Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17.03.2019 Gestart door edegr (09-04-2019 14:56:56) Gestart vanaf G:\ Windows 10 Home Versie 1803 17134.648 (X64) (2018-08-30 21:53:42) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-617981293-3126250112-3978215402-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-617981293-3126250112-3978215402-503 - Limited - Disabled) edegr (S-1-5-21-617981293-3126250112-3978215402-1001 - Administrator - Enabled) => C:\Users\edegr Gast (S-1-5-21-617981293-3126250112-3978215402-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-617981293-3126250112-3978215402-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden ASUS GiftBox Service (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 3.2.3.0 - ASUSTeK COMPUTER INC.) ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.105 - ICEpower a/s) Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software) BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Build-a-lot Mysteries 2 (HKLM-x32\...\WTA-6446e264-3b91-41f6-816f-d3dc99aa5ad1) (Version: 3.0.2.59 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform) Cisco WebEx Meetings (HKU\S-1-5-21-617981293-3126250112-3978215402-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.) DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden DIGIPASS Native Bridge 2.2.2 (HKLM-x32\...\{28A6E867-4D45-4023-8DD0-09FC196C2892}) (Version: 2.2.2 - VASCO Data Security) Hidden DIGIPASS Native Bridge 2.2.2 (HKU\S-1-5-21-617981293-3126250112-3978215402-1001\...\{485aa135-e0a2-49de-8079-3f7bf0a07611}) (Version: 2.2.2 - VASCO Data Security) DJ_AIO_03_F2200_Software_Min (HKLM-x32\...\{2711B584-259B-4723-A6F2-F3CFA291AFA2}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.) eID Chrome Middleware (HKLM-x32\...\eID Chrome Middleware 1.1.0) (Version: 1.1.0 - e-Contract.be BVBA) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{83475ED4-8CCD-4F42-B877-7E2CC2BBD97B}) (Version: 2.0.0.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION) EPSON XP-243 245 247 Series Printer Uninstall (HKLM\...\EPSON XP-243 245 247 Series) (Version: - Seiko Epson Corporation) EPSON-handleidingen (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.) F2200 (HKLM-x32\...\{C81DA04A-1D44-4D4A-8108-5129331BBA00}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.6 - Gadwin Systems, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{60D6AAC5-FDC1-49BA-867B-3135F4726156}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.5.37.19 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{4CBA8ECF-0519-4583-91ED-F098522245EB}) (Version: 12.8.47.1 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation) Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Kruidvat fotoservice (HKLM-x32\...\Kruidvat fotoservice) (Version: 6.2.6 - CEWE Stiftung u Co. KGaA) Malwarebytes versie 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.8.17336 - McAfee, Inc.) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.11425.20202 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-617981293-3126250112-3978215402-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) MyPhotoFun Editor (HKLM-x32\...\{2EDC9D4E-5172-44E9-9D47-FB3CA94C43A5}) (Version: 5.19.0.16660 - MyPhotoFun) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.) Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.6.547 - ASUS Cloud Corporation) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.15 - WildTangent) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.1.1.30 - WildTangent) Hidden WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 1.0.0.28 - WildTangent) Hidden Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.) Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-617981293-3126250112-3978215402-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-617981293-3126250112-3978215402-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\edegr\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileCoAuthLib64.dll => Geen bestand ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [Bestand niet getekend] ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [Bestand niet getekend] ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [Bestand niet getekend] ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Geen bestand ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Geen bestand ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Geen bestand ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Geen bestand ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {027F2C30-E98A-42DA-91DF-174173C0F0DE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {02806A25-BF17-4652-98FF-A8F7B58EF6EC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {05DEFE94-964E-4606-A993-676A467F826C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.) Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe (Dropbox, Inc -> ) Task: {1340E3CF-E861-47CC-A904-C066CB921997} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {1A57C0D0-9118-46E2-822F-6BBB70F03861} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {1FC4FA72-5605-4937-9C7A-787CC62ED30F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {253200EB-DD9B-4B8E-80F4-93E37F97F0D3} - System32\Tasks\EPSON XP-243 245 247 Series Update {5E5EF9B5-5E67-472D-82FF-377AF8F50682} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Bestand niet getekend] Task: {358A07D2-781B-46A6-8834-7388A88EA10C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe (HP Inc. -> HP Inc.) Task: {35F2B305-D1B6-4B32-ABF6-F38042CDB074} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {39F5DFCE-A10B-43B5-9BC9-0B61FBBE4622} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {6438DCAF-C52E-4ED7-A9B1-6031D201F056} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {67D21A6A-3F4E-4FC8-83BD-8640C4903AA9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (Hewlett Packard -> HP Inc.) Task: {6AA184C1-7DD6-4395-B577-D0E839662316} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.) Task: {6E040E62-FE24-4FF7-812A-456182D5E9B5} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe (ASUSTeK Computer Inc. -> AsusTek) Task: {7251986D-36E7-477C-859A-2A947D23C815} - System32\Tasks\EPSON XP-243 245 247 Series Update {1A3D4738-FFEF-44E5-9FAF-8B72009A2A9E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {7308CE4C-E4DF-46C4-9436-11E9D496E1C1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {74457579-77DC-4A0D-8FF7-E88C92F00407} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {79DD14A6-6373-4A1C-A295-7F0164C17DF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd) Task: {7C143B24-16F4-4EE0-A111-1C5EE1C37984} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {86E9C550-5552-44C2-BA05-EF11BFFC8B3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {88100AE2-0ED8-457B-8189-FB533AE3314B} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {8BE96224-E4B8-481B-9194-F44B3D8BF342} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (Hewlett Packard -> HP Inc.) Task: {8D22D793-9BA1-425A-AB1D-FEBF0B2E7B8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (HP Inc. -> HP Inc.) Task: {966F1BAA-E6A2-42FA-835B-112EB1007CC9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.) Task: {96C0E4B1-F8E5-470D-8A0E-051E6BC0DCAC} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) [Bestand niet getekend] Task: {999C8992-ADC7-4C88-99B2-0BCF64FA0D97} - System32\Tasks\EPSON XP-243 245 247 Series Update {E29E4AFD-52F1-461E-BB97-0F909096053F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {BA6BB3CE-001C-4536-A276-DE00C536C1BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {BAC3F8A1-04AE-4D9E-BD3E-C3C674C8C664} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation) Task: {BCD188B9-7349-4909-9BC7-ECAB0CB2465F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) Task: {C2824EB3-F84A-4A10-998E-24B93CB9667B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.) Task: {C4AFC324-658F-42B8-81F3-A708E27EE2EC} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {C5B7FC76-1E38-4B15-A2BB-4500875BBBD4} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle America, Inc. -> Oracle Corporation) Task: {D4E926D8-CB3B-4D2B-9639-549A8ADD0ADC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {DA2982DB-02EE-4ACE-83BF-325BD618B0B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {E56FAEFA-E2ED-48A6-BBF4-DB3160408598} - System32\Tasks\HPCeeScheduleForedegr => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (Hewlett-Packard Company -> HP Development Company, L.P.) Task: {E95732D4-0B8D-4283-93E3-9B5540F5B66B} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {EC90D8BB-67E0-48A8-87B7-41451EA69C59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {FA464B5F-D087-46C2-B312-C3E8515103BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {FA4EF322-BB0C-4B67-BCCA-86F8FC3762EE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-617981293-3126250112-3978215402-1001 => C:\Users\edegr\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {FCF17BC0-E5A3-4369-B519-4F540D2A51FF} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe (AVAST Software a.s. -> AVAST Software) Task: {FF1261B0-0C92-42D5-9DFF-F70618C0C488} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\EPSON XP-243 245 247 Series Update {1A3D4738-FFEF-44E5-9FAF-8B72009A2A9E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{1A3D4738-FFEF-44E5-9FAF-8B72009A2A9E} /F:UpdateWORKGROUP\DESKTOP-FG78T7N$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON XP-243 245 247 Series Update {5E5EF9B5-5E67-472D-82FF-377AF8F50682}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{5E5EF9B5-5E67-472D-82FF-377AF8F50682} /F:UpdateWORKGROUP\DESKTOP-FG78T7N$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON XP-243 245 247 Series Update {E29E4AFD-52F1-461E-BB97-0F909096053F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{E29E4AFD-52F1-461E-BB97-0F909096053F} /F:UpdateWORKGROUP\DESKTOP-FG78T7N$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\HPCeeScheduleForedegr.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 _____ (SEIKO EPSON CORPORATION) [Bestand niet getekend] C:\WINDOWS\System32\enppmon.dll 2015-05-19 11:11 - 2015-05-19 11:11 - 000335872 _____ (Intel Corporation) [Bestand niet getekend] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe 2015-08-25 11:40 - 2015-08-25 11:40 - 000055296 _____ (ASUS) [Bestand niet getekend] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe 2015-04-22 15:59 - 2015-04-22 15:59 - 001489920 _____ (ASUS Cloud Corporation.) [Bestand niet getekend] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll 2011-05-03 11:18 - 2011-05-03 11:18 - 000487424 _____ (Gadwin Systems, Inc) [Bestand niet getekend] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe 2019-02-22 18:01 - 2019-02-22 18:01 - 000704512 _____ (Seiko Epson Corporation) [Bestand niet getekend] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll 2015-08-25 11:40 - 2015-08-25 11:40 - 000027648 _____ () [Bestand niet getekend] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2015-08-25 11:40 - 2015-08-25 11:40 - 000164864 _____ (ASUSTeK Computer Inc.) [Bestand niet getekend] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll 2015-08-25 11:40 - 2015-08-25 11:40 - 001680384 _____ (ASUS TeK Computer Inc.) [Bestand niet getekend] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll 2015-08-25 11:40 - 2015-08-25 11:40 - 000124928 _____ () [Bestand niet getekend] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2015-08-25 11:40 - 2015-08-25 11:40 - 000178688 _____ (ASUS TeK Computer Inc.) [Bestand niet getekend] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll 2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Bestand niet getekend] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll 2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [Bestand niet getekend] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2015-07-10 13:04 - 2018-12-26 16:20 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-617981293-3126250112-3978215402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\edegr\OneDrive\Afbeeldingen\2018\20181227_000707.jpg DNS Servers: 195.130.130.5 - 195.130.131.5 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-617981293-3126250112-3978215402-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{DBAA72AD-E0FE-4D8B-9151-578C9485D10D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe Geen bestand FirewallRules: [{DFE5D794-E9CF-49E1-BF54-01DF005E79E5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe Geen bestand FirewallRules: [{E5571520-0105-430E-B545-B1766DE77449}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe Geen bestand FirewallRules: [{04969228-B653-462A-883F-00AD02E50D3B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe Geen bestand FirewallRules: [{E19111FB-A628-4660-94B6-43ACD68E5D8F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe Geen bestand FirewallRules: [{6E2D8600-BC5D-49C8-871E-114243CB5AD8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe Geen bestand FirewallRules: [{FEBA1400-B514-4918-A938-7619A43F4C7A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard) FirewallRules: [{ED7E2773-7EDA-44BB-B0DC-601BA9D8062B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{6360ED96-BF35-4993-88D9-5645A27972F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{39290CBD-7CE6-4144-98CC-39187AF17969}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) FirewallRules: [{CED6E6EA-6E31-40B6-B9DA-C6FEE7EA7A76}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{F719CF13-84E1-4154-BF15-587670A3461C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{75A4973B-6113-4C10-B23A-0C99522AB8CA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{5ECA974A-F64E-46FF-BAEF-9760619BFD5D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3887A27C-077C-4EF6-A4F4-117D77DB99F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{0F6074FF-E9AB-45B9-8242-737529B8AB7C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{AFD998E6-E12B-4FCA-B9BA-3A1201BFD9DD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3ACBBE52-3F5C-478F-A843-7D0004A2EC1D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [TCP Query User{1140A86B-4996-4494-AABC-F64F33F42EE6}C:\users\edegr\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\edegr\appdata\local\popcorn-time\popcorn-time.exe Geen bestand FirewallRules: [UDP Query User{D7B313B0-5C3B-4AA8-86E3-8EA3544D33F5}C:\users\edegr\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\edegr\appdata\local\popcorn-time\popcorn-time.exe Geen bestand FirewallRules: [TCP Query User{D23BF453-E485-413D-B1B5-0FEB2FB98FA0}C:\users\edegr\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\edegr\appdata\local\popcorn-time\popcorn-time.exe Geen bestand FirewallRules: [UDP Query User{C4D3D2A6-461A-4899-A68A-465433823733}C:\users\edegr\appdata\local\popcorn-time\popcorn-time.exe] => (Allow) C:\users\edegr\appdata\local\popcorn-time\popcorn-time.exe Geen bestand FirewallRules: [{9C26B55A-839C-462E-BE9F-76BF01739C21}] => (Allow) C:\Users\edegr\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe Geen bestand FirewallRules: [{C9067103-4485-4E9A-8D1C-9C9DFB8FD172}] => (Allow) C:\Users\edegr\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe Geen bestand FirewallRules: [{97B4F8F5-AABD-4B11-9D7E-3D36CD8FCB20}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{07E0C382-1D0C-4675-A6D9-913F3BFB72DD}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{A2EBCB24-AA26-46DC-887F-612CF7BD3658}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{D2D52A44-3CBC-43D4-91A0-7AF270BFE777}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{3444F4B1-3299-40BE-9CCE-0703D9EC3F44}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{452D7D6F-F057-4EF9-9F28-95AA7CD84354}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{7B168B14-48E5-4BE3-9AF6-A05598598689}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{122213E3-CB59-4665-9095-E61FEA02CDEC}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe Geen bestand FirewallRules: [{86210F58-C4E4-4B78-BB48-6B43D690EF25}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe Geen bestand FirewallRules: [{664BA9C0-61CB-4265-B761-D4E503E7FC7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Herstelpunten ========================= 21-02-2019 16:41:49 Windows Update 05-03-2019 22:19:00 Windows Update 15-03-2019 14:57:33 Windows Update 30-03-2019 21:56:17 Windows Update 08-04-2019 11:45:45 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (04/09/2019 11:12:45 AM) (Source: HP Active Health) (EventID: 88) (User: ) Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it Error: (04/09/2019 11:12:45 AM) (Source: HP Active Health) (EventID: 88) (User: ) Description: -- SECURITY WARNING -- ActiveHealthState.ini has been tampered with, resetting it Error: (04/09/2019 11:12:45 AM) (Source: HP Active Health) (EventID: 80) (User: ) Description: -- SECURITY WARNING -- Unable to deserialize super secret file hashes. Will assume evil is afoot - all Validate() calls will return DOESNT_MATCH at HP.ActiveHealth.Commons.Security.HashStore.LoadHashesFromFile() Error: (04/09/2019 10:54:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (04/08/2019 11:30:43 AM) (Source: HP Active Health) (EventID: 88) (User: ) Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it Error: (04/08/2019 11:30:43 AM) (Source: HP Active Health) (EventID: 88) (User: ) Description: -- SECURITY WARNING -- ActiveHealthState.ini has been tampered with, resetting it Error: (04/08/2019 11:30:43 AM) (Source: HP Active Health) (EventID: 80) (User: ) Description: -- SECURITY WARNING -- Unable to deserialize super secret file hashes. Will assume evil is afoot - all Validate() calls will return DOESNT_MATCH at HP.ActiveHealth.Commons.Security.HashStore.LoadHashesFromFile() Error: (03/30/2019 09:48:12 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Systeemfouten: ============= Error: (04/09/2019 11:57:59 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FG78T7N) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} en APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} aan de gebruiker DESKTOP-FG78T7N\edegr SID (S-1-5-21-617981293-3126250112-3978215402-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (04/09/2019 11:33:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (04/09/2019 10:41:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (04/09/2019 10:41:14 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FG78T7N) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-FG78T7N\edegr SID (S-1-5-21-617981293-3126250112-3978215402-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (04/09/2019 10:38:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (04/08/2019 03:05:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (04/08/2019 03:04:54 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-FG78T7N) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker DESKTOP-FG78T7N\edegr SID (S-1-5-21-617981293-3126250112-3978215402-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (04/08/2019 03:01:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: CDPUserSvc_15121fc. Windows Defender: =================================== Date: 2019-04-08 15:27:13.840 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {001F200C-AB74-457D-AD02-F0E34066E205} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-02-21 16:51:21.325 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {72D6A628-1290-43FD-85FD-0FAB4D14CBAB} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\NETWORK SERVICE Date: 2019-01-29 20:25:00.674 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {0800D964-B353-4EF8-AACA-AEAD604DBAF0} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\NETWORK SERVICE Date: 2019-01-17 20:25:36.800 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {0A1BD080-9DD0-4208-913C-C1A6E292D68E} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-01-17 20:11:41.150 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {5AE87F01-53B3-4FD8-A3DE-828268646016} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2019-03-15 13:41:51.920 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.289.877.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15700.9 Foutcode: 0x80070005 Foutbeschrijving: Toegang geweigerd. Date: 2019-03-10 09:55:07.629 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.289.812.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15700.9 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2019-02-21 15:41:48.829 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.287.93.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15700.8 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2019-01-29 19:49:25.823 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.285.74.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15600.4 Foutcode: 0x80240016 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2018-12-27 16:50:29.345 Description: Windows Defender Antivirus heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.283.1619.0 Bron update: Microsoft-updateserver Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.15500.2 Foutcode: 0x8007043c Foutbeschrijving: Deze service kan niet in veilige modus worden gestart. CodeIntegrity: =================================== Date: 2019-03-30 21:31:53.197 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-30 21:31:50.996 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-30 21:31:49.696 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-30 21:31:48.024 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-30 21:31:46.944 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-30 21:31:45.274 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-30 21:31:44.022 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2019-03-30 21:31:43.176 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentage geheugen in gebruik: 48% Totaal fysiek RAM-geheugen: 8062.71 MB Beschikbaar fysiek RAM-geheugen: 4125.21 MB Totaal Virtueel geheugen: 9342.71 MB Beschikbaar Virtueel geheugen: 4702.17 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:171.36 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:552.46 GB) NTFS Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS Drive g: (Cruzer) (Removable) (Total:14.92 GB) (Free:0.02 GB) FAT32 \\?\Volume{bd64caee-1c5a-452c-a0e5-975a3e124db4}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS \\?\Volume{842f95b9-cc25-47b0-80c5-96d440ba5d32}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 884091B6) Partition: GPT. ======================================================== Disk: 1 (Protective MBR) (Size: 14.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Einde van Addition.txt ============================