Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 12-01-2017 Gestart door Esther (13-01-2017 11:08:34) Gestart vanaf C:\Users\Esther\Downloads Windows 10 Home Versie 1607 (X64) (2016-09-24 14:11:09) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2602939782-1314808242-3865560093-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2602939782-1314808242-3865560093-503 - Limited - Disabled) Esther (S-1-5-21-2602939782-1314808242-3865560093-1001 - Administrator - Enabled) => C:\Users\Esther Gast (S-1-5-21-2602939782-1314808242-3865560093-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2602939782-1314808242-3865560093-1003 - Limited - Enabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Antivirus by F-Secure (Enabled - Up to date) {4CBE0CB6-C6C6-9D82-ECD2-A076E5981AC9} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Antivirus by F-Secure (Enabled - Up to date) {F7DFED52-E0FC-920C-D662-9B049E1F5074} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) 64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden Adobe Reader XI (11.0.19) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden AlllSaveR (HKLM-x32\...\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62}) (Version: - ) <==== AANDACHT ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.2 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.5710.52 - CyberLink Corp.) Hidden AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.) Computer Security 14.150.101.0 (release) (x32 Version: 14.150.101.0 - F-Secure Corporation) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DNS Unlocker (HKLM-x32\...\DNSUnlocker.ns) (Version: - ) <==== AANDACHT Dropbox (HKLM-x32\...\Dropbox) (Version: 17.4.33 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden F-Secure CCF Scanning 1.72.115.709 (release) (x32 Version: 1.72.115.709 - F-Secure Corporation) Hidden F-Secure Network CCF 1.04.119 (x32 Version: 1.04.119 - F-Secure Corporation) Hidden F-Secure SafeSearch 1.09.109.0 (release) (x32 Version: 1.09.109.0 - F-Secure Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Interenet Optimizer (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}) (Version: - BullPoint) <==== AANDACHT KPN Veilig (HKLM-x32\...\F-Secure ServiceEnabler 4582601) (Version: 2.50.214.0 - F-Secure Corporation) KPN Veilig (x32 Version: 2.50.214.0 - F-Secure Corporation) Hidden Malwarebytes versie 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.7571.2075 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movavi Video Converter 14 (HKLM-x32\...\Movavi Video Converter 14) (Version: 14.3.0 - Movavi) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2075 - Microsoft Corporation) Hidden Online Safety 2.150.3659.2518 (x32 Version: 2.150.3659.2518 - F-Secure Corporation) Hidden OpenOffice 4.1.1 (HKLM-x32\...\{89FD914D-4472-4E4F-8638-69E857E82DC9}) (Version: 4.11.9775 - Apache Software Foundation) PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH) PDF Architect 3 Create Module (x32 Version: 3.0.8.22528 - pdfforge GmbH) Hidden PDF Architect 3 Edit Module (x32 Version: 3.0.8.22528 - pdfforge GmbH) Hidden PDF Architect 3 View Module (x32 Version: 3.0.8.22528 - pdfforge GmbH) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.0 - pdfforge) Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.41 - Ralink) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16084.2 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.4.16084.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP) WBFS to ISO (HKLM-x32\...\{55F0E086-2E1C-4478-B52E-DA6025A46434}_is1) (Version: - wbfstoiso.com) WinAVI All-in-One Converter (HKLM-x32\...\WinAVI All-in-One Converter) (Version: 1.7.0.4734 - ZJMedia Digital Technology Ltd.) Windows Driver Package - ASUS (ATP) Mouse (10/31/2013 1.0.0.191) (HKLM\...\15591935E93BF0A0E42CA53B578EE5E630971E15) (Version: 10/31/2013 1.0.0.191 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) Windows-stuurprogrammapakket - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) WinZip 20.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24104}) (Version: 20.5.12118 - WinZip Computing, S.L. ) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\ChromeHTML: -> <==== AANDACHT CustomCLSID: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001_Classes\CLSID\{034DF736-A378-4292-ACAE-A561088999F5}\InprocServer32 -> C:\Users\Esther\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司) CustomCLSID: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001_Classes\CLSID\{1077138E-896C-445E-BD31-CFCFFA4636C4}\InprocServer32 -> C:\Users\Esther\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司) CustomCLSID: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files (x86)\WinZip\adxloader64.dll () ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {03ED90F7-EC09-47D7-AB6E-9A339EE9FE3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16] (Google Inc.) Task: {065F8CB6-C6BC-4469-B123-F45D2E6542B1} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] () Task: {06F5C9CC-1085-4022-90D8-BAEAA2CE7CD7} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {0DDAA308-13C5-40F6-94CD-08D99C5D9258} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {145FA211-F167-46FC-8AE6-856DD381382F} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS) Task: {149529DC-2B7D-4024-AB79-187F0AC0CD91} - \PostPoneInstall -> Geen bestand <==== AANDACHT Task: {23206051-EF48-4D0E-904B-1D4731EC3F7B} - System32\Tasks\DNSWILLISTON => dnswilliston.exe <==== AANDACHT Task: {256C992B-D2AD-4FD8-8BED-107602605A70} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-16] (Google Inc.) Task: {26053644-C66E-4053-95FA-2BD1C6052B3F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek) Task: {28A478D4-4410-42D6-8B43-F9B5C771842D} - \WPD\SqmUpload_S-1-5-21-2602939782-1314808242-3865560093-1001 -> Geen bestand <==== AANDACHT Task: {29E1DAF9-474F-4406-8054-69DA4DA62B06} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {2CBD774F-0B70-4937-8396-1F215CEF86E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {2DBB619D-FDD0-4226-BC4B-331F34F1DBFB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {379B0B0F-B59D-48BB-853E-570D410FEA2B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {39327E5D-8004-49B2-A2A5-82C257642D5C} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-04-29] (ASUS) Task: {3ABE41D0-E97E-497C-BBE0-C9C869EF6C4A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {3BC25BE4-DBD4-4CAF-8B90-D44BDA9D79DA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {3C6CE93F-DDC5-429F-B5EF-8CC1C798CCDC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {3CE4BAED-788A-41E3-8BFD-7F8F5B4F4912} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-04] (Microsoft Corporation) Task: {3D294E28-180E-48E7-BC19-5E97ED794821} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe Task: {4147923D-7BDA-4DFA-AEF4-A203C5CE824A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {46E552B1-82F4-43D3-A976-90D0EA88EE83} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {54531226-4A5D-43D6-BB96-F144D7DFF953} - System32\Tasks\F-Secure\F-Secure GUI => C:\Program Files (x86)\KPN Veilig\FsGuiStarter.exe [2016-03-11] (F-Secure Corporation) Task: {5DE8FEBF-E876-442C-9CA0-B0F65A737F0C} - System32\Tasks\CKCY => C:\Users\Esther\AppData\Roaming\CKCY.exe <==== AANDACHT Task: {5F4CFA21-F8FF-46AE-B9EB-ACA35277515F} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files (x86)\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.) Task: {61C8B2BC-ED6B-4EA4-AD53-F2CC57B0D973} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {764D052B-7F7A-4D1A-A9D6-6C36F264FB6D} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.) Task: {7B70DC0F-3A9A-4982-AC97-24551809FA3E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {80BFE060-13A6-455E-8E65-8BCA49E574B0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-26] (Dropbox, Inc.) Task: {818DBE4F-95C5-4F99-A956-49B48588898B} - System32\Tasks\PPTAssistantNotifyTask_Esther => C:\Users\Esther\appdata\local\pptassist\notify.exe [2017-01-03] (珠海金山办公软件有限公司) <==== AANDACHT Task: {8F180FB7-DAA0-4103-A216-86D285D70062} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation) Task: {992F507D-048C-4B2D-932B-82154F3AD539} - System32\Tasks\avastBCLRestartS-1-5-21-2602939782-1314808242-3865560093-1001 => Chrome.exe Task: {A010BFF4-4439-4C6C-8613-3AD4F92A48E3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation) Task: {B82B3EB4-148C-4F32-ADA9-9A5B8D5EEB96} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] () Task: {BA6A0D8E-8E7A-49DC-AC4A-F13E11E8879F} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {CA53B170-6C54-43FD-80C8-A71997FC3162} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {D612219F-A9B1-43AA-9B64-7865A5FABE90} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation) Task: {DC193BBA-F66E-4C5F-8906-B8B4D946A1A2} - \{0F7A0F47-7E0E-7D0E-0C11-7F050E0F110B} -> Geen bestand <==== AANDACHT Task: {EA422BEF-8C97-48FD-853C-8AE0F453B5E9} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {EC2BCDC5-B82F-4888-BFEF-129A8A698DC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT Task: {FA65A437-726D-46E0-AE8F-D22B0DFF0FCE} - System32\Tasks\WYRSSKMK => C:\Users\Esther\AppData\Roaming\WYRSSKMK.exe <==== AANDACHT Task: {FAB5A583-5911-4510-B5C9-6BDFB9724CDF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-26] (Dropbox, Inc.) Task: {FF227751-73B8-4CB6-AAE6-379A5C51DE73} - System32\Tasks\PPTAssistantUpdateTask_Esther => C:\Users\Esther\AppData\Local\PPTAssist\assistupdate.exe [2016-11-07] (Zhuhai Kingsoft Office Software Co.,Ltd) <==== AANDACHT (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CKCY.job => C:\Users\Esther\AppData\Roaming\CKCY.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Esther.job => C:\Users\Esther\appdata\local\pptassist\notify.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Esther.job => C:\Users\Esther\AppData\Local\PPTAssist\assistupdate.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\WYRSSKMK.job => C:\Users\Esther\AppData\Roaming\WYRSSKMK.exe <==== AANDACHT ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-14 08:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2012-12-19 07:10 - 2012-12-19 07:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2017-01-12 15:52 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll 2017-01-12 15:52 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll 2017-01-12 15:52 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2013-04-29 16:03 - 2013-04-29 16:03 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2016-12-14 08:00 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-12-15 22:23 - 2016-12-15 22:23 - 01678560 _____ () C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll 2016-09-24 15:18 - 2016-09-24 15:18 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-11 08:14 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-11 08:14 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-11 08:14 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-11 08:14 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-11 08:14 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-11 08:14 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-03-11 15:14 - 2016-03-11 15:14 - 00250840 _____ () C:\Program Files (x86)\KPN Veilig\daas2.dll 2017-01-11 16:13 - 2015-11-24 11:26 - 00072744 _____ () C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng 2017-01-11 16:14 - 2017-01-11 16:18 - 00213984 _____ () C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\Spam Control\fsas.dll 2014-05-16 02:41 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-10-08 20:41 - 2013-10-08 20:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2013-09-09 18:23 - 2013-09-09 18:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2016-12-15 22:23 - 2016-12-15 22:23 - 01244376 _____ () C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll 2016-12-22 06:52 - 2016-12-08 02:00 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-01-12 07:32 - 2016-12-08 02:00 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-01-12 07:32 - 2016-12-08 02:01 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2017-01-12 07:32 - 2016-12-08 02:00 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-12-22 06:52 - 2016-12-08 02:04 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-12-22 06:52 - 2016-12-08 02:00 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-12-22 06:52 - 2016-12-08 02:00 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-12-22 06:52 - 2016-12-08 02:00 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-01-12 07:32 - 2017-01-06 01:03 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-12-22 06:52 - 2016-12-08 02:01 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2017-01-12 07:32 - 2017-01-06 01:03 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-01-12 07:32 - 2017-01-06 01:03 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00021328 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00052032 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2017-01-12 07:32 - 2016-12-08 02:00 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-01-12 07:32 - 2016-12-08 02:04 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-01-12 07:32 - 2017-01-06 01:03 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2017-01-12 07:32 - 2017-01-06 01:03 - 00026464 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-12-22 06:52 - 2016-12-08 02:02 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2017-01-12 07:32 - 2017-01-06 01:03 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00023384 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00019792 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00022360 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00024400 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-01-12 07:32 - 2016-12-08 01:57 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-01-12 07:32 - 2017-01-06 01:04 - 00031576 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2017-01-12 07:32 - 2016-12-22 03:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2017-01-12 07:32 - 2017-01-06 01:03 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2017-01-12 07:32 - 2017-01-06 01:04 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-12-22 06:52 - 2016-12-08 02:01 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00020296 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd 2017-01-12 07:32 - 2016-12-08 02:08 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2017-01-12 07:32 - 2016-12-08 02:08 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2017-01-12 07:32 - 2017-01-06 01:04 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-12-22 06:52 - 2016-12-08 02:04 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00037200 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2016-12-22 06:52 - 2017-01-06 01:04 - 00024920 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-01-12 07:32 - 2017-01-06 01:04 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2016-12-13 22:09 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll 2016-12-13 22:09 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll 2017-01-11 16:21 - 2017-01-11 16:21 - 17835096 _____ () C:\Users\Esther\AppData\Local\Google\Chrome\User Data\PepperFlash\24.0.0.194\pepflashplayer.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\sharepoint.com -> hxxps://csmel-files.sharepoint.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\1001movie.com -> 1001movie.com Er zijn 6091 Meer websites. ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2017-01-11 17:08 - 2017-01-11 17:08 - 00000355 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Esther\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\20151025_143311.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\StartupApproved\Run: => "Skype" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [{43DA8198-E940-469F-BCA3-1D2ADDF75CE7}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{4E128C66-0A3D-49E1-BDE1-86C5DCB120A0}] => C:\Users\Esther\AppData\Local\WikiBrowser\Application\wikibrowser.exe FirewallRules: [UDP Query User{E4172074-4621-4DD4-8C4F-ED4E8B64912E}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{B787BE79-412B-4BC6-9B7E-3DC5F627A5A9}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{C2191D0B-9C92-4C8C-9DEF-EB6DF8DE9AA6}] => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe FirewallRules: [{5D93EBD1-3637-41D3-847E-7908BB514224}] => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe FirewallRules: [{D18D3BB4-0220-496E-AC82-7DDB29AD5CF8}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{A8F27EAE-C940-4DD9-851E-5D20DDCDC8A0}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [UDP Query User{ED8263B0-8E96-4078-8CDA-AB88C64060FF}C:\users\esther\appdata\local\popcorn time\node-webkit\popcorn time.exe] => C:\users\esther\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{E2CAEDD1-B366-4657-8A13-EDC0176E04FC}C:\users\esther\appdata\local\popcorn time\node-webkit\popcorn time.exe] => C:\users\esther\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{2CB9C9D0-CEF1-4A0C-9557-A81AF8F98CE4}C:\users\esther\appdata\roaming\torntv.com\torntv downloader.exe] => C:\users\esther\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [TCP Query User{31A9D1C7-B034-4855-B3D6-B863ECA9A891}C:\users\esther\appdata\roaming\torntv.com\torntv downloader.exe] => C:\users\esther\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [UDP Query User{84CCE71E-87E7-46FA-8F9A-1141467B0E0B}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{B92079E1-FD60-4525-B9DE-343C5D1D5BFE}] => C:\Program Files (x86)\GoForFiles\GoforFiles.exe FirewallRules: [{3BD93E25-4959-4D3D-86A3-FE15EDD3729C}] => C:\Program Files (x86)\GoForFiles\GoforFiles.exe FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => LPort=2869 FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => LPort=1900 FirewallRules: [{9CBDB688-1560-4EC3-B3C4-13B86FD1A88A}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{BBF4132F-8502-4D79-A452-D3F4C5CB3FBE}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{CE9AD241-BC0E-4F5E-A42C-7662A7EFF61F}] => C:\Windows\System32\migwiz\migwiz.exe FirewallRules: [{121030ED-345E-4DD0-B581-96526B80B281}] => C:\Windows\System32\migwiz\migwiz.exe FirewallRules: [{6228495F-8AAB-4441-AA13-721824294A6B}] => LPort=7000 FirewallRules: [{28249551-D818-4590-AC5F-92A3513A2852}] => LPort=7000 FirewallRules: [{CE518D55-C55D-48B4-896E-312BAED2DDDE}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{71D16BC0-A61E-4F55-8461-6D6AA180FFB8}] => C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{14C06A33-1003-4BC8-8A06-0CEE13D15336}] => C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{3CC01A73-0542-4226-8630-911F2FA03960}] => C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{57513412-B6DB-459F-AF68-0D4489061EC0}] => C:\Users\Esther\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{397A99A4-20A9-4C2B-9E8A-580A756C8804}] => C:\Users\Esther\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{FAABD0D5-8214-491C-B640-7D2A8834FBAA}] => C:\Users\Esther\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{DD6D8F84-BA61-40EA-A74D-7B6BCF608FE9}] => C:\Users\Esther\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{996E72D3-0264-40F2-821F-C98738A77907}] => C:\Users\Esther\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{D90F551E-62E0-4888-ADC1-4860BE74D53F}] => C:\Users\Esther\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{68A1C2BB-8C14-4ADB-B14E-8CC7DE4C5CAB}] => C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{77D108FD-829B-4F1C-82E8-8113499412D9}] => C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{2321FAA1-3DBB-4E87-8015-56993255BE6D}] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\PLUGINS\CHECKPCMGRUPDATE.EXE FirewallRules: [{584BA59E-5C3B-4F93-913F-69DFE45710EA}] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\WechatBackup\WechatBackup.exe FirewallRules: [{ABBA486B-C13C-442D-8161-F8AE22B5791A}] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\WechatBackup\WechatBackup.exe FirewallRules: [{2CD56B13-5F3A-4519-BA36-1C367024DA1B}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C50FCD1C-9C81-40E9-9A1C-0D1EB4288E25}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Herstelpunten ========================= 23-12-2016 19:26:37 Gepland controlepunt 02-01-2017 10:15:05 Gepland controlepunt 10-01-2017 15:26:12 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= Name: 260ci WIA Driver (USB) Description: 260ci WIA Driver (USB) Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Kyocera Service: usbscan Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (01/13/2017 08:42:03 AM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) Het systeem kan het opgegeven bestand niet vinden. Error: (01/13/2017 07:29:50 AM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) Het systeem kan het opgegeven bestand niet vinden. Error: (01/12/2017 11:22:01 PM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) Het systeem kan het opgegeven bestand niet vinden. Error: (01/12/2017 07:29:59 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (01/12/2017 03:58:34 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\WinZip\adxloader.dll.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\WinZip\adxloader.dll.Manifest' op regel 2. Het hoofdelement van het manifestbestand moet een assemblage zijn. Error: (01/12/2017 08:22:20 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (01/12/2017 07:33:21 AM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) Het systeem kan het opgegeven bestand niet vinden. Error: (01/12/2017 07:33:19 AM) (Source: DbxSvc) (EventID: 293) (User: ) Description: Failed to validate client process executable is signed: C:\Program Files (x86)\Dropbox\Client_17.4.33\Dropbox.exe Error: (01/12/2017 07:33:19 AM) (Source: DbxSvc) (EventID: 282) (User: ) Description: Certificate mismatch for file: C:\Program Files (x86)\Dropbox\Client_17.4.33\Dropbox.exe Error: (01/12/2017 07:24:19 AM) (Source: DbxSvc) (EventID: 320) (User: ) Description: Failed to connect to the driver: (-2147024894) Het systeem kan het opgegeven bestand niet vinden. Systeemfouten: ============= Error: (01/13/2017 10:59:26 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/13/2017 08:41:05 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: MBAMService. Error: (01/13/2017 08:40:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/13/2017 07:36:26 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/13/2017 07:28:47 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/13/2017 07:28:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Host synchroniseren_372f22-service is gestopt met de volgende foutcode: Toegang geweigerd. . Error: (01/13/2017 07:28:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/13/2017 07:26:16 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/12/2017 11:19:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (01/12/2017 07:30:32 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage geheugen in gebruik: 68% Totaal fysiek RAM-geheugen: 3981.67 MB Beschikbaar fysiek RAM-geheugen: 1265.5 MB Totaal Virtueel geheugen: 4813.67 MB Beschikbaar Virtual geheugen: 1688.71 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:47.32 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive d: (Data) (Fixed) (Total:258.34 GB) (Free:258.03 GB) NTFS Drive h: (Elements) (Fixed) (Total:465.76 GB) (Free:9.36 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 0FE4DC0A) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 0002E78D) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================