Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 22-01-2020 01 Gestart door Rickske (23-01-2020 17:44:00) Gestart vanaf C:\Users\Rickske\Desktop Windows 10 Home Versie 1607 14393.576 (X64) (2016-10-22 09:31:49) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3241837054-988920231-2416323044-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3241837054-988920231-2416323044-503 - Limited - Disabled) Gast (S-1-5-21-3241837054-988920231-2416323044-501 - Limited - Disabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-3241837054-988920231-2416323044-1003 - Limited - Enabled) Joachim (S-1-5-21-3241837054-988920231-2416323044-1005 - Limited - Enabled) => C:\Users\Joachim Katinka (S-1-5-21-3241837054-988920231-2416323044-1004 - Limited - Enabled) => C:\Users\Katinka Rickske (S-1-5-21-3241837054-988920231-2416323044-1001 - Administrator - Enabled) => C:\Users\Rickske ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 5Beaufort (HKLM-x32\...\5Beaufort_is1) (Version: - ) ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated) Albelli.be Fotoboeken (HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1) (Version: 9.2.0.1065 - Albelli) Albelli.be Fotoboeken (HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1) (Version: 9.2.0.1065 - Albelli) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{32689ED1-3C18-98A3-DA37-3053F76699FA}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros) AVS Media Player 4.2.1.103 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.1.103 - Online Media Technologies Ltd.) AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.4.1.540 - Online Media Technologies Ltd.) Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1012.0301 - Micro-Star International Co., Ltd.) Belgium e-ID middleware 4.1.13 (build 1717) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71717}) (Version: 4.1.1717 - Belgian Government) BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.83.6332 - BlueStack Systems, Inc.) BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.1103.1801 - Micro-Star International Co., Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) Cinema ProII Setup (HKLM-x32\...\{C13926BE-159B-4494-BEEC-AB6E207F70AD}) (Version: 1.0.0.10 - Micro-Star International Co., Ltd.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\Dropbox) (Version: 88.4.172 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\Dropbox) (Version: 88.4.172 - Dropbox, Inc.) EasyFace2 (HKLM-x32\...\{94DE7548-E449-4F7D-804F-0C5CDC3A1E6A}) (Version: 2.0.0.25 - Micro-Star International CO.,Ltd.) EasyViewer (HKLM-x32\...\{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI) Hidden EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI) eID Chrome Middleware (HKLM-x32\...\eID Chrome Middleware 1.1.0) (Version: 1.1.0 - e-Contract.be BVBA) ELAN Touchpad 15.9.5.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.9.5.3 - ELAN Microelectronic Corp.) Facebook Games Arcade 0.11.2.4 (HKLM-x32\...\{923578AC-231E-4A7C-8AB8-A90C16B8A507}) (Version: 0.11.2.4 - Facebook) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG) Fotogoed Designer 3.8.8 (HKLM-x32\...\fotogoed-nl_is1) (Version: - 1STEIN Corp.) Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Home Sweet Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113784233}) (Version: - Oberon Media) i-Charger (HKLM-x32\...\i-Charger_is1) (Version: - msi, Inc.) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden KBC-beveiligingscomponenten (HKLM-x32\...\{DDF58C15-38E6-4085-A3F9-FD73705AD4F1}) (Version: 6.29.0001 - KBC Groep NV) KBC-Local (HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\e4ec3470774c9172) (Version: 8.2.1502.121 - KBC-Online for Business) KBC-Local (HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\e4ec3470774c9172) (Version: 8.2.1502.121 - KBC-Online for Business) Kobo (HKLM-x32\...\Kobo) (Version: 4.0.5579 - Rakuten Kobo Inc.) MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 NL) (Version: 7.0.3.120 - MAGIX AG) MAGIX Music Maker 16 Download-versie (HKLM-x32\...\MAGIX Music Maker 16 Download-versie NL) (Version: 16.0.3.0 - MAGIX AG) MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare NL) (Version: 4.3.6.1987 - MAGIX AG) MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR NL) (Version: 6.0.1.2 - MAGIX AG) MAGIX Video easy SE (HKLM-x32\...\{150F075D-45A5-42DB-A44D-D84CB76E22C3}) (Version: 1.0.4.1 - MAGIX AG) Hidden MAGIX Video easy SE (HKLM-x32\...\MAGIX_MSI_Video_easy_SE) (Version: 1.0.4.1 - MAGIX AG) Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.12325.20298 - Microsoft Corporation) Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 38.5.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 nl)) (Version: 38.5.0 - Mozilla) MSI Game Corner Console (HKLM-x32\...\{A86A4C1D-05B5-46B0-A808-1A15DCD17A17}_is1) (Version: 5.5.0.1 - Oberon Media, Inc.) MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI) MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyDriveConnect 3.3.0.1318 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1318 - TomTom) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden OpenOffice.org 3.4.1 (HKLM-x32\...\{C169BD5F-00C1-437C-8162-88FA6BE495D5}) (Version: 3.41.9593 - Apache Software Foundation) PDF Converter (HKLM-x32\...\PDF Converter) (Version: - FreePDFConverter) Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.32.1111.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.) Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10010 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0175 - ) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) S-Bar (HKLM-x32\...\{E0194090-D359-446E-AEAE-D3CEDD46E48E}) (Version: 20.011.07112 - MSI) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB) Spotify (HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB) SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.13.0 - SRS Labs, Inc.) SSveS 2 (HKLM-x32\...\{23BB17EB-D3A0-4100-8D07-DCEE184874EA}) (Version: 2.0 - Webleeuw Software) Stuurprogrammapakket voor Windows - Fedict SmartCard (07/01/2013 4.0.0.8) (HKLM\...\D101DCAD83850799D453082F40CDF9958468129F) (Version: 07/01/2013 4.0.0.8 - Fedict) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH) TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Uw bedrijfsnaam) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Unity Web Player (HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Viber (HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\Viber) (Version: 5.2.0.2546 - Viber Media Inc) Viber (HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\Viber) (Version: 5.2.0.2546 - Viber Media Inc) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) XBMC (HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\XBMC) (Version: - Team XBMC) XBMC (HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\XBMC) (Version: - Team XBMC) Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation) Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Packages: ========= Mail en Agenda -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20116.0_x64__8wekyb3d8bbwe [2020-01-22] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-22] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-22] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2020-01-22] (Microsoft Studios) [MS Ad] Microsoft Telefoon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2020-01-22] (Microsoft Corporation) Microsoft Telefoonassistent -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2020-01-22] (Microsoft Corporation) MSN geldzaken -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.18.37.0_x86__8wekyb3d8bbwe [2016-12-16] (Microsoft Corporation) [MS Ad] MSN nieuws -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe [2016-12-26] (Microsoft Corporation) [MS Ad] MSN sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.18.37.0_x86__8wekyb3d8bbwe [2016-12-16] (Microsoft Corporation) [MS Ad] MSN weer -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.18.37.0_x86__8wekyb3d8bbwe [2016-12-16] (Microsoft Corporation) [MS Ad] Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-22] (Twitter Inc.) WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-16] (Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [dropbox-NamespaceExtensionRole.Personal] => 0 CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [dropbox-NamespaceExtensionRole.Business] => 0 CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3241837054-988920231-2416323044-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR 3.61 Multi\rarext64.dll [2005-06-07] () [Bestand niet getekend] ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR 3.61 Multi\rarext.dll [2006-09-14] () [Bestand niet getekend] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-23] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR 3.61 Multi\rarext64.dll [2005-06-07] () [Bestand niet getekend] ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR 3.61 Multi\rarext.dll [2006-09-14] () [Bestand niet getekend] ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-23] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR 3.61 Multi\rarext64.dll [2005-06-07] () [Bestand niet getekend] ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR 3.61 Multi\rarext.dll [2006-09-14] () [Bestand niet getekend] ContextMenuHandlers1_S-1-5-21-3241837054-988920231-2416323044-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-3241837054-988920231-2416323044-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-3241837054-988920231-2416323044-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Rickske\AppData\Roaming\Dropbox\bin\DropboxExt64.27.0.dll [2020-01-07] (Dropbox, Inc -> Dropbox, Inc.) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Geladen Modules (gefilterd) ============= 2005-06-07 19:26 - 2005-06-07 19:26 - 000043008 _____ () [Bestand niet getekend] C:\Program Files (x86)\WinRAR 3.61 Multi\rarext64.dll 2015-08-21 21:09 - 2015-08-21 21:09 - 000127488 _____ () [Bestand niet getekend] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2016-07-29 18:01 - 2016-07-29 18:01 - 000688640 _____ () [Bestand niet getekend] C:\Users\Rickske\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll 2016-07-29 18:01 - 2016-07-29 18:01 - 001029120 _____ () [Bestand niet getekend] C:\Users\Rickske\AppData\Local\Facebook\Games\CefSharp.Core.dll 2016-07-29 18:01 - 2016-07-29 18:01 - 049805824 _____ () [Bestand niet getekend] C:\Users\Rickske\AppData\Local\Facebook\Games\libcef.dll 2016-07-29 18:01 - 2016-07-29 18:01 - 000074752 _____ () [Bestand niet getekend] C:\Users\Rickske\AppData\Local\Facebook\Games\libegl.dll 2016-07-29 18:01 - 2016-07-29 18:01 - 001665024 _____ () [Bestand niet getekend] C:\Users\Rickske\AppData\Local\Facebook\Games\libglesv2.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 000281600 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVFILESYSTEMMETADATA.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 000400896 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvApi.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 001124864 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvSubsystemController.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 000519680 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvVirtualization.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 000836608 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVOrchestration.dll 2016-08-24 07:12 - 2016-08-24 07:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2016-08-24 07:12 - 2016-08-24 07:12 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 000585008 _____ (Microsoft Windows -> Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVCatalog.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 001642800 _____ (Microsoft Windows -> Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIntegration.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 000177968 _____ (Microsoft Windows -> Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVIsvStreamingManager.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 001010992 _____ (Microsoft Windows -> Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVMANIFEST.dll 2016-08-24 07:09 - 2020-01-07 04:18 - 001091888 _____ (Microsoft Windows -> Microsoft Corporation) [Bestand niet getekend] C:\Program Files\Common Files\Microsoft Shared\ClickToRun\APPVPOLICY.dll 2011-07-11 20:18 - 2011-07-11 20:18 - 001598464 _____ (Micro-Star International Co., Ltd.) [Bestand niet getekend] C:\Program Files (x86)\S-Bar\MSIWmiAcpi.dll 2010-07-17 00:39 - 2010-07-17 00:39 - 000027136 _____ (MSI) [Bestand niet getekend] C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationLibrary.dll ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer vertrouwde/beperkte toegang ========== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\belgium.be -> hxxps://*.belgium.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\cbc.be -> hxxp://cbc-pdf.cbc.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\cbc.eu -> hxxps://ipa-a.cbc.eu IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\cbccorporate.be -> hxxps://secure.cbccorporate.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\csob.cz -> hxxp://www.csob.cz IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\csob.sk -> hxxp://www.csob.sk IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\fgov.be -> hxxps://*.minfin.fgov.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\go-and-deal.fx.com -> hxxps://go-and-deal.fx.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\isabel.be -> hxxps://*.IBS6.isabel.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\isabel.eu -> hxxps://www.isabel.eu IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\isabel.eu -> hxxp://www.isabel.eu IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbc.be -> hxxps://ipa-a.kbc.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbc.com -> hxxps://ipa-a.kbc.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbc.eu -> hxxps://ipa-a.kbc.eu IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbcam.be -> hxxps://www.kbcam.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbcam.be -> hxxp://www.kbcam.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbcam.com -> hxxps://www.kbcam.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbcam.com -> hxxp://www.kbcam.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbcbankingforbusiness.com -> hxxps://wp-a.kbcbankingforbusiness.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\kbcbankingforbusiness.com -> hxxp://wp-a.kbcbankingforbusiness.com Er zijn 11 Meer websites. IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\belgium.be -> hxxps://*.belgium.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\cbc.be -> hxxp://cbc-pdf.cbc.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\cbc.eu -> hxxps://ipa-a.cbc.eu IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\cbccorporate.be -> hxxps://secure.cbccorporate.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\csob.cz -> hxxp://www.csob.cz IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\csob.sk -> hxxp://www.csob.sk IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\fgov.be -> hxxps://*.minfin.fgov.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\go-and-deal.fx.com -> hxxps://go-and-deal.fx.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\isabel.be -> hxxps://*.IBS6.isabel.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\isabel.eu -> hxxps://www.isabel.eu IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\isabel.eu -> hxxp://www.isabel.eu IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbc.be -> hxxps://ipa-a.kbc.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbc.com -> hxxps://ipa-a.kbc.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbc.eu -> hxxps://ipa-a.kbc.eu IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbcam.be -> hxxps://www.kbcam.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbcam.be -> hxxp://www.kbcam.be IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbcam.com -> hxxps://www.kbcam.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbcam.com -> hxxp://www.kbcam.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbcbankingforbusiness.com -> hxxps://wp-a.kbcbankingforbusiness.com IE trusted site: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\kbcbankingforbusiness.com -> hxxp://wp-a.kbcbankingforbusiness.com Er zijn 11 Meer websites. ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171721771\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723083\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-3241837054-988920231-2416323044-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rickske\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{8741dc65-01e2-4eb1-9182-123b191424b8}.jpg HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\Control Panel\Desktop\\Wallpaper -> C:\Users\Rickske\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{8741dc65-01e2-4eb1-9182-123b191424b8}.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Geen bestand) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) MSCONFIG\Services: FilmFanaticService => 2 MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS PC Sound.lnk => C:\windows\pss\SRS PC Sound.lnk.CommonStartup MSCONFIG\startupreg: beid => "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup MSCONFIG\startupreg: Cinema ProII AP => C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe MSCONFIG\startupreg: Cinema ProII Controler => C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe MSCONFIG\startupreg: IsaKbcCertUpdate => C:\Program Files (x86)\Common Files\Isabel\isa_kbc_certupdate.exe MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: MyDriveConnect.exe => "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" MSCONFIG\startupreg: NortonOnlineBackup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe MSCONFIG\startupreg: S-Bar => %PROGRAMFILES%\S-Bar\S-Bar.exe MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Rickske\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" HKLM\...\StartupApproved\Run32: => "StartCCC" HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\StartupApproved\Run: => "Viber" HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\StartupApproved\Run: => "BlueStacks Agent" HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\StartupApproved\Run: => "Viber" HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\StartupApproved\Run: => "BlueStacks Agent" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{93FF1252-F745-4244-8637-407CC73853BA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Bestand niet getekend] FirewallRules: [{A71594EF-5F6F-4CD9-9B74-707121011CD4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Bestand niet getekend] FirewallRules: [UDP Query User{31FEA272-7F72-4E74-8B9F-69F55206D541}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe (Team XBMC) [Bestand niet getekend] FirewallRules: [TCP Query User{046C84E6-D27B-4DC5-8067-2B5767137884}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe (Team XBMC) [Bestand niet getekend] FirewallRules: [{9A7ABEB1-39BD-4D02-BD8D-D14073F32CB8}] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.) FirewallRules: [{2E807E17-9CF8-4B77-80E9-C47135810B89}] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.) FirewallRules: [UDP Query User{05DC468A-D601-4248-B22D-9F7F6E0D5D5F}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.) FirewallRules: [TCP Query User{93D15BEA-81F9-471C-87A6-0034A62CE17C}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.) FirewallRules: [{CA572A2A-FA7F-44E4-9A45-A54837A87FE4}] => (Allow) C:\Users\Rickske\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited) FirewallRules: [UDP Query User{9EE9DBEC-8ED2-4CD3-B938-5D05CF58C005}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{9BC831DE-29D7-4B27-A9B8-6CB5718013E3}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{1185AC71-23D9-44F5-8821-34CE757C3539}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{1A8049A4-84EA-4A19-BA99-1DD48970AD2C}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{E32575A4-FE16-4460-9400-A63125CD13BC}C:\users\rickske\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rickske\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{7F417841-C922-4D07-8EAE-B20FF7B56913}C:\users\rickske\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rickske\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8B1FEB8B-B2FF-49C7-BA53-BA261DBB6DE1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2F1BD6C5-1E85-492B-A682-85264C0DBAD1}] => (Allow) C:\Users\Rickske\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{54019ED7-F961-4E71-BC20-F029C162688F}] => (Allow) C:\Users\Rickske\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{5324A55A-1FD5-4FDC-B3CB-B5CBB5B0552E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2ED935D0-542D-4CB5-8E20-90C5B1055CBA}] => (Allow) LPort=1900 FirewallRules: [{3FEFDF60-FBA2-4212-86E3-FC2531BC918A}] => (Allow) LPort=2869 FirewallRules: [{809CC3F6-93BF-4F05-94DA-19BF349E5976}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B606D294-9FB1-4B9C-86ED-4D779C9FA52A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3B3DCBD6-6BE2-43F7-A6CF-1A9B622A36F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Herstelpunten ========================= 05-01-2017 17:09:43 5-01-2017 22-01-2020 18:18:15 Removed Java 8 Update 40 ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (01/23/2020 04:11:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x8007001f, Een apparaat dat op het systeem is aangesloten, werkt niet. . Bewerking: Asynchrone bewerking uitvoeren Context: Huidige status: DoSnapshotSet Error: (01/23/2020 04:09:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (01/23/2020 04:07:58 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het uitvoeren van een query voor de IVssWriterCallback-interface. hr = 0x80070005, Toegang geweigerd. . Dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces. Bewerking: Schrijvergegevens verzamelen Context: Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220} Naam van schrijver: System Writer Instantie-id van schrijver: {27d14e29-e8ac-4a60-b73c-7da8aedf2c93} Error: (01/22/2020 06:18:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (01/22/2020 05:50:20 PM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (01/22/2020 05:49:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma explorer.exe, versie 10.0.14393.479 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 223c Starttijd: 01d5d141ca3462f4 Eindtijd: 4294967295 Toepassingspad: C:\Windows\explorer.exe Rapport-id: 1ebcdb85-3d37-11ea-8d8d-6c626d367572 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (01/22/2020 05:39:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Rickske-MSI) Description: Het activeren van de app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App is mislukt door de fout -2147023728. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (01/22/2020 05:24:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Rickske-MSI) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Systeemfouten: ============= Error: (01/23/2020 05:17:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/23/2020 05:17:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/23/2020 05:17:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/23/2020 05:16:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De NetTcpActivator-service is afhankelijk van de NetTcpPortSharing-service, die vanwege de volgende fout niet kan worden gestart: Kan de service niet starten omdat deze is uitgeschakeld of omdat het geen ingeschakelde apparaten met zich heeft verbonden. Error: (01/23/2020 05:14:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Application Virtualization Client-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (01/23/2020 05:14:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Klik-en-klaar-service van Microsoft Office-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (01/23/2020 05:14:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Oberon Media Game Console service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (01/23/2020 05:14:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De MSI Foundation Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Windows Defender: =================================== Date: 2020-01-22 19:45:21.923 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {BB66AFE7-05D5-41D8-9805-560EE6EB1E2F} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-01-22 19:26:08.221 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {CFA8C0A9-B46E-497F-B49D-94810C7D27BB} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-01-20 20:02:01.473 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {09C42A46-3833-4227-A822-7381E9602302} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: Rickske-MSI\Rickske Date: 2020-01-20 19:38:19.168 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {65A66FDA-EA63-4759-9909-2F15A2D2E6F3} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-01-20 19:31:14.914 Description: Scan van Windows Defender is gestopt voordat deze was voltooid. Scan-id: {900D441D-AD80-461D-86AE-C11006D2D83C} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-01-22 16:12:36.299 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 119.0.0.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: Systeem voor netwerkinspectie Type update: Volledig Gebruiker: Rickske-MSI\Rickske Huidige engineversie: Vorige engineversie: 2.1.14600.4 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2020-01-22 16:12:36.223 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.307.2684.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiSpyware Type update: Volledig Gebruiker: Rickske-MSI\Rickske Huidige engineversie: Vorige engineversie: 1.1.16600.7 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2020-01-22 16:12:36.218 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.307.2684.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiVirus Type update: Volledig Gebruiker: Rickske-MSI\Rickske Huidige engineversie: Vorige engineversie: 1.1.16600.7 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet Date: 2020-01-22 16:12:36.058 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.307.2684.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.16600.7 Foutcode: 0x8024402c Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2020-01-22 15:29:24.802 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 119.0.0.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: Systeem voor netwerkinspectie Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 2.1.14600.4 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet CodeIntegrity: =================================== Date: 2020-01-23 17:03:12.132 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-01-23 17:03:11.771 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-01-23 17:03:11.621 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-01-23 17:03:11.208 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-01-23 17:03:10.821 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-01-23 17:03:10.467 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-01-23 17:03:09.898 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-01-23 17:03:09.652 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. E16GNAMS.116 07/18/2011 Moederbord: Micro-Star International Co., Ltd. MS-16GN Processor: AMD E-450 APU with Radeon(tm) HD Graphics Percentage geheugen in gebruik: 69% Totaal fysiek RAM-geheugen: 3563.74 MB Beschikbaar fysiek RAM-geheugen: 1085.2 MB Totaal Virtueel geheugen: 7147.74 MB Beschikbaar Virtueel geheugen: 4013.09 MB ==================== Schijven ================================ Drive c: (OS_Install) (Fixed) (Total:270.58 GB) (Free:50.61 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive d: (Data) (Fixed) (Total:180.39 GB) (Free:180.28 GB) NTFS \\?\Volume{8b8c5032-8eb9-11e1-ba80-806e6f6e6963}\ (BIOS_RVY) (Fixed) (Total:14.7 GB) (Free:0.31 GB) NTFS \\?\Volume{8b8c5033-8eb9-11e1-ba80-806e6f6e6963}\ (System) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 40C0B837) Partition 1: (Not Active) - (Size=14.7 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=27) Partition 3: (Not Active) - (Size=270.6 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=180.4 GB) - (Type=07 NTFS) ==================== Einde van Addition.txt =======================