Extra scanresultaten van Farbar Recovery Scan Tool (x86) Versie: 07.11.2018 Gestart door Feyenoorder (08-11-2018 10:12:10) Gestart vanaf C:\Users\Feyenoorder\Desktop Microsoft Windows 10 Pro Versie 1803 17134.376 (X86) (2018-05-19 08:08:19) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3495224090-2880344782-4187742138-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3495224090-2880344782-4187742138-503 - Limited - Disabled) Feyenoorder (S-1-5-21-3495224090-2880344782-4187742138-1001 - Administrator - Enabled) => C:\Users\Feyenoorder Gast (S-1-5-21-3495224090-2880344782-4187742138-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3495224090-2880344782-4187742138-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) µTorrent (HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\uTorrent) (Version: 3.3.2.30260 - BitTorrent Inc.) AxCrypt 1.7.2867.0 (HKLM\...\{9BA2A8C7-BFFD-4125-9377-C191C3FF174F}) (Version: 1.7.2867.0 - Axantum Software AB) Brother MFL-Pro Suite DCP-135C (HKLM\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.0.2.0 - Brother Industries, Ltd.) CIF USB Camera (2110) (HKLM\...\CIF USB Camera (2110)) (Version: - ) CrystalDiskInfo 7.8.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.8.3 - Crystal Dew World) Internet Security Essentials (HKLM\...\ComodoIse) (Version: 1.4.459983.158 - ) Kaspersky Free (HKLM\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Free (HKLM\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Kaspersky Secure Connection (HKLM\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) LINE (HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\LINE) (Version: 5.2.2.1459 - LINE Corporation) Malwarebytes versie 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation) Mozilla Firefox 63.0.1 (x86 nl) (HKLM\...\Mozilla Firefox 63.0.1 (x86 nl)) (Version: 63.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.1 - Mozilla) PDFTK Builder 3.5.3 (HKLM\...\PDFTK Builder_is1) (Version: - ) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Spotify (HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB) TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.2.14327 - TeamViewer) TomTom HOME (HKLM\...\{46AE471A-1389-4300-B20D-263F2290CA6F}) (Version: 2.10.4 - Uw bedrijfsnaam) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}\InprocServer32 -> C:\WINDOWS\system32\mswinsck.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{248DD897-BB45-11CF-9ABC-0080C7E7B78D}\InprocServer32 -> C:\WINDOWS\system32\mswinsck.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{275DBBA0-805A-11CF-91F7-C2863C385E30}\InprocServer32 -> C:\WINDOWS\system32\msflxgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{27F8FFB1-7406-11D1-B18C-00A0C922E820}\InprocServer32 -> C:\WINDOWS\system32\msadodc.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{27F8FFB2-7406-11D1-B18C-00A0C922E820}\InprocServer32 -> C:\WINDOWS\system32\msadodc.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{2B11E9B0-9F09-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\MSSTDFMT.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{3A2B370C-BA0A-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{4CAD92F0-D7C4-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msdatgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{59245250-7A2F-11D0-9482-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\msbind.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{6262D3A0-531B-11CF-91F6-C2863C385E30}\InprocServer32 -> C:\WINDOWS\system32\msflxgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{6319EEA0-531B-11CF-91F6-C2863C385E30}\InprocServer32 -> C:\WINDOWS\system32\msflxgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{67397AA3-7FB1-11D0-B148-00A0C922E820}\InprocServer32 -> C:\WINDOWS\system32\msadodc.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{6D835690-900B-11D0-9484-00A0C91110ED}\InprocServer32 -> C:\WINDOWS\system32\MSSTDFMT.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{7C3194FC-D942-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msdatgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{7DA06D40-54A0-11CF-A521-0080C77A7786}\InprocServer32 -> C:\WINDOWS\system32\tabctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{83730EE4-6C46-11CF-A524-0080C77A7786}\InprocServer32 -> C:\WINDOWS\system32\msmask32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{8D0A8460-D87E-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msdatgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{99FF4677-FFC3-11D0-BD02-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\MSSTDFMT.DLL (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AA2073E6-7B9C-11D0-B143-00A0C922E820}\InprocServer32 -> C:\WINDOWS\system32\msadodc.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AC5D0DDE-BD4C-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AC5D0DDF-BD4C-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AC5D0DE0-BD4C-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AC5D0DE1-BD4C-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AC5D0DE2-BD4C-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AC5D0DE3-BD4C-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AC5D0DE4-BD4C-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{AC5D0DE5-BD4C-11D1-B137-0000F8753F5D}\InprocServer32 -> C:\WINDOWS\system32\mschrt20.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{BDC217C5-ED16-11CD-956C-0000C04E4C0A}\InprocServer32 -> C:\WINDOWS\system32\tabctl32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{C932BA85-4374-101B-A56C-00AA003668DC}\InprocServer32 -> C:\WINDOWS\system32\msmask32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{CDE57A43-8B86-11D0-B3C6-00A0C90AEA82}\InprocServer32 -> C:\WINDOWS\system32\msdatgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{CDE57A44-8B86-11D0-B3C6-00A0C90AEA82}\InprocServer32 -> C:\WINDOWS\system32\msdatgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{d79b57ed-727c-4ab8-ba67-e7c6fd30fac1}\localserver32 -> C:\Program Files\TotalAV\TotalAV.exe => Geen bestand CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{E9D00F06-D948-11D0-BCF7-00C04FC2FB86}\InprocServer32 -> C:\WINDOWS\system32\msdatgrd.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\WINDOWS\system32\comdlg32.ocx (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\WINDOWS\system32\mscomct2.ocx (Microsoft Corporation) ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\AxCryptShellExt.dll [2011-12-04] (Axantum Software AB) ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2018-11-05] (AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2018-11-05] (AO Kaspersky Lab) ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2018-11-05] (AO Kaspersky Lab) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation) ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\Axantum\AxCrypt\AxCryptShellExt.dll [2011-12-04] (Axantum Software AB) ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files\Kaspersky Lab\Kaspersky Free 19.0.0\shellex.dll [2018-11-05] (AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {AB052244-7178-42A8-A486-7F465EF2707F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd) Task: {BF5989BF-0E18-459E-9F0D-9ECE6C077F00} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit) Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] () (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2018-04-11 21:29 - 2018-04-11 21:29 - 000364200 _____ () C:\Windows\System32\InputHost.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000080936 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000017448 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CompressFile.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000088616 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 001296424 _____ () C:\Program Files\EaseUS\Todo Backup\bin\libxml2.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000060968 _____ () C:\Program Files\EaseUS\Todo Backup\bin\zlib1.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000024768 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000188608 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000173760 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCAdapt.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000056512 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBInfo.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000018112 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000128192 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActivationOnline.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000085184 _____ () C:\Program Files\EaseUS\Todo Backup\bin\logsys.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000030760 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000068136 _____ () C:\Program Files\EaseUS\Todo Backup\bin\MountImg.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000158248 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ImgFile.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000281128 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DsImgFile.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000072232 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CheckImg.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000139816 _____ () C:\Program Files\EaseUS\Todo Backup\bin\vhdvmdk.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000040128 _____ () C:\Program Files\EaseUS\Todo Backup\bin\BootDriver.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000769064 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExImage.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000193064 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000443944 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AndroidImage.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000148008 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumDisk.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000076840 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FatLib.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000207912 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NTFSLib.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000114880 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FileStorage.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000169512 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CloudInterface.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000501800 _____ () C:\Program Files\EaseUS\Todo Backup\bin\StorageMgr.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000024616 _____ () C:\Program Files\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000020520 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CorrectMbr.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000032296 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000034856 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000064040 _____ () C:\Program Files\EaseUS\Todo Backup\bin\RegLib.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000026816 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AccountManager.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000059944 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NasOperator.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000220864 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EmailBrowser.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000077864 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CloudOperator.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000021184 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActiveOnline.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000136232 _____ () C:\Program Files\EaseUS\Todo Backup\bin\VMConfig.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000020008 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000043048 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbDataSwap.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000353832 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DeviceManager.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000027176 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000138792 _____ () C:\Program Files\EaseUS\Todo Backup\bin\Device.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000146984 _____ () C:\Program Files\EaseUS\Todo Backup\bin\Partition.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000050216 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000061992 _____ () C:\Program Files\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll 2016-11-02 10:12 - 2016-11-02 10:12 - 000089640 _____ () C:\Program Files\EaseUS\Todo Backup\bin\Common.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000056360 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2015-03-19 11:22 - 2015-03-19 11:22 - 000094208 _____ () C:\Program Files\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll 2018-11-07 23:35 - 2018-11-07 23:39 - 002225368 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-11-07 23:15 - 2018-11-07 23:39 - 002312648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-01-11 20:26 - 2016-11-14 12:00 - 000123448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2018-04-11 21:29 - 2018-04-11 21:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-11 21:29 - 2018-04-11 21:29 - 001670656 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-11-07 13:05 - 2018-10-21 07:58 - 001609216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-02 10:13 - 2016-11-02 10:13 - 000278720 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe 2016-11-02 10:13 - 2016-11-02 10:13 - 000224808 _____ () C:\Program Files\EaseUS\Todo Backup\bin\SmartBackup.dll 2018-10-04 17:05 - 2018-10-04 17:07 - 000008192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x86__kzf8qxf38zg5c\ImagePipelineNative.dll 2018-10-25 10:33 - 2018-10-25 10:34 - 000053248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x86__kzf8qxf38zg5c\ChakraBridge.dll 2018-10-25 10:33 - 2018-10-25 10:34 - 000159744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\Windows:AstInfo [0] AlternateDataStreams: C:\WINDOWS\zoek-delete.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\aepic(162).dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\apphelp(163).dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\appinfo(164).dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\AudioSes(165).dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BRCrypt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrDctF2.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrDctF2L.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrDctF2S.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\brinsstr.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrMfNt.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrMuSNMP.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrNetSti.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Brnsplg.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrnStiCp.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BroSNMP.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrSti07a.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrUsi09a.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrWia09b.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\BrWiaNCp.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\centel.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dciman32(167).dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\dfp.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\DfpCommon.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\fbnative.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\lockscreencn.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\msjava.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\NSSearch.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvaudcap32v.dll:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\nvcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcplui.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvcpluir.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco3234174.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispco3234195.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco3234174.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco3234195.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\sdnclean.exe:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Vim.RWBlock.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\vimbase.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\vimsdk.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WdfCoinstaller01009.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wer(168).dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WISPTIS.EXE:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\WudfUpdate_01009.dll:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\eubakup.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\EUBKMON.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\eudskacs.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\EuFdDisk.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvvad32v.sys:$CmdTcID [130] AlternateDataStreams: C:\WINDOWS\system32\Drivers\tap0901.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\UimBus.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\UimFIO.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\uim_devim.sys:$CmdTcID [64] AlternateDataStreams: C:\WINDOWS\system32\Drivers\uim_im.sys:$CmdTcID [64] AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\0425NT.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\08e6e730-35cb-74a6-7815-c1e70b0aac90.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-Kopie van Medicijnnen bijhouden vanaf 10-3-2016 kopie 1(1).xls:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-Kopie van Medicijnnen bijhouden vanaf 10-3-2016 kopie 1(1).xls:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-Kopie van Medicijnnen bijhouden vanaf 10-3-2016 kopie 1(1).xlsm:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-Kopie van Medicijnnen bijhouden vanaf 10-3-2016 kopie 1.xls:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-Kopie van Medicijnnen bijhouden vanaf 10-3-2016 kopie 1.xlsm:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-test_medicijnen_voorraad.xlsm:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-test_medicijnen_voorraad.xlsm:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-test_medicijnen_voorraad_10032016.xlsm:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1-test_medicijnen_voorraad_10032016.xlsm:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\12631334_892005677586535_9126442196001546012_n.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\12651253_1099558116731476_7602429618179508011_n.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\12662581_596350067188654_92139132378461144_n.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\16406424_1388037744550177_3557894990234795778_n.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\16425727_1388534617833823_83793801060567607_n.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\1bd9140f-5de9-4f92-1a1c-fbb48e3aee9d.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\2013090415327gebruikershandleidingcom.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\2013090415327gebruikershandleidingcom.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\20161205123510gebruikershandleidingcom.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\20161205123510gebruikershandleidingcom.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\a4557871-e8b3-d7b9-c55d-6f64a1c578e2.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Admin2016testbestandHelpMij.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\adwcleaner_5.036.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\adwcleaner_5.036.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\b5_t4_samenvatting.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Belasting Ron 2016, Ontvangstbevestiging_Aangifte_inkomstenbelasting_2016_05-04-2017_11.55u.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\bijlage_ Nieuws uit B&W(1).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\bijlage_ Nieuws uit B&W.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\BlackBerryDesktopSoftware_1.2.0.52_B59.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\BlackBerryDesktopSoftware_1.2.0.52_B59.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\BTH-12april2016van0900-0930uur.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\ccsetup521.exe:$CmdTcID [130] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\ccsetup521.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\CD datalijst forum.xlsm:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\ClassicShellSetup_4_2_5c.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\ClassicShellSetup_4_2_5c.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\CreativeCloudSet-Up.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\doc sepa.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Emma en violet.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Feestdagenvergoeding PGB Blanco 12-12-2016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Financieel jaaroverzicht 2015 (1).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Financieel jaaroverzicht 2015 (2).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Financieel jaaroverzicht 2015.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Firefox Setup Stub 51.0.1.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Gesprek orientatie op werk (1-68XA8VZ).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\hdtune_255.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Interview OG.docx:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Jaarnota_26500355963.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Jaaropgave -2015.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\LineInst.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\LineInst.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\log.txt:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Loonstrook 07-2016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Loonstrook 08-2016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Loonstrook 09-2016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_01_2017_17012017.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_05_2016_12052016(1).pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_05_2016_12052016(1).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_05_2016_12052016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_11_2016_12112016(1).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_11_2016_12112016(2).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_11_2016_12112016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_12_2016_11122016(1).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\loonstrook_12_2016_11122016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\m5_t5_samenvatting.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\mededelingen_NL22RABO0103535713_EUR_20160131.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Medicijnnen bijhouden vanaf 10-3-2016 kopie 1.xls:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Medicijnnen bijhouden vanaf 10-3-2016 kopie 1.xls:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\MINIKIT_Neo_Update_NLNL.plf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\MINIKIT_Neo_Update_NLNL.plf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_01-04-2016_13.44u(1).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_01-04-2016_13.44u(2).pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_01-04-2016_13.44u.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_01-04-2016_14.46u.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_01-04-2016_14.46u.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_01-04-2016_15.39u.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_01-04-2016_15.39u.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_04-04-2016_21.06u.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_04-04-2016_21.06u.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2016_05-04-2017_11.55u.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2016_05-04-2017_14.14u.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\ophcrack-notables-livecd-3.6.0.iso:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\ophcrack-notables-livecd-3.6.0.iso:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\pdf-editor_setup_full1281.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\plugin.video.genesis-5.1.4.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\plugin.video.genesis-5.1.4.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Polisvoorwaarden Volkswagen Up ! Manuel.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Polisvoorwaarden Volkswagen Up ! Manuel.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\RapportSetup.exe:$CmdTcID [130] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\RapportSetup.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\repository.lambda-1.1.0.zip:$CmdTcID [130] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\repository.lambda-1.1.0.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\rijvaard106.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\rijvaard106.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\RpprtSetup(1).exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\RSITx64.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\RSITx64.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Service Voucher 399555711.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\uitkeringsbedragenper1januari2016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Vistumbler_v10-6.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Vistumbler_v10-6.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Werken met kooldioxide172_37942.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\wetransfer-a328da.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Win10PE_SE_2016-10-06.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\Win10PE_SE_2016-10-06.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\WinDlg_124.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\[otorrents.com]Game-Of-Thrones-Season-5-2015-1080p.torrent:$CmdTcID [130] AlternateDataStreams: C:\Users\Feyenoorder\Downloads\[otorrents.com]Game-Of-Thrones-Season-5-2015-1080p.torrent:$CmdZnID [26] AlternateDataStreams: C:\Users\Feyenoorder\AppData\Roaming\inst.exe:$CmdTcID [64] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\1001movie.com -> 1001movie.com Er zijn 6091 Meer websites. ==================== Hosts Inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 07:13 - 2015-08-19 17:28 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\Control Panel\Desktop\\Wallpaper -> c:\achtergrond met chayenna en djailano\chayenna en djaylano ingelijst als kleine jongetjes-meisjes.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Geen bestand) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKLM\...\StartupApproved\Run: => "BrMfcWnd" HKLM\...\StartupApproved\Run: => "ControlCenter3" HKLM\...\StartupApproved\Run: => "GrooveMonitor" HKLM\...\StartupApproved\Run: => "NBKeyScan" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "SDTray" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "RIM PeerManager" HKLM\...\StartupApproved\Run: => "ConnectionCenter" HKLM\...\StartupApproved\Run: => "RIMBBLaunchAgent.exe" HKLM\...\StartupApproved\Run: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "SwitchBoard" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "BlackBerryLink.exe" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "TomTomHOME.exe" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "AdobeBridge" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "Spybot-S&D Cleaning" HKU\S-1-5-21-3495224090-2880344782-4187742138-1001\...\StartupApproved\Run: => "Spotify" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{AAD14987-83EB-4365-829A-08FB8119F388}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{DA64BCE4-5566-4F4D-8D5B-342F2937A09F}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{23959766-1373-4E7B-A09C-5373059B6889}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{A7FF6130-FC94-4947-AE57-5D7309DFE2BA}] => (Allow) C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Herstelpunten ========================= 19-10-2018 06:53:18 Gepland controlepunt 28-10-2018 18:51:28 Gepland controlepunt 03-11-2018 18:53:48 Removing COMODO Client - Security 04-11-2018 20:12:13 Installatieprogramma voor Windows-modules 06-11-2018 07:50:06 Installed TinyWall ==================== Defecte Apparaatbeheer Apparaten ============= Name: Multimediacontroller Description: Multimediacontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/08/2018 07:17:54 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR Feyenoord-2.local. Error: (11/08/2018 07:17:54 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 0000:0000:0000:0000:0000:0000:0000:0001:5353 17 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR Feyenoord.local. Error: (11/08/2018 07:17:54 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 10.1.168.192.in-addr.arpa. PTR Feyenoord.local. Error: (11/08/2018 07:17:54 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.10:5353 19 10.1.168.192.in-addr.arpa. PTR Feyenoord-2.local. Error: (11/08/2018 07:17:53 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 00000000 Our Record 3 won: 50AADCEF 25 3327ebcb76074917546d1ef26c9067._tunnel._tcp.local. SRV 0 0 49671 Feyenoord-2.local. Error: (11/08/2018 07:17:53 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: ResolveSimultaneousProbe: 00F73970 Pkt Record: E9DF7C37 23 3327ebcb76074917546d1ef26c9067._tunnel._tcp.local. SRV 0 0 49671 Feyenoord.local. Error: (11/08/2018 07:17:53 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: Local Hostname Feyenoord.local already in use; will try Feyenoord-2.local instead Error: (11/08/2018 07:17:53 AM) (Source: RIM MDNS) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Feyenoord.local. Addr 192.168.1.10 Systeemfouten: ============= Error: (11/07/2018 10:27:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID Windows.SecurityCenter.WscBrokerManager en APPID Niet beschikbaar aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/07/2018 10:26:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Google Update-service (gupdate)-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (11/07/2018 10:26:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Google Update-service (gupdate). Error: (11/07/2018 10:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: SkypeUpdate. Error: (11/07/2018 10:24:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Nero BackItUp Scheduler 3-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (11/07/2018 10:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Nero BackItUp Scheduler 3. Error: (11/07/2018 10:24:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Apple Mobile Device-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (11/07/2018 10:24:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Apple Mobile Device. Windows Defender: =================================== Date: 2018-09-26 12:30:36.492 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: 1.277.89.0 Vorige handtekeningversie: 1.273.1512.0 Bron update: Gebruiker Type handtekening: AntiSpyware Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: 1.1.15300.6 Vorige engineversie: 1.1.15200.1 Foutcode: 0x80509004 Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. Date: 2018-09-26 12:30:36.492 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: 1.277.89.0 Vorige handtekeningversie: 1.273.1512.0 Bron update: Gebruiker Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: 1.1.15300.6 Vorige engineversie: 1.1.15200.1 Foutcode: 0x80509004 Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. Date: 2018-09-26 12:30:36.492 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van de engine. Nieuwe engineversie: 1.1.15300.6 Vorige engineversie: 1.1.15200.1 Gebruiker: NT AUTHORITY\SYSTEM Foutcode: 0x80509004 Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. Date: 2018-09-26 12:29:48.184 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.273.1512.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15200.1 Foutcode: 0x80240022 Foutbeschrijving: Er kan niet naar definitie-updates worden gezocht. Date: 2018-09-24 11:36:54.943 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.273.1512.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 1.1.15200.1 Foutcode: 0x80072ee7 Foutbeschrijving: De naam of het adres van de server kan niet worden omgezet CodeIntegrity: =================================== Date: 2018-11-08 10:10:53.042 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-08 10:10:53.034 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-07 22:27:01.461 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-07 22:27:01.443 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-07 22:23:28.121 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-07 22:23:28.117 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-07 13:40:37.954 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-11-07 13:40:37.946 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz Percentage geheugen in gebruik: 46% Totaal fysiek RAM-geheugen: 3326.17 MB Beschikbaar fysiek RAM-geheugen: 1767.36 MB Totaal Virtueel geheugen: 6910.17 MB Beschikbaar Virtueel geheugen: 5143.21 MB ==================== Schijven ================================ Drive c: (BOOT) (Fixed) (Total:911.07 GB) (Free:125.3 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)] Drive d: (RECOVER) (Fixed) (Total:20 GB) (Free:3.31 GB) FAT32 \\?\Volume{a58d836b-0000-0000-0000-40c4e3000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: A58D836B) Partition 1: (Active) - (Size=911.1 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) Partition 3: (Not Active) - (Size=20 GB) - (Type=0C) ==================== Eind van Addition.txt ============================