Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 07-06-2017 01 Gestart door DanyB (09-06-2017 13:56:28) Gestart vanaf S:\DownloadsAllePC Windows 7 Home Premium Service Pack 1 (X64) (2015-09-16 08:54:56) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-729673755-3722144356-2474752940-500 - Administrator - Disabled) DanyB (S-1-5-21-729673755-3722144356-2474752940-1000 - Administrator - Enabled) => C:\Users\DanyB Gast (S-1-5-21-729673755-3722144356-2474752940-501 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: COMODO Antivirus (Enabled - Up to date) {D0CC7563-ABD2-DEBE-138E-FDD553335AF2} AS: Comodo Defense+ (Enabled - Up to date) {6BAD9487-8DE8-D130-293E-C6A728B4104F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: COMODO Firewall (Enabled) {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) Acronis True Image 2014 (HKLM-x32\...\{789D0A41-7A15-4F09-8DEE-136D1E1896C5}Visible) (Version: 17.0.6673 - Acronis) Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) All My Books 4.7 (HKLM-x32\...\{3A9FE5C3-799E-4E41-AF4E-943F9BC4C4BD}_is1) (Version: 4.7 - Bolide Software) AM-DeadLink 4.7 (HKLM-x32\...\aignesamdeadlink_is1) (Version: 4.7 - www.aignes.com) Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.) Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - ) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) COMODO Internet Security Premium (HKLM\...\{EC925096-5689-4BE3-B675-D16D0394B4A0}) (Version: 8.4.0.5076 - COMODO Security Solutions Inc.) CrystalDiskInfo 5.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.2.1 - Crystal Dew World) Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation) Dell Dock (Version: 2.0 - Stardock Corporation) Hidden Dell System Detect (HKU\S-1-5-21-729673755-3722144356-2474752940-1000\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell) Dropbox (HKLM-x32\...\Dropbox) (Version: 27.4.22 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version: - balesio AG) FileZilla Client 3.22.2.2 (HKLM-x32\...\FileZilla Client) (Version: 3.22.2.2 - Tim Kosse) Folder Size (HKLM-x32\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.5.930 - Foxit Software Inc.) Free Desktop Clock 3.0 (HKLM\...\Free Desktop Clock_is1) (Version: - Drive Software Company) FreeFileSync 8.0 (HKLM-x32\...\FreeFileSync_is1) (Version: 8.0 - www.FreeFileSync.org) Gebruikersregistratie voor Canon MG5300 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5300 series) (Version: - ) GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider) Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation) iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.) KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl) LastPass (alleen deïnstalleren) (HKLM-x32\...\LastPass) (Version: - LastPass) MailWasherPro (HKLM-x32\...\{465C2488-8BA4-4770-A6E5-20C5BCB32EF8}) (Version: 7.9 - Firetrust) Malwarebytes versie 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Money 2001 (HKLM-x32\...\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}) (Version: 9.0.0.0 - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-729673755-3722144356-2474752940-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 53.0.3 (x86 nl) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 nl)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla) Prey Anti-Theft (x32 Version: 1.4.2 - Prey, Inc.) Hidden Quick Notes Plus 5.0 (HKLM-x32\...\Quick Notes Plus_is1) (Version: - Conceptworld Corporation) Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.) Snip (HKU\S-1-5-21-729673755-3722144356-2474752940-1000\...\{525d439e-e22a-4221-8fd1-25b845fe0038}) (Version: 0.1.5119.0 - Microsoft Corporation) Snip (x32 Version: 0.1.5119.0 - Microsoft) Hidden STACK (HKLM-x32\...\STACK) (Version: 2.2.4.163 - TransIP) SyncBack (HKLM-x32\...\SyncBack_is1) (Version: - 2BrightSparks) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer) TomTom MyDrive Connect 4.1.4.3031 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3031 - TomTom) TreeSize Free V3.2.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2.1 - JAM Software) VASCO Card Reader Plug-In (64-Bit) (Version: 3.2.3.4 - VASCO Data Security) Hidden VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-729673755-3722144356-2474752940-1000\...\{c77cb28d-ddd3-46f7-b51a-14a599127ba7}) (Version: 3.2.3.4 - VASCO Data Security) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) WD Drive Utilities (HKLM-x32\...\{22662b08-91e0-4540-bb98-c96f32e09417}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.) WD Drive Utilities (x32 Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden Web Album Generator 1.8.2 (HKLM-x32\...\Web Album Generator_is1) (Version: - ornj.net) WinMerge 2.14.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.14.0 - Thingamahoochie Software) WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 34.11.2016.27 - Ruiware) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-729673755-3722144356-2474752940-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\DanyB\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-729673755-3722144356-2474752940-1000_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\DanyB\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll (VASCO Data Security) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0017F09F-DA58-49D0-9C24-5480A29EBB4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-15] (Piriform Ltd) Task: {0152C1DE-A19C-4165-BA66-CC9918AB0775} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-02] (COMODO) Task: {0244BC72-7448-4A0F-A0F6-A832CC6B3D46} - System32\Tasks\SyncBack Wek BU D naar Lacie => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {067D1F78-60DD-4198-9B6C-7FB681C57240} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT Task: {074646B0-A967-4DAA-875C-AD72F60FFF4B} - System32\Tasks\SyncBack Dag BU Outlook naar S bij opstart => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {0C6CE9DC-7954-47E5-BB2D-89A735D4645D} - System32\Tasks\SyncBack Comodo vertaling => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {13444824-C3A1-4F6E-B232-8B80C9417084} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-02] (COMODO) Task: {144D69C6-7919-42D5-999A-2DF26AD159A2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-05-29] (Apple Inc.) Task: {1804E10D-4348-4D52-9C5B-5DABBD348C31} - System32\Tasks\SyncBack Wek BU P van S naar R => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {1FF96A59-8712-47C7-A27F-7EF30F8AEB2F} - System32\Tasks\SyncBack Dag BU Favorieten naar T => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {22B3C068-CF78-49B0-B95F-1FD464C6F925} - System32\Tasks\SyncBack Dag BU Outlook naar T (Dropbox) => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {231D8EFF-D86A-48F5-930B-BD88CD8B5AB4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-08] (Adobe Systems Incorporated) Task: {233C9BED-242F-46CD-8414-E645B903C337} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-22] (Dropbox, Inc.) Task: {2368981C-E033-4FD5-8F4E-0663430D9363} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {25924236-A5B0-4F46-8EA6-081263453BF1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {2FAB3A43-0BA7-4A7C-A691-D1CA9023E57A} - System32\Tasks\SyncBack Dag BU Dropbox naar S => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {3258FEDF-E39B-4D95-8938-EDED354DB4EE} - System32\Tasks\SyncBack Maandelijkse Backup Documenten - bewaren naam wijzigen => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {3D92A4E5-587A-4B9D-A550-4E5F2BD2E643} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) Task: {3FB040D1-9F8A-4F35-8442-005B53BE4630} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-02] (COMODO) Task: {4026379B-7F10-4308-A7B0-F37B1F164E44} - System32\Tasks\Dropbox starten => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2017-05-30] (Dropbox, Inc.) Task: {4D3D236A-85D6-4325-96AC-7099186E2CD6} - System32\Tasks\2BrightSparks\SyncBackFree\DanyB-PC2-DanyB\SyncBackFree Dagelijkse BU Outlook naar S => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe Task: {4D7DE6A4-6D3E-4F51-9193-F880C56F0AD3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {4FFCDBB9-8E47-4F41-9018-FF440FB1394D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {5227A9E6-BD72-4070-B0EE-15D2AE09E568} - System32\Tasks\SyncBack Dag BU Doc naar S => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {5C1DAD1C-4CF6-4B6B-BDCF-D2DBC7C8DB32} - System32\Tasks\SyncBack Wek BU D naar S => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {627842FA-3CDD-43E7-A89B-F239D52C8A4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) Task: {6390B6CE-A542-44FB-AC78-0D8C5D9EC5DD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {6A5F162C-D206-4BB2-ADC5-67230E8176FB} - System32\Tasks\Dagelijks openen => D:\Documenten\OneDrive\Excellfiles\Dagelijks.xlsx [2017-06-05] () Task: {74578C00-4A8F-4264-90B8-421BFA83D8DB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {77F94991-A701-43D2-9945-34E49896C8E7} - System32\Tasks\PC afzetten => shutdown [Argument = /s/t 30] Task: {7844C61C-DCB4-4912-A857-C4DE4BEEE6F0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {78C712B1-36A9-4767-8B67-BD1720709FF8} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-10-02] (COMODO) Task: {7BC0E3EB-2A55-4D0C-B253-12F8A837A663} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {828ED8DF-BF90-411F-9493-9229E86C27C9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT Task: {83560987-6BCA-439B-BCAF-59A873E459D7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {8A7E19E5-92E0-4896-873C-00424C49B09E} - System32\Tasks\Stack starten => C:\Program Files (x86)\stack\stack.exe [2017-04-15] (TransIP) Task: {94ECD190-2027-4D38-8DA6-58AA33E69A32} - System32\Tasks\2BrightSparks\SyncBackFree\DanyB-PC2-DanyB\SyncBackFree Dag BU Outlook naar T => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe Task: {9A69F743-0F0F-4179-94AA-745E4D811A83} - System32\Tasks\SyncBack AT DraagbareProgs S to R => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {9C4105D1-85EC-408A-928C-745F065D068C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {A2DB60EF-BAEF-49F8-B60F-D5ECBD595602} - System32\Tasks\SyncBack Dag BU Mijn Webs naar S => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {A2EB3950-E84C-4533-9E1A-E9326262D055} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-22] (Dropbox, Inc.) Task: {AB670290-1E40-4A44-8F4A-D7BFCCC5B80A} - System32\Tasks\2BrightSparks\SyncBackFree\DanyB-PC2-DanyB\SyncBackFree Dag BU Doc naar S => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe Task: {BAB3B97B-778D-4625-A465-FDFE80DAB178} - System32\Tasks\{51A6956F-719F-4AAE-B913-BC24BA56C9FE} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" Task: {C697D319-F76D-4482-9677-9A1EC6BA5F23} - System32\Tasks\SyncBack Wek BU P van S naar Lacie => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {D912F711-6086-4F3E-A314-3E5ED3263A3D} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe [2013-01-01] (Crystal Dew World) Task: {E15EFD48-E3C5-4F34-B0D3-730F647E026A} - System32\Tasks\2BrightSparks\SyncBackFree\DanyB-PC2-DanyB\SyncBackFree Dag BU Favorieten naar T => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe Task: {E55A0DF4-BBEE-4A6B-A7BE-3253D5360876} - System32\Tasks\SyncBack Wek BU D naar R => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {E6B0EFF8-4306-480B-994C-1C2F92C23B99} - System32\Tasks\Western Digital\SmartWare\____Volume_f58f3863_5c49_11e5_9100_001aa0d20511______Volume_df41953e_62d7_11e5_b3b2_806e6f6e6963__ => C:\Program Files (x86)\Western Digital\WD SmartWare\BackupTask.exe Task: {EDE8F3D1-4C63-430E-B1C5-2EEBC139F3AB} - System32\Tasks\SyncBack Dag BU Recepten naar Dropbox(P) => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe [2010-11-08] (2BrightSparks) Task: {F245C470-5F88-4E07-AA4E-B24A9C107585} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2016-10-02] (COMODO) Task: {F33F7471-94CA-4305-9C62-C651D66E4225} - System32\Tasks\Koersen Laag risico => D:\Documenten\OneDrive\Excellfiles\AARisico.xlsx (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\SyncBack AT DraagbareProgs S to R.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m AT DraagbareProgs S to R C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Comodo vertaling.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Comodo vertaling C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Dag BU Doc naar S.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Dag BU Doc naar S C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Dag BU Dropbox naar S.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Dag BU Dropbox naar S C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Dag BU Favorieten naar T.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Dag BU Favorieten naar T C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Dag BU Mijn Webs naar S.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Dag BU Mijn Webs naar S C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Dag BU Outlook naar Dropbox Folder bij opstart.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe4-m Dag BU Outlook naar Dropbox Folder bij opstart C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Dag BU Outlook naar S bij opstart.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe'-m Dag BU Outlook naar S bij opstart C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Dag BU Outlook naar T (Dropbox).job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe%-m Dag BU Outlook naar T (Dropbox C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Dag BU Recepten naar Dropbox(P).job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Dag BU Recepten naar Dropbox C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Maandelijkse Backup Documenten - bewaren naam wijzigen.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe<-m Maandelijkse Backup Documenten - bewaren naam wijzigen C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Wek BU D naar Lacie.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Wek BU D naar Lacie C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Wek BU D naar R.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Wek BU D naar R C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Wek BU D naar S.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Wek BU D naar S C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Wek BU P van S naar Lacie.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Wek BU P van S naar Lacie C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe Task: C:\Windows\Tasks\SyncBack Wek BU P van S naar R.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe-m Wek BU P van S naar R C:\Program Files (x86)\2BrightSparks\SyncBackDanyBTask created by SyncBack.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2015-10-06 11:30 - 2015-10-06 11:30 - 02007040 _____ () C:\Program Files\Free Desktop Clock\timeserv.exe 2016-11-01 20:10 - 2016-11-01 20:10 - 00052400 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2015-10-06 11:30 - 2015-10-06 11:30 - 01875968 _____ () C:\Program Files\Free Desktop Clock\Clock.dll 2015-10-06 11:30 - 2015-10-06 11:30 - 04652544 _____ () C:\Program Files\Free Desktop Clock\FreeDesktopClock.exe 2016-05-22 20:27 - 2016-05-22 20:27 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\4d3a0cff29f20ab00daef49a7a756628\VistaBridgeLibrary.ni.dll 2016-03-16 11:25 - 2016-03-16 11:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Windows\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [32] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\catsrvut.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\centel.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\d3d10level9.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\dns-sd.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\els.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\fixmapi.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\fveapi.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\fveapibase.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\FwRemoteSvr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\gpapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\gpsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\inseng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\IPSECSVC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\LogiLDA.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mapi32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\mapistub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mswsock.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\netbtugc.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\occache.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\polstore.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\prevhost.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\samsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\seclogon.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\StructuredQuery.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tbs.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\timedate.cpl:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\usp10.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winhttp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winipsec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ws2_32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID [32] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID [32] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\asycfilt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\catsrvut.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\comsvcs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\d3d10level9.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dns-sd.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\els.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\explorer.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ExplorerFrame.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\fixmapi.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\FwRemoteSvr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\gpapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\inseng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\mapi32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mapistub.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfds.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MicrosoftUpdateCatalogWebControl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mswsock.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\netbtugc.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\occache.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\polstore.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\prevhost.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\samlib.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\StructuredQuery.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tbs.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\timedate.cpl:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\ucrtbase.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\usp10.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\webcheck.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\winhttp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\winipsec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ws2_32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\afd.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\CGKDarkWatcher.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\mbae64.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\ndis.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\netbt.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\rndismp6.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\rspWhy64.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\tdx.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\usb80236.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-729673755-3722144356-2474752940-1000\...\dell.com -> dell.com ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 04:34 - 2015-10-22 19:26 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-729673755-3722144356-2474752940-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DanyB\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 195.130.130.2 - 195.130.131.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is uitgeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^DanyB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DriveUtilitiesHelper => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: GwxControlPanelMonitor => "C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe MSCONFIG\startupreg: MoneyAgent => C:\Program Files (x86)\Microsoft Money\System\Money Express.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: stack => C:\Program Files (x86)\stack\stack.exe MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe MSCONFIG\startupreg: {1606DC18-9578-4cbd-8312-8E9868F06A1D} => T:\Temp\cis1c21405\cmdinstall.exe -cmdfile ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{070065C5-F7F4-4983-B001-DFEFBDDE364C}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{2DA9DA47-7C01-4152-9376-4E15F5725C92}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{0B41FD1B-DC28-4F1E-B528-3EF356675F44}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0D47C6BA-A952-4F33-9992-66EBEF4CE523}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9713C841-F83F-4566-BEC1-CE18F63EE190}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{45F1D89F-5854-47DD-99F5-F6A5AFEAD228}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0560C035-B93B-4F51-92C6-9F30050FA8AD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{28D97159-37F8-4D69-97A3-6D2D53627D79}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A380EBB6-4294-4885-93F2-105477DF5B30}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{AD0E9E32-614E-4EDB-BC0E-6A34580C9C66}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2471CA13-7E78-4C2D-93A2-89D4D4819771}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{EA807345-11AE-424D-8290-FC93429DB6E2}] => (Allow) C:\Windows\Prey\versions\1.6.5\bin\node.exe FirewallRules: [{BABDEBD7-7613-4643-81A6-1D11C4395C74}] => (Allow) C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe FirewallRules: [{B2426E81-033B-46D1-8C1C-D24F61EEEDE9}] => (Allow) C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe FirewallRules: [{442D9192-0202-43EC-AF19-872797274A9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{84B038EE-8659-4233-A9B6-1350B6595449}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7DF695E8-EFCD-4403-A117-A81AA2E1FDAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FE138B14-7196-44CC-8BF7-2CF10C02360F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{28D74D9B-6432-4974-93AE-FC8906E2CC9A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Herstelpunten ========================= 15-04-2017 19:11:11 Voor Image 19 16-04-2017 11:49:13 Windows Update 08-06-2017 12:26:36 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (06/09/2017 01:50:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (06/08/2017 07:44:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: Gegevens voor het Programma voor verbetering van de gebruikerservaring kunnen niet naar Microsoft worden verzonden. (Fout 80004005). Error: (06/08/2017 12:36:25 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (06/08/2017 12:26:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma WinPatrol.exe, versie 34.11.2016.27 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: c9c Starttijd: 01d2e040e507f152 Eindtijd: 7 Toepassingspad: C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe Rapport-id: dfdf2649-4c34-11e7-955e-001aa0d20511 Error: (06/08/2017 12:21:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (06/08/2017 12:18:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (04/16/2017 11:34:16 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (04/16/2017 10:31:40 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Error: (04/16/2017 10:28:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbamtray.exe, versie: 3.0.0.912, tijdstempel: 0x58811d74 Naam van module met fout: mbamtray.exe, versie: 3.0.0.912, tijdstempel: 0x58811d74 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00054645 Id van proces met fout: 0xce8 Starttijd van toepassing met fout: 0x01d2b68b5ca8a679 Pad naar toepassing met fout: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Pad naar module met fout: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe Rapport-id: a6648a1d-227e-11e7-931b-001aa0d20511 Error: (04/16/2017 10:10:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen. Systeemfouten: ============= Error: (06/09/2017 01:48:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: GDBehave Error: (06/08/2017 06:26:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: Netman. Error: (06/08/2017 12:34:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: GDBehave Error: (06/08/2017 12:25:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: De Windows Update-service is bij het starten vastgelopen. Error: (06/08/2017 12:20:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: GDBehave GDMnIcpt Error: (06/08/2017 12:17:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: GDBehave GDMnIcpt Error: (06/08/2017 12:17:09 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 12:46:33 op ‎16/‎04/‎2017 is onverwacht gebeurd. Error: (06/08/2017 12:16:55 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crashdumpinitialisatie is mislukt! Error: (04/16/2017 11:32:52 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: GDBehave GDMnIcpt Error: (04/16/2017 10:30:10 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: De volgende opstartstuurprogramma's zijn niet geladen: GDBehave GDMnIcpt ==================== Geheugen info =========================== Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz Percentage geheugen in gebruik: 42% Totaal fysiek RAM-geheugen: 6069.61 MB Beschikbaar fysiek RAM-geheugen: 3485.16 MB Totaal Virtueel geheugen: 6467.8 MB Beschikbaar Virtual geheugen: 3625.96 MB ==================== Schijven ================================ Drive c: (System) (Fixed) (Total:63.48 GB) (Free:24.23 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)] Drive d: (Data) (Fixed) (Total:48.83 GB) (Free:42.99 GB) NTFS Drive s: (My Passport) (Fixed) (Total:465.73 GB) (Free:297.13 GB) NTFS Drive t: (Temp) (Fixed) (Total:26.98 GB) (Free:21.37 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 149.1 GB) (Disk ID: 3A4F1905) Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27) Partition 2: (Active) - (Size=63.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=27 GB) - (Type=05) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0D7BD49D) Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================