Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:29-05-2016 02 Gestart door Gebruiker (2016-05-31 20:51:41) Gestart vanaf C:\Users\Gebruiker\Desktop Windows 10 Home Versie 1511 (X64) (2016-05-22 15:26:30) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2083432871-1646923358-3950239412-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2083432871-1646923358-3950239412-503 - Limited - Disabled) Gast (S-1-5-21-2083432871-1646923358-3950239412-501 - Limited - Disabled) Gebruiker (S-1-5-21-2083432871-1646923358-3950239412-1001 - Administrator - Enabled) => C:\Users\Gebruiker ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden AdBlocker (x32 Version: 4.1.1.0 - StarkIndustry) Hidden <==== AANDACHT Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Apowersoft Video Converter Studio V4.4.7 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.4.7 - APOWERSOFT LIMITED) Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ArcSoft MediaImpression 2 (HKLM-x32\...\{FB46F473-333E-4A06-A777-31C54188593E}) (Version: 2.0.14.672 - ArcSoft) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software) blueMSX (HKLM-x32\...\{05C02EE9-9F0A-4052-A4DA-8621F729B1F5}) (Version: 2.8.2 - Team blueMSX) Blurry Video Clearer Free (HKLM-x32\...\Blurry Video Clearer Free_is1) (Version: - AuDane) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brother's Keeper 6.6 (HKLM-x32\...\Brother's Keeper 6.6) (Version: - ) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Canon iP4600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series) (Version: - ) Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - ) Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version: - Shatters Software) Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden De Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.18.64.1020 - Electronic Arts Inc.) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden Document Capture Pro (HKLM-x32\...\{B4A3C072-87AF-4937-880D-3D7997111C0D}) (Version: 1.01.0000 - Seiko Epson Corporation) Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - ) Epson Event Manager (HKLM-x32\...\{148C8BF9-E1B4-445D-AC67-2CABAE63949A}) (Version: 3.01.0009 - Seiko Epson Corporation) Epson Gebruikershandleiding EPSON Perfection V370 Photo (HKLM-x32\...\EPSON Perfection V370 Photo Useg) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Extreme Thumbnail Generator 1.19.3 (HKLM-x32\...\Extreme Thumbnail Generator_is1) (Version: 1.19.3 - Extreme Internet Software) F300 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden FileZilla Client 3.12.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse) FMW 1 (Version: 1.82.3 - AVG Technologies) Hidden FUJIFILM MyFinePix Studio 4.2b (HKLM-x32\...\MyFinePix Studio_is1) (Version: - ) Gebruikersregistratie voor Canon iP4600 series (HKLM-x32\...\Gebruikersregistratie voor Canon iP4600 series) (Version: - ) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Photos Backup (HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.) Instagram Downloader (HKLM-x32\...\{9DFA525A-6D12-444B-8F5A-63E2947FFC5D}) (Version: 2.3.0.0 - iWesoft) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation) iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.) jAlbum (HKLM-x32\...\{175BBD38-A819-45CE-8133-858FF7B9F24A}) (Version: 12.7.2 - Jalbum AB) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden LibreOffice 5.0.0.5 (HKLM-x32\...\{48806D1D-C8D3-4235-8893-D5A03BAFC307}) (Version: 5.0.0.5 - The Document Foundation) Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Microsoft FrontPage 2002 (HKLM-x32\...\{90170413-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 46.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 nl)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.0 - Mozilla) Mozilla Thunderbird 45.1.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 nl)) (Version: 45.1.0 - Mozilla) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) OpenOffice 4.1.1 (HKLM-x32\...\{89FD914D-4472-4E4F-8638-69E857E82DC9}) (Version: 4.11.9775 - Apache Software Foundation) Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.11.2.10120 - Electronic Arts, Inc.) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC) Perfect Effects 9 (HKLM-x32\...\Perfect Effects 9 PE) (Version: 9.5.0 - on1) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Sigil 0.5.3 (HKLM-x32\...\Sigil_is1) (Version: - John Schember) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Spotify (HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TotalImageConverter (HKLM-x32\...\Total Image Converter_is1) (Version: 5.1 - Softplicity, Inc.) TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN) Web Album Generator 1.8.2 (HKLM-x32\...\Web Album Generator_is1) (Version: - ornj.net) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.40 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.1 - win.rar GmbH) Wisdom-soft ScreenHunter 6.0 Free (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Free) (Version: - Wisdom Software Inc.) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Geen bestand CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {00464A61-73DB-4B3D-923B-865E52C19403} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {2935036B-F7EC-4FD5-AEF4-1C08A89332BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated) Task: {387FBA5D-3EDB-4440-A337-7B2BEFC7E5DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.) Task: {6409C373-91F8-42FD-A8F4-8340C911C589} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.) Task: {86E8F50B-3351-400E-A3FA-9000101FEC80} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2083432871-1646923358-3950239412-1001Core => C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {B0D32439-EC90-4799-A106-F07BA0256800} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {B68CC106-8BC6-4067-A1EF-F708ECBBE5FA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-30] (AVAST Software) Task: {BF354E97-80DF-4435-A35C-19EA4F305FAF} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-04-22] (Apple Inc.) Task: {D8850084-C2CA-4647-856D-AE1A19DA8A23} - System32\Tasks\SafeZone scheduled Autoupdate 1464641037 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software) Task: {E726C6AD-14B6-4383-813E-5FE555532CD5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2083432871-1646923358-3950239412-1001Core.job => C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\WebReg HP Deskjet F300 series.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-05-22 16:50 - 2013-05-07 09:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-05-22 17:42 - 2016-05-22 17:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-05-22 17:42 - 2016-05-22 17:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-22 17:37 - 2016-05-22 17:37 - 00959168 _____ () C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll 2016-03-29 16:23 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll 2016-05-22 18:54 - 2016-05-22 18:55 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-02-13 14:57 - 2016-02-13 14:57 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-22 17:43 - 2016-05-22 17:43 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-22 17:42 - 2016-05-22 17:42 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-22 17:42 - 2016-05-22 17:42 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-22 17:42 - 2016-05-22 17:42 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-22 17:42 - 2016-05-22 17:42 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-05-13 09:49 - 2016-05-13 09:49 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-03-29 08:24 - 2016-03-29 08:24 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-03-29 08:24 - 2016-03-29 08:24 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-03-04 10:34 - 2016-03-04 10:34 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-05-30 22:42 - 2016-05-30 22:42 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-05-30 22:42 - 2016-05-30 22:42 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-05-30 22:43 - 2016-05-30 22:43 - 02982040 _____ () C:\Program Files\AVAST Software\Avast\defs\16053001\algo.dll 2016-05-31 11:32 - 2016-05-31 11:32 - 02984152 _____ () C:\Program Files\AVAST Software\Avast\defs\16053100\algo.dll 2016-05-30 22:42 - 2016-05-30 22:42 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll 2016-05-30 22:42 - 2016-05-30 22:42 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-05-22 16:51 - 2016-05-31 11:30 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2016-05-22 16:50 - 2013-05-07 09:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2016-05-22 18:54 - 2016-05-22 18:55 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-05-22 18:54 - 2016-05-22 18:55 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2016-05-22 17:35 - 2016-05-22 17:36 - 00679624 _____ () C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\ClientTelemetry.dll 2016-05-30 22:42 - 2016-05-30 22:42 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-03-05 22:01 - 2013-08-19 05:11 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\123simsen.com -> www.123simsen.com Er zijn 7865 Meer websites. ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2016-05-29 21:29 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 138.201.48.176 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\...\StartupApproved\Run: => "CanonMyPrinter" HKLM\...\StartupApproved\Run: => "CanonSolutionMenu" HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\StartupApproved\Run: => "Google+ Auto Backup" HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2083432871-1646923358-3950239412-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{7BCC48B8-D81E-4D1A-9CB9-09869DC59733}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{BACBF001-A9E7-48F6-B23B-6513D55A5FBF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{1D25D509-0022-47B6-BEB7-6D2B5BE0360E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{4650086A-25F5-454C-B902-40E08757B1A7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{EAEF4F1D-9C08-4496-9A94-9EDA0DF2E602}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{070E2760-D98E-40FA-9A78-47646C5F84FD}] => (Block) C:\program files (x86)\steam\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe FirewallRules: [{A10E33D8-2D50-4946-B26E-38F4BCF9F2CD}] => (Block) C:\program files (x86)\steam\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe FirewallRules: [UDP Query User{FE382C9F-5EC4-4125-A170-DC151726F844}C:\program files (x86)\steam\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe FirewallRules: [TCP Query User{8EED9491-89F6-4FA6-A3A4-605041C3A236}C:\program files (x86)\steam\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe FirewallRules: [{365DB502-1A1B-4D85-B748-00DA126EE065}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C1123607-890A-49A9-8625-9F901512BA1D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D56BE57B-8949-4DDC-9172-9B344938EE55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{DEAB39B9-C910-4C10-867B-62CA2B37804A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{735B45A0-24F5-4808-A290-414DB9C28EEA}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{AD147670-EE90-470C-B6AA-3C72E8C8E7C3}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{8F6968F5-E203-48AC-9E94-9511ACAB1BF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EFAABF77-79E5-4880-B68E-20E76C7C344A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{02856C6E-5856-476E-A596-98AB99DDA56A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F70E5346-CC00-48B2-AB61-1DB46F0D9DD7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6F17EF5F-43E9-4DCF-BD81-B72A2ED96CAE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{52219C50-4D0A-4558-BF61-C4BD316F34BD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{52B9296D-DDB1-4D68-B6AD-B98E7A59DED9}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{2FFB7780-1DBF-4023-97BD-327834F12EAE}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{4E94D5C5-18CD-4236-892F-175E058C30E7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{9917890C-A490-4B20-BED8-57D769609AAF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{4E2CD71D-5C02-4ED7-A204-7D0B72A77EA8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{913E5C84-E0B9-46ED-A1C1-FF50F80E1556}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{E10C5708-2EF3-411F-B41E-C2C650AA63CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{BB4E82CB-465F-43C9-A260-117CAA20A1F0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{C44E1796-6F59-4B4E-A2AC-145291084B9C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{F561C0DE-A9A7-4C96-A3FA-B6AE0EB415FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{FDDCA856-D2CD-48C5-BE0E-7C44BE68F4A4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{328B49CD-9D17-4851-A7A0-B9B4CD3AABE5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{C44654DB-E5ED-4271-B9C0-7C6D84F20E76}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{C53B720D-32E6-4BF2-923A-081F342B9F96}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{90AF044D-0171-4D32-BF74-8645C39E8B05}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{CAFFF751-FD7B-4785-A7FA-93997CCD11CA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{640C7A01-DC93-4F64-9C50-D79F6D571657}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{3A00161A-2251-4F5A-B6BB-7524D6A3F083}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{CB2006B6-F8C7-4821-B622-DCB4E3A22119}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{3567D9E4-CD4F-4F12-9996-D871D5A8DF61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{89874D42-9584-4686-8B20-59FCDB245190}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{1CB9A07E-A4D6-4454-A056-D26272AA736F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{AD763FB3-5C00-4B28-B27A-D9FBDC692134}] => (Allow) LPort=2869 FirewallRules: [{02084E18-187A-458E-9E99-A3CE26FEF5DF}] => (Allow) LPort=1900 FirewallRules: [{73681989-ADC8-418F-B9A1-2A13F5FFEF71}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{18F8FFD5-310E-4D4F-B818-D93E8CC19247}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{8E9FE17A-AA21-45EB-B7F9-82D50F23CAB7}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{12C2A29B-3267-4651-A91F-81700F8F8991}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [TCP Query User{BC7F93F7-F5F3-41DC-AA61-3D405D4FAB16}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{F736A3F8-2C33-44B2-90B9-F9B39ECC67D1}C:\users\gebruiker\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gebruiker\appdata\roaming\spotify\spotify.exe FirewallRules: [{43CC626C-95C7-473F-A86A-513B8A5D11E9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{BF1E667A-528E-4601-B241-35E370C12B86}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{1FC0EC67-DF94-4030-AD9F-7C751D4BB49C}] => (Allow) C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{5FC090ED-98EC-478D-9159-40160DC53301}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{DF5D7396-939C-41FF-905B-73067B269745}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{69A7C059-4F41-4682-82E2-AE33C63EFC0C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{6ABF0F08-7BFF-4832-9C91-C4A514768084}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{EE25BEE4-C73F-4033-81D8-9B6DC23A1661}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{2D24B618-365C-47DE-AD79-F87F1DDA4506}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe FirewallRules: [UDP Query User{87496953-9A4D-482B-85F9-CCE407F6CF5E}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe FirewallRules: [TCP Query User{C2E320E5-A05D-4E57-B65D-387D875CE636}C:\users\gebruiker\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\gebruiker\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{033A8654-2103-46AF-843C-F9A312E89BE0}C:\users\gebruiker\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\gebruiker\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{1CF6DAAB-AA18-4AC7-A061-5CBC338B5989}C:\users\gebruiker\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\gebruiker\appdata\local\popcorn time\nw.exe FirewallRules: [UDP Query User{8230E6A6-5FCD-40BC-9528-788B439C2E01}C:\users\gebruiker\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\gebruiker\appdata\local\popcorn time\nw.exe FirewallRules: [{BB2BE4C9-64E7-48FC-B662-E97C5D83D02A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 26-05-2016 10:35:52 zoek.exe restore point 28-05-2016 11:43:18 Removed Java 8 Update 77 29-05-2016 17:26:13 Installatieprogramma voor Windows-modules 30-05-2016 16:37:48 JRT Pre-Junkware Removal 30-05-2016 16:39:22 JRT Pre-Junkware Removal ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (05/31/2016 08:51:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Explorer.EXE, versie: 10.0.10586.306, tijdstempel: 0x571af645 Naam van module met fout: axTotalConverter64.dll, versie: 1.0.0.0, tijdstempel: 0x5322a0c9 Uitzonderingscode: 0xc0000005 Foutmarge: 0x000000000000ad29 Id van proces met fout: 0xc34 Starttijd van toepassing met fout: 0xExplorer.EXE0 Pad naar toepassing met fout: Explorer.EXE1 Pad naar module met fout: Explorer.EXE2 Rapport-id: Explorer.EXE3 Volledige pakketnaam met fout: Explorer.EXE4 Relatieve toepassings-id van pakket met fout: Explorer.EXE5 Error: (05/31/2016 08:48:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: CSZI3) Description: Het pakket Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{3c36c47c-35b3-492b-aa68-6e9dbccfcbcb} is beëindigd omdat het onderbreken te lang duurde. Error: (05/31/2016 11:34:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CSZI3) Description: Het activeren van de app Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (05/31/2016 11:34:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CSZI3) Description: Het activeren van de app Microsoft.MicrosoftJigsaw_8wekyb3d8bbwe!App is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (05/31/2016 11:31:35 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: igfxHK.exe, versie: 6.15.10.4331, tijdstempel: 0x564cc83e Naam van module met fout: igfxHK.exe, versie: 6.15.10.4331, tijdstempel: 0x564cc83e Uitzonderingscode: 0xc0000409 Foutmarge: 0x0000000000015953 Id van proces met fout: 0xffc Starttijd van toepassing met fout: 0xigfxHK.exe0 Pad naar toepassing met fout: igfxHK.exe1 Pad naar module met fout: igfxHK.exe2 Rapport-id: igfxHK.exe3 Volledige pakketnaam met fout: igfxHK.exe4 Relatieve toepassings-id van pakket met fout: igfxHK.exe5 Error: (05/31/2016 07:55:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CSZI3) Description: Het activeren van de app Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (05/31/2016 07:55:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CSZI3) Description: Het activeren van de app Microsoft.MicrosoftJigsaw_8wekyb3d8bbwe!App is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (05/31/2016 07:53:05 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: igfxHK.exe, versie: 6.15.10.4331, tijdstempel: 0x564cc83e Naam van module met fout: igfxHK.exe, versie: 6.15.10.4331, tijdstempel: 0x564cc83e Uitzonderingscode: 0xc0000409 Foutmarge: 0x0000000000015953 Id van proces met fout: 0xf30 Starttijd van toepassing met fout: 0xigfxHK.exe0 Pad naar toepassing met fout: igfxHK.exe1 Pad naar module met fout: igfxHK.exe2 Rapport-id: igfxHK.exe3 Volledige pakketnaam met fout: igfxHK.exe4 Relatieve toepassings-id van pakket met fout: igfxHK.exe5 Error: (05/30/2016 11:28:16 PM) (Source: MsiInstaller) (EventID: 11714) (User: CSZI3) Description: Product: Adobe AIR -- Error 1714. The older version of Adobe AIR cannot be removed. Contact your technical support group. System Error 1612. Error: (05/30/2016 10:52:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CSZI3) Description: Het activeren van de app Microsoft.MicrosoftMahjong_8wekyb3d8bbwe!MicrosoftMahjong is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Systeemfouten: ============= Error: (05/31/2016 11:29:55 AM) (Source: DCOM) (EventID: 10010) (User: CSZI3) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (05/31/2016 11:29:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Access_2bac3-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/31/2016 11:29:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Storage_2bac3-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/31/2016 11:29:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Contact Data_2bac3-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/31/2016 11:29:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Host synchroniseren_2bac3-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/31/2016 11:29:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: toepassingsspecifiekLokaalActiveren{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar Error: (05/31/2016 07:51:53 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 23:17:51 op ‎30-‎5-‎2016 is onverwacht gebeurd. Error: (05/31/2016 07:51:30 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY) Description: 32212256844612176401687056 Error: (05/30/2016 10:37:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De State Repository Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/30/2016 10:37:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Access_2d58d-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. CodeIntegrity: =================================== Date: 2016-05-29 20:57:08.421 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-24 07:46:20.937 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-22 20:33:55.936 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-22 20:12:44.448 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-22 20:12:44.441 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-22 20:12:44.421 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-22 20:12:44.272 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-22 20:12:44.262 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-22 20:12:44.236 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-22 20:12:43.828 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i3-4330 CPU @ 3.50GHz Percentage geheugen in gebruik: 58% Totaal fysiek RAM-geheugen: 3967.68 MB Beschikbaar fysiek RAM-geheugen: 1649.97 MB Totaal Virtueel geheugen: 4671.68 MB Beschikbaar Virtual geheugen: 1859.68 MB ==================== Schijven ================================ Drive c: (systeem) (Fixed) (Total:344.79 GB) (Free:208.8 GB) NTFS Drive i: (opslag) (Fixed) (Total:585.94 GB) (Free:561.71 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 34141F4B) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=344.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================