Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 19-02-2017 Gestart door van la Parra (22-02-2017 11:08:54) Gestart vanaf C:\Users\van la Parra\Downloads Windows 10 Pro Versie 1607 (X64) (2016-09-23 08:38:22) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-234901561-1536892485-3164044181-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-234901561-1536892485-3164044181-503 - Limited - Disabled) Gast (S-1-5-21-234901561-1536892485-3164044181-501 - Limited - Disabled) van la Parra (S-1-5-21-234901561-1536892485-3164044181-1001 - Administrator - Enabled) => C:\Users\van la Parra ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: G DATA TOTAL SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: G DATA TOTAL SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) . . . (Version: 2.1.28.3 - Intel) Hidden . . . (x32 Version: 2.6.2.4 - Intel) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated) AIO_CDA_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDA_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Ashampoo Snap 9 (HKLM-x32\...\{0A11EA01-D628-EEFD-B5E8-864238AE9105}_is1) (Version: 9.0.1 - Ashampoo GmbH & Co. KG) BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.12.1 - Bitdefender) BIOS Tools (HKLM-x32\...\BIOS Tools) (Version: - ) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) Chrome Token Signing (Version: 1.0.4.464 - RIA) Hidden Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 52.15.25.664 - Comodo) Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 50.0.0.2 - COMODO) Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DigiDoc3 Client (x32 Version: 3.12.5.1479 - RIA) Hidden DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden eID software (HKLM-x32\...\{85a05fef-8ada-4890-a40b-f094ef0e8ab3}) (Version: 17.1.1687 - RIA) eID software (HKLM-x32\...\{d545270b-862f-47b0-b963-f3f0ec1a6bc1}) (Version: 3.12.4.1667 - RIA) EstEID Minidriver (Version: 3.11.0.1175 - RIA) Hidden EstEID Shell Extension (Version: 3.12.3.1466 - RIA) Hidden Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden Firefox PKCS11 Loader (Version: 3.12.0.1068 - RIA) Hidden Firefox Token Signing Plugin (x32 Version: 3.12.0.1143 - RIA) Hidden Flexera Software Corporate Software Inspector System Center Plugin (7.5.0.6) (HKLM\...\Secunia SC2012 Plugin) (Version: 7.5.0.6 - Flexera Software) G DATA TOTAL SECURITY (HKLM-x32\...\G DATA TOTAL SECURITY) (Version: 25.3.0.2 - G DATA Software AG) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Photos Backup (HKU\S-1-5-21-234901561-1536892485-3164044181-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.27.17 - HP) HP Support Solutions Framework (HKLM-x32\...\{FE8457A5-748D-41ED-A1E6-78CFDC0629D7}) (Version: 12.5.26.37 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden ID-card utility (x32 Version: 3.12.4.1226 - RIA) Hidden IE Token Signing Plugin (Version: 3.12.0.980 - RIA) Hidden Intel® Driver Update Utility (HKLM-x32\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel) MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-234901561-1536892485-3164044181-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 50.1.0 (x64 en-US) (HKLM\...\Mozilla Firefox 50.1.0 (x64 en-US)) (Version: 50.1.0 - Mozilla) Mozilla Firefox 51.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 nl)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla) NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Open-EID Metapackage (x32 Version: 17.01.1687 - RIA) Hidden Open-EID Uninstaller (x32 Version: 17.01.1687 - RIA) Hidden Open-EID Updater (x32 Version: 3.12.0.1007 - RIA) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Rapport (x32 Version: 3.5.1804.81 - Trusteer) Hidden Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.4.1902.0 - Seagate) Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.) Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden Stuurprogrammapakket voor Windows - RIA (Estonian National ID Card) (UMPass) SmartCard (05/13/2015 3.11.0.1175) (HKLM\...\C478C8A35A0A297F2FADF155E889D402655E894E) (Version: 05/13/2015 3.11.0.1175 - RIA (Estonian National ID Card)) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Trust 100K Series Webcam (HKLM-x32\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Trust) Trusteer Eindpuntbeveiliging (HKLM-x32\...\Rapport_msi) (Version: 3.5.1804.81 - Trusteer) Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.9.23 - Tweaking.com) Unchecky v1.0.2 (HKLM-x32\...\Unchecky) (Version: 1.0.2 - RaMMicHaeL) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden Yahoo Messenger (HKU\S-1-5-21-234901561-1536892485-3164044181-1001\...\yahoomessenger) (Version: 0.8.231 - Yahoo! Inc) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-234901561-1536892485-3164044181-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1FC03C44-9468-D082-12AC-B1EE85889A47} => Geen bestand CustomCLSID: HKU\S-1-5-21-234901561-1536892485-3164044181-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\van la Parra\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-234901561-1536892485-3164044181-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5B885618-9468-D082-4EC6-F9AA85889A47} => Geen bestand CustomCLSID: HKU\S-1-5-21-234901561-1536892485-3164044181-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\van la Parra\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll (Google Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {00844C0B-1BAF-41A5-A188-3D1FECF8CBF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {00BCE10A-179C-45C1-905B-77D5958EC46C} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com) Task: {02B4DDDB-D223-43D7-B229-BB69E0BF8B79} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {07BBBA8B-4864-4D09-9B8A-D17ED1C57C61} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {10F7B1C9-D5F9-48EB-86E9-68461019515F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe [2016-11-05] (Adobe Systems Incorporated) Task: {15855F49-3B03-4A88-8F64-ABE0FC0CA4F9} - System32\Tasks\van la Parra1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2016-06-28] (Seagate Technology LLC) Task: {19FF7BE0-5C9E-4603-8A38-E463C38455D4} - System32\Tasks\van la Parra => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2016-06-28] (Seagate Technology LLC) Task: {2DF45046-DA65-4489-A83D-6FB912A9B83A} - System32\Tasks\id updater task => C:\Program Files (x86)\Open-EID\ID-updater.exe [2016-01-31] (RIA) Task: {49CB7BDC-9F13-4EC2-854F-955412675FF9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-234901561-1536892485-3164044181-1001Core => C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-22] (Google Inc.) Task: {4C0BC131-02F6-4526-9A0D-8641279F079D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd) Task: {52A0F454-8C19-4363-98CA-D6AA3AE257EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) Task: {57005733-9921-4F06-BC06-1E1B0BB6CC17} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-234901561-1536892485-3164044181-1001UA => C:\Users\van la Parra\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-22] (Google Inc.) Task: {5C1DB8B2-7B2C-40D5-9A30-A194BBAEB833} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.) Task: {62F508B6-D783-41F6-B42B-276E51249741} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK Task: {6E6B876B-3A87-45F2-9D12-84D56324B473} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.) Task: {76908420-55C4-46E9-BEE3-FFC8512EDF7A} - System32\Tasks\van la Parra DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2016-06-28] (Seagate Technology LLC) Task: {8EEA51C8-9366-438E-8614-E8B5B0FE6351} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {9029458E-7633-4CBC-B032-D7B818BBDB54} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {A04405F0-A7A5-45CF-BA4D-FFB6235A981C} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {A4A12FC7-EADF-4E29-81D9-3026B4CDFDA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {B097B39E-321A-48EA-A30E-9C32B274E447} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.) Task: {B2C2701A-6049-4F57-B63B-315114BD6CBC} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs" Task: {B2EBB0B2-82ED-454D-8896-848A16419B1D} - System32\Tasks\van la Parra Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2016-06-28] (Seagate Technology LLC) Task: {B6DF91A0-1489-4A18-A0BF-20B6E52363B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.) Task: {CE9449DB-AAE3-4CB1-B7E3-032DF02816D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated) Task: {D06193CB-AE2D-49EA-A2F4-764104AB95DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.) Task: {D9275535-B228-43E5-92DB-F1E2814D2ED8} - System32\Tasks\van la Parra1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2016-06-28] (Seagate Technology LLC) Task: {DF8A6A53-0E77-4B72-8B7B-C1E4582CB08E} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2016-06-28] (Seagate Technology LLC) Task: {FE880C0C-0836-42DD-B1DB-5E29CA31141B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_205_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\van la Parra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\395fbb84ca74fb25\Comodo Dragon.lnk -> C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo) -> --profile-directory=Default ==================== Geladen Modules (gefilterd) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 20:08 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-02-19 21:21 - 2016-11-17 22:16 - 00805632 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe 2017-02-19 21:21 - 2016-11-17 22:18 - 01981184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll 2017-02-19 21:21 - 2016-11-17 22:11 - 00247552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll 2017-02-19 21:21 - 2016-11-17 22:10 - 00212736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll 2017-02-19 21:21 - 2016-11-17 22:11 - 00174848 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll 2017-02-19 21:21 - 2016-11-17 22:10 - 00203520 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll 2017-02-19 21:21 - 2016-11-17 22:09 - 00206592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_disktrace_input.dll 2017-02-19 21:21 - 2016-11-17 22:09 - 00336640 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll 2017-02-19 21:21 - 2016-11-17 22:06 - 00147712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll 2017-02-19 21:21 - 2016-11-17 22:11 - 00213248 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll 2017-02-19 21:21 - 2016-11-17 22:07 - 00229120 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll 2017-02-19 21:21 - 2016-11-17 22:08 - 00224000 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll 2017-02-19 21:21 - 2016-11-17 22:06 - 00211712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll 2017-02-19 21:21 - 2016-11-17 22:08 - 00219904 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll 2016-12-20 14:39 - 2016-12-20 14:39 - 04295320 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe 2016-11-17 22:05 - 2016-11-17 22:05 - 00156928 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe 2016-09-15 04:24 - 2016-09-15 04:24 - 00423752 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2016-12-14 20:08 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-09-23 09:40 - 2016-09-23 09:40 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-20 16:12 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-20 16:11 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-20 16:11 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-20 16:11 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-20 16:11 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-20 16:11 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-02-19 21:21 - 2016-11-17 22:14 - 00730880 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe 2017-02-19 21:21 - 2016-11-17 22:12 - 00237824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll 2017-02-19 21:21 - 2016-11-17 22:08 - 00217344 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll 2017-01-06 08:38 - 2017-01-06 08:38 - 15359488 _____ () C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2017.105.1.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.dll 2017-02-22 07:36 - 2017-02-22 07:37 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-02-22 07:36 - 2017-02-22 07:37 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-02-22 07:36 - 2017-02-22 07:37 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-02-06 12:56 - 2017-02-06 12:57 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll 2017-01-23 11:46 - 2017-01-23 11:46 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.25.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2017-02-16 14:31 - 2017-02-16 14:31 - 18666496 _____ () C:\Program Files\WindowsApps\i-guard.i-Guard_1.4.1682.0_x64__7s7y3tk1tr5hj\iguard.dll 2017-02-08 03:52 - 2017-02-08 03:52 - 00073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2017-01-22 18:50 - 2017-01-22 18:50 - 00054392 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanUtil_2015.dll 2017-01-30 12:52 - 2017-01-30 12:52 - 01926632 ____R () C:\Program Files (x86)\Skype\Phone\roottools.dll 2016-10-01 00:36 - 2016-10-01 00:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: ========================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-10-30 08:24 - 2017-02-22 10:55 - 00002112 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 gdpwmgrlocalhost 0.0.0.1 mssplus.mcafee.com0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz Er zijn 6 meer regels. ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-234901561-1536892485-3164044181-1001\Control Panel\Desktop\\Wallpaper -> c:\users\van la parra\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\img0.jpg DNS Servers: 84.116.46.20 - 84.116.46.21 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\Run32: => "DBAgent" HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKU\S-1-5-21-234901561-1536892485-3164044181-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-234901561-1536892485-3164044181-1001\...\StartupApproved\Run: => "Uploader" HKU\S-1-5-21-234901561-1536892485-3164044181-1001\...\StartupApproved\Run: => "Uninstall C:\Users\van la Parra\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-234901561-1536892485-3164044181-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-234901561-1536892485-3164044181-1001\...\StartupApproved\Run: => "Messenger (Yahoo!)" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{BC4EA822-92C1-4CC7-BAAB-20258C2E5E71}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{5B84C201-F365-4D82-88C3-CD879030A036}] => (Allow) LPort=8888 FirewallRules: [{D7903FDB-BC9E-4C8E-968D-988A05B01004}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{C1E0A83A-F5CE-4ACD-97E0-1B38C2ECD8CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{533D8B7A-8CF1-4DE2-A497-5E9BF6628EE4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{A5E0BB29-9D89-4B6A-9EA1-D204EEBB2C8D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{017E3C3D-725D-4E81-ABC9-576E68506306}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{4641CF3E-0D76-4D36-A3E9-1A3F0DA3684F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{5E5CB23D-A257-4763-9269-D63079460D92}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{C2C48EA3-33B5-40AE-818F-4E6C6D34F49D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{79E2A8DD-1B58-4D09-AAA1-26DFC8C46ED5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{EB2AF542-247B-41DB-9E27-D60B239E795A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{B52F22A4-2F36-49DF-9492-6BFB632713B2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{90960E64-9775-436E-A9AB-805D3543DE42}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{A3AA2F90-BB89-4050-BDE5-F54F42DF2FFC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{DB36FE30-C6A9-46BA-8B4A-31DF160B6185}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{38AB7D3F-97D6-4B40-9519-396C360DE341}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{EE650CBD-403F-46E6-A5F7-91C2DCC2DE10}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{1C2C49AA-9C5F-406F-A1BC-91AFA63BA764}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{BBD30693-B252-4157-9A5C-2656E118DCEB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{BF919EE2-0778-434F-A28E-036414F66EF1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [TCP Query User{DCFF6DB4-C1E6-4491-AE3E-6A0B4AFA8054}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [UDP Query User{B20FB7A4-52D0-4175-BBF5-74A59EC4EF58}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe FirewallRules: [{756919DB-97B1-4819-B122-55B9152DF6C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EC32CF72-48CA-4AEC-99C0-A72587B0C2D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{58BD024E-7537-43A0-B50D-3F7F6E26EFFF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{5E32830C-D4D8-4D79-A263-66DE3F47199B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{C9990B36-77D4-44C4-A017-976CC5D861E3}] => (Allow) LPort=8888 FirewallRules: [{6749B13A-C009-4629-9AC0-3A4E54D368A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 21-02-2017 11:38:41 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (02/22/2017 10:54:01 AM) (Source: GDFwSvc) (EventID: 0) (User: ) Description: Can not connect to Process Manager (0) Error: (02/21/2017 11:39:03 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (02/21/2017 06:41:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MBM4LER) Description: Het activeren van de app Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppX9zvsr9qeth9e9a03yr0g7rpdrcrwgn5r.mca is mislukt door de fout -2144927149. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (02/21/2017 06:24:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MBM4LER) Description: Het activeren van de app Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppX9zvsr9qeth9e9a03yr0g7rpdrcrwgn5r.mca is mislukt door de fout -2144927149. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (02/21/2017 06:21:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MBM4LER) Description: Het activeren van de app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (02/21/2017 06:12:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-MBM4LER) Description: Het activeren van de app Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppX9zvsr9qeth9e9a03yr0g7rpdrcrwgn5r.mca is mislukt door de fout -2144927149. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (02/21/2017 03:04:17 PM) (Source: ESENT) (EventID: 454) (User: ) Description: DllHost (448) Microsoft.MicrosoftEdge_8wekyb3d8bbwe_NOEDP_EDGE_IDB: Het herstellen/terugzetten van de database is mislukt vanwege de onverwachte fout -1216. Error: (02/21/2017 03:04:17 PM) (Source: ESENT) (EventID: 494) (User: ) Description: DllHost (448) Microsoft.MicrosoftEdge_8wekyb3d8bbwe_NOEDP_EDGE_IDB: Tijdens het herstellen van de database treedt fout -1216 op, omdat er verwijzingen zijn gevonden naar een database, C:\Users\van la Parra\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AppData\User\Default\Indexed DB\IndexedDB.edb, die niet meer bestaat. De database is niet in een geldige afsluitingsstaat gebracht voordat deze is verwijderd (of verplaatst of hernoemd). De database-engine staat niet toe dat de herstelbewerking voor deze sessie wordt voltooid, voordat de ontbrekende database opnieuw is geïnstalleerd. Als de database echt niet meer beschikbaar is en niet meer vereist is, zijn er procedures voor het corrigeren van deze fout beschikbaar in de Microsoft Knowledge Base of via de koppeling 'meer informatie' onder aan dit bericht. Error: (02/21/2017 11:38:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (02/20/2017 09:23:48 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Systeemfouten: ============= Error: (02/22/2017 10:56:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/22/2017 10:56:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/22/2017 10:56:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/22/2017 10:56:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De WMPNetworkSvc-service is gestopt met de volgende foutcode: Er is geprobeerd te verwijzen naar een token dat niet bestaat. . Error: (02/22/2017 10:55:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De USER_ESRV_SVC_QUEENCREEK-service is gestopt met de volgende foutcode: %%497. Error: (02/22/2017 10:55:39 AM) (Source: NETLOGON) (EventID: 3095) (User: ) Description: Deze computer is geconfigureerd als lid van een werkgroep, niet als lid van een domein. De NetLogon-service hoeft niet te worden gestart in deze configuratie. Error: (02/22/2017 10:54:01 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM heeft de foutmelding 1053 gekregen bij het starten van de GDFwSvc-service met de argumenten -Service om de server {1DED95CA-C567-464A-B405-087EDDF0B095} te starten Error: (02/22/2017 10:54:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De G DATA Personal Firewall-service kan vanwege de volgende fout niet worden gestart: De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. Error: (02/22/2017 10:54:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: G DATA Personal Firewall. Error: (02/22/2017 10:53:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2017-02-21 12:20:11.357 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-20 14:07:54.932 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-02-19 13:08:31.445 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-27 12:21:57.113 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-25 09:24:05.183 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-01-24 23:35:35.941 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEjo_x64.dll that did not meet the Store signing level requirements. Date: 2017-01-24 23:35:35.799 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEjo_x64.dll that did not meet the Store signing level requirements. Date: 2017-01-24 23:35:35.659 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEjo_x64.dll that did not meet the Store signing level requirements. Date: 2017-01-24 23:35:35.513 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEjo_x64.dll that did not meet the Store signing level requirements. Date: 2017-01-24 23:35:35.375 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEjo_x64.dll that did not meet the Store signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz Percentage geheugen in gebruik: 63% Totaal fysiek RAM-geheugen: 3318.49 MB Beschikbaar fysiek RAM-geheugen: 1213.29 MB Totaal Virtueel geheugen: 6774.49 MB Beschikbaar Virtual geheugen: 3665.78 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:259.7 GB) (Free:215.66 GB) NTFS Drive d: (Data) (Fixed) (Total:205.13 GB) (Free:149.68 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8850571F) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=259.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=449 MB) - (Type=27) Partition 4: (Not Active) - (Size=205.1 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================