Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:15-06-2016 Gestart door Solange (2016-06-15 20:45:51) Gestart vanaf C:\Users\Solange\Downloads Windows 10 Home Versie 1511 (X64) (2016-05-31 20:01:40) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2826955982-1942645318-3047113444-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2826955982-1942645318-3047113444-503 - Limited - Disabled) Gast (S-1-5-21-2826955982-1942645318-3047113444-501 - Limited - Disabled) Solange (S-1-5-21-2826955982-1942645318-3047113444-1001 - Administrator - Enabled) => C:\Users\Solange ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: ESET Persoonlijke firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated) Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{304BCF39-F1F8-4DD2-8BF3-40417F1C6204}) (Version: 20.7.20117.44409 - Alcor Micro Corp.) Alcor Micro USB Card Reader Driver (x32 Version: 20.7.20117.44409 - Alcor Micro Corp.) Hidden ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.14.0006 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.138 - ICEpower a/s) Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software) Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.13015 - Cisco Systems, Inc.) Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.13015 - Cisco Systems, Inc.) Hidden Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.43.1 - Dropbox, Inc.) Hidden ESET Smart Security (HKLM\...\{6253E183-DB7B-45E6-9E15-B4F21D7B62F5}) (Version: 8.0.312.4 - ESET, spol s r. o.) Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.) IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp) Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation) Intel(R) Chipset Device Software (x32 Version: 10.1.1.11 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Mozilla Firefox 47.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 nl)) (Version: 47.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla) Nitro Pro 10 (HKLM\...\{5DBEA7DB-C182-4EA8-A8FC-111BC8234B09}) (Version: 10.5.7.32 - Nitro) Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7589 - Realtek Semiconductor Corp.) Spotify (HKU\S-1-5-21-2826955982-1942645318-3047113444-1001\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB) Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer) Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 6.0.0.66) (HKLM\...\82D024CBD181D16D72E5AE45A426919815D5F456) (Version: 11/11/2015 6.0.0.66 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2826955982-1942645318-3047113444-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {05CE9149-CC06-492B-BEB5-A016D7EF1836} - \AutoPico Daily Restart -> Geen bestand <==== AANDACHT Task: {0829FF83-9DB7-4786-8272-D29A02004D87} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-12-02] (ASUS) Task: {0CE39C92-E68C-4E57-82D9-0A8B3FDDFFC1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-08] (Adobe Systems Incorporated) Task: {0E7305EA-F078-4CD5-A9FF-BBBB8B174A41} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.) Task: {10182CAB-5ACD-4166-897A-E047EC241C27} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 8.0\upgrade.exe [2016-06-03] (ESET) Task: {388111BB-4DBB-430E-AE68-3E22551D1613} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {53335E2F-D095-4E60-908A-10BE12829A8A} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {5793787C-C1FD-4CC5-97F4-0B0E4A7E4E83} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {5B735B46-EA38-4691-8EB9-51E5BCAF700C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-06-15] (Realtek Semiconductor) Task: {6D697D7E-075E-4895-ACC1-6D12232BDF25} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {9A12F880-2FD7-48BE-9E0F-0B7C815C7A33} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2015-04-29] (AVAST Software) Task: {9BE4A587-0F92-464C-A57B-C27B56F4DC8C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.) Task: {9F54127D-E654-4942-BFED-B203775E4254} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {B0D92780-61F3-4631-A385-89CE9729A9D5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-31] (Dropbox, Inc.) Task: {B3C4DDC4-FC23-4CA1-8675-95D3FA702A8C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {BA6E5CE0-C717-4517-B81C-3C968E80A17D} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {C2E7316C-ED54-489B-A607-774CCFB5EE77} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-18] (AsusTek) Task: {CD27D213-9870-49FF-AFA5-D8E4D54E47E1} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-06-15] (Realtek Semiconductor) Task: {D0E7958E-FC02-4A52-A831-24D77A2425D1} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] () Task: {E302B9C5-7533-4B43-B4E9-A5FB4D1517F2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {E958F268-6632-4042-B85C-2A9A989CF340} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-31] (Dropbox, Inc.) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Solange\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://safebrowsing.biz/?ssid=1466012062&a=1057908&src=sh&uuid=5bfd30eb-e62d-4c81-ad96-cca733542a3d" ShortcutWithArgument: C:\Users\Solange\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safebrowsing.biz/?ssid=1466012062&a=1057908&src=sh&uuid=5bfd30eb-e62d-4c81-ad96-cca733542a3d" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safebrowsing.biz/?ssid=1466012062&a=1057908&src=sh&uuid=5bfd30eb-e62d-4c81-ad96-cca733542a3d" ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://safebrowsing.biz/?ssid=1466012062&a=1057908&src=sh&uuid=5bfd30eb-e62d-4c81-ad96-cca733542a3d" ==================== Geladen Modules (gefilterd) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll 2015-12-06 00:36 - 2015-12-06 00:36 - 00417944 _____ () C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe 2015-12-06 00:36 - 2015-12-06 00:36 - 02543768 _____ () C:\Program Files\Nitro\Pro 10\Nitro_KissMetrics.dll 2016-04-12 17:39 - 2015-04-29 18:04 - 00445240 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe 2016-05-29 14:37 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-05-29 14:37 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-05-31 21:59 - 2016-05-31 21:59 - 00959168 _____ () C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-02-22 05:30 - 2015-08-20 15:01 - 00405424 _____ () C:\Windows\system32\igfxTray.exe 2016-05-29 14:35 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-29 14:36 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-05-29 14:37 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-05-29 14:36 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-05-29 14:36 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-05-29 14:37 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-23 15:27 - 2015-12-23 15:27 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll 2015-12-02 19:01 - 2015-12-02 19:01 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2015-12-02 19:01 - 2015-12-02 19:01 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2015-12-02 19:01 - 2015-12-02 19:01 - 00029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll 2016-05-31 21:59 - 2016-05-31 21:59 - 00679624 _____ () C:\Users\Solange\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-04-12 17:39 - 2015-04-29 18:04 - 38561984 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll 2016-05-31 22:03 - 2016-05-05 12:09 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-05-31 22:03 - 2016-05-05 12:10 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-05-31 22:03 - 2016-05-05 12:09 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-05-31 22:03 - 2016-05-05 12:09 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-05-31 22:03 - 2016-05-05 12:09 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-05-31 22:03 - 2016-05-05 12:09 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-05-31 22:03 - 2016-05-31 20:34 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-05-31 22:03 - 2016-05-05 12:09 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-05-31 22:03 - 2016-05-05 12:10 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00023872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd 2016-05-31 22:03 - 2016-05-05 12:09 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-05-31 22:03 - 2016-05-31 20:33 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-05-31 22:03 - 2016-05-05 12:09 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2016-05-31 22:03 - 2016-05-05 12:10 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-05-31 22:03 - 2016-05-05 12:12 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-05-31 22:03 - 2016-05-31 20:34 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-05-31 22:03 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2016-05-31 22:03 - 2016-05-31 20:34 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-05-31 22:03 - 2016-05-31 20:34 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-05-31 22:03 - 2016-05-05 12:10 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-05-31 22:03 - 2016-05-05 12:11 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2016-05-31 22:03 - 2016-05-31 20:34 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2015-08-07 02:09 - 2015-08-07 02:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2826955982-1942645318-3047113444-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg DNS Servers: 84.116.46.21 - 84.116.46.20 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Momenteel is er geen automatische fix voor dit onderdeel.) ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{EC1E69B5-684C-460E-8D2E-9041B9BF477B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{06A20EE4-AB32-4CDE-93DB-B8D23CF0B8EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{69DF8972-A769-4705-B234-08EEE2BA1593}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{BE2092D4-3426-4DDD-9104-7DFA30737556}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{847CEF83-4931-4A5B-86A2-FF2A230F0A30}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com FirewallRules: [{7DC7AD09-EFE7-4083-A449-979574053623}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com FirewallRules: [{0FEC02A2-2BE8-4D5D-86D3-EBF8BEDA6916}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe FirewallRules: [{FF31C648-AE32-44DF-A008-5BB6F86D0251}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe FirewallRules: [{9FFFD86D-345D-48E8-9979-6D0D15DB7ADB}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe FirewallRules: [{2D6C2934-6AC0-4727-8C84-9411B0480850}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe FirewallRules: [{EE0CC6B4-470B-4EE7-ACA6-7426FE7E9CBE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{ABA4732C-0114-449F-8E20-5A0A3042EA7A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8170A848-6D3E-4317-8284-3E7D1040360A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld ==================== Defecte Apparaatbeheer Apparaten ============= Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (06/15/2016 06:56:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-67HGPRC) Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2147024865. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (06/15/2016 06:56:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-67HGPRC) Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (06/14/2016 10:45:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-67HGPRC) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (06/14/2016 08:19:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-67HGPRC) Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (06/14/2016 07:50:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-67HGPRC) Description: Het pakket Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe+App is beëindigd omdat het onderbreken te lang duurde. Error: (06/14/2016 06:22:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-67HGPRC) Description: Het pakket Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe+App is beëindigd omdat het onderbreken te lang duurde. Error: (06/14/2016 06:03:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-67HGPRC) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (06/14/2016 05:55:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-67HGPRC) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (06/13/2016 09:56:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-67HGPRC) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (06/05/2016 11:35:49 AM) (Source: acvpninstall) (EventID: 2) (User: ) Description: Function: wWinMain File: .\InstallHelper.cpp Line: 354 Invoked Function: FileMoveFiles Return Code: -33554423 (0xFE000009) Description: GLOBAL_ERROR_UNEXPECTED Systeemfouten: ============= Error: (06/15/2016 07:35:42 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (06/15/2016 07:35:42 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (06/15/2016 07:35:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Access_33beb-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (06/15/2016 07:35:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Storage_33beb-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (06/15/2016 07:35:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Contact Data_33beb-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (06/15/2016 07:35:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Host synchroniseren_33beb-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (06/15/2016 07:35:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: toepassingsspecifiekLokaalActiveren{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar Error: (06/15/2016 07:16:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-67HGPRC) Description: {7160A13D-73DA-4CEA-95B9-37356478588A} Error: (06/15/2016 07:16:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Access_2dbe3-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (06/15/2016 07:16:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De User Data Storage_2dbe3-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten. CodeIntegrity: =================================== Date: 2016-06-15 20:31:15.522 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-15 19:42:11.325 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-14 17:56:37.461 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-08 18:48:33.065 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-08 18:38:17.039 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-08 18:38:16.293 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-04 11:50:37.991 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-04 09:39:18.835 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-04 09:29:24.154 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-04 09:29:22.921 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentage geheugen in gebruik: 29% Totaal fysiek RAM-geheugen: 8094.71 MB Beschikbaar fysiek RAM-geheugen: 5691.55 MB Totaal Virtueel geheugen: 9374.71 MB Beschikbaar Virtual geheugen: 7120.78 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:118.48 GB) (Free:79.32 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: 4CAFAE34) Partition: GPT. ==================== Eind van Addition.txt ============================