Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2017 Ran by hugok (20-09-2017 18:52:06) Running from C:\Users\hugok\Downloads Windows 10 Home Version 1703 (X64) (2017-06-16 07:55:19) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1167631334-2873795934-467515027-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1167631334-2873795934-467515027-503 - Limited - Disabled) Guest (S-1-5-21-1167631334-2873795934-467515027-501 - Limited - Disabled) hugok (S-1-5-21-1167631334-2873795934-467515027-1001 - Administrator - Enabled) => C:\Users\hugok ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: F-Secure SAFE (Enabled - Up to date) {35BE5FA4-2DEA-00F8-DC55-FD8AF743F44F} AS: F-Secure SAFE (Enabled - Up to date) {8EDFBE40-0BD0-0F76-E6E5-C6F88CC4BEF2} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated) Belgium e-ID middleware 4.2.8 (build 3252) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73252}) (Version: 4.2.3252 - Belgian Government) Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden Computer Security 17.193.128.0 (release) (HKLM-x32\...\{658FDBCA-B7A1-43E4-A849-9F0812473331}) (Version: 17.193.128.0 - F-Secure Corporation) Hidden Dell Customer Connect (HKLM-x32\...\{35BEC446-269E-42E4-8EED-191A38CCFF3D}) (Version: 1.4.10.0 - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.) Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell) Dell SupportAssist Remediation (HKLM\...\{8F663BAC-2B6F-4B86-86F4-8067F4B71ACC}) (Version: 3.0.1.2905 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{8aa806c2-2787-490f-ac75-cd8f4d50585f}) (Version: 3.0.1.2905 - Dell Inc.) Dell SupportAssistAgent (HKLM\...\{E1AA62F7-B32A-4090-814E-83BC7C3DF1FB}) (Version: 2.0.2.21 - Dell) Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.) Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.) DIGIPASS Native Bridge 2.3.2 (HKLM-x32\...\{D9145E6A-FEDE-4922-8EB0-6154E4C528CB}) (Version: 2.3.2 - VASCO Data Security) Hidden DIGIPASS Native Bridge 2.3.2 (HKU\S-1-5-21-1167631334-2873795934-467515027-1001\...\{9417bcae-5ec1-4171-81d5-46bf5bf9b573}) (Version: 2.3.2 - VASCO Data Security) DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.72 - PC-Doctor, Inc.) Hidden EaseUS Todo Backup 10.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.5 - CHENGDU YIWO Tech Development Co., Ltd) eID Chrome Middleware 1.1.6 (HKLM-x32\...\eID Chrome Middleware 1.1.6) (Version: 1.1.6 - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION) F-Secure KEY: User Data (HKLM-x32\...\{F6A4621C-F31F-42E2-BD11-632615967A56}) (Version: 1.1.0.0 - F-Secure Corporation) F-Secure Network CCF 1.04.266 (HKLM-x32\...\{A61B6381-E40A-4C8C-BB38-FD9E95F70E02}) (Version: 1.04.266 - F-Secure Corporation) Hidden F-Secure SAFE (HKLM-x32\...\{F93541B5-1997-4E7A-A13F-3022479ADB16}) (Version: 2.93.171.0 - F-Secure Corporation) Hidden F-Secure SAFE (HKLM-x32\...\F-Secure ServiceEnabler 6661000) (Version: 2.93.171.0 - F-Secure Corporation) F-Secure Ultralight 1.0.5438.0 (release) (cc0c4f981bd2f23d1e5e325af11ed0a0ecf2a348) (HKLM-x32\...\{C75644E8-5FB5-4B8F-8FD2-08CC5D7ECD87}) (Version: 1.0.5438.0 - F-Secure Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation) Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{52DA40D6-6EF4-4B28-B501-FC538ECE638C}) (Version: 19.01.1627.3533 - Intel Corporation) Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation) ISS_Drivers_x64 (HKLM\...\{6F91DCD1-30DB-449C-AE79-6948BEB15825}) (Version: 3.0.30.1119 - Intel Corporation) Hidden Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden Microsoft Office 2016 voor Thuisgebruik en Studenten - nl-nl (HKLM\...\HomeStudentRetail - nl-nl) (Version: 16.0.8326.2107 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1167631334-2873795934-467515027-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation) Microsoft Outlook 2016 - de-de (HKLM\...\OutlookRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation) Microsoft Outlook 2016 - en-us (HKLM\...\OutlookRetail - en-us) (Version: 16.0.8326.2107 - Microsoft Corporation) Microsoft Outlook 2016 - it-it (HKLM\...\OutlookRetail - it-it) (Version: 16.0.8326.2107 - Microsoft Corporation) Microsoft Outlook 2016 - nl-nl (HKLM\...\OutlookRetail - nl-nl) (Version: 16.0.8326.2107 - Microsoft Corporation) Microsoft Outlook 2016 - fr-fr (HKLM\...\OutlookRetail - fr-fr) (Version: 16.0.8326.2107 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 55.0.3 (x86 nl) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 nl)) (Version: 55.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden Online Safety 2.193.6267.3648 (HKLM-x32\...\{3ABED170-C353-4842-8F95-0126442245BE}) (Version: 2.193.6267.3648 - F-Secure Corporation) Hidden Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.38 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.) Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.11 - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.) Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.28 - Samsung Electronics Co., Ltd.) Samsung Printerdiagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.20 - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden Softwarenetz Agenda3 (HKLM-x32\...\Terminkalender3) (Version: - Softwarenetz) Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1167631334-2873795934-467515027-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd) ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-06-23] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-06-23] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-06-23] (CHENGDU YIWO Tech Development Co.,Ltd) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k121238.inf_amd64_c542799ee0584bdf\igfxDTCM.dll [2017-03-22] (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {245609CC-3CC7-4D9C-A1D2-C9174D1C17B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-18] (Microsoft Corporation) Task: {4A9109AF-5C49-4A39-9864-4EDADF9F9658} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] () Task: {4B2E0FAF-B9DC-4484-9E56-345FA782CF77} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.) Task: {5176A8A3-69A3-4629-88CC-2036E5125FEA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {566FC98C-35DC-4D82-ABD2-71CE98185002} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2016-08-22] () Task: {58040D57-B976-4C7F-93BA-069378380F71} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe Task: {78C94DA5-520D-4FB4-BFC0-9D20087AAAA2} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-02-17] (PC-Doctor, Inc.) Task: {7C6EC69B-3324-4FEF-B6E5-8FFA38420CAC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-18] () Task: {7F8B4C14-7492-487C-8A04-72857E8A5CCE} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation) Task: {A6C798C0-9D1F-43DB-ADAA-11C70C69C712} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-09-18] (Microsoft Corporation) Task: {A76331D4-E468-4E59-BEF3-AE4B837AD344} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-05-18] (Realtek Semiconductor) Task: {B59D39ED-70A0-4B9E-93D6-0942408430FB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-14] (Intel(R) Corporation) Task: {C9E57F98-104F-41B9-B072-A68F804AB997} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {D0700424-F7A1-421C-8718-A187D3435501} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {D589CBE8-9F8F-45E0-9534-88624E9E32E1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-18] () Task: {EF0B43C7-BB56-4F26-98E5-5981FC9D5AFF} - System32\Tasks\S-1-5-21-1167631334-2873795934-467515027-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation) Task: {FA248C6A-F426-49B0-A6CA-8D8F27D254D9} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-02-17] (PC-Doctor, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\hugok\Documents\C\Users\hugoke\Desktop\LIFESTORE.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com/lifestore ShortcutWithArgument: C:\Users\hugok\Documents\C\Users\hugoke\Desktop\MEDIONhome.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com/be/nl ShortcutWithArgument: C:\Users\hugok\Documents\C\Users\hugoke\Desktop\Windows 8 Info.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.windows.com/getstarted ==================== Loaded Modules (Whitelisted) ============== 2017-07-21 12:34 - 2014-11-25 13:16 - 000022528 _____ () C:\WINDOWS\System32\us005lm.dll 2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll 2017-09-13 10:06 - 2017-09-13 10:06 - 000328160 _____ () C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1505287385\daas2_x64.dll 2017-07-21 12:32 - 2017-02-19 09:45 - 000506680 ____N () C:\WINDOWS\SysWOW64\spdsvc.exe 2017-07-21 12:34 - 2017-07-21 12:34 - 000143664 ____N () C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe 2017-09-13 10:06 - 2017-09-13 10:06 - 000319968 _____ () C:\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1505287385\senddump_fshoster_plugin64.dll 2017-07-21 12:34 - 2016-09-02 13:21 - 001702704 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\us005du.dll 2016-02-15 21:01 - 2016-02-15 21:01 - 001730400 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\us008du.dll 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 22:59 - 2017-03-19 04:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-08-23 07:40 - 2017-08-23 07:40 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-08-23 07:40 - 2017-08-23 07:40 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-08-23 07:40 - 2017-08-23 07:40 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-08-23 07:40 - 2017-08-23 07:40 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll 2017-08-20 10:51 - 2017-06-19 03:07 - 000259776 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 2014-09-08 13:39 - 2014-09-08 13:39 - 000464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2017-09-14 08:19 - 2017-09-14 08:20 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-09-14 08:19 - 2017-09-14 08:20 - 010634752 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2017-09-14 08:19 - 2017-09-14 08:20 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2017-09-01 07:46 - 2017-09-01 07:46 - 004345856 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Calculator.exe 2017-08-29 07:45 - 2017-08-29 07:45 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-09-09 08:18 - 2017-09-09 08:19 - 000020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2017-09-09 08:18 - 2017-09-09 08:19 - 029621760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2017-08-17 07:44 - 2017-08-17 07:44 - 000358912 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll 2017-08-17 07:44 - 2017-08-17 07:44 - 002536448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll 2017-09-09 08:18 - 2017-09-09 08:19 - 020305920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll 2017-08-17 07:44 - 2017-08-17 07:44 - 002415104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\MediaEngine.dll 2017-09-09 08:18 - 2017-09-09 08:19 - 003028992 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll 2017-06-16 10:34 - 2017-06-16 10:34 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-06-16 10:36 - 2017-06-16 10:36 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll 2017-08-17 07:44 - 2017-08-17 07:44 - 001370112 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2017-08-23 07:40 - 2017-08-23 07:40 - 024502272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Video.UI.exe 2017-08-23 07:40 - 2017-08-23 07:40 - 009145344 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\EntCommon.dll 2017-08-08 07:44 - 2017-08-08 07:44 - 003544488 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17072.13111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-08-20 10:51 - 2017-02-21 17:19 - 000083136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000019648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000090816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll 2017-06-17 12:54 - 2016-03-07 18:08 - 001291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll 2017-06-17 12:54 - 2004-10-05 03:08 - 000055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000024768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000188608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll 2017-08-20 10:51 - 2017-06-19 03:04 - 000183488 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000163520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000056000 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000018112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll 2017-08-20 10:51 - 2017-06-19 03:04 - 000123584 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll 2017-08-20 10:51 - 2017-06-19 03:05 - 000021696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\fsclog.dll 2017-08-20 10:51 - 2017-06-19 03:05 - 000085696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000032960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll 2017-08-20 10:51 - 2017-06-19 03:05 - 000070848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000160448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll 2017-08-20 10:51 - 2017-06-19 03:04 - 000296640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000078528 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll 2017-08-20 10:51 - 2017-06-19 03:05 - 000305856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000026304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000074432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000142016 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000040128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll 2017-08-20 10:51 - 2017-06-19 03:05 - 000844992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000195776 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000414400 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll 2017-08-20 10:51 - 2017-06-19 03:04 - 000162496 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000029376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000114368 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000022720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll 2017-08-20 10:51 - 2017-06-19 03:04 - 000034496 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000054464 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000066240 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll 2017-08-20 10:51 - 2017-06-19 03:04 - 000026816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll 2017-08-20 10:51 - 2017-06-19 03:05 - 000072896 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000221376 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000079040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000020672 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000138432 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000021696 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll 2017-08-20 10:51 - 2017-06-19 03:05 - 000074944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlExBrowser.dll 2017-08-20 10:51 - 2017-06-19 03:05 - 000585920 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000045248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll 2017-08-20 10:51 - 2017-06-19 03:04 - 000367808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll 2017-08-20 10:51 - 2017-06-19 03:04 - 000141504 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000149184 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000052416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000064192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll 2017-06-17 12:54 - 2016-12-06 02:43 - 000091840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000058560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll 2017-08-20 10:51 - 2017-03-22 02:00 - 000583680 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\uexper.dll 2017-07-21 12:34 - 2016-07-20 12:08 - 002847744 ____N () C:\WINDOWS\system32\DlgSearchEngine.dll 2016-09-09 17:32 - 2016-09-09 17:32 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll 2016-05-02 23:46 - 2016-05-02 23:46 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2017-05-01 15:27 - 2017-05-01 15:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll 2016-12-19 18:38 - 2016-12-19 18:38 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-06-17 12:54 - 2016-12-06 02:44 - 000210112 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll 2017-06-16 10:38 - 2017-09-18 19:53 - 001009864 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll 2017-06-16 10:39 - 2017-09-18 19:53 - 000536264 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\msfad.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1167631334-2873795934-467515027-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hugok\AppData\Local\Microsoft\Windows\Themes\11811311_10153268285257771_1617704194062032586_n[1].jpg DNS Servers: 195.130.131.1 - 195.130.130.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKU\S-1-5-21-1167631334-2873795934-467515027-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{30A50132-D121-4BC2-A77A-B344CE0065F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{41182810-8257-4C45-B2E2-41C0E6E9A56C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{80257813-F6C8-4FA8-B3A9-A3E8EFED9760}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{55ABB44E-E23C-4604-BCFC-1FE0308BDE33}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{A59165A9-A758-480B-AF1F-08906BA810B9}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{819302A6-A31D-4DDB-A947-020CD3723F47}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{1F3E8258-CDA0-44E9-8D8C-679A9436D12A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{0FC529A8-6536-406E-8EA0-5F0C7D4F102D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{E4761EC5-6BEC-4CC6-92F3-88BF1DFF26F6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{59E0C4AF-10E3-4850-91B0-76F0F9C2D0C8}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe FirewallRules: [{A1CB63DE-123D-4493-AAA5-98E0EB372E3D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe FirewallRules: [{DC74A130-3E1E-423A-B715-2FEEB6D88CAB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{1847208B-F57B-4FA7-AD71-BBE313E64C47}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe FirewallRules: [{1B75842A-2EE6-4C29-B4E0-B1603F88B6C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe FirewallRules: [{9A70A44F-248E-4435-97E1-75F50649F285}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{19A5E090-64C2-4622-81FF-0F2827AE8C47}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{E19387CF-815B-4585-AB13-3CE5603F2BC4}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{4BF02BC2-CAAC-4F36-ADD6-C39B367C93F1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{80AF8DBF-30B5-462B-8768-3607A507567F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{4B46D323-6F96-4F5C-86C4-F11BDEFBDA56}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{34AAC527-FA1E-4A23-8535-66648F3D3FD3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [TCP Query User{0CA53871-1F89-484A-8B84-A37AEAA285DB}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe FirewallRules: [UDP Query User{53C04E6C-5E78-4940-88B2-F26907F3F442}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe ==================== Restore Points ========================= 03-09-2017 12:02:04 Scheduled Checkpoint 12-09-2017 10:20:22 Removed Dropbox 20 GB 18-09-2017 08:41:41 Dell Update: Intel Rapid Storage Technology Driver and Management Console ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/19/2017 01:46:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: svchost.exe_FrameServer, versie: 10.0.15063.0, tijdstempel: 0x02799ef5 Naam van module met fout: ntdll.dll, versie: 10.0.15063.608, tijdstempel: 0x8274fd8b Uitzonderingscode: 0xc0000409 Foutmarge: 0x00000000000ac71a Id van proces met fout: 0x2e0c Starttijd van toepassing met fout: 0x01d3313ccb7c69dd Pad naar toepassing met fout: C:\WINDOWS\System32\svchost.exe Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: 9ef99fb4-0bb1-4d6a-bd44-16e68547585d Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/19/2017 11:52:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: svchost.exe_FrameServer, versie: 10.0.15063.0, tijdstempel: 0x02799ef5 Naam van module met fout: combase.dll, versie: 10.0.15063.608, tijdstempel: 0xb66dc19d Uitzonderingscode: 0xc0000005 Foutmarge: 0x000000000002e9f8 Id van proces met fout: 0x3948 Starttijd van toepassing met fout: 0x01d3312ce6f98ce9 Pad naar toepassing met fout: C:\WINDOWS\System32\svchost.exe Pad naar module met fout: C:\WINDOWS\System32\combase.dll Rapport-id: 374f846f-86a1-4423-9643-2592c0863931 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/18/2017 12:23:42 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-M1MRJQ2) Description: Kan toepassing of service 'F-Secure KEY Password Manager' niet opnieuw starten. Error: (09/18/2017 08:37:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.15063.0, tijdstempel: 0x58ccbd2e Naam van module met fout: Windows.UI.Xaml.dll, versie: 10.0.15063.608, tijdstempel: 0xcadddd38 Uitzonderingscode: 0xc000027b Foutmarge: 0x0000000000443b5f Id van proces met fout: 0x23d8 Starttijd van toepassing met fout: 0x01d330488bb2f865 Pad naar toepassing met fout: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Pad naar module met fout: C:\Windows\System32\Windows.UI.Xaml.dll Rapport-id: 42dfc420-acf8-4ff6-9e68-f0736962cf98 Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.15063.608_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: App Error: (09/18/2017 08:37:02 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.15063.0, tijdstempel: 0x58ccbd2e Naam van module met fout: Windows.UI.Xaml.dll, versie: 10.0.15063.608, tijdstempel: 0xcadddd38 Uitzonderingscode: 0xc000027b Foutmarge: 0x0000000000443b5f Id van proces met fout: 0x15c8 Starttijd van toepassing met fout: 0x01d33048899503c6 Pad naar toepassing met fout: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Pad naar module met fout: C:\Windows\System32\Windows.UI.Xaml.dll Rapport-id: 5eeb0b23-4ec1-4c09-8df2-1fb72c2f22d7 Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.15063.608_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: App Error: (09/18/2017 08:36:59 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.15063.0, tijdstempel: 0x58ccbd2e Naam van module met fout: Windows.UI.Xaml.dll, versie: 10.0.15063.608, tijdstempel: 0xcadddd38 Uitzonderingscode: 0xc000027b Foutmarge: 0x0000000000443b5f Id van proces met fout: 0x2a54 Starttijd van toepassing met fout: 0x01d3304887729e92 Pad naar toepassing met fout: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Pad naar module met fout: C:\Windows\System32\Windows.UI.Xaml.dll Rapport-id: bde2d2d5-19b7-4ad1-b220-2f640ff4e4ae Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.15063.608_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: App Error: (09/18/2017 08:36:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.15063.0, tijdstempel: 0x58ccbd2e Naam van module met fout: Windows.UI.Xaml.dll, versie: 10.0.15063.608, tijdstempel: 0xcadddd38 Uitzonderingscode: 0xc000027b Foutmarge: 0x0000000000443b5f Id van proces met fout: 0x37f8 Starttijd van toepassing met fout: 0x01d33048853dd13c Pad naar toepassing met fout: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Pad naar module met fout: C:\Windows\System32\Windows.UI.Xaml.dll Rapport-id: bc160680-a6a4-410f-854d-0995b9a1de16 Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.15063.608_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: App Error: (09/18/2017 08:36:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.15063.0, tijdstempel: 0x58ccbd2e Naam van module met fout: Windows.UI.Xaml.dll, versie: 10.0.15063.608, tijdstempel: 0xcadddd38 Uitzonderingscode: 0xc000027b Foutmarge: 0x0000000000443b5f Id van proces met fout: 0x1dcc Starttijd van toepassing met fout: 0x01d33048831089af Pad naar toepassing met fout: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Pad naar module met fout: C:\Windows\System32\Windows.UI.Xaml.dll Rapport-id: 67a70580-98fe-48cb-a109-206aa52a6112 Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.15063.608_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: App Error: (09/18/2017 08:36:46 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.15063.0, tijdstempel: 0x58ccbd2e Naam van module met fout: Windows.UI.Xaml.dll, versie: 10.0.15063.608, tijdstempel: 0xcadddd38 Uitzonderingscode: 0xc000027b Foutmarge: 0x0000000000443b5f Id van proces met fout: 0x3aac Starttijd van toepassing met fout: 0x01d330487fd2eafe Pad naar toepassing met fout: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Pad naar module met fout: C:\Windows\System32\Windows.UI.Xaml.dll Rapport-id: b24c818d-46a7-4f8e-8812-40b8244b158c Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.15063.608_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: App Error: (09/17/2017 01:36:06 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: PrintIsolationHost.exe, versie: 10.0.15063.0, tijdstempel: 0xfd64f361 Naam van module met fout: US008N.DLL, versie: 1.2.63.0, tijdstempel: 0x564ee5ec Uitzonderingscode: 0xc0000005 Foutmarge: 0x0000000000027900 Id van proces met fout: 0xcb0 Starttijd van toepassing met fout: 0x01d32fa925c884ed Pad naar toepassing met fout: C:\WINDOWS\system32\PrintIsolationHost.exe Pad naar module met fout: C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\US008N.DLL Rapport-id: 3e788a9c-aaed-497c-9292-25f3eab995fe Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: System errors: ============= Error: (09/20/2017 06:39:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/20/2017 12:49:19 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Minipoort Dell GigabitEthernet, {BFD3E470-0DAF-495F-B873-3319717CA01B}: gebeurtenis 73 Error: (09/20/2017 08:24:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen machine-default wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/20/2017 08:24:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/20/2017 08:24:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen machine-default wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/20/2017 08:24:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/19/2017 09:54:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/19/2017 09:15:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen application-specific wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (09/19/2017 09:14:51 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Minipoort Dell GigabitEthernet, {BFD3E470-0DAF-495F-B873-3319717CA01B}: gebeurtenis 73 Error: (09/19/2017 02:13:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen machine-default wordt de machtiging Activation niet verleend aan Local voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (Using LRPC) die wordt uitgevoerd in de toepassingscontainer Unavailable SID (Unavailable). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2017-08-29 07:40:43.236 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8414.5925.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1502957083\fshook64.dll that did not meet the Store signing level requirements. Date: 2017-08-11 20:02:20.170 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8414.5925.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1497516648\fshook64.dll that did not meet the Store signing level requirements. Date: 2017-08-06 08:07:22.440 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8414.5925.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\F-Secure\SAFE\apps\Ultralight\ulcore\1497516648\fshook64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz Percentage of memory in use: 32% Total physical RAM: 16253.23 MB Available physical RAM: 10904.53 MB Total Virtual: 18685.23 MB Available Virtual: 12707.52 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:463.66 GB) (Free:134.7 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 9155FEBB) Partition: GPT. ==================== End of Addition.txt ============================