) (Version: 3.48.0 - Kovid Goyal) calibre 64bit (HKLM\...\{53CF63D2-ADC7-4D61-8076-113B313EE85A}) (Version: 3.33.1 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Chromium (HKU\S-1-5-21-1681954670-4036996131-736709052-1001\...\Chromium) (Version: 58.0.2988.0 - Chromium) Color Cop 5.4.3 (HKLM-x32\...\Color Cop_is1) (Version: - Jay Prall) Color Picker (HKLM-x32\...\Color Picker1.0) (Version: 1.0 - Dilsoft Software) Corel PaintShop Pro 2020 (HKLM-x32\...\_{86D225AF-F4FC-4819-B0C4-6ECF3F24E159}) (Version: 22.0.0.112 - Corel Corporation) Corel PaintShop Pro 2020 (HKLM-x32\...\{2E67196F-4CD9-4EDC-84E4-8F9382FC7374}) (Version: 22.0.0.112 - Corel Corporation) Hidden Corel Update Manager (HKLM-x32\...\{A18B8454-FBA6-4C6F-BF4E-6C3FFD62D697}) (Version: 2.10.504 - Corel corporation) Hidden D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{4A02DCED-C2B0-4DD3-87BD-7D8E68D6AF3C}) (Version: 0.8.6.75 - Dolby Laboratories, Inc.) EPSON ET-2550 Series Printer Uninstall (HKLM\...\EPSON ET-2550 Series) (Version: - SEIKO EPSON Corporation) Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671}) (Version: 4.4.9 - Seiko Epson Corporation) EPSON-handleidingen (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) FileZilla Client 3.21.0 (HKLM-x32\...\FileZilla Client) (Version: 3.21.0 - Tim Kosse) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.3.6.1209 - Digital Wave Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden HTML-Kit 292 (HKLM-x32\...\HTMLKit_is1) (Version: 1.0 - HTMLKit.com) ICA (HKLM-x32\...\{86D225AF-F4FC-4819-B0C4-6ECF3F24E159}) (Version: 22.0.0.112 - Corel Corporation) Hidden IncrediBackup (HKLM-x32\...\{D44222FB-31A2-4D2B-B222-D0C5599F28D0}) (Version: 1.0.0.1039 - IncrediMail) Hidden IncrediBackup (HKLM-x32\...\IncrediBackup) (Version: 1.0.0.1039 - IncrediMail Ltd.) IncrediMail (HKLM-x32\...\{81CF09ED-5FB0-4E0A-A83F-0F514DDEABBC}) (Version: 6.6.0.5344 - IncrediMail) Hidden IncrediMail 2.5 (HKLM-x32\...\IncrediMail) (Version: 6.6.0.5344 - IncrediMail Ltd.) Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden IPM_PSP_COM (HKLM-x32\...\{0F1489D5-71F8-4E29-92FF-C72B3402B79E}) (Version: 22.0.0.112 - Corel Corporation) Hidden Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Uw bedrijfsnaam) Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden KeePass Password Safe 2.13 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: - Dominik Reichl) Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 2.0.7.0 - Lenovo Group Ltd.) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) MediaHuman YouTube to MP3 Converter 3.9.9.29 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.29 - MediaHuman) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Office 365 - nl-nl (HKLM\...\o365homepremretail - nl-nl) (Version: 16.0.12228.20364 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - nl-nl (HKLM\...\ProPlusRetail - nl-nl) (Version: 16.0.12228.20364 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1681954670-4036996131-736709052-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation) Mozilla Firefox 71.0 (x64 nl) (HKLM\...\Mozilla Firefox 71.0 (x64 nl)) (Version: 71.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.3.0 - Mozilla) Mozilla Thunderbird 68.3.1 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 68.3.1 (x86 nl)) (Version: 68.3.1 - Mozilla) Mpeg Layer3 Codec FHG-Radium v1.263 (HKLM-x32\...\Mp3 Codec) (Version: - ) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) NXPowerLite (HKLM\...\{B26F9EFE-96A7-462B-9C3B-BF4018058969}) (Version: 7.1.2 - Neuxpower Solutions Ltd) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.) PhotoFiltre 7 (HKU\S-1-5-21-1681954670-4036996131-736709052-1001\...\PhotoFiltre 7) (Version: - ) PSPPContent (HKLM-x32\...\{0A594064-5745-48CA-BF2B-CBCF8A0AD271}) (Version: 22.0.0.112 - Corel Corporation) Hidden PSPPHelp (HKLM-x32\...\{80981E74-D460-4E97-861A-AEE346AFE208}) (Version: 22.0.0.112 - Corel Corporation) Hidden Setup (HKLM-x32\...\{C4294E76-70D5-4D49-B8F4-0A4D546AB3AC}) (Version: 22.0.0.112 - Uw bedrijfsnaam) Hidden SmartDefender (HKLM-x32\...\{3A19E44E-8948-4B6E-BC8E-87CDA335DFC6}) (Version: 1.0.0.0 - Vondos Media GmbH) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.60 - NCH Software) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.1.3937 - TeamViewer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Vinny27 - Adobe Photoshop CS6 32-bit (HKLM-x32\...\{4C722A04-AC0B-41CB-99E4-DC8EBE1C2E9D}) (Version: 6.0 - Vinny27) Vinny27 - Adobe Photoshop CS6 64-bit (HKLM\...\{552A9E66-09E1-4BA1-ABF9-A51955142BA5}) (Version: 6.0 - Vinny27) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.27 - NCH Software) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.60 bèta 5 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.60.5 - win.rar GmbH) XnView 2.48 (HKLM-x32\...\XnView_is1) (Version: 2.48 - Gougelet Pierre-e) Packages: ========= Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-10-11] (Adobe Systems Incorporated) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-20] (Dolby Laboratories) Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.1910.41.0_x64__k1h2ywk1493x8 [2019-12-30] (LENOVO INC.) LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.54.0_x64__5grkq8ppsgwt4 [2019-08-01] (LENOVO INC) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad] MSN weer -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) [MS Ad] Uitbreiding voor MPEG-2-video -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-1681954670-4036996131-736709052-1001_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\Installatie\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.) CustomCLSID: HKU\S-1-5-21-1681954670-4036996131-736709052-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\Installatie\AppData\Local\BraveSoftware\Brave-Browser\Application\79.1.1.23\notification_helper.exe (Brave Software, Inc. -> Brave Software, Inc.) CustomCLSID: HKU\S-1-5-21-1681954670-4036996131-736709052-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-982777350C65} -> [Creative Cloud Files] => C:\Users\Installatie\Creative Cloud Files [2019-12-31 08:49] CustomCLSID: HKU\S-1-5-21-1681954670-4036996131-736709052-1001_Classes\CLSID\{9B59CC5B-BB42-4B6A-8C1F-000E4E2C685B} -> [MEGA] => C:\Users\Installatie\Documents\MEGA [2019-05-19 10:25] CustomCLSID: HKU\S-1-5-21-1681954670-4036996131-736709052-1001_Classes\CLSID\{BD75275A-C505-4C4D-819A-F99F23F9237B}\InprocServer32 -> C:\Users\Installatie\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.) CustomCLSID: HKU\S-1-5-21-1681954670-4036996131-736709052-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Bestand niet getekend] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1-x32: [IMMenuShellExt] -> {F8984111-38B6-11D5-8725-0050DA2761C4} => C:\Program Files (x86)\IncrediMail\Bin\ImShExtU.dll [2019-05-26] (IncrediMail Inc. -> IncrediMail Ltd.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ContextMenuHandlers1: [NXPLiteShell7] -> {1F4B82CB-67B9-418C-A6FD-6F9DF37BD5E3} => C:\Program Files (x86)\NXPowerLite\NXPLiteShell64.dll [2016-11-25] (Neuxpower Solutions Ltd -> Neuxpower Solutions Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Bestand niet getekend] ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Gebruiker\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-25] (Mega Limited -> ) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126997.inf_amd64_c60ea4cd103ded0b\igfxDTCM.dll [2018-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Bestand niet getekend] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-10-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [NXPLiteShell7] -> {1F4B82CB-67B9-418C-A6FD-6F9DF37BD5E3} => C:\Program Files (x86)\NXPowerLite\NXPLiteShell64.dll [2016-11-25] (Neuxpower Solutions Ltd -> Neuxpower Solutions Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-04] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-04] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (gefilterd) ==================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Drivers32: [msacm.l3codec] => C:\Windows\SysWOW64\l3codecp.acm [189440 2019-03-19] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\Installatie\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm ShortcutWithArgument: C:\Users\Installatie\Desktop\Tubes\Gebruikershandleiding voor Corel Pain.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=goehaekgmdinmndaipdlmopccaolgjdm ShortcutWithArgument: C:\Users\Installatie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Geladen Modules (gefilterd) ============= 2019-10-03 11:17 - 2013-07-24 08:24 - 000137728 _____ () [Bestand niet getekend] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2019-11-06 18:44 - 2019-11-06 18:44 - 008955904 _____ () [Bestand niet getekend] C:\Program Files\Adobe\Adobe Photoshop 2020\inference_engine.dll 2015-12-17 10:11 - 2015-12-17 10:11 - 000132096 _____ (Seiko Epson Corporation) [Bestand niet getekend] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll 2009-10-21 16:39 - 2009-10-21 16:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Bestand niet getekend] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll 2019-02-22 17:01 - 2019-02-22 17:01 - 000704512 _____ (Seiko Epson Corporation) [Bestand niet getekend] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll 2019-02-22 15:09 - 2019-02-22 15:09 - 000475136 _____ (Seiko Epson Corporation) [Bestand niet getekend] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll 2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [Bestand niet getekend] C:\WINDOWS\System32\enppmon.dll 2017-09-14 07:37 - 2017-09-14 07:37 - 000026112 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qgif.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000033280 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qicns.dll 2017-09-14 07:37 - 2017-09-14 07:37 - 000027648 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qico.dll 2017-09-14 07:37 - 2017-09-14 07:37 - 000245760 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qjpeg.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000021504 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qsvg.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000020992 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qtga.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000316416 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qtiff.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000019968 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qwbmp.dll 2017-09-14 07:42 - 2017-09-14 07:42 - 000322560 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\imageformats\qwebp.dll 2017-09-14 07:37 - 2017-09-14 07:37 - 001010688 _____ (The Qt Company Ltd) [Bestand niet getekend] C:\Users\Gebruiker\AppData\Local\MEGAsync\platforms\qwindows.dll 2019-10-03 11:17 - 2013-07-25 16:46 - 000708096 _____ (Wondershare) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) HKU\S-1-5-21-1681954670-4036996131-736709052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => scrfile ==================== Internet Explorer vertrouwde/beperkte toegang ========== ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2018-04-12 00:38 - 2018-12-03 15:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Windows Live\Shared HKU\S-1-5-21-1681954670-4036996131-736709052-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.2.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{583A8459-9ABC-4D4D-87A2-70C4AA86A34F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (IncrediMail Inc. -> IncrediMail Ltd.) [Bestand niet getekend] FirewallRules: [{61754CA3-652C-49F6-A107-CC51A592A38D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (IncrediMail Inc. -> IncrediMail Ltd.) [Bestand niet getekend] FirewallRules: [{818E1FBD-5B29-411A-9671-6AD1F9444700}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (IncrediMail Inc. -> IncrediMail Ltd.) FirewallRules: [{299313B0-7C6E-4AD0-B5FD-BE5104CF08B7}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (IncrediMail Inc. -> IncrediMail Ltd.) FirewallRules: [{1ABFC7B0-E2CA-4866-86FA-51A5C21AD764}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9D041EB4-E509-46F8-AE62-F71D56CFC279}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5BD14B28-8B79-4BBD-A220-6BC4A61E2E9E}] => (Allow) C:\Users\Installatie\AppData\Local\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{B58581D8-A6CD-46B2-9752-2DD19D59A911}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{C82F803B-AF98-42F4-8E45-E8053EB384BA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{E45870D9-1F35-4AF6-82EA-6FF91F5A6B28}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6FBF497D-FCAE-4938-9608-97A184AB010A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{2191D2E2-C291-4A83-9EAC-F348BFD77E57}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{30F2D7E0-2232-4193-9B6E-F5DDBCDE1CA1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{7654C8B2-E773-45B7-9C9B-D5C6B67B31B5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{5F488717-83C6-465B-9794-AA604E22E2EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{0CEBCE19-A508-46D5-AA97-808558CF1126}] => (Allow) C:\Users\Installatie\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [Bestand niet getekend] FirewallRules: [{13BEC453-1768-445F-A8BC-81E8234AF988}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9F45C558-DA3C-4C68-84EA-66DFBCD67E3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{13BCDFA8-26C2-404A-B296-2C05538BC52D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10325.20118.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{14CF6655-180C-4122-9F22-0B58BACD377A}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (IncrediMail Inc. -> IncrediMail Ltd.) FirewallRules: [{30FE8DF2-9B77-440A-9C53-46131BB984C6}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (IncrediMail Inc. -> IncrediMail Ltd.) FirewallRules: [{3792A8EF-7644-49D8-9B4F-C10DEC61A3B7}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImLc.exe (IncrediMail Inc. -> IncrediMail Ltd.) FirewallRules: [{386EDD58-512A-4632-A054-BB29290F6683}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImLc.exe (IncrediMail Inc. -> IncrediMail Ltd.) FirewallRules: [{0ECFEA09-7029-429F-82D0-34B9B68A31DA}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (IncrediMail Inc. -> IncrediMail Ltd.) FirewallRules: [{65C46F30-7982-449E-B7F5-241B56F91941}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (IncrediMail Inc. -> IncrediMail Ltd.) FirewallRules: [{F9E2EA6E-4AA4-4C2B-85F7-CAEBDB5DFBC3}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (IncrediMail Inc. -> IncrediMail Ltd.) [Bestand niet getekend] FirewallRules: [{E561E216-0B04-4DAE-842C-9505896116C8}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (IncrediMail Inc. -> IncrediMail Ltd.) [Bestand niet getekend] FirewallRules: [{3C4F5611-D3D2-414D-A0E0-6E2C9F92EE8A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6809F39C-AB19-4702-B1F8-EC6AF90FF14A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{79FDCC75-D49D-44EB-87BD-2C92EB3A45A7}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{7244FCA1-770A-4A67-A122-A947B60D8ECA}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{01BB6D08-EF2E-498B-981C-52C652FFEBF1}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{29D25B03-0F3A-489C-B7D8-3F0D2EB9E5E9}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{603F0E55-EBBD-4FD2-9A0E-BCBFF10587C0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{829C8933-BBE9-4AAD-8B18-37C85493FFD9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BB78D84C-4A6F-4EF6-8046-1793BC6C53CC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{FFCA0728-1092-4A51-B3D9-4F1E61C01336}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{35D454B6-4D3B-4E7D-8FB5-2DD83B637522}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{6A993F4E-3958-464A-80A3-3940A05F7453}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F1A9BFDA-10D3-4276-899C-D1689F49CE1A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{330D301D-7B72-47E1-902B-3E343F388749}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B6E78232-90EE-4E3C-8DC9-ECCE17726348}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{54F81D3D-CF5A-46CC-91C4-EA37C1E912BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D7556C48-9925-4E0F-B89D-CA6F9FE80808}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{B9F3A2D2-DA40-4AE1-8A30-3DD9F20A70A1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{6A26B29D-9AA8-4553-A307-777B6EC4E362}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{CDE3B237-B9E7-44DC-BC48-A4A10A1AFACE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) FirewallRules: [{3A050D8C-041A-4818-A8F4-C61522A423A1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C8A090A2-0AA2-4BC0-A98A-4B53A0BFD0F4}] => (Allow) LPort=2869 FirewallRules: [{69A88B94-1BD7-47DA-BF0E-92ADDE9C3AA5}] => (Allow) LPort=1900 ==================== Herstelpunten ========================= 21-12-2019 16:15:36 Removed Java 8 Update 181 (64-bit) 21-12-2019 16:24:10 Restore Point Created by FRST 21-12-2019 17:58:05 Restore Point Created by FRST 22-12-2019 08:45:58 Installed Free JavaScript Editor 4.7 22-12-2019 09:12:37 Removed Free JavaScript Editor 4.7 22-12-2019 12:01:33 JRT Pre-Junkware Removal 22-12-2019 12:05:38 JRT Pre-Junkware Removal 22-12-2019 12:09:15 JRT Pre-Junkware Removal 27-12-2019 08:52:46 Windows Live Essentials 27-12-2019 08:53:05 WLSetup ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (01/02/2020 01:32:04 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Error: (01/02/2020 01:32:04 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (01/02/2020 01:32:04 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Error: (01/02/2020 01:32:04 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (01/02/2020 01:28:11 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (01/02/2020 01:28:11 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (01/02/2020 01:23:11 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (01/02/2020 01:23:11 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\IncrediMail\Bin\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Systeemfouten: ============= Error: (01/02/2020 01:31:48 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-DH9V5FBG) Description: De server Microsoft.MicrosoftOfficeHub_18.1910.1283.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/02/2020 01:31:48 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-DH9V5FBG) Description: De server Microsoft.OneConnect_5.1911.3171.0_x64__8wekyb3d8bbwe!App.AppXe8pdgw5syxe8pgccbk3mcn5hanwamr0e.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/02/2020 01:31:34 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-DH9V5FBG) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/02/2020 01:31:34 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-DH9V5FBG) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/02/2020 01:31:34 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-DH9V5FBG) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/02/2020 01:31:34 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-DH9V5FBG) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/02/2020 01:31:34 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-DH9V5FBG) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/02/2020 01:31:34 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-DH9V5FBG) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. CodeIntegrity: =================================== Date: 2020-01-02 13:34:27.697 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-01-02 13:34:27.683 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-01-02 13:34:27.663 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-01-02 13:33:32.591 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-02 13:33:32.553 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-02 13:33:32.521 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-02 13:33:32.488 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-02 13:33:32.397 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== BIOS: LENOVO 6JCN31WW 04/28/2019 Moederbord: LENOVO LNVNB161216 Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz Percentage geheugen in gebruik: 80% Totaal fysiek RAM-geheugen: 8066.72 MB Beschikbaar fysiek RAM-geheugen: 1570.29 MB Totaal Virtueel geheugen: 18818.72 MB Beschikbaar Virtueel geheugen: 11171.52 MB ==================== Schijven ================================ Drive c: (Windows-SSD) (Fixed) (Total:463.34 GB) (Free:320.55 GB) NTFS Drive d: (SYSTEM_DRV) (Fixed) (Total:0.49 GB) (Free:0.47 GB) FAT32 \\?\Volume{f9fffac0-4593-01d4-60dd-d2e0c922ea00}\ () (Fixed) (Total:0 GB) (Free:0 GB) ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 23050FB8) Partition: GPT. ==================== Einde van Addition.txt =======================