The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,953 other followers

Windows 7 Home Premium SP1 update throwing 8E5E03FB and later 80070490

Posted by jpluimers on 2018/12/28

A while ago one of our machines threw an error 8E5E03FB while installing SP1 (KB976932) on Window 7 Home Premium.

This is what I used to recover from that (note that failed alone means it failed with the previous error code):

  1. Performed chkdsk %SystemDrive% /F, rebooted, waited for any issues to get fixed (none were)
  2. Disabled Avast anti virus, then update -> failed
  3. Reboot, then update -> failed
  4. Reboot in safe mode, then update -> failed
  5. On an Administrative command prompt, run sfc /scannow
  6. Reboot, then update -> failed
  7. Downloaded [WayBackDownload Windows 7 and Windows Server 2008 R2 Service Pack 1 (KB976932) from Official Microsoft Download Center **
  8. Reboot, then install download -> failure
  9. Looked at %SystemRoot%\Logs\CBS\CBS.log and found this entry:
    • CBS Failed call to CryptCATAdminAddCatalog. [HRESULT = 0x8e5e03fb - JET_errPageNotInitialized
  10. Searched for that combination
  11. Via [WayBackError code 8E5E03FB for Windows 7 updates – Microsoft Community, went for https://aka.ms/diag_wu to [WayBack] https://download.microsoft.com/download/6/C/9/6C970550-32AB-4235-9CDD-7FC9DD848BBB/WindowsUpdate.diagcab
  12. Ran the diagnostics which fixed many problems, but left alone a 0x80070057.
  13. Rebooted, then installed the SP1 download -> failed.
  14. Via[WayBackSP1 installation failure, Code 0x8e5e03fb, performed the steps in [WayBackHow do I reset Windows Update components?.
  15. Rebooted, then installed the SP1 download -> failed, but for a new reason: 0x80070490.
  16. Rebooted, then used on-line Windows update to install SP1 -> failed, but for again a new reason: Code B7. This was in the CBS.Log: Store corruption detected in function CCSDirectTransaaction::ShouldKeepAliveFromInstallmap on resource amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_56aba0211ca246c2.
  17. Uninstalled Avast.
  18. Installed CheckSUR (KB947821:[WayBackDownload System Update Readiness Tool for Windows 7 (KB947821) [October 2014] from Official Microsoft Download Center)
  19. Rebooted, then used on-line Windows update to install SP1 -> failed, but for a new reason: 0x80070490. This was in the CBS.Log: Failed to resolve package 'Package_2_for_KB2507938~31bf3856ad364e35~amd64~~6.1.1.4' [HRESULT = 0x80070490 - ERROR_NOT_FOUND].
  20. Searching for that error, I found [WayBack[Win7HomePremium] Unable to install Service Pack 1 – Page 2 which got me to [WayBackDownload SFCFix – MajorGeeks, then run these in an administrative command prompt:
    SFC /SCANNOW
    SFCFix
  21. The latter reported no errors, so I did some more searching and bumped into [WayBackInstallation Failures / CBS Store corruptions: Uncommon issues and troubleshooting – Microsoft GTSC Romania – Enterprise Platforms Support.
  22. It lead me to uninstall the package encompassing 'Package_2_for_KB2507938~31bf3856ad364e35~amd64~~6.1.1.4': dism /online /remove-package /packagename:Package_2_for_KB2507938~31bf3856ad364e35~amd64~~6.1.1.4
  23. Rebooted, then used on-line Windows update to install SP1 -> failed
  24. CBS.log first 0x80070490 entry is still Failed to resolve package 'Package_2_for_KB2507938~31bf3856ad364e35~amd64~~6.1.1.4' [HRESULT = 0x80070490 - ERROR_NOT_FOUND]
  25. Performed wusa /uninstall /KB:2507938 -> failed indicating De update KB2507938 is niet op deze computer geïnstalleerd. (“The update KB2507938 is not installed on this computer.”)
  26. That resulted into one Google Search hit: [WayBack[SOLVED] [Win7] Error Code 80070490 to KB3126587, so downloaded [WayBackDownload Security Update for Windows 7 (KB2507938) from Official Microsoft Download Center
  27. Manually installed the downloaded KB2507938 -> failed with De update geldt niet voor uw computer. (“The update is not applicable to your computer”)
  28. Followed [WayBack] Windows Update Forum Posting Instructions and a few extra steps from [SOLVED] [Win7] Error Code 80070490 to KB3126587 so came up with this:
    1. To get into a relatively clean CBS log: Reboot, then install download -> failure
    2. Run CheckSUR KB947821
    3. On the administrative console, run
      • SFC /SCANNOW
      • SFCFix
      • FRST64
        the latter with search argument KB2507938
  29. Attached files from:
    1. %SystemRoot%\Logs\CBS:
      • CBS.log
      • CbsPersist_20170709180806.cab
        • This is the log file during SP1 update
      • CheckSUR.log
      • CheckSUR.persist.log
    2. %SystemRoot%\Logs\SFCFix:
    3. %SystemRoot%\Logs\FRST64:
      • Addition.txt
      • FRST.txt

So I asked this question: [WayBack[Win7HomePremium] SP1 fails with 0x80070490 as KB2507938 is not fully present.

Extra tools used

** SP1 download

TL;DR: for English Windows 7 x64 you need [WayBackhttps://download.microsoft.com/download/0/A/F/0AFB5316-3062-494A-AB78-7FB0D4461357/windows6.1-KB976932-X64.exe

Note that the download file naming is very confusing as you will see only the above 6 files from the below list (which is English, but similar for other languages):

Hey ma: modern web interfaces do NOT have scroll bars to hint you the actual download is almost at the bottom!

Hey ma: modern web interfaces do NOT have scroll bars to hint you the actual download is almost at the bottom!

The full list however is this and you need the file marked X64 which is the second one from the bottom:

7601.17514.101119-1850_Update_Sp_Wave1-GRMSP1.1_DVD.iso 1.9 GB
Windows_Win7SP1.7601.17514.101119-1850.AMD64CHK.Symbols.msi 262.7 MB
Windows_Win7SP1.7601.17514.101119-1850.AMD64FRE.Symbols.msi 287.8 MB
Windows_Win7SP1.7601.17514.101119-1850.IA64CHK.Symbols.msi 241.8 MB
Windows_Win7SP1.7601.17514.101119-1850.IA64FRE.Symbols.msi 193.4 MB
Windows_Win7SP1.7601.17514.101119-1850.X86CHK.Symbols.msi 294.5 MB
Windows_Win7SP1.7601.17514.101119-1850.X86FRE.Symbols.msi 330.6 MB
windows6.1-KB976932-IA64.exe 511.6 MB
windows6.1-KB976932-X64.exe 903.2 MB
windows6.1-KB976932-X86.exe 537.8 MB

–jeroen


Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 08-07-2017
Gestart door RP Only (09-07-2017 21:27:17)
Gestart vanaf C:\Windows\Logs\FRST
Windows 7 Home Premium (X64) (2010-12-12 14:56:55)
Boot Modus: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2714902283-1431713189-3092997217-500 – Administrator – Disabled)
Gast (S-1-5-21-2714902283-1431713189-3092997217-501 – Limited – Disabled)
HomeGroupUser$ (S-1-5-21-2714902283-1431713189-3092997217-1003 – Limited – Enabled)
RP Only (S-1-5-21-2714902283-1431713189-3092997217-1000 – Administrator – Enabled) => C:\Users\RP Only
UpdatusUser (S-1-5-21-2714902283-1431713189-3092997217-1001 – Limited – Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Geïnstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
7-Zip 17.00 beta (x64) (HKLM\…\7-Zip) (Version: 17.00 beta – Igor Pavlov)
Acer Arcade Deluxe (HKLM-x32\…\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.1.7405 – CyberLink Corp.) Hidden
Acer Arcade Deluxe (HKLM-x32\…\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.1.7405 – CyberLink Corp.)
Acer eRecovery Management (HKLM-x32\…\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 – Acer Incorporated)
Acer GameZone Console (HKLM-x32\…\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 – Oberon Media, Inc.)
Acer Registration (HKLM-x32\…\Acer Registration) (Version: 1.02.3006 – Acer Incorporated)
Acer ScreenSaver (HKLM-x32\…\Acer Screensaver) (Version: 1.1.0318.2010 – Acer Incorporated)
Acer Updater (HKLM-x32\…\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 – Acer Incorporated)
Acrobat.com (HKLM-x32\…\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 – Adobe Systems Incorporated)
Adobe Acrobat Reader DC – Nederlands (HKLM-x32\…\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.009.20044 – Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\…\Adobe AIR) (Version: 1.5.0.7220 – Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\…\Adobe Flash Player ActiveX) (Version: 10.0.32.18 – Adobe Systems Incorporated)
Advertising Center (HKLM-x32\…\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}) (Version: 0.0.0.2 – Nero AG) Hidden
Amazonia (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: – Oberon Media)
Apple Application Support (32-bit) (HKLM-x32\…\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 – Apple Inc.)
Apple Application Support (64-bit) (HKLM\…\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 – Apple Inc.)
Apple Mobile Device Support (HKLM\…\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 – Apple Inc.)
Apple Software Update (HKLM-x32\…\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 – Apple Inc.)
Bonjour (HKLM\…\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 – Apple Inc.)
Cake Mania (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: – Oberon Media)
Chicken Invaders 2 (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: – Oberon Media)
D3DX10 (HKLM-x32\…\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 – Microsoft) Hidden
Dairy Dash (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: – Oberon Media)
Dream Day First Home (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: – Oberon Media)
Dropbox (HKU\S-1-5-21-2714902283-1431713189-3092997217-1000\…\Dropbox) (Version: 3.2.9 – Dropbox, Inc.)
Everything 1.3.4.686 (x64) (HKLM\…\Everything) (Version: – )
Farm Frenzy 2 (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: – Oberon Media)
Galapago (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: – Oberon Media)
Google Chrome (HKU\S-1-5-21-2714902283-1431713189-3092997217-1000\…\Google Chrome) (Version: 59.0.3071.115 – Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\…\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 – Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\…\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 – Google Inc.)
Google Update Helper (HKLM-x32\…\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 – Google Inc.) Hidden
Google Update Helper (HKLM-x32\…\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 – Google Inc.) Hidden
Granny In Paradise (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: – Oberon Media)
Haali Media Splitter (HKLM-x32\…\HaaliMkx) (Version: – )
Heroes of Hellas (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: – Oberon Media)
Hotkey Utility (HKLM-x32\…\Hotkey Utility) (Version: 2.05.3009 – Acer Incorporated)
HP Officejet 5740 series Basissoftware van het apparaat (HKLM\…\{7D0512FF-A3A8-4C71-AF80-91BEECC7B000}) (Version: 34.2.117.50647 – Hewlett-Packard Co.)
HP Officejet 5740 series Help (HKLM-x32\…\{9B49B742-F990-4501-AF0B-7DED35E46722}) (Version: 34.0.0 – Hewlett Packard)
HP Photo Creations (HKLM-x32\…\HP Photo Creations) (Version: 1.0.0.7702 – HP)
HP Update (HKLM-x32\…\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 – Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\…\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 – HP)
Identity Card (HKLM-x32\…\Identity Card) (Version: 1.00.3003 – Acer Incorporated)
ImagXpress (HKLM-x32\…\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 – Nero AG) Hidden
iTunes (HKLM\…\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 – Apple Inc.)
Java 8 Update 121 (HKLM-x32\…\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 – Oracle Corporation)
Junk Mail filter update (HKLM-x32\…\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\…\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 – Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\…\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 – Microsoft Corporation)
Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\…\Office14.Click2Run) (Version: 14.0.4763.1000 – Microsoft Corporation)
Microsoft Office Language Pack 2010 – Dutch/Nederlands (HKLM-x32\…\Office14.OMUI.nl-nl) (Version: 14.0.7015.1000 – Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\…\Office14.PROPLUS) (Version: 14.0.7015.1000 – Microsoft Corporation)
Microsoft Office Starter 2010 – Nederlands (HKLM-x32\…\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.4763.1000 – Microsoft Corporation)
Microsoft Silverlight (HKLM\…\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 – Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\…\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 – Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\…\Office14.VISIOR) (Version: 14.0.7015.1000 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\…\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable – 10.0.40219 (HKLM\…\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32\…\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\…\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 – Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\…\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 – Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\…\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 – Microsoft Corporation)
MyWinLocker (HKLM-x32\…\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}) (Version: 3.1.206.0 – Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\…\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 – Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\…\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.206.0 – Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\…\{03eb689b-55e0-48e8-894e-59a29be2f49b}) (Version: – Nero AG)
Notepad++ (32-bit x86) (HKLM-x32\…\Notepad++) (Version: 7.4.2 – Notepad++ Team)
NVIDIA 3D Vision stuurprogramma 341.44 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 – NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\…\NVIDIA Display Control Panel) (Version: 1.10 – NVIDIA Corporation)
NVIDIA Drivers (HKLM\…\NVIDIA Drivers) (Version: 1.10.57.35 – NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 341.44 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 – NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\…\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 – NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\…\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 – NVIDIA Corporation)
Productverbeteringsonderzoek voor HP Officejet 5740 series (HKLM\…\{6BC96CFA-564C-4C78-BD37-FC48F5A7F4BF}) (Version: 34.2.117.50647 – Hewlett-Packard Co.)
Realtek High Definition Audio Driver (HKLM-x32\…\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 – Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\…\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: – Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\…\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: – Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\…\{90140000-0100-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{2ABAC676-CF18-432C-B4B2-54F12AD59929}) (Version: – Microsoft)
Shredder (HKLM\…\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.5.0 – Egis Technology Inc.) Hidden
Shredder (HKLM-x32\…\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.5.0 – Egis Technology Inc.) Hidden
Sitecom Europe BV Wireless LAN (HKLM-x32\…\{8AC9A9BE-EAD8-4FCA-9D50-8BA395785F67}) (Version: 1.00.0000 – Sitecome)
Spin & Win (HKLM-x32\…\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: – Oberon Media)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) – NLD (HKLM\…\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack – NLD) (Version: 10.0.50903 – Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\…\VirtualCloneDrive) (Version: – Elaborate Bytes)
Welcome Center (HKLM-x32\…\Acer Welcome Center) (Version: 1.00.3013 – Acer Incorporated)
Windows Live Essentials (HKLM-x32\…\WinLiveSuite) (Version: 15.4.3538.0513 – Microsoft Corporation)
Windows Live Sync (HKLM-x32\…\{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}) (Version: 14.0.8117.416 – Microsoft Corporation)
Zylom Games Player Plugin (HKLM-x32\…\Zylom Games Player Plugin) (Version: – Zylom Games)
==================== Aangepaste CLSID (gefilterd): ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
HKU\S-1-5-21-2714902283-1431713189-3092997217-1000\…\ChromeHTML: -> C:\Users\RP Only\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2714902283-1431713189-3092997217-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\RP Only\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Geen bestand
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-02-01] (Egis Technology Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-06-18] ()
ContextMenuHandlers01: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll [2010-02-01] (Egis Technology Inc.)
ContextMenuHandlers01: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers02: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers03: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2010-01-21] (Egis Technology Inc.)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers04: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\mwlshellext.dll [2010-02-01] (Egis Technology Inc.)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-04] (NVIDIA Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1_S-1-5-21-2714902283-1431713189-3092997217-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2714902283-1431713189-3092997217-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2714902283-1431713189-3092997217-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\RP Only\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-05] (Dropbox, Inc.)
==================== Geplande Taken (gefilterd) =============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {0C866E8E-5740-448A-B106-2AA6B95212CE} – System32\Tasks\DriverScanner => C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe <==== AANDACHT
Task: {5836D043-DDE3-4EB1-B805-31138C631A0B} – System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {585B44C6-48AF-4302-8061-A4C0BE22AD7C} – System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.)
Task: {59D27041-6F6D-4512-B86F-EF32E3ED3639} – System32\Tasks\{C7E14CB8-1501-46B4-A8E9-14AC3DFED37C} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2011-05-13] (Microsoft Corporation)
Task: {79DF8391-6E87-4D36-95FC-CA652B17AD06} – System32\Tasks\{B3C360AF-9CA5-4BDE-B17A-2ED905207307} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2011-05-13] (Microsoft Corporation)
Task: {800EE860-F910-48DC-8401-59B53E00E369} – System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2714902283-1431713189-3092997217-1000Core => C:\Users\RP Only\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {95F5D251-448A-442D-9BEA-84E0AA8A8556} – System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2714902283-1431713189-3092997217-1000UA => C:\Users\RP Only\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-05] (Google Inc.)
Task: {B33B1FC5-9C36-4553-A269-DEEE99938EE2} – System32\Tasks\HPCustParticipation HP Officejet 5740 series => C:\Program Files\HP\HP Officejet 5740 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {B56E29AC-8D36-48E5-B504-6621AE6DE544} – System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {C2A5C554-4FA5-4D04-8696-4F42FD739AF0} – System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe <==== AANDACHT
Task: {D4E7093A-C4EA-4ACD-A3DF-45D2FD372EC0} – System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-18] (Google Inc.)
Task: {E446B2C5-527B-446C-8D9A-FC569298BA8E} – System32\Tasks\{BCBEB566-19B4-4667-A05C-435567F8A42E} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2011-05-13] (Microsoft Corporation)
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
Task: C:\Windows\Tasks\DriverScanner.job => C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe <==== AANDACHT
Task: C:\Windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe <==== AANDACHT
==================== Snelkoppelingen & WMI ========================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
==================== Geladen Modules (gefilterd) ==============
2017-05-09 00:44 – 2017-05-09 00:44 – 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 14:56 – 2017-01-13 14:56 – 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-21 21:53 – 2014-08-06 03:04 – 01441792 _____ () C:\Program Files\Everything\Everything.exe
2011-01-08 20:50 – 2007-12-26 15:17 – 00053760 _____ () C:\Program Files (x86)\Sitecom Europe BV\Common\RalinkRegistryWriter.exe
2013-09-05 01:17 – 2013-09-05 01:17 – 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-08-04 14:40 – 2010-08-04 14:40 – 00611872 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2010-08-04 11:47 – 2010-08-04 11:47 – 00144896 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
==================== Alternate Data Streams (gefilterd) =========
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0 [260]
AlternateDataStreams: C:\ProgramData\Temp:93DE1838 [274]
AlternateDataStreams: C:\ProgramData\Temp:93EB7685 [272]
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA [292]
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [258]
==================== Veilige Modus (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
==================== Bestandskoppeling (gefilterd) ===============
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
==================== Internet Explorer vertrouwde/beperkte toegang ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
==================== Hosts inhoud: ===============================
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
2009-07-14 04:34 – 2009-06-10 23:00 – 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere gebieden ============================
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKU\S-1-5-21-2714902283-1431713189-3092997217-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\RP Only\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.71.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
==================== Firewall regels (gefilterd) ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [{B831DAFF-97CD-4704-A7F1-97DBE9EC4529}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\PowerCinema.exe
FirewallRules: [{902F3509-DBFD-44A9-B9C4-29AA80FEEECA}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\PCMService.exe
FirewallRules: [{5A08F6B6-891C-48DE-A7B0-9313B767E41A}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{8FAB05F1-0587-4A0F-8FF0-071AE77CE6C3}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\DMS\CLMSService.exe
FirewallRules: [TCP Query User{1DF3C5E6-C24B-4CE7-BE07-B15B3418873A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{4444DCAC-B514-4760-8F41-655E585F2EFE}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{427A811B-0CE0-438C-A9C2-8CA1DE7BB954}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DDC641D1-27E2-4063-ABB4-0D12635AC786}] => (Allow) svchost.exe
FirewallRules: [{35653EDA-0347-4D9B-930C-A2C4115316E2}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{AB1BB672-5512-42EE-8D98-413AAD020EF2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F40C631A-62CE-4514-B0B6-89416AC52975}] => (Allow) LPort=2869
FirewallRules: [{264EECAD-A103-48AD-A441-0F3455AF2ABC}] => (Allow) LPort=1900
FirewallRules: [{2E1B4211-E40B-4616-B9A9-3E0AABB9FB0F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6E63018-E391-4293-9E34-41F3C2CC9B0D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0CAC9E94-1003-4E35-B610-3C4149CB97F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8C9674B2-11AD-4E42-AFB5-1DF5A7D78852}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{CA14B2B1-F426-48D5-ADFF-ACD23AA7730B}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{423F5A29-DC0B-455E-AFD9-CBA5BB2EA6E5}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{0127F687-DC31-402F-880F-986FD3A0523F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{33BCD3CD-8125-4057-8ACB-DC6422B73483}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5B1A065C-C83D-4263-89D2-13532ADC0FE4}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{3A81C120-AE40-458F-B19F-EA0A6EEF6282}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{E8ECB318-8E22-4777-B3A4-7AB2A1110813}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{67C218CC-A200-4BA3-8223-BFCF050E3EC3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{88E52C9E-21C8-4CBE-8655-E8535CF3FD55}] => (Allow) C:\Users\RP Only\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F1F5AADD-CFC2-4458-8A2A-FB29689B8C70}] => (Allow) C:\Users\RP Only\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{6D0FFEFD-B750-490B-AE5A-4C2429B4DB4C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{2502A117-265B-41EA-8CFA-891194FE665B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{2ACFC8FB-10F3-43C7-AC1F-56FD6230CF57}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{CD065E1E-7982-4DBF-A035-B1913EA7B77F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{43A4AB1A-979D-4FE9-BD86-D988A263B41D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{1B0DCA1B-5D88-4A2F-B55F-AC7D704FC267}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{8B2B5FA3-2035-4438-9CDA-B119821E5087}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{315F34F1-F068-41DF-B5D1-88E6F5DE961C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{7BB47061-5B1E-4F76-ACD1-16076B6C5C5A}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\FaxApplications.exe
FirewallRules: [{F5067097-0284-4B02-A4F1-889308ADB9B4}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\DigitalWizards.exe
FirewallRules: [{01C05D51-524A-4CAC-9802-DE9041FFD6F5}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\bin\SendAFax.exe
FirewallRules: [{CFEEEC13-2CDD-4FD3-9178-F4490F20D815}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\DeviceSetup.exe
FirewallRules: [{CF78803A-609F-4E97-B2AC-57D56DB0772B}] => (Allow) LPort=5357
FirewallRules: [{6000DFA3-4B12-4ECA-88B9-8344F93F62EC}] => (Allow) C:\Program Files\HP\HP Officejet 5740 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A8DC414D-702F-4A40-B881-105F48AB3022}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6C2EB35B-88DE-44C3-BA54-38AA4EC62A91}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{C3CA1AAC-94B7-4012-9758-E6739A28F536}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2EB28DD0-4B44-4FA7-A329-4230225C2F35}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2ABF5F91-8142-4FF6-B9D9-2EF7AD5AECD5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F1F87DC8-4D8C-42EA-9694-D708AA937C29}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1F69C6AE-A96E-420E-B9C2-A549D925636E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5FFD260F-698C-4505-ACF6-A60330C2EFCC}] => (Allow) LPort=3389
==================== Herstelpunten =========================
09-07-2017 19:26:06 Windows 7 Service Pack 1
09-07-2017 19:55:12 Windows Update
==================== Defecte Apparaatbeheer Apparaten =============
Name: Microsoft PS/2-muis
Description: Microsoft PS/2-muis
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Eventlog fouten: =========================
Applicatiefouten:
==================
Error: (07/09/2017 08:59:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7239
Error: (07/09/2017 08:59:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7239
Error: (07/09/2017 08:59:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/09/2017 08:59:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6209
Error: (07/09/2017 08:59:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6209
Error: (07/09/2017 08:59:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/09/2017 08:59:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5211
Error: (07/09/2017 08:59:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5211
Error: (07/09/2017 08:59:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/09/2017 08:59:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4181
Systeemfouten:
=============
Error: (07/09/2017 07:53:20 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: RPOnly-PC)
Description: Installatie van servicepack is mislukt met foutcode 0x80070490.
Error: (07/09/2017 07:48:06 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 7) (User: RPOnly-PC)
Description: Wijzigingen in een update (Servicepack voor Microsoft Windows (KB976932)) zijn mislukt tijdens de installatie van een servicepack.
Identiteit: Package_for_KB976932~31bf3856ad364e35~amd64~~6.1.1.17514
Foutcode: 0x80070490
Doelstatus: 7
Error: (07/09/2017 06:46:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart:
De service is niet gestart vanwege een aanmeldingsfout.
Error: (07/09/2017 06:46:56 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout:
Aanmeldingsfout: het wachtwoord voor het opgegeven account is verlopen.
Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd.
Error: (07/09/2017 06:45:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.
Error: (07/09/2017 06:42:07 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: RPOnly-PC)
Description: Installatie van servicepack is mislukt met foutcode 0x80070490.
Error: (07/09/2017 06:36:30 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 7) (User: RPOnly-PC)
Description: Wijzigingen in een update (Servicepack voor Microsoft Windows (KB976932)) zijn mislukt tijdens de installatie van een servicepack.
Identiteit: Package_for_KB976932~31bf3856ad364e35~amd64~~6.1.1.17514
Foutcode: 0x80070490
Doelstatus: 7
Error: (07/09/2017 04:52:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart:
De service is niet gestart vanwege een aanmeldingsfout.
Error: (07/09/2017 04:52:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout:
Aanmeldingsfout: het wachtwoord voor het opgegeven account is verlopen.
Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd.
Error: (07/09/2017 04:50:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.
CodeIntegrity:
===================================
Date: 2017-03-21 22:14:48.750
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 22:14:48.750
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 22:07:13.492
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 22:07:13.492
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 21:47:20.148
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 21:47:20.147
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 21:44:23.520
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 21:44:23.520
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 21:20:48.088
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
Date: 2017-03-21 21:20:48.087
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Windows\System32\drivers\PROCEXP152.SYS kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
==================== Geheugen info ===========================
Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz
Percentage geheugen in gebruik: 16%
Totaal fysiek RAM-geheugen: 8191.14 MB
Beschikbaar fysiek RAM-geheugen: 6868.84 MB
Totaal Virtueel geheugen: 16380.42 MB
Beschikbaar Virtual geheugen: 14529.57 MB
==================== Schijven ================================
Drive c: (Acer) (Fixed) (Total:456.45 GB) (Free:388.87 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.96 GB) (Free:456.53 GB) NTFS
==================== MBR & Partitietabel ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B41B0670)
Partition 1: (Not Active) – (Size=18 GB) – (Type=27)
Partition 2: (Active) – (Size=100 MB) – (Type=07 NTFS)
Partition 3: (Not Active) – (Size=456.5 GB) – (Type=07 NTFS)
Partition 4: (Not Active) – (Size=457 GB) – (Type=07 NTFS)
==================== Eind van Addition.txt ============================

view raw

Addition.txt

hosted with ❤ by GitHub

This file has been truncated, but you can view the full file.

View raw

(Sorry about that, but we can’t show files that are this big right now.)

view raw

CheckSUR.log

hosted with ❤ by GitHub

View raw

(Sorry about that, but we can’t show files that are this big right now.)

View raw

(Sorry about that, but we can’t show files that are this big right now.)

view raw

FilterList.log

hosted with ❤ by GitHub

View raw

(Sorry about that, but we can’t show files that are this big right now.)

view raw

FRST.txt

hosted with ❤ by GitHub

View raw

(Sorry about that, but we can’t show files that are this big right now.)

view raw

SFCFix.log

hosted with ❤ by GitHub

View raw

(Sorry about that, but we can’t show files that are this big right now.)

view raw

SFCFix.txt

hosted with ❤ by GitHub

View raw

(Sorry about that, but we can’t show files that are this big right now.)

view raw

worklog.md

hosted with ❤ by GitHub

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
%d bloggers like this: