Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:17-04-2016 01 Gestart door Hilaire (2016-04-18 18:51:36) Gestart vanaf C:\Users\Hilaire\Downloads Windows 10 Home Versie 1511 (X64) (2016-04-05 11:42:30) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3514900110-1255315834-3301955316-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3514900110-1255315834-3301955316-503 - Limited - Disabled) Gast (S-1-5-21-3514900110-1255315834-3301955316-501 - Limited - Disabled) Hilaire (S-1-5-21-3514900110-1255315834-3301955316-1001 - Administrator - Enabled) => C:\Users\Hilaire ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee Antivirus en antispyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Antivirus en antispyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{EAB6B77C-0E46-48EF-8660-7ABA400F7FB4}) (Version: 1.5 - Eyeo GmbH) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.) Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Belgium e-ID middleware 4.1.13 (build 1717) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71717}) (Version: 4.1.1717 - Belgian Government) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot (x32 Version: 3.0.2.59 - WildTangent) Hidden Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.) CyberLink PhotoDirector (Version: 5.0.5.6713 - Uw bedrijfsnaam) Hidden CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.4.4301 - Uw bedrijfsnaam) Hidden CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.) Delicious: Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.) Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company) Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.) HP Deskjet 1510 series Basissoftware van het apparaat (HKLM\...\{F59743D3-02C2-4C3A-BE60-A330402C0FBC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 1510 series Help (HKLM-x32\...\{6EA0B344-3CB0-4D5D-9ED4-B6F6DF1AE9F2}) (Version: 30.0.0 - Hewlett Packard) HP Documentation (HKLM\...\HP_Documentation) (Version: - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{59F431E1-0983-40D8-A872-6EF8EE3A5DAA}) (Version: 12.0.26.62 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation) Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden KeePass Password Safe 1.31 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.31 - Dominik Reichl) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.8185 - McAfee, Inc.) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.6769.2015 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.7.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6729.1012 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.6729.1012 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6729.1012 - Microsoft Corporation) Hidden Opera Mail 1.0 (HKLM-x32\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA) Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software) Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.97 - WildTangent) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.62 - REALTEK Semiconductor Corp.) Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.) Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden Software voor Intel® Chipset-apparaten (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated) Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.59 - WildTangent) Hidden Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App for HP (x32 Version: 4.0.11.16 - WildTangent) Hidden Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3514900110-1255315834-3301955316-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {06849B62-62EF-46B5-8DE4-D0591633D5BF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {0A94F0B7-9B2D-460E-8BA4-A5273048FC0F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {0D53E837-BEEC-40A4-A4A6-615319537BE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company) Task: {3420A72D-90E0-4673-817C-3EB4367503A7} - System32\Tasks\WpsNotifyTask_Hilaire => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe Task: {3B4E1EF5-2827-4DD4-AEE6-581A0929D58B} - System32\Tasks\WpsUpdateTask_Hilaire => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe Task: {4592F063-9B30-4CF6-B63C-CE86B3F1ACC8} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {45B24E2E-54AA-4E7B-8F20-95924290C3EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN56M2N46T => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.) Task: {4D6529BE-16D4-46A1-B1D9-7D0E94776AE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.) Task: {534622E4-3E81-43B1-B978-E9A1859168A0} - System32\Tasks\HPCeeScheduleForHilaire => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {5D625EEA-2229-40E5-BAC4-7B4A797111D9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-18] (Adobe Systems Incorporated) Task: {82C75663-0798-40AF-A53C-EEFF174AB0BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-24] (Microsoft Corporation) Task: {83CC6BB3-B1F9-4C8A-A34D-493574242B05} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe Task: {92CF9764-2FA2-4AA7-BE75-4C66C5B77820} - System32\Tasks\Opera scheduled Autoupdate 1459867930 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-11] (Opera Software) Task: {B7B79403-6342-49E6-BD83-EC4BD05237D5} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] () Task: {CA55D469-59B9-4B2A-BA0C-846130020332} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard) Task: {CC506510-4D7E-473A-B5E6-7DB1F892977B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {DA97DEAE-C9E0-4227-AA16-713D7B2F3C01} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe Task: {DEC4CE6E-D948-4486-AF10-0E40AD98B3EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {E2168E8E-6323-494E-8D6D-C3B6A6FAE3EE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-04-05] (Microsoft Corporation) Task: {E58F30EE-3906-40A8-B05F-8CBE7C93D658} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-07-01] (CyberLink Corp.) Task: {E5BB36C1-D36F-4F9A-B629-37CAAA344F87} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-18] (Adobe Systems Incorporated) Task: {EC9C1282-4B94-4579-A385-0A5B595779DF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-03-24] (Microsoft Corporation) Task: {FF63D260-D679-473F-A2E7-E1322A436022} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForHilaire.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsNotifyTask_Hilaire.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Hilaire.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-04-05 16:56 - 2016-03-24 17:28 - 00172232 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll 2015-10-27 03:57 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-02-26 11:12 - 2015-02-26 11:12 - 00330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-13 19:29 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 19:28 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-13 19:29 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-02-13 14:57 - 2016-02-13 14:57 - 00093696 ____N () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-13 19:27 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-04-13 19:28 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-13 19:29 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-13 19:29 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-03-11 22:31 - 2016-03-11 22:31 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2016-04-08 10:06 - 2016-04-08 11:19 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-04-08 10:06 - 2016-04-08 11:19 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-08 10:06 - 2016-04-08 11:19 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-13 18:01 - 2016-04-13 18:01 - 63830568 _____ () C:\Program Files (x86)\Opera\36.0.2130.65\opera.dll 2016-04-13 18:01 - 2016-04-13 17:58 - 02134568 _____ () C:\Program Files (x86)\Opera\36.0.2130.65\libglesv2.dll 2016-04-13 18:01 - 2016-04-13 17:58 - 00082472 _____ () C:\Program Files (x86)\Opera\36.0.2130.65\libegl.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" ==================== EXE Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3514900110-1255315834-3301955316-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hilaire\Pictures\animaatjes-natuur-21698.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3514900110-1255315834-3301955316-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3514900110-1255315834-3301955316-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Hilaire\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{4F6D44E0-60EA-4599-BF1A-5AC23112B295}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe FirewallRules: [{C8C32FD0-9677-4F32-8B46-53CDB75CB990}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe FirewallRules: [{4EB842BB-889D-4B8A-ADC7-D6A961C97897}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe FirewallRules: [{51887C52-534D-4F52-B11D-1DE4A5B15958}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe FirewallRules: [{20A72332-AD65-4887-8F0D-B0AF22A9B7D6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe FirewallRules: [{5B761D2D-6DDE-458D-8446-1AA8B5A6009E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{505A7FC6-E4A8-4E7A-A054-E54D2A45582D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe FirewallRules: [{3D944EEB-EC10-4CF2-AF70-66FC8CC4C44E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B6AB9CB5-E03E-4EB7-B194-876CC6EBD349}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{277D2E7A-FFE6-4C9F-93EC-FE11015E118F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{701696CD-E731-4E64-84C2-0B1FD7E6B3DD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{BE5508B2-C4DF-4F8F-AE52-E750F8903047}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe FirewallRules: [{028C1328-4897-4CBC-BA39-021AC413CFE3}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{7D4DDC8F-1FEE-402C-BA84-7653FC7C2BBC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe ==================== Herstelpunten ========================= 07-04-2016 12:08:26 Windows Update 08-04-2016 18:42:04 Revo Uninstaller Pro's restore point - Opera Mail 1.0 10-04-2016 18:16:13 Revo Uninstaller Pro's restore point - Mozilla Thunderbird 38.7.2 (x86 nl) 13-04-2016 19:33:34 Windows Update 13-04-2016 19:36:33 Windows Update 15-04-2016 10:21:24 zoek.exe restore point ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (04/18/2016 03:23:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-8LD8VJ2) Description: Het activeren van de app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023174. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (04/18/2016 03:23:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-8LD8VJ2) Description: Het activeren van de app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023174. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (04/18/2016 02:20:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418220 Error: (04/18/2016 02:15:23 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma opera.exe, versie 36.0.2130.65 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 2b44 Starttijd: 01d1996b7d890e6c Eindtijd: 43 Toepassingspad: C:\Program Files (x86)\Opera\36.0.2130.65\opera.exe Rapport-id: 352cb79d-055f-11e6-9bdb-b05adafe30e1 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (04/17/2016 05:40:23 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'PDR.X,type="win32",version="1.0.0.0"1' niet maken. Kan afhankelijke assembly PDR.X,type="win32",version="1.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (04/17/2016 05:40:22 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'PDR.X,type="win32",version="1.0.0.0"1' niet maken. Kan afhankelijke assembly PDR.X,type="win32",version="1.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (04/17/2016 05:14:01 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418220 Error: (04/17/2016 05:13:16 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: aspnet_stateC:\Windows\System32\aspnet_counters.dll8 Error: (04/17/2016 05:13:14 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: ASP.NET_4.0.30319C:\Windows\System32\aspnet_counters.dll8 Error: (04/17/2016 05:13:14 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: ASP.NETC:\Windows\System32\aspnet_counters.dll8 Systeemfouten: ============= Error: (04/18/2016 03:30:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Access_5a7ac27-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/18/2016 03:30:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Storage_5a7ac27-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/18/2016 03:30:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Contact Data_5a7ac27-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/18/2016 03:30:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Host synchroniseren_5a7ac27-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/18/2016 03:30:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: toepassingsspecifiekLokaalActiveren{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar Error: (04/18/2016 03:23:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Interactive Services Detection-service is gestopt met de volgende foutcode: %%1. Error: (04/18/2016 02:46:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Access_547cf32-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/18/2016 02:46:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Storage_547cf32-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/18/2016 02:46:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Contact Data_547cf32-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/18/2016 02:46:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Host synchroniseren_547cf32-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. CodeIntegrity: =================================== Date: 2016-04-14 18:50:54.587 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-13 20:15:20.617 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-07 16:11:29.920 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-07 12:29:00.345 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-07 12:19:58.010 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-05 19:38:55.038 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-05 19:32:34.419 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-05 18:26:39.306 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-05 13:31:48.143 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-05 12:42:20.112 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Geheugen info =========================== Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz Percentage geheugen in gebruik: 40% Totaal fysiek RAM-geheugen: 8034.27 MB Beschikbaar fysiek RAM-geheugen: 4749.01 MB Totaal Virtueel geheugen: 9314.27 MB Beschikbaar Virtual geheugen: 6042.55 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:448.32 GB) (Free:387.93 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:16.25 GB) (Free:1.92 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:698.63 GB) (Free:562.38 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 8F5B6F8A) Partition: GPT. ======================================================== Disk: 1 (Size: 698.6 GB) (Disk ID: DD7E3F49) Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================