Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 25-10-2017 Gestart door Gebruiker (25-10-2017 17:40:27) Gestart vanaf C:\Users\Gebruiker\Downloads Windows 10 Pro Versie 1703 15063.674 (X64) (2017-08-30 15:06:17) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3481151055-3296067517-1742091627-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3481151055-3296067517-1742091627-503 - Limited - Disabled) Gast (S-1-5-21-3481151055-3296067517-1742091627-501 - Limited - Disabled) Gebruiker (S-1-5-21-3481151055-3296067517-1742091627-1001 - Administrator - Enabled) => C:\Users\Gebruiker ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: G DATA TOTAL SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Emsisoft Anti-Malware (Enabled - Up to date) {701CB209-EBBC-AADC-11E6-DE73E7AF4C9D} AS: Emsisoft Anti-Malware (Enabled - Up to date) {CB7D53ED-CD86-A552-2B56-E5019C280620} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated) AIO_CDA_ProductContext (HKLM-x32\...\{B5985100-D968-4B0D-B13C-B0362044612D}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDA_Software (HKLM-x32\...\{CBB55719-C875-4C5A-A0B6-2473F77DD164}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden C4100 (HKLM-x32\...\{22EB3230-0F3D-4E94-9BD0-A3E8E204506F}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden c4100_Help (HKLM-x32\...\{3260D61B-DCA6-4ec6-8A41-DCCE01BC6EE4}) (Version: 82.0.256.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform) Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden EaseUS Partition Master 12.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.9 - Emsisoft Ltd.) Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden G DATA TOTAL SECURITY (HKLM-x32\...\G DATA TOTAL SECURITY) (Version: 25.4.0.2 - G DATA Software AG) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.62 - Google Inc.) Google Photos Backup (HKU\S-1-5-21-3481151055-3296067517-1742091627-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart All-In-One Driver Software (HKLM\...\{4F6C1178-3FC0-44BB-8F9A-28D8516DFEE2}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3481151055-3296067517-1742091627-1001\...\OneDriveSetup.exe) (Version: 17.3.7073.1013 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 56.0.1 (x64 nl) (HKLM\...\Mozilla Firefox 56.0.1 (x64 nl)) (Version: 56.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla) Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Opera Stable 48.0.2685.50 (HKLM-x32\...\Opera 48.0.2685.50) (Version: 48.0.2685.50 - Opera Software) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM-x32\...\{90160000-001F-0413-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer) Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden Trust 100K Series Webcam (HKLM-x32\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Trust) WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden WhatsApp (HKU\S-1-5-21-3481151055-3296067517-1742091627-1001\...\WhatsApp) (Version: 0.2.6426 - WhatsApp) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wondershare Data Recovery(Build 6.5.1.5) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.5.1.5 - Wondershare Software Co.,Ltd.) Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3481151055-3296067517-1742091627-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3481151055-3296067517-1742091627-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gebruiker\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.) ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\TotalSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers3-x32: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\TotalSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG) ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\TotalSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG) ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd) ContextMenuHandlers6-x32: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\TotalSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG) ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {1662CC51-16AB-4892-82A2-C4387A1714A9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd) Task: {1F6678A8-4CE1-4F00-AD28-5FE69AECC118} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd) Task: {41EA8D9E-BC24-4541-88EE-D393668F4209} - System32\Tasks\Opera scheduled Autoupdate 1504442136 => C:\Program Files\Opera\launcher.exe [2017-10-17] (Opera Software) Task: {445A0F26-B101-4018-9090-7A4477E60324} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_183_pepper.exe [2017-10-25] (Adobe Systems Incorporated) Task: {49B5C977-4B19-4BA5-B471-7C214C7FC3E4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3481151055-3296067517-1742091627-1001UA => C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2017-09-20] (Google Inc.) Task: {4A1D5920-4236-441C-8482-754CFCBC9C9A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3481151055-3296067517-1742091627-1001Core => C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2017-09-20] (Google Inc.) Task: {6761B8D3-2F57-4139-8685-EA1FDDD61492} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe Task: {6ED665CC-4E8F-4A75-8FA0-51E5897558D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated) Task: {94A4F210-CF9E-4A6D-B1AE-2C79541F397E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated) Task: {B27D0687-7A22-4794-A731-4DDF5184CAFF} - System32\Tasks\{F512A247-0DA4-4469-8CAD-6DD61E26A866} => c:\program files\opera\launcher.exe [2017-10-17] (Opera Software) Task: {D2DF9AE0-AF67-4C9C-91DA-8B0121F68EC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {EF5D4F7A-F0FD-416A-82E4-05DCC77549B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-11] (Google Inc.) Task: {F1BFADDD-25EA-4EC9-B5D5-4D9A9C1EB7D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-11] (Google Inc.) Task: {FE47958D-CAB5-44CD-8DE7-A34EE7093E37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2017-08-03 05:49 - 2017-08-03 05:49 - 000562664 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll 2017-03-18 22:59 - 2017-03-20 05:56 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-10-19 14:50 - 2017-10-19 14:51 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-10-19 14:50 - 2017-10-19 14:51 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-10-23 14:58 - 2017-10-23 14:57 - 091447896 _____ () C:\Program Files\Opera\48.0.2685.50\opera_browser.dll 2017-08-17 16:51 - 2017-08-17 16:51 - 001993184 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: ========================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2017-03-18 23:03 - 2017-10-09 13:41 - 000001029 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.easeus.com 127.0.0.1 activation.easeus.com 127.0.0.1 track.easeus.com 127.0.0.1 gdpwmgrlocalhost 127.0.0.1 www.easeus.com 127.0.0.1 activation.easeus.com 127.0.0.1 track.easeus.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3481151055-3296067517-1742091627-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg DNS Servers: 84.116.46.20 - 84.116.46.21 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{A2C5DF72-98A5-48E4-8AB7-6CF2402F33BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{2A8715B5-B856-4786-ADC0-E14155F23E21}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{2F0D2A86-8240-41A9-9087-997FFBF76777}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DA77CA97-AED3-4A14-A36D-56851CBCF836}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{82BF1B52-5C93-45D2-A82F-363C53FFCC5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{07A7BA0B-9136-4087-BD85-4D317E67E353}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{8BBF7F6A-EE8C-4754-A2E9-F0DCE64E236E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{FC656697-0C4C-4D05-BE4D-3B11031A3AB3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{9DCB6126-A402-4E0F-A64F-28B25D43109A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{E9A2A703-B7DF-4BD5-AA79-4070BCD1A6CE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe FirewallRules: [{21929EA8-4D82-4338-8F6F-7FBC9E2458AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{B2EA6419-1586-4A36-9C47-8A9AEDC3C137}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{FEB382CD-66AD-4AE6-B322-EB18C823923F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{AE68E867-4146-4FCC-8F0E-1033E92E8ACD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{DB0C8FCD-349F-48B7-A58B-3A3BE2C17475}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{2C3750C4-02C3-4597-A805-925E31734946}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{4E659C70-5F16-4341-B644-633410FBD277}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{1F0FB3FF-F4DE-4BD0-A21A-500F1474A7F1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{F5E549AC-1FD8-4785-9F65-BE5646F58B14}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{DB664892-1E6F-4D09-A5F3-A43D1097D413}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{BFDEA4A5-F1B9-45BE-BF47-01B8590810C5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{E0D76991-6142-4DFA-A0D7-B7111A0B9C11}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{4F5CCDA9-BD92-4345-80DC-137CC1FBAAA9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{85FB369A-0700-47C2-ADB5-263E82401878}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{E2C9DA29-6E03-4762-8BE3-8497598C010A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{035D2CBC-8AFB-41E0-9623-28B689CE1935}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{41202582-DCC6-4971-B5D7-1973183882C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{DC322690-1E6E-4853-8DF4-3A4581381D77}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{D90279DC-D80F-472D-8286-497E531EC4D2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{D21F3AB5-8597-47CC-ACB2-936EB9BC61E1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{33A56EE1-A553-4B8D-A8B9-A22E788447E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{63F4D770-1212-4B05-AC9E-F45D8E1552CF}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{29F3E865-9BA6-4BCF-9AE8-6AAA4D81003C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{8B97AA8F-8B16-4FB9-93E6-A812370E59FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{4EDE876F-A521-4F19-95EE-8866C114F476}] => (Allow) C:\Program Files\Opera\48.0.2685.39\opera.exe FirewallRules: [{080A5EBF-7011-4905-8EB3-D6AB0E7329F4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{09AE4F3F-5434-426F-9194-924AAA6C2F7A}] => (Allow) C:\Program Files\Opera\48.0.2685.50\opera.exe ==================== Herstelpunten ========================= 09-10-2017 20:01:46 Gepland controlepunt 15-10-2017 19:00:47 Windows Back-up 22-10-2017 19:04:09 Windows Back-up ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (10/25/2017 05:00:23 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Microsoft Office\Office16\lync.exe.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Microsoft Office\Office16\UccApi.DLL op regel 1. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definitie is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (10/24/2017 01:31:24 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Microsoft Office\Office16\lync.exe.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Microsoft Office\Office16\UccApi.DLL op regel 1. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definitie is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (10/23/2017 02:59:11 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\Microsoft Office\Office16\lync.exe.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Microsoft Office\Office16\UccApi.DLL op regel 1. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0". Definitie is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (10/23/2017 02:56:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (10/22/2017 09:42:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-6HH91PQ) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (10/22/2017 08:59:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (10/22/2017 08:59:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (10/22/2017 08:58:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (10/22/2017 07:04:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (10/22/2017 07:00:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Systeemfouten: ============= Error: (10/22/2017 09:42:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6HH91PQ) Description: De server Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (10/22/2017 09:42:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6HH91PQ) Description: De server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (10/22/2017 09:42:16 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6HH91PQ) Description: De server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (10/22/2017 09:17:05 PM) (Source: volsnap) (EventID: 35) (User: ) Description: The shadow copies of volume I: were aborted because the shadow copy storage failed to grow. Error: (10/21/2017 08:25:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart: De aanvraag wordt niet ondersteund. Error: (10/21/2017 01:53:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart: De aanvraag wordt niet ondersteund. Error: (10/21/2017 08:47:30 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: FDResPub. Error: (10/21/2017 01:40:19 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6HH91PQ) Description: De server Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (10/21/2017 01:40:15 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6HH91PQ) Description: De server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (10/21/2017 01:40:15 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6HH91PQ) Description: De server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. CodeIntegrity: =================================== Date: 2017-10-25 17:37:10.731 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-25 17:20:01.015 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-24 20:48:00.817 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-24 20:33:00.785 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-24 20:18:00.594 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-24 20:03:00.483 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-24 19:48:00.720 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-24 19:33:00.681 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-24 19:18:00.360 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. Date: 2017-10-24 19:03:05.853 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz Percentage geheugen in gebruik: 80% Totaal fysiek RAM-geheugen: 3318.49 MB Beschikbaar fysiek RAM-geheugen: 632.1 MB Totaal Virtueel geheugen: 6774.49 MB Beschikbaar Virtual geheugen: 1945.2 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:223.08 GB) (Free:88.52 GB) NTFS Drive i: (Backup) (Fixed) (Total:309 GB) (Free:12.98 GB) NTFS Drive k: (Data) (Fixed) (Total:156.3 GB) (Free:78.96 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 1E22FD50) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8850571F) Partition 1: (Not Active) - (Size=309 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=449 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=156.3 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================