Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 15-02-2017 02 Gestart door Michel (17-02-2017 11:55:56) Gestart vanaf D:\Downloads Windows 10 Pro Versie 1607 (X64) (2016-11-01 11:04:54) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-790814905-602635857-4264004509-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-790814905-602635857-4264004509-503 - Limited - Disabled) Gast (S-1-5-21-790814905-602635857-4264004509-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-790814905-602635857-4264004509-1003 - Limited - Enabled) Michel (S-1-5-21-790814905-602635857-4264004509-1001 - Administrator - Enabled) => C:\Users\Michel ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: McAfee Antivirus en antispyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Antivirus en antispyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 7-Zip 9.32 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0932-000001000000}) (Version: 9.32.00.0 - Igor Pavlov) Acronis True Image 2014 (HKLM-x32\...\{789D0A41-7A15-4F09-8DEE-136D1E1896C5}Visible) (Version: 17.0.6673 - Acronis) Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden ActKey (x32 Version: 1.3.1.0 - Oki Data Corporation) Hidden Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{34397444-D51C-ADCC-799D-82361E573488}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government) CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.) Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.) Dell Data Vault (Version: 4.3.9.0 - Dell Inc.) Hidden Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation) Dell Dock (Version: 2.0 - Stardock Corporation) Hidden Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{27130E51-9555-408B-8134-7BFF54EDE27B}) (Version: 1.3.0.72 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.0 - Synaptics Incorporated) Dell Update (HKLM-x32\...\{3FB000F3-7444-41C1-A0A6-53E8FD0B7D9C}) (Version: 1.6.1007.0 - Dell Inc.) Dropbox (HKU\S-1-5-21-790814905-602635857-4264004509-1001\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.1) (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{6882ac6d-e97d-4e25-b3ea-5f3f21055dfe}) (Version: 16.6.0 - Intel Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) LastPass (alleen deïnstalleren) (HKLM-x32\...\LastPass) (Version: - LastPass) MailWasherPro (HKLM-x32\...\{465C2488-8BA4-4770-A6E5-20C5BCB32EF8}) (Version: 7.9 - Firetrust) Malwarebytes versie 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.3061 - McAfee, Inc.) Microsoft Office 2013 voor Thuisgebruik en Zelfstandigen - nl-nl (HKLM\...\HomeBusinessRetail - nl-nl) (Version: 15.0.4569.1507 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 51.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 nl)) (Version: 51.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1507 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1507 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1507 - Microsoft Corporation) Hidden OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.3.1.0 - Oki Data Corporation) OKI MB4x1/ES41x1/MPS42x Scanner (HKLM-x32\...\InstallShield_{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.0.2 - Oki Data Corporation) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.021 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.) ScannerDriver (Version: 1.1.0.2 - Oki Data Corporation) Hidden Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer) VASCO Card Reader Plug-In (64-Bit) (Version: 3.2.3.4 - VASCO Data Security) Hidden VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-790814905-602635857-4264004509-1001\...\{c77cb28d-ddd3-46f7-b51a-14a599127ba7}) (Version: 3.2.3.4 - VASCO Data Security) WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.51 - NCH Software) WD Drive Utilities (HKLM-x32\...\{A8745049-A6A9-47EC-A925-0AF701045504}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{EB4BBA42-010C-44C7-88FA-BBBBFF9582A5}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{4BD6ACBE-27D4-4A42-9550-69401A4DD348}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{37B5A3DE-A3C2-4EB8-84EF-941F5DDA2B3F}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Wise JetSearch 1.45 (HKLM-x32\...\Wise JetSearch_is1) (Version: 1.45 - WiseCleaner.com, Inc.) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll (VASCO Data Security) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-790814905-602635857-4264004509-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0BFE61C9-B1AA-43F8-BACC-D032B6B939C1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {10C021DD-BD4D-43BA-BF54-CE926CA3D7BC} - \Microsoft\Windows\Setup\gwx\rundetector -> Geen bestand <==== AANDACHT Task: {12CA1528-626E-456C-B594-E3C48EBA0462} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-01-11] (Microsoft Corporation) Task: {13EF616F-4B8B-47DF-8A9F-ECE93351908F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {14B37305-2BE2-4398-9D02-F497C53A65F2} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DELL-Michel dell => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-02-26] (Microsoft Corporation) Task: {175748DB-CFFD-4C9C-AF2E-4C3123B889E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {1BE08D3C-8566-42C0-9D2C-C8C4DD2F19A7} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {2A57DACE-F664-4575-B7FB-7FF22237A070} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {2D0C245F-531D-43A6-A88A-9E8C2F559818} - \McAfee\McAfee Idle Detection Task -> Geen bestand <==== AANDACHT Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe Task: {366E45EF-D071-45E2-8C26-1C0B12AAADB3} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Michel\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {3D121AA6-D389-4A4F-9A7B-2D5AAC52CAAD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {493E37FE-AFA7-4792-9F84-8BF1EA7CFC60} - \StartMenuAutoupdate -> Geen bestand <==== AANDACHT Task: {4E00032B-056B-428E-9B6B-5FDE9FABB659} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.) Task: {547E43CF-6A7D-418B-9E7E-CE191E816949} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Geen bestand <==== AANDACHT Task: {5850FDAE-B34A-4C6B-A01F-FE203C359849} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT Task: {598A461E-0ED5-45DC-9E5D-FF2553D56FF0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-790814905-602635857-4264004509-1001UA1d23bfd50f8c6c2 => C:\Users\Michel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-11] (Dropbox, Inc.) Task: {5A4D4C35-9E16-40E0-88AF-57223C69393B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-09-13] (PC-Doctor, Inc.) Task: {5D7C52BD-55C6-4AC5-91CF-B3009F717F98} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {60E4A6A9-FDB0-45BA-AAD2-4DBC3AEA910C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-09-09] (Dell Inc.) Task: {6D67FFCD-397E-41A3-90E0-F97770EAE56B} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2014-01-02] (Microsoft Corporation) Task: {75DBD433-62E2-4A0B-83D9-F5107ADC73E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {7C0B4F7C-E979-4D18-858B-06AB8FADC643} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {830968BD-EC1B-4D7B-B22E-496700DAEB06} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT Task: {8987DF7A-E7D4-4FC8-AB76-D998CE784A58} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-27] (Adobe Systems Incorporated) Task: {94311D20-471D-4DA9-B712-3FF708DDB23E} - \WPD\SqmUpload_S-1-5-21-790814905-602635857-4264004509-1001 -> Geen bestand <==== AANDACHT Task: {A71D15F9-CCC1-4DBE-871C-D387B97208D1} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {A780E951-B229-48AE-AB60-43B2866785DB} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-09-13] (PC-Doctor, Inc.) Task: {B343D068-8E38-4E7C-99D3-BA899FF1D3A6} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.) Task: {B5A6033B-BB9E-467B-81BC-6AB0AAD5AD91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd) Task: {B72F211E-771B-4283-8568-072929D06B87} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.) Task: {B7CF85DC-EB6D-46FB-AD33-BE5B0F149A0B} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe Task: {CB6091B0-6D65-4247-9A0D-A5C197B6340B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {D7EF483D-90B5-4F5D-B9A0-E38BFBCD79B3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {DFAF0CB3-BEEA-49DF-ADED-2ECC2B9FE31B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {E17ED11B-FFE7-4C5C-8D93-E23A61007D90} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink) Task: {EB707227-F820-439C-AEFD-EF881B912E66} - System32\Tasks\{4FFDFA8F-2CB7-4675-8B7E-249BD8DE8268} => pcalua.exe -a D:\Downloads\TeamViewer_Host_Setup-idca88npq3.exe -d D:\Downloads Task: {F3D78939-CB7F-4A0E-B3DE-0F34F18D0214} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-790814905-602635857-4264004509-1001Core1d23bfd50dd7933 => C:\Users\Michel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-11] (Dropbox, Inc.) Task: {FFE454F1-7F2E-43FA-86B9-0A3102821AAD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-790814905-602635857-4264004509-1001Core1d23bfd50dd7933.job => C:\Users\Michel\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-790814905-602635857-4264004509-1001UA1d23bfd50f8c6c2.job => C:\Users\Michel\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 13:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2014-02-26 17:46 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-02-26 17:46 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll 2013-10-01 10:23 - 2013-10-01 10:23 - 02816088 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll 2016-12-14 13:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-05-27 14:50 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-11-01 11:06 - 2016-11-01 11:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 14:43 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-11 14:43 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 14:43 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-11 14:43 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 14:43 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 14:43 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-02-09 18:09 - 2017-02-09 18:09 - 00472576 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\53270d9e522b61caae15dbaecec2a092\VistaBridgeLibrary.ni.dll 2016-11-23 15:19 - 2016-11-23 15:19 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-11-23 15:19 - 2016-11-23 15:19 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-03 17:20 - 2016-06-03 17:20 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-11-23 15:19 - 2016-11-23 15:19 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2016-11-23 15:19 - 2016-11-23 15:19 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll 2016-05-26 17:10 - 2016-05-26 17:10 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2017-02-08 09:20 - 2017-02-07 05:48 - 00801600 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll 2017-02-08 09:21 - 2017-01-14 00:53 - 00035792 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2017-02-08 09:21 - 2017-01-14 00:53 - 00100296 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2017-02-08 09:21 - 2017-01-14 00:53 - 00018888 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\select.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00019776 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2017-02-08 09:21 - 2017-01-14 00:53 - 00694224 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00020824 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2017-02-08 09:21 - 2017-01-14 00:54 - 00123856 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 01682768 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00020816 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2017-02-08 09:20 - 2017-01-14 00:53 - 00145864 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2017-02-08 09:20 - 2017-01-14 00:54 - 00019408 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2017-02-08 09:20 - 2017-01-14 00:53 - 00116688 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2017-02-08 09:21 - 2017-01-14 00:56 - 00105928 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32api.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00022864 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00052544 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00038712 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\fastpath.pyd 2017-02-08 09:20 - 2017-01-14 00:53 - 00392144 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2017-02-08 09:20 - 2017-01-14 00:56 - 00020936 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2017-02-08 09:21 - 2017-01-14 00:56 - 00024528 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32event.pyd 2017-02-08 09:21 - 2017-01-14 00:57 - 00116176 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32security.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00381760 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2017-02-08 09:21 - 2017-01-14 00:56 - 00124880 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32file.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00026456 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd 2017-02-08 09:21 - 2017-01-14 00:56 - 00024016 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2017-02-08 09:21 - 2017-01-14 00:56 - 00175560 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32gui.pyd 2017-02-08 09:21 - 2017-01-14 00:57 - 00030160 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2017-02-08 09:21 - 2017-01-14 00:57 - 00043472 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32process.pyd 2017-02-08 09:21 - 2017-01-14 00:57 - 00048592 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32service.pyd 2017-02-08 09:21 - 2017-01-14 00:56 - 00057808 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2017-02-08 09:21 - 2017-01-14 00:57 - 00024016 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32profile.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00246608 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00027488 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-02-08 09:21 - 2017-01-14 00:55 - 00241104 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\_jpegtran.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00022336 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2017-02-08 09:21 - 2017-01-14 00:57 - 00028616 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32ts.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 01826104 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2017-02-08 09:21 - 2017-01-14 00:54 - 00083912 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\sip.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 01972536 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 03928896 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00531264 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00025432 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00133432 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00224064 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00207680 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00021840 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00069968 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00022872 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00021848 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00022872 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd 2017-02-08 09:21 - 2017-01-14 00:57 - 00350152 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00103232 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00023896 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00025936 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2017-02-08 09:20 - 2017-01-14 00:51 - 00036296 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\librsync.dll 2017-02-08 09:20 - 2017-02-07 05:50 - 00033112 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd 2017-02-08 09:20 - 2016-12-22 07:58 - 00293392 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2017-02-08 09:20 - 2017-02-07 05:50 - 00084288 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2017-02-08 09:20 - 2017-01-14 01:02 - 00017864 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\libEGL.dll 2017-02-08 09:20 - 2017-01-14 01:02 - 01631184 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2017-02-08 09:20 - 2017-02-07 05:50 - 00042816 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00171336 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00357688 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2017-02-08 09:21 - 2017-01-14 00:57 - 00060880 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\win32print.pyd 2017-02-08 09:21 - 2017-02-07 05:50 - 00026456 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-02-08 09:20 - 2017-02-07 05:50 - 00546104 _____ () C:\Users\Michel\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2017-01-25 17:32 - 2017-01-25 17:32 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPBridgeDLL.dll 2017-01-25 17:32 - 2017-01-25 17:32 - 06078976 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPappDLL.dll 2017-01-25 17:37 - 2017-01-25 17:37 - 00069256 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTBridge.dll 2017-01-25 17:37 - 2017-01-25 17:37 - 00279688 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTClientNode.dll 2017-01-25 07:15 - 2017-01-25 07:15 - 00324608 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPHeaderParser.dll 2014-02-19 15:59 - 2013-03-05 04:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-05 11:41 - 2013-03-05 11:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2014-02-19 15:52 - 2013-08-28 11:02 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-03-05 14:45 - 2014-03-05 14:45 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll 2014-03-05 14:48 - 2014-03-05 14:48 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2014-02-26 17:46 - 2014-02-26 17:55 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2016-12-19 17:40 - 2016-12-19 17:40 - 01114136 _____ () C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\10suxazh.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 14:25 - 2017-02-11 14:26 - 00000850 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-790814905-602635857-4264004509-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\StartupFolder: => "Install LastPass IE RunOnce.lnk" HKLM\...\StartupApproved\StartupFolder: => "Install LastPass FF RunOnce.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "RtHDVBg" HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton" HKLM\...\StartupApproved\Run: => "SynTPEnh" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "QuickSet" HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run: => "Utility Chest Home Page Guard 64 bit" HKLM\...\StartupApproved\Run: => "MapsGalaxy Home Page Guard 64 bit" HKLM\...\StartupApproved\Run: => "FromDocToPDF AppIntegrator 64-bit" HKLM\...\StartupApproved\Run: => "FromDocToPDF_65 Browser Plugin Loader 64" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "MapsGalaxy_39 Browser Plugin Loader 64" HKLM\...\StartupApproved\Run: => "StartCCC" HKLM\...\StartupApproved\Run: => "UtilityChest_49 Browser Plugin Loader 64" HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor" HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe" HKLM\...\StartupApproved\Run32: => "FromDocToPDF Search Scope Monitor" HKLM\...\StartupApproved\Run32: => "FromDocToPDF_65 Browser Plugin Loader" HKLM\...\StartupApproved\Run32: => "FromDocToPDF AppIntegrator 64-bit" HKLM\...\StartupApproved\Run32: => "FromDocToPDF AppIntegrator 32-bit" HKLM\...\StartupApproved\Run32: => "FromDocToPDF EPM Support" HKLM\...\StartupApproved\Run32: => "beid" HKLM\...\StartupApproved\Run32: => "UtilityChest_49 Browser Plugin Loader" HKLM\...\StartupApproved\Run32: => "Utility Chest Search Scope Monitor" HKLM\...\StartupApproved\Run32: => "Utility Chest EPM Support" HKLM\...\StartupApproved\Run32: => "MapsGalaxy_39 Browser Plugin Loader" HKLM\...\StartupApproved\Run32: => "MapsGalaxy Search Scope Monitor" HKLM\...\StartupApproved\Run32: => "MapsGalaxy EPM Support" HKLM\...\StartupApproved\Run32: => "WD Quick View" HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper" HKLM\...\StartupApproved\Run32: => "IAStorIcon" HKLM\...\StartupApproved\Run32: => "SynTPEnh" HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp" HKU\S-1-5-21-790814905-602635857-4264004509-1001\...\StartupApproved\StartupFolder: => "Verzenden naar OneNote.lnk" HKU\S-1-5-21-790814905-602635857-4264004509-1001\...\StartupApproved\Run: => "BrowserChoice" HKU\S-1-5-21-790814905-602635857-4264004509-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-790814905-602635857-4264004509-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-790814905-602635857-4264004509-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{A2C9E07D-0255-4E1E-82C9-BC031B048732}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{09761168-E92E-4066-BD86-96466B64E645}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe FirewallRules: [{7C41ACEA-F9FC-4910-9D0B-FF2C57CF5D37}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2F62C48C-2257-4AF7-8407-A7D91C2E3FF0}] => (Allow) LPort=2869 FirewallRules: [{C61532D1-2F51-417B-8FF4-778E6152D5AA}] => (Allow) LPort=1900 FirewallRules: [{B8651626-A9DE-4496-9909-D65715DF6CA6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{BA5AA518-21F4-463B-9833-E1B5F7A5BB67}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{D0269A7D-2954-4AC7-A5CC-07E1B26B4CBA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{ED8F0F8C-7ED7-4862-AC41-35FCBA8FF19D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{C359CB53-D0C8-4C67-8A10-32F8B9E5E89E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{8DD88D3A-DD2B-4866-821E-BEFE6F907AF1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{4774EA9A-FE34-4DD4-BCF9-815A95FC99C9}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe FirewallRules: [{D779D225-9789-49C9-AF14-2F7C77BD9B9C}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe FirewallRules: [{C819FB41-A0CC-449F-9587-383289BF2DBF}] => (Allow) C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{2AE27D5C-72A9-42C0-9778-426A51E25D8C}] => (Allow) C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{1FCD9FB7-0D46-4C15-8AA7-AF28288B3A83}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5D059345-C269-4693-8600-115DB0DE60D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2A1E4FCD-D1B8-4D45-8338-361368A6A9DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F7013D9C-7844-4FEE-AD43-59E9CB869266}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A9792980-D8B5-42DA-9BB6-C25FEF65D565}] => (Allow) C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe FirewallRules: [{98CFAE22-55C1-4D25-9D06-8CF5FE6584E8}] => (Allow) C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe FirewallRules: [{6DC668B8-2F51-41B9-AC5A-520F5E21549C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{E96D3893-6EE8-4B8C-967C-8E697B674B5D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{98FD41AD-5C3D-4054-B4BC-8C19D7B7E9C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{869D1E59-7BD1-4BB0-88FE-DA4DF2DCDCEB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Herstelpunten ========================= 10-02-2017 16:21:10 Voor opkuis Malware Bytes ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (02/17/2017 10:20:24 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (02/17/2017 09:45:11 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de WmiApRpl-service in DLL-bestand C:\WINDOWS\system32\wbem\wmiaprpl.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (02/17/2017 09:45:11 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Kan het prestatieobject voor dee Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode. Error: (02/17/2017 09:45:11 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de MSDTC-service in DLL-bestand C:\WINDOWS\system32\msdtcuiu.DLL is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (02/17/2017 09:45:11 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de Lsa-service in DLL-bestand C:\Windows\System32\Secur32.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (02/17/2017 09:45:11 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de ESENT-service in DLL-bestand C:\WINDOWS\system32\esentprf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (02/16/2017 05:41:50 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de WmiApRpl-service in DLL-bestand C:\WINDOWS\system32\wbem\wmiaprpl.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (02/16/2017 05:41:49 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Kan het prestatieobject voor dee Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode. Error: (02/16/2017 05:41:49 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de MSDTC-service in DLL-bestand C:\WINDOWS\system32\msdtcuiu.DLL is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (02/16/2017 05:41:49 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de Lsa-service in DLL-bestand C:\Windows\System32\Secur32.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Systeemfouten: ============= Error: (02/17/2017 11:49:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/17/2017 11:49:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/17/2017 11:49:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/17/2017 11:49:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/17/2017 10:05:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/17/2017 10:05:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/17/2017 10:05:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/17/2017 10:05:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/17/2017 10:04:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Interactive Services Detection-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (02/17/2017 09:45:18 AM) (Source: DCOM) (EventID: 10010) (User: DELL) Description: De server {21F282D1-A881-49E1-9A3A-26E44E39B86C} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz Percentage geheugen in gebruik: 39% Totaal fysiek RAM-geheugen: 8072.96 MB Beschikbaar fysiek RAM-geheugen: 4878.24 MB Totaal Virtueel geheugen: 9352.96 MB Beschikbaar Virtual geheugen: 5928.29 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:146.83 GB) (Free:105.29 GB) NTFS Drive d: (Data) (Fixed) (Total:146.48 GB) (Free:144.46 GB) NTFS Drive m: (Media) (Fixed) (Total:292.97 GB) (Free:261.38 GB) NTFS Drive t: (Temp) (Fixed) (Total:205.97 GB) (Free:188.87 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 3262E204) Partition: GPT. ==================== Eind van Addition.txt ============================