Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 20.06.2018 Gestart door VANDENHAUTE (07-07-2018 19:10:52) Gestart vanaf C:\Users\VANDENHAUTE\Downloads Windows 8.1 (Update) (X64) (2018-06-18 13:47:35) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2952796674-3952710296-3611388709-500 - Administrator - Disabled) Gast (S-1-5-21-2952796674-3952710296-3611388709-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2952796674-3952710296-3611388709-1003 - Limited - Enabled) VANDENHAUTE (S-1-5-21-2952796674-3952710296-3611388709-1001 - Administrator - Enabled) => C:\Users\VANDENHAUTE ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Abra Academy version 1.5 (HKLM-x32\...\{D0A81D52-2F1B-4599-BEB7-844A6E7990F8}_is1) (Version: 1.5 - Multibyte) Alcor Micro USB Card Reader Driver (HKLM-x32\...\{7F28165B-148D-4672-AA21-469D9E6E3CB6}) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Hidden Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.21.3317.03861 - Alcor Micro Corp.) Aloha Solitaire version 1.5 (HKLM-x32\...\{4674ACC5-8C04-47A5-8F70-46600C4AC183}_is1) (Version: 1.5 - Multibyte) Aloha Tri Peaks version 1.5 (HKLM-x32\...\{AE13E597-2621-412E-B9D5-FDF5AFBEFFFB}_is1) (Version: 1.5 - Multibyte) AMD Catalyst Install Manager (HKLM\...\{47793035-A31B-6024-9F4F-AF211A95A6E4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 4.1.3 - philandro Software GmbH) Bejeweled 3 (HKLM-x32\...\WTA-d8d5abfe-c42e-4db3-9fd0-c68478e93712) (Version: 3.0.2.59 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot (HKLM-x32\...\WTA-c8cab8a2-0e50-46a1-88e4-d6a162f2fe62) (Version: 3.0.2.59 - WildTangent) Hidden Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-ce3da306-4e05-4d5b-9357-4302be6f2b0e) (Version: 3.0.2.48 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform) Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft) Corel Painter 2019 - Content (HKLM\...\{0CB44D25-ABCD-4BAB-88BA-C10225F5B26F}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - Core (HKLM\...\{739ABD60-E7F7-4F66-93C8-963C3F10197D}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - Corex64 (HKLM\...\{E57822FE-D66B-42F6-8972-51A682D5DB3B}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - CT (HKLM\...\{81C4E913-F4B6-46DD-8040-F2495C7E40E7}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - DE (HKLM\...\{4957A80C-D042-45D2-BF80-810DD81A3897}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - EN (HKLM\...\{175ED696-0A15-44A3-9BDA-9A27AD768A32}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - FR (HKLM\...\{7DF9949B-8BA1-4E68-9C66-3CC8E485204C}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - IPM (HKLM\...\{EA1947B4-46DA-4484-A9DC-15EB2C5A47FB}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - IPM Content (HKLM\...\{D2A529CF-50BB-4509-AB41-8075967BC641}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - JP (HKLM\...\{F909CEAE-27D9-46CD-B14D-E32CA6FC84A6}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 - Setup Files (HKLM\...\{A7744212-7E8F-44FE-A3FF-068001C911E1}) (Version: 19.0 - Corel Corporation) Hidden Corel Painter 2019 (HKLM\...\_{A7744212-7E8F-44FE-A3FF-068001C911E1}) (Version: 19.0.0.427 - Corel Corporation) Corel Painter Thumbnail Previewer (HKLM\...\{50139369-99B2-496A-8726-D3DC5D6D4235}) (Version: 18.0 - Corel Corporation) Corel Update Manager (HKLM\...\{6E7D6853-E0C5-48D9-B5BB-97CD0B0A4DE2}) (Version: 2.8.364 - Corel corporation) Hidden Coupe Du Monde Solitaire version 1.5 (HKLM-x32\...\{B9BAE565-43FB-4F09-B648-49DBDFFAD84E}_is1) (Version: 1.5 - Multibyte) Crazy Chicken Soccer (HKLM-x32\...\WTA-c7873c15-930b-4c47-b4db-846aee05b529) (Version: 2.2.0.110 - WildTangent) Hidden CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.) Hidden Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.) CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.) CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden DriversCloud.com (64 bits) (HKLM\...\{29DC4128-CF89-49D9-A524-B4430F036F14}) (Version: 10.0.7.0 - Cybelsoft) Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Evernote v. 6.13.14 (HKLM-x32\...\{D16B1D50-7D70-11E8-81F3-005056951CAD}) (Version: 6.13.14.7474 - Evernote Corp.) Farm Frenzy (HKLM-x32\...\WTA-51ecebeb-563c-4e10-88ae-909dd102fa0c) (Version: 3.0.2.59 - WildTangent) Hidden Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation) Glary Utilities 5.100 (HKLM-x32\...\Glary Utilities 5) (Version: 5.100.0.122 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-2a856b10-84f2-40e6-9757-81ac85d2caad) (Version: 3.0.2.59 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Documentation (HKLM-x32\...\{198B2800-6C16-4F2A-BC52-EA0F7FD67095}) (Version: 1.3.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard) Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.27 - Softex Inc.) Hidden Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.27 - Softex Inc.) Hidden Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AF8A5E6C-7485-47FB-9FE4-CF3B43FDB178}) (Version: 18.0.156 - Intel Corporation) ISO Opener (HKLM-x32\...\{CE235F00-F8CD-41AF-83D5-236D90E33BFB}_is1) (Version: - www.isoopener.com) Jewel Match 3 (HKLM-x32\...\WTA-2a57100d-ec28-4ed2-92d7-e661ffdda452) (Version: 3.0.2.59 - WildTangent) Hidden Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) OpenOffice 4.1.5 (HKLM-x32\...\{155C4F2E-7381-4B80-B258-FD0600C9C46B}) (Version: 4.15.9789 - Apache Software Foundation) Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-c1749fd2-ae48-424d-bdb2-35a3a867994a) (Version: 3.0.2.51 - WildTangent) Hidden Polar Bowler 1st Frame (HKLM-x32\...\WTA-63e19cfc-bab7-4694-8d61-8806b73ef50b) (Version: 3.0.2.59 - WildTangent) Hidden Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-b77116ec-662c-43d7-8b9a-ac43d9ad25e0) (Version: 2.2.0.98 - WildTangent) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) SnailDriver version 1.0.0.4 (HKLM-x32\...\{3189DA22-4E71-4794-9F3D-39A3DE0062DE}_is1) (Version: 1.0.0.4 - SnailSuite) TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer) Trinklit Supreme (HKLM-x32\...\WTA-e1a7f25a-e64f-4cdc-a135-c2725c6ab77e) (Version: 2.2.0.98 - WildTangent) Hidden Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden UR (HKU\S-1-5-21-2952796674-3952710296-3611388709-1001\...\URBrowser) (Version: 61.1.3163.24 - Adaptive Bee) Vacation Quest™ - Australia (HKLM-x32\...\WTA-0e4f3faa-5d60-481b-94f7-c81a44b1d402) (Version: 3.0.2.32 - WildTangent) Hidden Virtual Families (HKLM-x32\...\WTA-e0c74170-54f9-4c3a-9611-498220945fe7) (Version: 2.2.0.98 - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN) Wedding Dash (HKLM-x32\...\WTA-250ae163-6ca5-4dc8-ad04-34a06c0f95f0) (Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.14 - WildTangent) Hidden WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) Youda Jewel Shop (HKLM-x32\...\WTA-1887901a-3b54-4170-972c-c591c2d1cd48) (Version: 3.0.2.51 - WildTangent) Hidden ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (Cyberlink) ContextMenuHandlers1: [CLVDShellExt11] -> {0A968D6C-1B49-4200-94C3-CDDDD6E40454} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt11.dll [2018-05-19] (Cyberlink) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-06-19] (Foxit Corporation) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (Cyberlink) ContextMenuHandlers2: [CLVDShellExt11] -> {0A968D6C-1B49-4200-94C3-CDDDD6E40454} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt11.dll [2018-05-19] (Cyberlink) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-06-22] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\windows\system32\StartMenuHelper64.dll [2017-08-13] (IvoSoft) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0018F804-7468-4814-B770-C4F8CEBE0E45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-18] (Google Inc.) Task: {007FFC24-10BA-48F3-91A8-17D36349B41C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd) Task: {1A6D458E-FF6E-4E46-80D3-4C0736027260} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) Task: {2672485C-4B61-4142-9EB3-B40386B23CB8} - System32\Tasks\DeviceDetector7.5 => C:\Program Files (x86)\CyberLink\MediaEspresso7.5\DeviceDetector\DeviceDetector7.5.exe [2018-06-01] (CyberLink Corp.) Task: {2F3C0FBB-477A-4A7B-B6AB-9E817D3E83EC} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2018-06-26] (Glarysoft Ltd) Task: {4DE7CC64-7F32-4127-8464-DC8D08B3D071} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-06-29] (Realtek Semiconductor) Task: {4E4E4EA7-2213-4C2B-B523-30CFABE7E7EA} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {54C82CBD-C251-47A3-A8B5-F29BB407CA39} - System32\Tasks\SnailDriverSkipUAC => C:\Program Files (x86)\SnailSuite\SnailDriver\SnailDriver.exe [2016-09-17] (TODO: <公司名>) Task: {59A50CF8-BF9F-41A7-BC3F-ED4E8AF2C87F} - System32\Tasks\SnailDriverSkipUSC => C:\Program Files (x86)\SnailSuite\SnailDriver\SnailLaunch.exe [2017-03-14] (SnailDrivers) Task: {5DE6AE6C-7337-4367-8E0F-E12B7CAB755D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company) Task: {676FA207-F38B-4354-8B9B-EF014FE34619} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd) Task: {7080C3C7-48FD-4F6F-B459-1D93EDDE454C} - System32\Tasks\HPCeeScheduleForVANDENHAUTE => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {800130DD-3C43-4614-974D-7C18F8383E45} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-09-27] (Hewlett-Packard) Task: {945FA00E-4735-4647-A75F-D3251EEBA4BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-18] (Google Inc.) Task: {9E32323F-A8CC-41DE-B054-CC19521081DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) Task: {A0237607-AF24-4052-A719-76170CEBA6C6} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-09-27] (Hewlett-Packard) Task: {B4E582A9-2056-45CB-AC10-2BF9ED435B6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2017-09-20] (HP Inc.) Task: {CB128B85-DE3C-4310-928B-B4CA63D66E17} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-09-27] (Hewlett-Packard) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\windows\Tasks\HPCeeScheduleForVANDENHAUTE.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2014-09-27 14:40 - 2014-09-27 14:40 - 002150400 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2014-09-27 14:39 - 2014-09-27 14:39 - 000021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2014-09-27 14:39 - 2014-09-27 14:39 - 000035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2014-09-27 14:39 - 2014-09-27 14:39 - 000055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2014-09-27 14:48 - 2014-09-27 14:48 - 000420432 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2014-09-27 14:48 - 2014-09-27 14:48 - 000746064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2018-06-18 19:50 - 2018-06-18 19:50 - 002057928 _____ () C:\Program Files (x86)\AnyDesk\AnyDesk.exe 2015-04-24 13:20 - 2014-04-14 19:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2018-07-06 12:49 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-07-06 12:49 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2014-09-27 14:42 - 2014-09-27 14:42 - 000065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2018-06-24 13:26 - 2018-06-24 13:26 - 000097272 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2018-06-26 22:25 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll 2018-06-26 22:25 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll 2018-06-26 03:55 - 2018-06-26 03:55 - 000086992 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll 2018-07-01 14:50 - 2018-07-01 14:50 - 000668384 _____ () C:\Program Files (x86)\Evernote\Evernote\tidy.dll 2018-07-04 15:24 - 2018-05-18 17:31 - 000634552 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\CLMediaLibrary.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) ==================== Hosts inhoud: ========================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2018-07-07 18:42 - 000002103 _____ C:\windows\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2952796674-3952710296-3611388709-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP\HP_Svinoya_Norway_Sunset.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{8255EBD3-1B28-4B05-A406-A65277492F80}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{91242E05-853A-4425-A444-C71D48DC06C4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DD653355-02AA-45A6-9D16-47F5B96E3B1A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FC589EC4-9FF3-4A08-B6A0-55E2C7E29DAE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{364A109D-B638-48A4-8C1B-9547ED5695BB}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{482C3FC7-1F72-46DC-A176-1F21F9500583}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{518CAE69-2439-4635-978E-D1705E136600}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{2FDB2AA7-51E8-4547-91E9-23B8D54BEE7B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{8CABC774-8F8C-4A64-B136-A33DE7E5B060}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{4461DA61-52C7-4CAD-81B0-B5D7EB1856F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{639EF740-5285-4197-9F0D-68CBBA22CACF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{F6855C30-8681-4526-954C-0423261F60F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{75AAD6AE-14A2-4BE9-9C1A-1366DA43E626}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{FBE65EF7-0876-4021-957C-53346E982EC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{6B245833-FF77-498B-BAEF-CF794ED0DC6F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{2CCD68A8-7EF8-43AB-BC47-478B41EDCD79}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{1D10DA8A-4032-4E9A-A43A-5C23AE14973B}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{9A40D7CF-6568-443A-881E-56D5804BE5B7}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe FirewallRules: [{C0E010AB-D390-4506-8015-8BC0E45E019A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{E3D26D60-D750-4EFA-9622-1EBA6B17FAF2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{8F478CD0-2126-41AB-9825-7D022ABD0C0E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{236B33F6-D304-4DE9-9956-5CDCE0E30948}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{7A1813FA-7856-4099-AD72-D86E25A27629}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe FirewallRules: [{95403F32-270C-4C2C-B61B-CFF68126CEF5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ==================== Herstelpunten ========================= 02-07-2018 15:23:34 Installed Evernote v. 6.13.13 04-07-2018 10:42:20 Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 06-07-2018 14:10:40 Snail Driver install restore point 06-07-2018 15:01:30 Installed DriversCloud.com (64 bits) 06-07-2018 19:27:11 Snail Driver install restore point ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (07/07/2018 06:44:12 PM) (Source: Windows Search Service) (EventID: 10021) (User: ) Description: Impossible d’obtenir les informations de registre des compteurs de performances pour WSearchIdxPi pour l’instance en raison de l’erreur suivante : De bewerking is voltooid. 0x0. Error: (07/07/2018 06:44:11 PM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Impossible d’initialiser le contrôle des performances pour l’objet rassembleur. Les compteurs ne sont pas chargés ou l’objet mémoire partagée ne peut pas être ouvert. Cela affecte seulement la disponibilité des compteurs. Redémarrez l’ordinateur. Context: toepassing , catalogus SystemIndex Error: (07/07/2018 06:44:10 PM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Impossible d’initialiser le contrôle des performances pour le service rassembleur, car les compteurs ne sont pas chargés ou l’objet mémoire partagée ne peut pas être ouvert. Cela affecte seulement la disponibilité des compteurs de performances. Redémarrez l’ordinateur. Error: (07/07/2018 06:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 13 6.D.2.6.5.B.7.9.7.8.4.5.3.A.9.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR R-gis.local. Error: (07/07/2018 06:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.60:5353 15 6.D.2.6.5.B.7.9.7.8.4.5.3.A.9.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR R-gis-2.local. Error: (07/07/2018 06:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 13 6.D.2.6.5.B.7.9.7.8.4.5.3.A.9.2.0.0.0.0.8.8.1.3.6.D.8.6.B.3.D.F.ip6.arpa. PTR R-gis.local. Error: (07/07/2018 06:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.60:5353 15 6.D.2.6.5.B.7.9.7.8.4.5.3.A.9.2.0.0.0.0.8.8.1.3.6.D.8.6.B.3.D.F.ip6.arpa. PTR R-gis-2.local. Error: (07/07/2018 06:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 13 6.D.2.6.5.B.7.9.7.8.4.5.3.A.9.2.0.0.4.1.F.E.8.5.F.3.0.A.2.0.A.2.ip6.arpa. PTR R-gis.local. Systeemfouten: ============= Error: (07/07/2018 06:41:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: Le module d’extensibilité WLAN n’a pas pu démarrer. Chemin d’accès du module : C:\windows\system32\Rtlihvs.dll Code d’erreur : 126 Error: (07/07/2018 06:41:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service MBAMService. Error: (07/06/2018 07:47:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: Le module d’extensibilité WLAN n’a pas pu démarrer. Chemin d’accès du module : C:\windows\system32\Rtlihvs.dll Code d’erreur : 126 Error: (07/06/2018 07:46:16 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Le service Windows Update ne s’est pas fermé correctement après avoir reçu une commande d’anticipation de fermeture. Error: (07/06/2018 07:17:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: Le module d’extensibilité WLAN n’a pas pu démarrer. Chemin d’accès du module : C:\windows\system32\Rtlihvs.dll Code d’erreur : 126 Error: (07/06/2018 02:33:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: Le module d’extensibilité WLAN n’a pas pu démarrer. Chemin d’accès du module : C:\windows\system32\Rtlihvs.dll Code d’erreur : 126 Error: (07/06/2018 12:31:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: Le module d’extensibilité WLAN n’a pas pu démarrer. Chemin d’accès du module : C:\windows\system32\Rtlihvs.dll Code d’erreur : 126 Error: (07/05/2018 05:08:49 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: Le module d’extensibilité WLAN n’a pas pu démarrer. Chemin d’accès du module : C:\windows\system32\Rtlihvs.dll Code d’erreur : 126 Windows Defender: =================================== Date: 2018-07-04 18:16:32.207 Description: L’analyse Windows Defender a été arrêtée avant la fin. ID de l’analyse : {4E8B528F-8610-483C-A77B-B94984085270} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2018-07-04 18:11:54.670 Description: L’analyse Windows Defender a été arrêtée avant la fin. ID de l’analyse : {27CFB846-D177-4930-8248-44B1B0BEF2A3} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2018-07-04 17:46:12.449 Description: L’analyse Windows Defender a été arrêtée avant la fin. ID de l’analyse : {92F589CF-FCCD-4791-A16B-E646E3142E04} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2018-07-04 17:04:40.620 Description: L’analyse Windows Defender a été arrêtée avant la fin. ID de l’analyse : {67A9E226-1C20-4F7F-8893-247FE4392755} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2018-07-04 14:49:56.576 Description: L’analyse Windows Defender a été arrêtée avant la fin. ID de l’analyse : {CA9CA74D-DAB3-402A-903E-A91A5ACF2458} Type de l’analyse : Logiciel anti-programme malveillant Paramètres de l’analyse : Analyse rapide Utilisateur : NT AUTHORITY\SYSTEM Date: 2018-07-02 18:23:03.591 Description: Windows Defender a rencontré une erreur lors du chargement d’un fichier suspect vers le serveur en vue d’une analyse complémentaire. Nom de fichier : C:\Users\VANDENHAUTE\Downloads\Non confirmé 88824.crdownload Sha256 : Version actuelle de la signature : AV: 1.271.351.0, AS: 1.271.351.0 Version actuelle du moteur : 1.1.15000.2 Code d’erreur : 0x80508016 Date: 2018-06-28 14:06:40.898 Description: Windows Defender a rencontré une erreur lors du chargement d’un fichier suspect vers le serveur en vue d’une analyse complémentaire. Nom de fichier : C:\Users\VANDENHAUTE\Downloads\a23496bd-0394-4cc0-ba90-88a17d2cb93a.tmp Sha256 : Version actuelle de la signature : AV: 1.271.159.0, AS: 1.271.159.0 Version actuelle du moteur : 1.1.15000.2 Code d’erreur : 0x80508016 Date: 2018-06-20 13:37:38.439 Description: Windows Defender a rencontré une erreur lors du chargement d’un fichier suspect vers le serveur en vue d’une analyse complémentaire. Nom de fichier : C:\Users\VANDENHAUTE\Downloads\k-upload-file_2018-03-23-10a551c1ajewelquesti.exe Sha256 : Version actuelle de la signature : AV: 1.269.1570.0, AS: 1.269.1570.0 Version actuelle du moteur : 1.1.14901.4 Code d’erreur : 0x80078032 Date: 2018-06-20 13:29:06.491 Description: Windows Defender a rencontré une erreur lors du chargement d’un fichier suspect vers le serveur en vue d’une analyse complémentaire. Nom de fichier : C:\Users\VANDENHAUTE\Downloads\Non confirmé 228928.crdownload Sha256 : Version actuelle de la signature : AV: 1.269.1570.0, AS: 1.269.1570.0 Version actuelle du moteur : 1.1.14901.4 Code d’erreur : 0x80508016 Date: 2018-06-19 21:50:21.114 Description: Windows Defender a rencontré une erreur lors d la mise à jour des signatures. Nouvelle version de la signature : 1.269.1570.0 Version précédente de la signature : 1.269.1557.0 Source de mise à jour : Utilisateur Type de signature : Logiciel anti-espion Type de mise à jour : Delta Utilisateur : NT AUTHORITY\SYSTEM Version actuelle du moteur : 1.1.14901.4 Version précédente du moteur : 1.1.14901.4 Code d’erreur : 0x80509004 Description de l’erreur : Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. CodeIntegrity: =================================== Date: 2018-07-06 15:19:30.691 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-06 15:19:17.102 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-02 18:33:18.499 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-02 18:33:15.531 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-02 18:26:38.905 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-02 18:26:36.045 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-02 18:25:11.199 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2018-07-02 18:25:08.282 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: AMD E1-6010 APU with AMD Radeon R2 Graphics Percentage geheugen in gebruik: 59% Totaal fysiek RAM-geheugen: 3774.36 MB Beschikbaar fysiek RAM-geheugen: 1544.95 MB Totaal Virtueel geheugen: 4174.36 MB Beschikbaar Virtueel geheugen: 1426.45 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:909 GB) (Free:824.27 GB) NTFS Drive d: (Recovery Image) (Fixed) (Total:21.04 GB) (Free:1.38 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] \\?\Volume{5a7f9b5d-d90f-46a7-9459-df180a3937c5}\ (Windows RE tools ) (Fixed) (Total:1 GB) (Free:0.65 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: F97D6670) Partition: GPT. ==================== Eind van Addition.txt ============================