Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 20-06-2016 01 Gestart door Marcel Schenkels (2016-06-25 15:32:15) Gestart vanaf C:\Users\Marcel Schenkels\Documents\PC problemen Windows 8.1 Enterprise (Update) (X64) (2014-03-21 01:19:29) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3968856361-3348999749-2971435428-500 - Administrator - Disabled) Gast (S-1-5-21-3968856361-3348999749-2971435428-501 - Limited - Disabled) Marcel Schenkels (S-1-5-21-3968856361-3348999749-2971435428-1001 - Administrator - Enabled) => C:\Users\Marcel Schenkels ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Aangifte inkomstenbelasting 2014 (HKLM-x32\...\Aangifte inkomstenbelasting 2014) (Version: - Belastingdienst) Adobe Reader XI (11.0.16) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) AVG (Version: 16.4.7163 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4604 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.4.7163 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix) Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.0.1.4 - Citrix Systems, Inc.) Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GoToMeeting 7.19.0.5102 (HKU\S-1-5-21-3968856361-3348999749-2971435428-1001\...\GoToMeeting) (Version: 7.19.0.5102 - CitrixOnline) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) K-Lite Codec Pack 10.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.5 - ) KmsDashboard (HKLM-x32\...\{534DD9E0-DE94-45AF-A5FA-92F59AD3BE46}) (Version: 2.0.2 - Zwaan123) Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech) Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Nero 7 Ultra Edition (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21043}) (Version: 7.03.1357 - Nero AG) Online Plug-in (x32 Version: 14.0.1.4 - Citrix Systems, Inc.) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PC Tools Registry Mechanic 11.1 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.1 - PC Tools) Pulse Secure Citrix Services Client (HKU\S-1-5-21-3968856361-3348999749-2971435428-1001\...\Juniper_Citrix_Services) (Version: 8.1.6.39491 - Pulse Secure, LLC) Pulse Secure Setup Client (HKU\S-1-5-21-3968856361-3348999749-2971435428-1001\...\Juniper_Setup_Client) (Version: 8.1.6.61491 - Pulse Secure, LLC) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.0.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.2 - VS Revo Group, Ltd.) Self-service Plug-in (x32 Version: 4.0.1.41859 - Citrix Systems, Inc.) Hidden Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Spotify (HKU\S-1-5-21-3968856361-3348999749-2971435428-1001\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0413-1000-0000000FF1CE}_Office15.PROPLUSR_{F0120021-C9E2-4B7A-9F74-CCC86E1A9A16}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0413-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.2.0 - Azureus Software, Inc.) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3968856361-3348999749-2971435428-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Marcel Schenkels\AppData\Local\Citrix\GoToMeeting\4800\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {18437E82-7577-42D5-84AD-9A87F0C0FE6E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {2246ADFC-9E34-49DD-8366-3C45283941F3} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe Task: {3F0AFD03-A170-4A21-BB8F-AA450881A1DC} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe Task: {5E73CF32-F00E-4F1F-AA90-96E7AA0C52F3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {67A31C55-D82D-44EC-B376-F140E4A8C0C6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {83239C6D-9AB4-43AC-987B-F6D45089ECAB} - System32\Tasks\G2MUploadTask-S-1-5-21-3968856361-3348999749-2971435428-1001 => C:\Users\Marcel Schenkels\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe [2016-06-20] (Citrix Online, a division of Citrix Systems, Inc.) Task: {9977A408-B64B-43E5-AC29-85F4A03F2A83} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {AD850965-D2F7-4693-B135-F799A0C921B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {B603F6F6-F116-483E-997C-5FE4B2FBE323} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {DE35D059-EF44-4724-9734-FD9BC3D5AE4D} - System32\Tasks\G2MUpdateTask-S-1-5-21-3968856361-3348999749-2971435428-1001 => C:\Users\Marcel Schenkels\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe [2016-06-20] (Citrix Online, a division of Citrix Systems, Inc.) Task: {EE5CB682-E564-42E0-9374-6A4BA65F69E7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-15] (Microsoft Corporation) Task: {F1270F8D-0397-42BE-A5EF-8A8AB0530B44} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3968856361-3348999749-2971435428-1001.job => C:\Users\Marcel Schenkels\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3968856361-3348999749-2971435428-1001.job => C:\Users\Marcel Schenkels\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-08 19:18 - 2015-07-08 19:18 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll 2015-07-17 19:34 - 2015-07-17 19:34 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2016-06-21 15:05 - 2016-06-21 15:05 - 47503472 _____ () C:\Users\Marcel Schenkels\AppData\Roaming\Spotify\libcef.dll 2016-06-21 15:05 - 2016-06-21 15:05 - 01584240 _____ () C:\Users\Marcel Schenkels\AppData\Roaming\Spotify\libglesv2.dll 2016-06-21 15:05 - 2016-06-21 15:05 - 00082032 _____ () C:\Users\Marcel Schenkels\AppData\Roaming\Spotify\libegl.dll 2016-04-09 17:50 - 2016-04-09 17:50 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3968856361-3348999749-2971435428-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\Harley.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run32: => "ConnectionCenter" HKLM\...\StartupApproved\Run32: => "SSDMonitor" HKU\S-1-5-21-3968856361-3348999749-2971435428-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" HKU\S-1-5-21-3968856361-3348999749-2971435428-1001\...\StartupApproved\Run: => "BrowserChoice" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{7A8AC6B6-AE66-4F76-BC27-6B768D0F9FE2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A8291A44-8B82-4982-8CEF-8F5D6C1B4DD7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1D820DEF-EEE0-41C9-BFD9-18B8422BD1D2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{3A97C741-856A-4BB4-8543-37300B77A607}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{A8D5DFF4-FB76-4FF4-B91B-2AF7A9A1BA8B}C:\users\marcel schenkels\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel schenkels\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{ECC936D1-BA06-43E8-93EC-CD574DC23541}C:\users\marcel schenkels\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\marcel schenkels\appdata\roaming\spotify\spotify.exe FirewallRules: [{CE0C24D6-9D2A-489F-9A2D-58C5F64714AE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{E0B36C67-5C58-4195-8C99-F93AEB90F786}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{F698F942-2038-46AB-BA75-6CB30869F4A8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{9DC73F7D-8D7E-499D-B47E-CA91E1E20988}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{41EE3F57-DD18-4D63-8BBA-CF3FB67E77F0}] => (Allow) C:\Windows\SysWOW64\rundll32.exe FirewallRules: [{E3DBB3A3-A45A-40BF-ABAA-8DD987C3BB2F}] => (Allow) C:\Windows\SysWOW64\rundll32.exe FirewallRules: [{ACB46FFF-8953-4128-BC1C-DADEDE2411AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{42BDAD40-E6DC-4A5F-87CC-F4B536A61DDC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{45F81070-8848-44F5-ACFB-D1821939507A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5ECF34DF-48D1-48D0-8D78-A44E0D7A38FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{136D02CA-0196-4190-9419-5EE4925CDC8B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{C8F2DCFF-5994-44C3-A541-AF4BA3CE8C17}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{BF7BEE98-A207-4188-BFC7-FF0C6C0CF3B2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{BC53D810-1834-4C61-9DA6-CB76002DE41C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{91BD7DE2-E051-4B6C-B4DF-1A7E1E8E8746}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{32641CA9-E773-48B6-AB09-081B83FC5ABD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{5F9505FE-404F-44AD-AED2-89CF7A680463}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{DD5AE344-05FF-4353-8F56-AEA0960F594F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{6E5A132A-40D8-4C88-8AD3-E58FB87DCB36}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{87BE7CD8-ECDB-4104-973C-992198141517}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{6D66EC1B-20AE-442F-842C-A5C7739855D0}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{8F96FF5D-BC2E-495C-BE0E-6F7F9D214DCF}] => (Allow) C:\Users\Marcel Schenkels\AppData\Local\Temp\7zSEB1A.tmp\SymNRT.exe FirewallRules: [{46557CFF-1163-4B39-8D4F-8BC141B39422}] => (Allow) C:\Users\Marcel Schenkels\AppData\Local\Temp\7zSEB1A.tmp\SymNRT.exe ==================== Herstelpunten ========================= 01-06-2016 09:14:33 Gepland controlepunt 13-06-2016 12:54:35 Windows Update 20-06-2016 09:54:02 Windows Update 24-06-2016 10:14:50 Windows Update 24-06-2016 18:29:05 Restore Point Created by FRST 24-06-2016 18:42:36 Restore Point Created by FRST ==================== Defecte Apparaatbeheer Apparaten ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Simple Communications-controller Description: PCI Simple Communications-controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (06/25/2016 03:26:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0x8007232B Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/25/2016 03:26:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0x8007232B Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (06/25/2016 03:10:57 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (06/25/2016 03:01:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0x8007232B Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (06/25/2016 03:01:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0x8007232B Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/24/2016 09:23:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma mbam.exe, versie 2.3.173.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 1904 Starttijd: 01d1ce4de7683efa Eindtijd: 13 Toepassingspad: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Rapport-id: 2da78842-3a41-11e6-82c8-448a5b23f8ff Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (06/24/2016 07:43:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0x8007232B Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (06/24/2016 07:43:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode: hr=0x8007232B Opdrachtregelargumenten: RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (06/24/2016 06:42:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Rsd Service since QueryServiceConfig API failed System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (06/24/2016 06:42:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Systeemfouten: ============= Error: (06/25/2016 03:24:21 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Servicebesturingsbeheer heeft na het onverwachte afsluiten van de Windows Search-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt: %%1056 = De service is al gestart. Error: (06/25/2016 03:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De vToolbarUpdater40.3.1-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/25/2016 03:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De WtuSystemSupport-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/25/2016 03:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De iPod-service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/25/2016 03:23:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (06/25/2016 03:23:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De PLFlash DeviceIoControl Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/25/2016 03:23:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De PC Tools Startup and Shutdown Monitor service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/25/2016 03:23:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Bonjour-service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/25/2016 03:23:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De AVG Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (06/25/2016 03:23:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Apple Mobile Device Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten. CodeIntegrity: =================================== Date: 2014-11-23 14:37:13.804 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-23 14:37:13.724 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-20 18:43:32.731 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-03 02:15:58.364 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-02 16:13:56.098 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-02 16:13:56.036 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-02 16:13:55.848 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-02 16:13:55.801 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-02 16:13:55.614 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-02 16:13:55.551 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz Percentage geheugen in gebruik: 26% Totaal fysiek RAM-geheugen: 8070.05 MB Beschikbaar fysiek RAM-geheugen: 5962.69 MB Totaal Virtueel geheugen: 9350.05 MB Beschikbaar Virtual geheugen: 7212.39 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:931.17 GB) (Free:538.66 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 69729C18) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================