Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 22-03-2020 Gestart door Gebruiker (24-03-2020 20:21:33) Gestart vanaf C:\Users\Gebruiker\Downloads Windows 10 Home Versie 1909 18363.720 (X64) (2019-11-14 22:07:04) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3977429123-721371506-1301849296-500 - Administrator - Disabled) agnes (S-1-5-21-3977429123-721371506-1301849296-1004 - Limited - Enabled) DefaultAccount (S-1-5-21-3977429123-721371506-1301849296-503 - Limited - Disabled) Gast (S-1-5-21-3977429123-721371506-1301849296-501 - Limited - Disabled) Gebruiker (S-1-5-21-3977429123-721371506-1301849296-1001 - Administrator - Enabled) => C:\Users\Gebruiker renel (S-1-5-21-3977429123-721371506-1301849296-1003 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3977429123-721371506-1301849296-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated) Belgium e-ID middleware 4.4.24 (build 4261) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A74261}) (Version: 4.4.4261 - Belgian Government) Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform) CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.2509.0 - CyberLink Corp.) CyberLink PowerDirector Content Pack Essential (HKLM-x32\...\{F2D0453E-3783-490D-9D48-7CC648C4ADFB}) (Version: 1.0 - CyberLink Corp.) CyberLink PowerDirector Content Pack Premium 1 (HKLM-x32\...\{1B3E7144-6051-455B-809F-50E3CF913869}) (Version: 1 - CyberLink Corp.) CyberLink PowerDirector Content Pack Premium 2 (HKLM-x32\...\{CF520E54-7DB7-4402-B581-FC0D6734D0C6}) (Version: 2 - CyberLink Corp.) EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - ) EPSON Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 1.80.00 - ) EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - ) FileLocator Lite x64 (HKLM\...\{ECB488A1-19D9-4E16-A995-94B4F86E3708}) (Version: 8.0.867.1 - Mythicsoft Ltd) Google Chrome (HKU\S-1-5-21-3977429123-721371506-1301849296-1001\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden HouseCall for Home Networks (HKLM\...\DRScanner) (Version: 5.3.1094 - Trend Micro Inc.) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation) John's Background Switcher 5.2 (HKLM-x32\...\{DD3DAD13-289E-440E-A5D3-3EFB25305018}_is1) (Version: 5.2 - johnsadventures.com) Legacy 6.0 (HKLM-x32\...\Legacy 6.0) (Version: 6.0 - Millennia Corporation) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3977429123-721371506-1301849296-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) PDF-XChange Editor (HKLM\...\{3BB66258-EB01-4052-9558-D9353DC5AC89}) (Version: 8.0.336.0 - Tracker Software Products (Canada) Ltd.) Hidden PDF-XChange Editor (HKLM-x32\...\{797baf93-803d-4306-9b2f-9ff5972f040c}) (Version: 8.0.336.0 - Tracker Software Products (Canada) Ltd.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.) Realtek USB Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: - ) TomTom MyDrive Connect 4.2.7.3966 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.7.3966 - TomTom) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation) Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft) Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation) Packages: ========= Foto's-invoegtoepassing -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-03-02] (Microsoft Corporation) Media-engine-invoegtoepassing voor Foto's -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-01] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad] MSN weer -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3977429123-721371506-1301849296-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-3977429123-721371506-1301849296-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\80.0.3987.149\notification_helper.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3977429123-721371506-1301849296-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3977429123-721371506-1301849296-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-10] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d03105a152ac7ed4\igfxDTCM.dll [2019-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-10] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers2_S-1-5-21-3977429123-721371506-1301849296-1001: [FileLocatorLite] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\FileLocator Lite\ShellExt.dll [2017-03-02] (Mythicsoft Ltd -> Mythicsoft Ltd) ContextMenuHandlers4_S-1-5-21-3977429123-721371506-1301849296-1001: [FileLocatorLite] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\FileLocator Lite\ShellExt.dll [2017-03-02] (Mythicsoft Ltd -> Mythicsoft Ltd) ContextMenuHandlers5_S-1-5-21-3977429123-721371506-1301849296-1001: [FileLocatorLite] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\FileLocator Lite\ShellExt.dll [2017-03-02] (Mythicsoft Ltd -> Mythicsoft Ltd) ContextMenuHandlers6_S-1-5-21-3977429123-721371506-1301849296-1001: [FileLocatorLite] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\FileLocator Lite\ShellExt.dll [2017-03-02] (Mythicsoft Ltd -> Mythicsoft Ltd) ==================== Codecs (gefilterd) ==================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-01-09] (proDAD GmbH -> proDAD GmbH) ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= 2020-03-22 17:58 - 2019-09-29 10:04 - 000134656 _____ () [Bestand niet getekend] C:\Program Files (x86)\Trend Micro\DRScanner\libzip.dll 2019-02-01 11:36 - 2012-03-26 05:00 - 000389120 _____ (CANON INC.) [Bestand niet getekend] C:\WINDOWS\System32\CNMLMB8.DLL 2019-02-01 13:23 - 2012-03-26 05:00 - 000392192 _____ (CANON INC.) [Bestand niet getekend] C:\WINDOWS\System32\CNMXLMB8.DLL 2003-03-19 06:23 - 2003-03-19 06:23 - 000024576 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1043\mdmui.dll 2006-10-26 12:44 - 2006-10-26 12:44 - 000123904 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\csm.dll 2006-10-26 12:45 - 2006-10-26 12:45 - 000247296 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll 2006-10-26 13:40 - 2006-10-26 13:40 - 000192512 _____ (Microsoft Corporation) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer vertrouwde/beperkte toegang ========== ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2018-01-17 14:58 - 2018-01-17 14:57 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3977429123-721371506-1301849296-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gebruiker\AppData\Roaming\johnsadventures.com\Background Switcher\ActiveBackground.jpg DNS Servers: 195.130.131.4 - 195.130.130.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: EEventManager => C:\Program Files (x86)\EPSON\Creativity Suite\Event Manager\EEventManager.exe MSCONFIG\startupreg: MyDriveConnect.exe => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe -startwithoutDA MSCONFIG\startupreg: OneDrive => "C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s HKLM\...\StartupApproved\StartupFolder: => "Adobe Gamma Loader.exe.lnk" HKLM\...\StartupApproved\StartupFolder: => "Adobe Gamma Loader.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKU\S-1-5-21-3977429123-721371506-1301849296-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3977429123-721371506-1301849296-1001\...\StartupApproved\Run: => "Google Update" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{1CE81CC5-AA81-4017-B20C-B2EA3A3AB5E6}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom) FirewallRules: [{5E7C711E-4645-4BB8-BD5C-A5C77C2EFF87}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{A19C2881-9149-475D-A9B0-6614048094C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [TCP Query User{8E31E529-688D-4D36-897A-0873FA29D6D6}C:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{CD838E16-D96D-4EB2-85B0-5BE6F16DFBB9}C:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{7A90A4FB-808B-4235-845C-293E62D19974}] => (Allow) C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe (Trend Micro, Inc. -> Trend Micro Inc.) FirewallRules: [{49C86F35-B7F1-4AA1-B52E-39C053AB27AA}] => (Allow) C:\Program Files (x86)\Trend Micro\DRScanner\sdk\nmap\nmap.exe (Insecure.Com LLC -> Insecure.Org) ==================== Herstelpunten ========================= 03-03-2020 09:57:20 PDF-XChange Editor 10-03-2020 18:41:48 Gepland controlepunt 17-03-2020 19:02:48 Gepland controlepunt 23-03-2020 10:47:09 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============ Name: Standaard PS/2-toetsenbord Description: Standaard PS/2-toetsenbord Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (standaardtoetsenbord) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft-muis (PS/2) Description: Microsoft-muis (PS/2) Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (03/24/2020 08:21:32 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6516,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/24/2020 08:12:07 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8592,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/24/2020 06:28:55 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9592,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/24/2020 05:29:08 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5620,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/24/2020 05:11:50 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4456,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/24/2020 04:21:44 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10752,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/24/2020 04:04:44 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9520,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (03/24/2020 03:56:50 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10716,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Systeemfouten: ============= Error: (03/23/2020 09:05:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Intel(R) Content Protection HECI Service-service is gestopt met de volgende foutcode: Ongeldige ingang . Error: (03/23/2020 09:05:55 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 19:56:53 op ‎23-‎3-‎2020 is onverwacht gebeurd. Error: (03/23/2020 09:05:47 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY) Description: 3221225684Er is een onherstelbare fout opgetreden tijdens het verwerken van de herstelgegevens. Error: (03/23/2020 10:48:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Intel(R) Content Protection HECI Service-service is gestopt met de volgende foutcode: Ongeldige ingang . Error: (03/23/2020 10:48:17 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: De service Malwarebytes Service is niet juist afgesloten na de ontvangst van een besturingselement voor afsluiten. Error: (03/22/2020 12:17:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69SDJ2U) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (03/22/2020 12:17:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69SDJ2U) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (03/22/2020 12:17:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-69SDJ2U) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Windows Defender: =================================== Date: 2020-03-07 16:50:36.576 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {EA130A5B-7460-4057-814D-548AFCDA4078} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-03-07 16:19:03.411 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {29024497-4385-478F-82FC-113CA562A961} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-03-03 20:15:06.009 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {18504E22-82AC-4E87-BC55-48B17CD59D58} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-03-03 14:24:32.536 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {EE5F30EF-CBCE-48F1-A88C-53573AD6274D} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-02-25 17:37:10.420 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {D1AAAC4C-F4D1-4783-8F6A-7447C71AA766} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM CodeIntegrity: =================================== Date: 2020-03-24 20:07:12.892 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2020-03-24 20:03:27.840 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2020-03-24 20:03:12.504 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2020-03-24 20:03:12.366 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2020-03-24 20:02:56.926 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2020-03-24 20:02:39.166 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-24 20:02:38.551 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. Date: 2020-03-24 20:02:30.775 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. A.90 05/23/2016 Moederbord: MSI Z170A PC MATE (MS-7971) Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz Percentage geheugen in gebruik: 46% Totaal fysiek RAM-geheugen: 8080.21 MB Beschikbaar fysiek RAM-geheugen: 4359.7 MB Totaal Virtueel geheugen: 9360.21 MB Beschikbaar Virtueel geheugen: 5582.93 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:464.67 GB) (Free:396.37 GB) NTFS Drive f: (Voornaamste DATA) (Fixed) (Total:465.76 GB) (Free:280.69 GB) NTFS Drive g: (Genealogie) (Fixed) (Total:465.66 GB) (Free:396.87 GB) NTFS \\?\Volume{6213d6b5-2d22-49f7-a588-9faf65d3309c}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{9e6a492c-cbe0-486b-b46b-912e1e11fb40}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS \\?\Volume{90481dc9-5cbc-4431-96c4-1a667281f3d3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 1A0B1A0A) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BD2CC356) Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== Einde van Addition.txt =======================