Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 14-05-2017 Gestart door hugoke (19-05-2017 08:45:46) Gestart vanaf C:\Users\hugoke\Downloads Windows 8.1 Pro (Update) (X64) (2015-10-15 19:20:59) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-10870461-3760241935-267325191-500 - Administrator - Disabled) Gast (S-1-5-21-10870461-3760241935-267325191-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-10870461-3760241935-267325191-1006 - Limited - Enabled) hugoke (S-1-5-21-10870461-3760241935-267325191-1002 - Administrator - Enabled) => C:\Users\hugoke UpdatusUser (S-1-5-21-10870461-3760241935-267325191-1007 - Limited - Enabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Antivirus by F-Secure (Enabled - Up to date) {0F70A6C4-76E4-6A3B-2695-519F428B1C20} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Antivirus by F-Secure (Enabled - Up to date) {B4114720-50DE-65B5-1C25-6AED390C569D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY) ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.631.5823 - ABBYY) Hidden Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) Belgium e-ID middleware 4.1.20 (build 1779) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71779}) (Version: 4.1.1779 - Belgian Government) Centre Souris et Claviers Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.8.106.0 - Microsoft Corporation) Centre Souris et Claviers Microsoft (Version: 2.8.106.0 - Microsoft Corporation) Hidden Common Desktop Agent (Version: 1.62.0 - OEM) Hidden Computer Security 14.176.101.0 (release) (x32 Version: 14.176.101.0 - F-Secure Corporation) Hidden CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.) CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.) CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.) CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DIGIPASS Native Bridge 2.3.2 (HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\{9417bcae-5ec1-4171-81d5-46bf5bf9b573}) (Version: 2.3.2 - VASCO Data Security) DIGIPASS Native Bridge 2.3.2 (x32 Version: 2.3.2 - VASCO Data Security) Hidden Document Capture Pro (HKLM-x32\...\{B4A3C072-87AF-4937-880D-3D7997111C0D}) (Version: 1.01.0000 - Seiko Epson Corporation) EaseUS Todo Backup Home 9.2 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.2 - CHENGDU YIWO Tech Development Co., Ltd) Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - ) Epson Event Manager (HKLM-x32\...\{148C8BF9-E1B4-445D-AC67-2CABAE63949A}) (Version: 3.01.0009 - Seiko Epson Corporation) Epson Gebruikershandleiding EPSON Perfection V370 Photo (HKLM-x32\...\EPSON Perfection V370 Photo Useg) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden F-Secure CCF Reputation (x32 Version: 2.1.1342.0 - F-Secure) Hidden F-Secure CCF Scanning 1.73.275.1078 (release) (x32 Version: 1.73.275.1078 - F-Secure Corporation) Hidden F-Secure KEY (HKLM-x32\...\{AB59B22F-4F3B-4464-AFD3-A80585015974}) (Version: 4.5.107 - F-Secure Corporation) F-Secure KEY: User Data (HKLM-x32\...\{F6A4621C-F31F-42E2-BD11-632615967A56}) (Version: 1.1.0.0 - F-Secure Corporation) F-Secure Network CCF 1.04.214 (x32 Version: 1.04.214 - F-Secure Corporation) Hidden F-Secure SAFE (HKLM-x32\...\F-Secure ServiceEnabler 6661000) (Version: 2.76.211.0 - F-Secure Corporation) F-Secure SAFE (x32 Version: 2.76.211.0 - F-Secure Corporation) Hidden F-Secure SafeSearch 1.11.101.0 (release) (x32 Version: 1.11.101.0 - F-Secure Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Macrium Reflect Free Edition (Version: 6.1.879 - Paramount Software (UK) Ltd.) Hidden Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion) Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden Microsoft Office 2013 voor Thuisgebruik en Zelfstandigen - nl-nl (HKLM\...\HomeBusinessRetail - nl-nl) (Version: 15.0.4927.1002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 53.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 nl)) (Version: 53.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla) Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.) NVIDIA 3D Vision stuurprogramma 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation) NVIDIA GeForce Experience 3.5.0.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.76 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation) NvNodejs (Version: 3.5.0.76 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4927.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4927.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4927.1002 - Microsoft Corporation) Hidden Online Safety 2.176.4626.2945 (x32 Version: 2.176.4626.2945 - F-Secure Corporation) Hidden PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0072 - Pegatron Corporation) QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.39.703.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.01.00.04 - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.) Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.12 - Samsung Electronics Co., Ltd.) Samsung Printerdiagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.01 - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (x32 Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.5.0.76 - NVIDIA Corporation) Hidden Softwarenetz Agenda3 (HKLM-x32\...\Terminkalender3) (Version: - Softwarenetz) Stuurprogrammapakket voor Windows - Fedict SmartCard (11/30/2016 4.1.9) (HKLM\...\A9FBB4D4E267FA9BF2CEBF564F02DB39E147B466) (Version: 11/30/2016 4.1.9 - Fedict) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.12 - Synaptics Incorporated) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Toyota Touch & Go Toolbox (HKLM-x32\...\Toyota Touch & Go Toolbox) (Version: 3.7.4.62174 - NNG Llc.) Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.12 - Samsung Electronics CO., LTD.) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-10870461-3760241935-267325191-1002_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\hugoke\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-10870461-3760241935-267325191-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {1B49BE8B-6C25-4844-8098-6E5B40F4CDC3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation) Task: {25D9D022-528D-4114-898D-EEEE14DF55D9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-26] (NVIDIA Corporation) Task: {33A29029-4924-4D68-9363-0887296BBB44} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated) Task: {425577C1-500F-4600-A491-162D536641CD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation) Task: {4624A8E2-821D-4495-9112-AD8FB231F6EE} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe Task: {6CB8902F-C120-47E0-9965-A83F0A21DFC5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2016-08-15] (Microsoft Corporation) Task: {6D16AB88-4E58-4464-B9D7-673F4BEFECAE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation) Task: {6E9F6332-89F4-44BE-B7AA-A7F81D495D95} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-26] (NVIDIA Corporation) Task: {8168111F-0C19-4107-AD92-E0C31E7FEEF5} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2016-08-15] (Microsoft) Task: {8D3103CB-2FBD-4E9A-83C8-928FE40BBF41} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\fsav.exe [2017-04-24] (F-Secure Corporation) Task: {8D33D665-3789-4FE2-80C6-FFF4623F9C29} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-26] (NVIDIA Corporation) Task: {8FD0F11C-9480-4540-8460-F909CE5303DE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-26] (NVIDIA Corporation) Task: {9A27FA8D-5039-4DF7-9766-1ADA193BC9F3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-26] (NVIDIA Corporation) Task: {9FCB096B-65EE-4913-A6BD-2EE83372DB28} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2016-08-15] (Microsoft Corporation) Task: {BBB38865-B8DA-45A2-9F3C-987F01195399} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {C3FEE05E-501C-4635-85ED-E8716896A9A5} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2016-01-28] () Task: {C46BC4C8-1E3A-4542-812D-F1F1EF92EB19} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation) Task: {EFDDD2A9-FCC9-4E16-950A-DF3FB22E49A1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2016-08-15] (Microsoft Corporation) Task: {F4263C3C-F204-436C-8318-F4C53E8B3502} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2016-08-15] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Scheduled scanning task.job => C:\PROGRA~2\F-Secure\SAFE\apps\COMPUT~1\ANTI-V~1\fsav.exe ] /HARD /POLICY /SCHED /REPORT C:\PROGRA~2\F-Secure\SAFE\apps\COMPUT~1\ANTI-V~1\report.txt Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\hugoke\Desktop\LIFESTORE.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com/lifestore ShortcutWithArgument: C:\Users\hugoke\Desktop\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com/be/nl ShortcutWithArgument: C:\Users\hugoke\Desktop\Windows 8 Info.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.windows.com/getstarted ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi.com ==================== Geladen Modules (gefilterd) ============== 2012-11-13 07:58 - 2009-12-18 17:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 2012-11-13 07:58 - 2011-10-13 16:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 2016-06-22 18:13 - 2014-11-25 13:16 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll 2016-08-13 02:21 - 2016-08-13 02:21 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll 2015-10-25 17:47 - 2015-10-16 01:23 - 00182784 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe 2015-10-15 14:37 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2017-04-11 04:17 - 2017-04-11 04:17 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 2017-04-29 23:20 - 2017-04-26 07:37 - 01147512 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2012-11-13 06:20 - 2012-10-19 13:27 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2016-06-22 18:15 - 2016-06-18 07:43 - 00499000 ____N () C:\WINDOWS\SysWOW64\spdsvc.exe 2016-06-22 18:13 - 2016-06-22 18:13 - 00143664 ____N () C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe 2017-04-29 22:48 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-11-13 07:58 - 2012-09-14 15:17 - 00844288 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe 2012-11-13 07:58 - 2010-01-12 19:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe 2012-11-13 07:58 - 2010-12-17 16:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe 2012-11-13 07:58 - 2010-01-12 19:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe 2012-11-13 07:58 - 2012-03-27 22:48 - 03471872 _____ () C:\Program Files (x86)\PHotkey\POSD.exe 2012-11-13 07:58 - 2012-08-08 20:10 - 07536128 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe 2016-10-01 10:28 - 2016-06-03 06:15 - 00278720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2015-10-16 07:17 - 2015-10-16 07:17 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll 2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2016-10-01 10:28 - 2015-12-10 06:04 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2016-10-01 10:29 - 2015-12-10 06:04 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00173760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll 2016-10-01 10:28 - 2016-06-03 06:13 - 00056512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00128192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00485416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL 2016-10-01 10:28 - 2016-06-03 06:13 - 00085184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2016-10-01 10:29 - 2015-12-10 06:04 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00040128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00443944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2016-10-01 10:28 - 2016-06-03 06:13 - 00114880 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00501800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00059944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00220864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2016-10-01 10:28 - 2016-06-03 06:12 - 00021184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2016-10-01 10:29 - 2015-12-10 06:04 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00138792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll 2017-01-06 10:46 - 2016-10-26 17:05 - 00074720 _____ () C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng 2016-10-25 11:01 - 2016-10-25 11:01 - 00254944 _____ () C:\Program Files (x86)\F-Secure\SAFE\daas2.dll 2016-06-22 18:13 - 2015-06-11 13:42 - 03055616 ____N () C:\WINDOWS\system32\DlgSearchEngine.dll 2017-01-06 10:46 - 2017-01-06 10:50 - 00213984 _____ () C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Spam Control\fsas.dll 2012-11-13 07:58 - 2009-12-18 17:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll 2012-11-13 07:58 - 2009-12-18 17:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll 2017-04-29 23:20 - 2017-04-26 07:37 - 00900216 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-10-01 10:28 - 2015-12-10 06:04 - 00224808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2017-04-29 23:20 - 2017-04-26 07:03 - 02442360 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-04-29 23:20 - 2017-04-26 07:03 - 00361920 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-04-29 23:20 - 2017-04-26 07:03 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-04-29 23:20 - 2017-04-26 07:03 - 00384120 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-04-29 23:20 - 2017-04-26 07:03 - 00467392 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-04-29 23:20 - 2017-04-26 07:03 - 00572024 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2017-01-13 08:52 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-10870461-3760241935-267325191-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\hugoke\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\11811311_10153268285257771_1617704194062032586_n[1].jpg DNS Servers: 195.130.131.1 - 195.130.130.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "Update-melder.lnk" HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8" HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKLM\...\StartupApproved\Run32: => "RemoteControl10" HKLM\...\StartupApproved\Run32: => "YouCam Service" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "EEventManager" HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\StartupApproved\Run: => "swg" HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\StartupApproved\Run: => "CCleaner Monitoring" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{3CB2F167-60C1-4C21-A8AC-CAC5A73485A8}] => (Allow) C:\Users\hugoke\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{E3D1410B-DA10-4755-815C-39163AC7FD57}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{190F341D-3018-4D2C-9297-26F51310EA48}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{F34E9B65-2A59-4487-B800-816EE2FC4642}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{1B2C4B24-86ED-450C-ACF2-82E313D3C0DA}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{0949FDA0-B89E-4557-BDEB-7632B99A6162}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{ACD29DFF-ECB5-4C10-9BAC-C0C1809E62BF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe FirewallRules: [{59097197-3F24-4EB8-A041-6442F1CD86EE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe FirewallRules: [{2A4DD67D-8566-43DD-A711-678C289475EC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{4D138CB7-23E2-4758-9143-95AF8F3FDF71}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{CAA06C74-7008-4603-A202-9C175795623E}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE FirewallRules: [{9A829BBF-10E7-407C-B192-C23A8E2686C5}] => (Allow) LPort=1900 FirewallRules: [{22AD80FD-E53B-4BC8-A528-E45FC6B56A71}] => (Allow) LPort=2869 FirewallRules: [{F9EC6378-6782-4B1C-8172-DDD6060D24BA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{763F3FA2-D2FE-40C3-A982-736753D4D962}] => (Allow) C:\Program Files (x86)\F-Secure\F-Secure Booster\PowerSuite.exe FirewallRules: [{6109756D-E455-462F-98B8-8C1001439ED8}] => (Allow) C:\Program Files (x86)\F-Secure\F-Secure Booster\PowerSuite.exe FirewallRules: [{5710CFBC-D02D-41C1-B389-53EDF27F6856}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{ADED6420-3D2C-4E11-9491-385FF09EB49B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{512AB553-2294-416C-B253-7A9B3B163378}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{7AF0A0CB-4DAC-437F-B30E-EE0A751EB127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{CB346CB1-8F4C-457C-B954-B0D03A6BD82A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{B3E4AA7F-087A-4DF8-AB3D-482F804040B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{6AEF6862-FE1C-4D51-BEBF-6215A7F909AA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{6DFBF8C1-1690-4B99-B310-0F4679EFA4C7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{4B5C9A22-4B64-47AB-BBFD-61E1CD872DBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{FB82E31A-8525-4F30-8542-86D21EB88371}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{BF971C51-24C7-4C94-AB96-8F658E1B7D7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{BA2A56DA-BB1B-48FB-B622-BB38A2D39B8A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{DBB9E61B-2300-4001-94F3-09CF38864CCF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{B6A1C510-69CC-4AF3-A1B0-5792B69B9B2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{506E76E4-CB98-45D0-BF64-C1063E16B0F3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{6FB26A1E-0CDA-457B-BF1D-DF599EF97743}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{F412FCDB-8444-49EE-9F39-8704399ADFA7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{3BDAE360-EEEE-4ECF-8B2A-B59DA3F337DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{3A5F2D6F-28A6-4C09-B0E4-AD41893FF10F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{3287E54F-5E72-4138-BAFC-A3B304F781E6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{8F5CC9B8-AAF5-449B-BB5F-A5ABDF55E1C0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [TCP Query User{87581B3E-3125-4534-B0FB-1EC2548E77B2}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{F70202EA-6001-4889-9F1F-10C061FA3016}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{3E01232F-6D61-43D8-B4CD-180B3D6EA00C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{067D7280-E321-490C-AB3A-FE00813211B7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{A813DAD7-AA3B-4175-8A32-5950BFAA9757}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe FirewallRules: [{4FBCF14B-CCCD-40C8-8F05-A21F8666BEA1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe FirewallRules: [{4C5DF198-060E-4B17-AD69-E1876F54B4C8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{C2209944-B56B-4DE1-B306-4F600826F3C7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe FirewallRules: [{36FC55AF-DAEA-4A7B-8040-DD61E121771A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe FirewallRules: [{EFC1E7BD-C5BE-44C1-B2C8-54157F9298AF}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{4943443C-4BC8-44D3-A3C3-A9DE161474D2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{1889BA27-16C8-4015-84A3-7FB355F7C633}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{13F1D67F-70E9-4D83-A5EF-82F6C8D85D68}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [TCP Query User{AE5D1750-4393-4E30-8967-F71B11CB76D7}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe FirewallRules: [UDP Query User{E00CF2BF-DE68-463E-AC28-EFDC0552AA1A}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe FirewallRules: [{38CEEAC8-5B06-42F0-A1B0-03E202266FF2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{84A7DC56-DC7E-4B47-8CE7-5A33767ACE48}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{BEE61572-66FF-4BA7-A90C-B420633295BC}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{684FA749-4F68-4902-A379-6D6E677B328A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{97D66C55-907F-48F7-A81E-B3F567C8EC47}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{FC12B4D6-5394-4DFF-9695-FE72B3393948}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{F2810EAC-2D6C-45A0-A48B-49D3E5417EAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{9021837E-61F5-4E46-954B-5D394174DF36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{9B6546FF-387E-4C03-BF1C-862D2C4A021E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{1E012039-97C7-4E2B-BCA9-AD6CB1702B75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{4F46ED18-65CC-48C7-8E99-2B30D0262EED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{CA5C3B92-1354-43D1-B575-BB884648874E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A43CC04B-2124-44BD-993F-A563772F309E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1E8D7BE7-030D-4FB7-B33E-EE62296C8BB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Herstelpunten ========================= 08-05-2017 14:07:21 Herstel 08052017 18-05-2017 18:05:42 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (05/19/2017 07:17:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: Gegevens voor het Programma voor verbetering van de gebruikerservaring kunnen niet naar Microsoft worden verzonden. (Fout 80070005). Error: (05/18/2017 08:15:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IAStorDataMgrSvc.exe, versie: 11.5.4.1001, tijdstempel: 0x502d5a1d Naam van module met fout: IAStorUtil.ni.dll, versie: 11.5.4.1001, tijdstempel: 0x502d5a19 Uitzonderingscode: 0xc0000005 Foutmarge: 0x0002e421 Id van proces met fout: 0x1870 Starttijd van toepassing met fout: 0x01d2d002b582023f Pad naar toepassing met fout: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Pad naar module met fout: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\98b8f9cc66a877105dd61eafcc5ccf0d\IAStorUtil.ni.dll Rapport-id: f9ba0753-3bf5-11e7-bfda-84a6c8d9f2c8 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (05/18/2017 08:15:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: IAStorDataMgrSvc.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.NullReferenceException Stack: bij IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() bij IAStorUtil.SystemDataModelListener.LoadSavedSystemState() bij IAStorDataMgr.EventRelay.b__0(System.Object) bij System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bij System.Threading.ThreadPoolWorkQueue.Dispatch() bij System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (05/18/2017 06:05:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: De parameter is onjuist. . Error: (05/18/2017 06:05:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System Error: De parameter is onjuist. . Error: (05/18/2017 05:34:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IAStorDataMgrSvc.exe, versie: 11.5.4.1001, tijdstempel: 0x502d5a1d Naam van module met fout: IAStorUtil.ni.dll, versie: 11.5.4.1001, tijdstempel: 0x502d5a19 Uitzonderingscode: 0xc0000005 Foutmarge: 0x0002e421 Id van proces met fout: 0x16b0 Starttijd van toepassing met fout: 0x01d2cfec41528899 Pad naar toepassing met fout: C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Pad naar module met fout: C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\98b8f9cc66a877105dd61eafcc5ccf0d\IAStorUtil.ni.dll Rapport-id: 86f345e4-3bdf-11e7-bfd9-84a6c8d9f2c8 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (05/18/2017 05:34:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: IAStorDataMgrSvc.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.NullReferenceException Stack: bij IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() bij IAStorUtil.SystemDataModelListener.LoadSavedSystemState() bij IAStorDataMgr.EventRelay.b__0(System.Object) bij System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() bij System.Threading.ThreadPoolWorkQueue.Dispatch() bij System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (05/18/2017 11:31:07 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: Gegevens voor het Programma voor verbetering van de gebruikerservaring kunnen niet naar Microsoft worden verzonden. (Fout 80070005). Error: (05/17/2017 09:51:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: explorer.exe, versie: 6.3.9600.18460, tijdstempel: 0x57c1b8c1 Naam van module met fout: ImageSh.dll, versie: 3.0.0.1, tijdstempel: 0x575101dd Uitzonderingscode: 0xc0000005 Foutmarge: 0x0000000000003708 Id van proces met fout: 0x18f0 Starttijd van toepassing met fout: 0x01d2cee1cbcfe903 Pad naar toepassing met fout: C:\WINDOWS\explorer.exe Pad naar module met fout: C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll Rapport-id: 9adaf179-3ad5-11e7-bfd7-84a6c8d9f2c8 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (05/17/2017 08:30:11 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY) Description: There was an error with the Windows Location Provider database Systeemfouten: ============= Error: (05/19/2017 08:42:05 AM) (Source: DCOM) (EventID: 10010) (User: HUGO) Description: De server {1B1F472E-3221-4826-97DB-2C2324D389AE} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/19/2017 08:41:34 AM) (Source: DCOM) (EventID: 10010) (User: HUGO) Description: De server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/18/2017 08:15:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Intel(R) Rapid Storage Technology-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (05/18/2017 05:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Intel(R) Rapid Storage Technology-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (05/18/2017 05:31:49 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: De computer is opnieuw opgestart na een bugcontrole. De bugcontrole is 0x000000ef (0xffffe001a67418c0, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). Er is een dump opgeslagen in: C:\WINDOWS\MEMORY.DMP. Rapport-id: 051817-147250-01. Error: (05/18/2017 05:31:42 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 17:19:01 op ‎18-‎5-‎2017 is onverwacht gebeurd. Error: (05/18/2017 05:05:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: De HuaweiHiSuiteService64.exe-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (05/18/2017 05:01:55 PM) (Source: DCOM) (EventID: 10010) (User: HUGO) Description: De server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/18/2017 05:01:20 PM) (Source: DCOM) (EventID: 10010) (User: HUGO) Description: De server {1B1F472E-3221-4826-97DB-2C2324D389AE} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/18/2017 04:48:50 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT AUTHORITY) Description: Event-ID 7 CodeIntegrity: =================================== Date: 2017-01-06 09:33:36.297 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Percentage geheugen in gebruik: 29% Totaal fysiek RAM-geheugen: 8070.55 MB Beschikbaar fysiek RAM-geheugen: 5676.02 MB Totaal Virtueel geheugen: 16262.55 MB Beschikbaar Virtual geheugen: 13580.69 MB ==================== Schijven ================================ Drive c: (Boot) (Fixed) (Total:636.04 GB) (Free:77.07 GB) NTFS Drive d: (Recover) (Fixed) (Total:60 GB) (Free:32.82 GB) NTFS Drive f: (Data) (Fixed) (Total:232.88 GB) (Free:232.75 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 3593A987) Partition: GPT. ==================== Eind van Addition.txt ============================