Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 29-01-2017 Gestart door hugoke (31-01-2017 10:55:43) Gestart vanaf C:\Users\hugoke\Downloads Windows 8.1 Pro (Update) (X64) (2015-10-15 19:20:59) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-10870461-3760241935-267325191-500 - Administrator - Disabled) Gast (S-1-5-21-10870461-3760241935-267325191-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-10870461-3760241935-267325191-1006 - Limited - Enabled) hugoke (S-1-5-21-10870461-3760241935-267325191-1002 - Administrator - Enabled) => C:\Users\hugoke UpdatusUser (S-1-5-21-10870461-3760241935-267325191-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Antivirus by F-Secure (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Antivirus by F-Secure (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY) ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.631.5823 - ABBYY) Hidden Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) ArcSoft MediaImpression 2 (HKLM-x32\...\{FB46F473-333E-4A06-A777-31C54188593E}) (Version: 2.0.14.672 - ArcSoft) Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) Belgium e-ID middleware 4.1.7 (build 1666) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71666}) (Version: 4.1.1666 - Belgian Government) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden Computer Security 14.176.101.0 (release) (x32 Version: 14.176.101.0 - F-Secure Corporation) Hidden CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.) CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.) CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.) CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DIGIPASS Native Bridge 2.2.2 (HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\{9ba9a46c-c5ee-4711-9d40-15adb327bdd0}) (Version: 2.2.2 - VASCO Data Security) DIGIPASS Native Bridge 2.2.2 (x32 Version: 2.2.2 - VASCO Data Security) Hidden Document Capture Pro (HKLM-x32\...\{B4A3C072-87AF-4937-880D-3D7997111C0D}) (Version: 1.01.0000 - Seiko Epson Corporation) EaseUS Todo Backup Home 9.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.2 - CHENGDU YIWO Tech Development Co., Ltd) Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - ) Epson Event Manager (HKLM-x32\...\{148C8BF9-E1B4-445D-AC67-2CABAE63949A}) (Version: 3.01.0009 - Seiko Epson Corporation) Epson Gebruikershandleiding EPSON Perfection V370 Photo (HKLM-x32\...\EPSON Perfection V370 Photo Useg) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden F-Secure CCF Reputation (x32 Version: 2.1.1342.0 - F-Secure) Hidden F-Secure CCF Scanning 1.73.275.1078 (release) (x32 Version: 1.73.275.1078 - F-Secure Corporation) Hidden F-Secure Network CCF 1.04.214 (x32 Version: 1.04.214 - F-Secure Corporation) Hidden F-Secure SAFE (HKLM-x32\...\F-Secure ServiceEnabler 6661000) (Version: 2.76.211.0 - F-Secure Corporation) F-Secure SAFE (x32 Version: 2.76.211.0 - F-Secure Corporation) Hidden F-Secure SafeSearch 1.11.101.0 (release) (x32 Version: 1.11.101.0 - F-Secure Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Macrium Reflect Free Edition (Version: 6.1.879 - Paramount Software (UK) Ltd.) Hidden Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion) Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office 2013 voor Thuisgebruik en Zelfstandigen - nl-nl (HKLM\...\HomeBusinessRetail - nl-nl) (Version: 15.0.4893.1002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 51.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 nl)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla) Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.) NVIDIA 3D Vision stuurprogramma 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation) NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden Online Safety 2.176.4626.2945 (x32 Version: 2.176.4626.2945 - F-Secure Corporation) Hidden PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0072 - Pegatron Corporation) QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.39.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.01.00.04 - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.) Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.12 - Samsung Electronics Co., Ltd.) Samsung Printerdiagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.01 - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (x32 Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden Softwarenetz Agenda3 (HKLM-x32\...\Terminkalender3) (Version: - Softwarenetz) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.12 - Synaptics Incorporated) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Toyota Touch & Go Toolbox (HKLM-x32\...\Toyota Touch & Go Toolbox) (Version: 3.7.4.62174 - NNG Llc.) Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.12 - Samsung Electronics CO., LTD.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-10870461-3760241935-267325191-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\hugoke\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-10870461-3760241935-267325191-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0F588203-DBB5-4E84-96D8-1B5CE11B3AA4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {13B55541-5E88-4733-9EA9-41F04849FF21} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {2CC4AE2A-EF48-447F-A111-B5AF2820DC21} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-31] (Google Inc.) Task: {2D706680-705D-4191-BC3E-7E7BE5E2703B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-31] (Google Inc.) Task: {4624A8E2-821D-4495-9112-AD8FB231F6EE} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe Task: {4FB439AE-AAFC-4F2A-9AA7-C650A817FAD4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {69C45162-38BC-418A-A17C-721DD6E02E36} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {6B1C718E-7617-4E3D-81E1-6CF7881014B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation) Task: {7B49C105-A32C-4163-A83F-1AB5142BC714} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {8D3103CB-2FBD-4E9A-83C8-928FE40BBF41} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\fsav.exe [2017-01-06] (F-Secure Corporation) Task: {930AF6B4-F389-4D9C-B7C5-0CFC3777D8D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation) Task: {B3CBC362-18FE-4C64-AA32-A772651C400E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-13] (Adobe Systems Incorporated) Task: {C3FEE05E-501C-4635-85ED-E8716896A9A5} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2016-01-28] () Task: {D8A91048-3695-4968-813B-B9432E34ED0F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Scheduled scanning task.job => C:\PROGRA~2\F-Secure\SAFE\apps\COMPUT~1\ANTI-V~1\fsav.exe ] /HARD /POLICY /SCHED /REPORT C:\PROGRA~2\F-Secure\SAFE\apps\COMPUT~1\ANTI-V~1\report.txt Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\hugoke\Desktop\LIFESTORE.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com/lifestore ShortcutWithArgument: C:\Users\hugoke\Desktop\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com/be/nl ShortcutWithArgument: C:\Users\hugoke\Desktop\Windows 8 Info.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.windows.com/getstarted ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi.com ==================== Geladen Modules (gefilterd) ============== 2012-11-13 06:58 - 2009-12-18 16:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 2012-11-13 06:58 - 2011-10-13 15:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 2016-06-22 17:13 - 2014-11-25 12:16 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll 2016-08-13 01:21 - 2016-08-13 01:21 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll 2015-10-25 16:47 - 2015-10-16 00:23 - 00182784 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe 2015-10-15 13:37 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2012-11-13 05:20 - 2012-10-19 12:27 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2016-06-22 17:15 - 2016-06-18 06:43 - 00499000 ____N () C:\WINDOWS\SysWOW64\spdsvc.exe 2016-06-22 17:13 - 2016-06-22 17:13 - 00143664 ____N () C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe 2013-10-27 08:03 - 2013-10-27 08:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2012-11-13 06:58 - 2012-09-14 14:17 - 00844288 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe 2012-11-13 06:58 - 2010-01-12 18:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe 2012-11-13 06:58 - 2010-01-12 18:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe 2012-11-13 06:58 - 2010-12-17 15:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe 2012-11-13 06:58 - 2012-03-27 21:48 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe 2016-10-01 09:28 - 2016-06-03 05:15 - 00278720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2012-11-13 06:58 - 2012-08-08 19:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe 2014-09-08 12:39 - 2014-09-08 12:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2014-09-08 12:38 - 2014-09-08 12:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2016-10-01 09:29 - 2015-12-10 05:04 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00173760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll 2016-10-01 09:28 - 2016-06-03 05:13 - 00056512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00128192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00485416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL 2016-10-01 09:28 - 2016-06-03 05:13 - 00085184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2016-10-01 09:29 - 2015-12-10 05:04 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00040128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00443944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2016-10-01 09:28 - 2016-06-03 05:13 - 00114880 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00501800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00059944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00220864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2016-10-01 09:28 - 2016-06-03 05:12 - 00021184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2016-10-01 09:29 - 2015-12-10 05:04 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00138792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2017-01-06 09:46 - 2016-10-26 16:05 - 00074720 _____ () C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng 2016-10-25 10:01 - 2016-10-25 10:01 - 00254944 _____ () C:\Program Files (x86)\F-Secure\SAFE\daas2.dll 2016-06-22 17:13 - 2015-06-11 12:42 - 03055616 ____N () C:\WINDOWS\system32\DlgSearchEngine.dll 2017-01-06 09:46 - 2017-01-06 09:50 - 00213984 _____ () C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Spam Control\fsas.dll 2012-11-13 06:58 - 2009-12-18 16:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll 2012-11-13 06:58 - 2009-12-18 16:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll 2016-10-01 09:28 - 2015-12-10 05:04 - 00224808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2015-10-15 13:37 - 2016-09-20 12:37 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2013-10-27 08:03 - 2013-10-27 08:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 14:25 - 2017-01-13 07:52 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-10870461-3760241935-267325191-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\hugoke\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\11811311_10153268285257771_1617704194062032586_n[1].jpg DNS Servers: 195.130.131.1 - 195.130.130.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "Update-melder.lnk" HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8" HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "YouCam Service" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "EEventManager" HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\StartupApproved\Run: => "swg" HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\StartupApproved\Run: => "DigipassNativeBridge" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{435E1E4F-B74E-4016-B386-9BCB9093A705}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{D8A2B6C9-7B9F-4B8E-AF3C-B5E71A25E51E}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3CB2F167-60C1-4C21-A8AC-CAC5A73485A8}] => C:\Users\hugoke\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{E3D1410B-DA10-4755-815C-39163AC7FD57}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{190F341D-3018-4D2C-9297-26F51310EA48}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{F34E9B65-2A59-4487-B800-816EE2FC4642}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{1B2C4B24-86ED-450C-ACF2-82E313D3C0DA}] => C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{0949FDA0-B89E-4557-BDEB-7632B99A6162}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{ACD29DFF-ECB5-4C10-9BAC-C0C1809E62BF}] => C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe FirewallRules: [{59097197-3F24-4EB8-A041-6442F1CD86EE}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe FirewallRules: [{2A4DD67D-8566-43DD-A711-678C289475EC}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{4D138CB7-23E2-4758-9143-95AF8F3FDF71}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{CAA06C74-7008-4603-A202-9C175795623E}] => C:\Program Files\CyberLink\PowerDirector\PDR9.EXE FirewallRules: [{9A829BBF-10E7-407C-B192-C23A8E2686C5}] => LPort=1900 FirewallRules: [{22AD80FD-E53B-4BC8-A528-E45FC6B56A71}] => LPort=2869 FirewallRules: [{F9EC6378-6782-4B1C-8172-DDD6060D24BA}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{763F3FA2-D2FE-40C3-A982-736753D4D962}] => C:\Program Files (x86)\F-Secure\F-Secure Booster\PowerSuite.exe FirewallRules: [{6109756D-E455-462F-98B8-8C1001439ED8}] => C:\Program Files (x86)\F-Secure\F-Secure Booster\PowerSuite.exe FirewallRules: [{5710CFBC-D02D-41C1-B389-53EDF27F6856}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{ADED6420-3D2C-4E11-9491-385FF09EB49B}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{512AB553-2294-416C-B253-7A9B3B163378}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{7AF0A0CB-4DAC-437F-B30E-EE0A751EB127}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{CB346CB1-8F4C-457C-B954-B0D03A6BD82A}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{B3E4AA7F-087A-4DF8-AB3D-482F804040B2}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{6AEF6862-FE1C-4D51-BEBF-6215A7F909AA}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{6DFBF8C1-1690-4B99-B310-0F4679EFA4C7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{4B5C9A22-4B64-47AB-BBFD-61E1CD872DBE}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{FB82E31A-8525-4F30-8542-86D21EB88371}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{BF971C51-24C7-4C94-AB96-8F658E1B7D7F}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{BA2A56DA-BB1B-48FB-B622-BB38A2D39B8A}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{DBB9E61B-2300-4001-94F3-09CF38864CCF}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{B6A1C510-69CC-4AF3-A1B0-5792B69B9B2E}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{506E76E4-CB98-45D0-BF64-C1063E16B0F3}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{6FB26A1E-0CDA-457B-BF1D-DF599EF97743}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{F412FCDB-8444-49EE-9F39-8704399ADFA7}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{3BDAE360-EEEE-4ECF-8B2A-B59DA3F337DA}] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{3A5F2D6F-28A6-4C09-B0E4-AD41893FF10F}] => C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{3287E54F-5E72-4138-BAFC-A3B304F781E6}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{8F5CC9B8-AAF5-449B-BB5F-A5ABDF55E1C0}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [TCP Query User{87581B3E-3125-4534-B0FB-1EC2548E77B2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{F70202EA-6001-4889-9F1F-10C061FA3016}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{3E01232F-6D61-43D8-B4CD-180B3D6EA00C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{067D7280-E321-490C-AB3A-FE00813211B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{A813DAD7-AA3B-4175-8A32-5950BFAA9757}] => C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe FirewallRules: [{4FBCF14B-CCCD-40C8-8F05-A21F8666BEA1}] => C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe FirewallRules: [{4C5DF198-060E-4B17-AD69-E1876F54B4C8}] => C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{C2209944-B56B-4DE1-B306-4F600826F3C7}] => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe FirewallRules: [{36FC55AF-DAEA-4A7B-8040-DD61E121771A}] => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe FirewallRules: [{EFC1E7BD-C5BE-44C1-B2C8-54157F9298AF}] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{4943443C-4BC8-44D3-A3C3-A9DE161474D2}] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{1889BA27-16C8-4015-84A3-7FB355F7C633}] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{13F1D67F-70E9-4D83-A5EF-82F6C8D85D68}] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [TCP Query User{AE5D1750-4393-4E30-8967-F71B11CB76D7}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe FirewallRules: [UDP Query User{E00CF2BF-DE68-463E-AC28-EFDC0552AA1A}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe FirewallRules: [{38CEEAC8-5B06-42F0-A1B0-03E202266FF2}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{84A7DC56-DC7E-4B47-8CE7-5A33767ACE48}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{BEE61572-66FF-4BA7-A90C-B420633295BC}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{684FA749-4F68-4902-A379-6D6E677B328A}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{97D66C55-907F-48F7-A81E-B3F567C8EC47}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{FC12B4D6-5394-4DFF-9695-FE72B3393948}] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{9DB7F0A5-40A9-4DC5-87C9-6D7349C0919D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{9B3F0947-4352-4C57-9BA8-00FFFA9AAA25}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C10DCF94-1B2A-4970-9ACB-796D2E0CA267}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Herstelpunten ========================= 11-01-2017 20:34:59 Windows Update 20-01-2017 08:26:40 Gepland controlepunt 28-01-2017 11:55:44 Removed Skype™ 7.30 29-01-2017 14:14:37 zoek.exe restore point ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (01/30/2017 04:22:20 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: De lijst met opgenomen en uitgesloten locaties kan niet worden verwerkt door de Windows-zoekservice met de fout <30, 0x80004005, "file:///F:\[3aa9d1e1-2d65-43f1-abe8-13aac40d77f9]\">. Error: (01/30/2017 04:22:17 PM) (Source: Outlook) (EventID: 35) (User: ) Description: Kan niet vaststellen of het archief zich in het verkenningsbereik bevindt (fout=0x80070015). Error: (01/30/2017 04:22:17 PM) (Source: Outlook) (EventID: 34) (User: ) Description: Kan het bereik van verkennerbeheer niet ophalen. Fout: 0x80070015. Error: (01/30/2017 04:19:54 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: De Windows Search-service wordt gestopt vanwege een probleem met de indexeerfunctie, The catalog is corrupt. Details: De catalogus met de inhoudsindex is beschadigd. 0xc0041801 (0xc0041801) Error: (01/30/2017 04:19:54 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: De zoekservice heeft beschadigde gegevensbestanden ontdekt in de index {id=4810 - enduser\mssearch2\search\ytrip\tripoli\inverted\decodinglayerpages.h (591)}. De service probeert dit probleem automatisch te verhelpen door de index opnieuw samen te stellen. Details: De gegevens zijn ongeldig. 0x8007000d (0x8007000d) Error: (01/30/2017 03:25:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IAStorDataMgrSvc.exe, versie: 11.5.4.1001, tijdstempel: 0x502d5a1d Naam van module met fout: IAStorUtil.ni.dll, versie: 11.5.4.1001, tijdstempel: 0x502d5a19 Uitzonderingscode: 0xc0000005 Foutmarge: 0x0002e421 Id van proces met fout: 0x458 Starttijd van toepassing met fout: 0x01d27b049c8e3144 Pad naar toepassing met fout: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Pad naar module met fout: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\1bff5fcdf493e0d7ccd0185e49bcc141\IAStorUtil.ni.dll Rapport-id: e161e138-e6f7-11e6-bf89-84a6c8d9f2c8 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (01/30/2017 03:24:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: IAStorDataMgrSvc.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.NullReferenceException Stack: bij IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() bij IAStorUtil.SystemDataModelListener.LoadSavedSystemState() bij IAStorDataMgr.EventRelay.b__0(System.Object) bij System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bij System.Threading.ThreadPoolWorkQueue.Dispatch() bij System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (01/30/2017 07:43:20 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IAStorDataMgrSvc.exe, versie: 11.5.4.1001, tijdstempel: 0x502d5a1d Naam van module met fout: IAStorUtil.ni.dll, versie: 11.5.4.1001, tijdstempel: 0x502d5a19 Uitzonderingscode: 0xc0000005 Foutmarge: 0x0002e421 Id van proces met fout: 0x11ec Starttijd van toepassing met fout: 0x01d27ac41a09430a Pad naar toepassing met fout: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Pad naar module met fout: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\1bff5fcdf493e0d7ccd0185e49bcc141\IAStorUtil.ni.dll Rapport-id: 62d24881-e6b7-11e6-bf88-84a6c8d9f2c8 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (01/30/2017 07:43:19 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: IAStorDataMgrSvc.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.NullReferenceException Stack: bij IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() bij IAStorUtil.SystemDataModelListener.LoadSavedSystemState() bij IAStorDataMgr.EventRelay.b__0(System.Object) bij System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bij System.Threading.ThreadPoolWorkQueue.Dispatch() bij System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (01/29/2017 10:01:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY) Description: There was an error with the Windows Location Provider database Systeemfouten: ============= Error: (01/30/2017 03:25:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Intel(R) Rapid Storage Technology-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (01/30/2017 07:43:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Intel(R) Rapid Storage Technology-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (01/29/2017 10:15:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (01/29/2017 10:15:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (01/29/2017 10:15:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (01/29/2017 10:15:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (01/29/2017 10:15:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (01/29/2017 04:56:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (01/29/2017 04:56:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (01/29/2017 04:56:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. CodeIntegrity: =================================== Date: 2017-01-06 09:33:36.297 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Percentage geheugen in gebruik: 36% Totaal fysiek RAM-geheugen: 8070.55 MB Beschikbaar fysiek RAM-geheugen: 5106.37 MB Totaal Virtueel geheugen: 9350.55 MB Beschikbaar Virtual geheugen: 5655.32 MB ==================== Schijven ================================ Drive c: (Boot) (Fixed) (Total:636.04 GB) (Free:112.25 GB) NTFS Drive d: (Recover) (Fixed) (Total:60 GB) (Free:32.82 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 10.3 GB) (Disk ID: 2C512706) Partition 1: (Not Active) - (Size=10.3 GB) - (Type=84) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 3593A987) Partition: GPT. ==================== Eind van Addition.txt ============================