Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-10-2016 Gestart door Stephanie & Nathalie (24-10-2016 17:12:50) Gestart vanaf C:\Users\Stephanie & Nathalie\Downloads Windows 10 Home Versie 1607 (X64) (2016-10-10 14:05:40) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-46182450-2483365633-3711743669-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-46182450-2483365633-3711743669-503 - Limited - Disabled) Gast (S-1-5-21-46182450-2483365633-3711743669-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-46182450-2483365633-3711743669-1002 - Limited - Enabled) Stephanie & Nathalie (S-1-5-21-46182450-2483365633-3711743669-1000 - Administrator - Enabled) => C:\Users\Stephanie & Nathalie ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 5Beaufort (HKLM-x32\...\5Beaufort_is1) (Version: - ) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 6Beaufort (HKLM-x32\...\6Beaufort_is1) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated) Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{6A25E342-A5DE-9A33-5118-5E22D8A8C774}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.) Apowersoft Phone Manager versie 2.6.2 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.6.2 - APOWERSOFT LIMITED) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology) Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team) Belgium e-ID middleware 4.0.7 (build 7438) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207438}) (Version: 4.0.7438 - Belgian Government) Belkin N Wireless USB Adapter Setup (HKLM-x32\...\{28FA3609-B6E2-4BCA-B089-F5122AC417C5}) (Version: 2.20 - Belkin) BitTorrent (HKU\S-1-5-21-46182450-2483365633-3711743669-1000\...\BitTorrent) (Version: 7.9.8.42450 - BitTorrent Inc.) bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden Brother MFL-Pro Suite MFC-J4420DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.) ConvertXtoDVD 4.0.9.322 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - ) CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5220 - CyberLink Corp.) CyberLink Media Suite 8 (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820b - CyberLink Corp.) CyberLink Power2Go 7 (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2719b - CyberLink Corp.) CyberLink PowerBackup 2.5 (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.9729 - CyberLink Corp.) CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.) CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.) CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.2821 - CyberLink Corp.) CyberLink YouCam 3.1 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5324 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden De Sims 3™ Film Accessoires (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts) De Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts) De Sims™ 3 70s, 80s en 90s Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts) De Sims™ 3 Ambities (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts) De Sims™ 3 Beestenbende (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts) De Sims™ 3 Bovennatuurlijk (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts) De Sims™ 3 Buitenleven Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts) De Sims™ 3 Buurtleven Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts) De Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts) De Sims™ 3 Exotisch Eiland (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts) De Sims™ 3 Jaargetijden (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts) De Sims™ 3 Katy Perry Pakt uit (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts) De Sims™ 3 Levensweg (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts) De Sims™ 3 Luxe Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts) De Sims™ 3 Na Middernacht (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts) De Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts) De Sims™ 3 Slaap- en badkamer Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts) De Sims™ 3 Studententijd (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts) De Sims™ 3 Supersnelle Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts) De Sims™ 3 Vooruit in de tijd (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts) De Sims™ 3 Wereldavonturen (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts) De Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.23.24.1010 - Electronic Arts Inc.) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free M4a to MP3 Converter 7.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kobo (HKLM-x32\...\Kobo) (Version: 3.19.3665 - Rakuten Kobo Inc.) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony) Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony) Media Go Video Playback Engine 2.16.109.12020 (HKLM-x32\...\{49AD7131-7DD6-E7D3-24FC-57EF82044144}) (Version: 2.16.109.12020 - Sony) Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.7466.2022 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - nl-nl (HKLM\...\ProplusRetail - nl-nl) (Version: 16.0.7466.2022 - Microsoft Corporation) Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.7466.2022 - Microsoft Corporation) Microsoft Project Professional 2016 - nl-nl (HKLM\...\ProjectProRetail - nl-nl) (Version: 16.0.7466.2022 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.7466.2022 - Microsoft Corporation) Microsoft Visio Professional 2016 - nl-nl (HKLM\...\VisioProRetail - nl-nl) (Version: 16.0.7466.2022 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Nuance PaperPort 12 (HKLM-x32\...\{2A770862-7142-4C77-8117-F933E4110A3F}) (Version: 12.1.0006 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) NWZ-E460 WALKMAN Guide (HKLM-x32\...\{A4D58206-7E8F-41F2-BD94-85009F3AEA28}) (Version: 2.0.2.04130 - Sony Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2022 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1008 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2022 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2022 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.2.1.38915 - Electronic Arts, Inc.) PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Robbie Konijn Rekenen Groep 5 en 6 (HKLM-x32\...\{F883BAD9-91D6-11D8-B6F8-00C04F4351FF}) (Version: - ) Scansoft PDF Professional (x32 Version: - ) Hidden Stuurprogrammapakket voor Windows - Fedict SmartCard (02/05/2014 4.0.7.3) (HKLM\...\FDD4D34EAB962AD719D6B2926108E748EDA78C38) (Version: 02/05/2014 4.0.7.3 - Fedict) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Type Expert Junior (HKLM-x32\...\Type Expert Junior) (Version: 3.0 - De Marque inc.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.8 - VSO Software) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-46182450-2483365633-3711743669-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Stephanie & Nathalie\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {01F5895F-9E81-4EE1-B018-BBFB11C9FFE7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {0237C60E-7F23-4E9E-BE3C-EDC9F09E3973} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {0A540BD7-5489-428E-ACBF-070BAF97C551} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe Task: {0DCB9430-19AE-4A3D-8CE8-BA5E643E92F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {152FB4B0-6B64-4F38-BE13-58ADF9553210} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-06-14] (CyberLink) Task: {19C81672-4514-45F8-8774-0E0E7C195871} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {223147B1-803E-4C92-957B-5BF59FDF86FE} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe Task: {3098B355-30B4-43C8-8A3B-5365B996B33E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {32AAD558-1F1F-485B-BC7E-8A13025209D2} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {35DB159B-E719-4F8F-985E-3BFDC4F09474} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {3E563C68-3A90-46C5-9894-075027184440} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4B05AD79-8E79-4560-80E3-93D7B36128DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-10-23] (Microsoft Corporation) Task: {572FE34C-1BE7-4E70-90DD-5A8B52CFC9E0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {58D8B644-6E26-4F1F-9230-E9B75F8E6CEB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5E97DC8F-37A7-458F-B904-651ABB5F351E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6522EB4C-0BFC-45BD-BD70-1A0C78C9B4EE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {66F7007C-23BB-41D5-88FE-CF9A316CB5EC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6962C9A1-C8FE-4EE0-BEFB-34AA9898F90D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe Task: {6C885362-EEB3-4183-BFBE-79A9FC5FA134} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-10-23] (Microsoft Corporation) Task: {6F9EB82B-C2D6-46F4-BC87-7A8D52283F87} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {70EEDD1A-4B2E-45CA-AF98-25C809AE86B5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {77FCCE9C-FE72-4164-8BD0-553F7A2B7407} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {780167ED-D1A2-4FB8-953E-57A867048553} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {7AF94642-1BF7-43BB-93B1-721BC4A331F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {818119E6-BE71-4D94-BF56-39336F813DB0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated) Task: {847B4CBC-AC5C-4C0E-BCF4-0C400A76BE69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {85DE3961-A449-47F3-A07D-CC0C7581A457} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8673C3EC-74BC-4BB0-8D80-A9CCB81579A0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {874048ED-2DBD-493E-A951-B7F1C9264374} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-13] (Microsoft Corporation) Task: {9084FBAE-B621-470F-94BB-C41175A8BE60} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {915EDC0E-7FAF-4A32-A2B8-74B74BFA33D1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {A0A7E08F-1B02-40AA-A725-93FA18344624} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A3600956-51E6-4A6C-AA75-791CEB3003C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {ADB74AA7-7A4F-4807-B8ED-ABF3153BB0D4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {AEF9CE6F-450B-4B31-BA3C-49A01002501E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B591A7EF-4CF8-4531-8FDB-2C18CB39ECDF} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {B65ABFE1-7489-4738-AE34-808B3AC24063} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {B681A443-E2F9-48A3-87E2-61E6928F1258} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {DC55D0EA-09F3-4B35-82EF-BE2C825F5D25} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {DFEE6F46-27A8-4EF5-B802-5F26B7A7DEF5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {EBCA6BE0-93D7-4BB1-A692-3A5C12C807D2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {ECD598FA-804D-4DC8-9EC7-245939254043} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {ED071AB1-A34C-45BF-BB31-039193F1D1D8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-13] (Microsoft Corporation) Task: {F1A8B1DE-EC59-4AA0-9280-721C5F6F72B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe Task: {F49A98C8-D586-4817-8469-83C1177D545D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-14] (Microsoft Corporation) Task: {FBB20570-BF1E-407B-8E8F-681182187B47} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {FF816E96-1B9D-42E4-A663-934AADE5F6C3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-09-13 22:14 - 2005-04-22 06:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-10-10 18:26 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-10-10 18:26 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-10-10 18:26 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-10 16:10 - 2016-10-10 16:10 - 01864384 _____ () C:\Users\Stephanie & Nathalie\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll 2016-10-10 16:31 - 2016-10-10 16:31 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-10-14 19:29 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-10-14 19:30 - 2016-10-05 11:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-10-14 19:30 - 2016-10-05 11:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-10-14 19:30 - 2016-10-05 11:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-10-14 19:30 - 2016-10-05 11:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-10-14 19:30 - 2016-10-05 11:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-10-20 15:29 - 2016-10-20 15:29 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-10-20 15:29 - 2016-10-20 15:29 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-10-20 15:29 - 2016-10-20 15:30 - 35253760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2016-09-13 22:13 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2016-10-10 16:10 - 2016-10-10 16:10 - 01383616 _____ () C:\Users\Stephanie & Nathalie\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll 2016-10-10 16:10 - 2016-10-10 16:10 - 00118976 _____ () C:\Users\Stephanie & Nathalie\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll 2011-03-09 15:21 - 2011-03-09 15:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 15:21 - 2011-03-09 15:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2016-10-01 15:53 - 2016-09-25 05:47 - 01805416 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll 2016-10-01 15:53 - 2016-09-25 05:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Users\Stephanie & Nathalie\Documents\atrikel.jpeg:3or4kl4x13tuuug3Byamue2s4b [91] AlternateDataStreams: C:\Users\Stephanie & Nathalie\Documents\atrikel.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\Stephanie & Nathalie\Documents\franse artikel 1.jpeg:3or4kl4x13tuuug3Byamue2s4b [91] AlternateDataStreams: C:\Users\Stephanie & Nathalie\Documents\franse artikel 1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] AlternateDataStreams: C:\Users\Stephanie & Nathalie\Documents\franse artikel 2.jpeg:3or4kl4x13tuuug3Byamue2s4b [91] AlternateDataStreams: C:\Users\Stephanie & Nathalie\Documents\franse artikel 2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-46182450-2483365633-3711743669-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Stephanie & Nathalie\Pictures\nathalie\badminton.jpg DNS Servers: 195.130.130.4 - 195.130.131.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{94641DDB-AF11-4E14-AF02-808A10A20AAE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{59EC6F75-6CF7-489D-89F9-7F249D06E3F2}] => (Allow) LPort=54925 FirewallRules: [{7BD9C4E6-285F-4D59-9B33-096D76665029}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14e\FAXRX.EXE FirewallRules: [{3B3B911E-7E38-452C-847D-69DA4712ABE8}] => (Allow) C:\Program Files (x86)\Apowersoft\MKV Converter Studio\MKV Converter Studio.exe FirewallRules: [{C048042B-E892-4CB6-A135-85ABB9F200FD}] => (Allow) C:\Program Files (x86)\Apowersoft\MKV Converter Studio\MKV Converter Studio.exe FirewallRules: [{1F497593-51B5-4D83-BDFE-4FCDEAE31400}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{477285D6-0DB7-4CFC-B9C2-B22A67953FF5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{DB99A0E1-1358-4EBE-B642-9009288694A3}] => (Allow) LPort=1900 FirewallRules: [{D2FDB56D-AC64-4C1D-84E1-228005FCCAC8}] => (Allow) LPort=2869 FirewallRules: [{FBA826E4-162C-49DD-B6FA-9FED05EC1ACF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{EF72C3A7-C4DF-4E43-BA1B-E5D0411FD0FE}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{86DB02FE-3745-45F4-95B3-DD181A755D12}] => (Allow) E:\setup\hpznui40.exe FirewallRules: [{4897A6CC-4AF0-43B6-A837-776E3372BB23}] => (Allow) C:\Users\Stephanie & Nathalie\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{BD356E13-D484-47A8-A17D-3036F0B50522}] => (Allow) C:\Users\Stephanie & Nathalie\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{938479D1-1D66-4CCC-9BF8-E8AA3B1838F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{9377F68D-5EBD-4ACD-9198-1BD6671214DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{1B817E42-F37D-4535-B0A8-CC416B349DD1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{8B727A33-F3B3-4FCD-9B63-680774C6FB8B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{DBEBDCA2-797C-45FA-871F-3F2F4D1E5D71}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{A6FEEA2B-EBC1-4C66-BDF9-D8B3F9A160AC}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{C9C296FF-25AA-4DFD-8634-DFC7D88BF2A2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{A669B825-DB56-47D0-9487-01046C2FCB34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{D816C50A-6FA8-49B5-9A00-D6487D9F603C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{51D27F29-5E64-41B1-9D3D-883C6BE908C8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{4A8FC483-D9C7-47E3-953D-861D5305A7F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{412A9815-E4C0-45FF-A942-162714594D30}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{D1033ABE-C823-49A1-B11E-79CE01AB9B6C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{36AA669E-5C25-491B-B286-7E35A9B6AAE4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{2D98E5C3-D136-472E-BB8A-899E7370DABB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{DCD9A365-3516-450E-8977-CC00A8E14C42}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{B0DDE6F8-B346-4D3B-A1DD-0AF017E7AC50}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{33AFA2E0-E663-4E0B-8759-FED24AF3A893}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{9AE19742-EE23-431F-BEB0-14F701EB2DB9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{0A635AF6-00F7-46E9-A3DE-A25F3E275F79}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{881F04A4-C743-480B-88A7-C6F8433541FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{0F7BA9AB-F6A2-4E82-A0B3-C7F384B359B1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{EDB014D3-8E63-4F92-AEB7-DA4523184C6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{174D1B7F-BB52-4978-96AE-54A05BD4F1B1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{3F4D6B78-7B6B-4CE0-9CE4-7B9172A15185}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe FirewallRules: [{C4243729-2225-41C8-B01E-8BF2B4BF7BD6}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe FirewallRules: [{E003230E-E273-4574-8C57-FF0D9F61CDB7}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{2A33B474-D82B-4FB7-893C-5B1F00F7AB59}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe FirewallRules: [{39D71266-3398-4439-A73E-53196BB46FC7}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe FirewallRules: [{E44E539E-9FB3-47B3-B330-D49AE4C25416}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe FirewallRules: [{64B10ED6-A978-4A77-A128-16A4BD44DCF4}] => (Allow) C:\Users\Stephanie & Nathalie\AppData\Local\Temp\7zS6F8A\hppiw.exe FirewallRules: [{78D99025-6D1C-4A1B-8AF7-4DBB242AC8CF}] => (Allow) C:\Users\Stephanie & Nathalie\AppData\Local\Temp\7zS6F8A\hppiw.exe FirewallRules: [{04D93F07-71D4-4542-8828-EE51C358625B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{E915E4DC-95C3-4E9D-8B0D-C6205A07BE06}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{0F59D27D-0E00-4074-B850-4889B1490BCE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{034AB972-86DA-4CF7-8B42-9BAE45B7E0BF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{0BEE064A-C7C9-4FE7-B70C-435F24B38353}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe FirewallRules: [{9ECF4AC9-45C2-4EE6-B66D-D06A2CF6AA4C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe ==================== Herstelpunten ========================= 23-10-2016 19:43:16 Installed HiJackThis ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (10/23/2016 07:43:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (10/23/2016 07:38:43 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Externe configuratie is mislukt met uitzondering System.Reflection.TargetInvocationException: Het doel van een aanroep heeft een uitzondering veroorzaakt. ---> System.Security.Principal.IdentityNotMappedException: Kan een aantal of alle id-verwijzingen niet omzetten. bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bij System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Einde van intern uitzonderingsstackpad --- bij System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bij System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bij System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bij System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bij System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bij RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (10/23/2016 04:50:16 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Externe configuratie is mislukt met uitzondering System.Reflection.TargetInvocationException: Het doel van een aanroep heeft een uitzondering veroorzaakt. ---> System.Security.Principal.IdentityNotMappedException: Kan een aantal of alle id-verwijzingen niet omzetten. bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bij System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Einde van intern uitzonderingsstackpad --- bij System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bij System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bij System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bij System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bij System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bij RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (10/23/2016 09:29:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: kidspc) Description: Het activeren van de app Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppX9zvsr9qeth9e9a03yr0g7rpdrcrwgn5r.mca is mislukt door de fout -2144927149. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (10/22/2016 11:26:01 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x80070006, De ingang is ongeldig. . Bewerking: Asynchrone bewerking uitvoeren Context: Huidige status: DoSnapshotSet Error: (10/22/2016 11:25:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (10/19/2016 06:52:32 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: kidspc) Description: Kan toepassing of service 'Office Telemetry Agent' niet afsluiten. Error: (10/19/2016 06:21:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: kidspc) Description: Het pakket Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI is beëindigd omdat het onderbreken te lang duurde. Error: (10/18/2016 07:41:54 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL op regel 1. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definitie is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (10/18/2016 07:29:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: kidspc) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Systeemfouten: ============= Error: (10/24/2016 05:06:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/23/2016 08:27:57 PM) (Source: bowser) (EventID: 8003) (User: ) Description: De masterbrowser heeft een servermelding ontvangen van computer KATY-VAIO die meent de masterbrowser voor het domein te zijn op transport NetBT_Tcpip_{30924113-C70C-4A09-92FC-A1E12B183665}. De masterbrowser wordt gestopt of er wordt een verkiezing afgedwongen. Error: (10/23/2016 07:59:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/23/2016 07:59:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/23/2016 07:59:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/23/2016 07:59:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De NetMsmqActivator-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (10/23/2016 07:59:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: NetMsmqActivator. Error: (10/23/2016 07:59:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De NetPipeActivator-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (10/23/2016 07:59:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: NetPipeActivator. Error: (10/23/2016 07:59:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Origin Web Helper Service-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. CodeIntegrity: =================================== Date: 2016-10-19 20:29:38.850 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:38.849 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:38.846 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:38.830 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:38.829 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:38.821 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:32.729 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:32.728 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:32.726 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-19 20:29:32.720 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Percentage geheugen in gebruik: 24% Totaal fysiek RAM-geheugen: 8173.63 MB Beschikbaar fysiek RAM-geheugen: 6158.32 MB Totaal Virtueel geheugen: 16365.63 MB Beschikbaar Virtual geheugen: 14290.35 MB ==================== Schijven ================================ Drive c: (Boot) (Fixed) (Total:1811.92 GB) (Free:1591.46 GB) NTFS Drive d: (Recover) (Fixed) (Total:50 GB) (Free:5.37 GB) NTFS Drive e: (Sims3EP11) (CDROM) (Total:6.15 GB) (Free:0 GB) UDF ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 195334B2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1811.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== Eind van Addition.txt ============================