Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 14-05-2017 Gestart door Kris (15-05-2017 14:19:57) Gestart vanaf C:\Users\Kris\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2015-06-01 20:20:13) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4276663131-3465244740-1094672977-500 - Administrator - Disabled) Gast (S-1-5-21-4276663131-3465244740-1094672977-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4276663131-3465244740-1094672977-1002 - Limited - Enabled) Kris (S-1-5-21-4276663131-3465244740-1094672977-1001 - Administrator - Enabled) => C:\Users\Kris Sonos (S-1-5-21-4276663131-3465244740-1094672977-1003 - Limited - Enabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: McAfee VirusScan Enterprise (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan Enterprise Antispyware Module (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7319 - CyberLink Corp.) Acer Arcade Deluxe (x32 Version: 3.0.7319 - CyberLink Corp.) Hidden Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3007 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.) Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.03.1223 - Acer Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.2009.1217 - Acer Incorporated) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated) Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}) (Version: 1.9.17.06019 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.9.17.06019 - Alcor Micro Corp.) Hidden Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media) Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden Belfius Smart Card Reader Chrome-App (HKU\S-1-5-21-4276663131-3465244740-1094672977-1001\...\{22723509-aab9-4276-8b57-734560faf359}) (Version: 2.3.2.0 - VASCO Data Security) Belfius Smart Card Reader Chrome-App (x32 Version: 2.3.2.0 - VASCO Data Security) Hidden Belgium e-ID middleware 4.1.20 (build 1779) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71779}) (Version: 4.1.1779 - Belgian Government) Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.2.4.2 - Broadcom Corporation) Brother MFL-Pro Suite DCP-560CN (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.0.2.0 - Brother Industries, Ltd.) Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media) CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform) Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media) Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft) eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media) Flash Update Installer (x32 Version: 6.0.2 - Microsoft) Hidden Fuse Installer (x32 Version: 6.0.2 - Nokia) Hidden Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 2.6 - Gadwin Systems, Inc.) Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated) Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.) LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation) Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft) Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) McAfee Agent (HKLM-x32\...\{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.) McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.00000 - McAfee, Inc.) Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - nl-nl (HKLM\...\ProPlusRetail - nl-nl) (Version: 15.0.4919.1002 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MYDIGIPASS Smart Card Reader Chrome-App (HKU\S-1-5-21-4276663131-3465244740-1094672977-1001\...\{28834d98-8215-4e2a-9f15-bedd80d5f264}) (Version: 2.3.3.0 - VASCO Data Security) MYDIGIPASS Smart Card Reader Chrome-App (x32 Version: 2.3.3.0 - VASCO Data Security) Hidden Nokia Connectivity Cable Driver (HKLM-x32\...\{D4BF151C-70A8-4CE2-906F-4173A575BAD9}) (Version: 7.1.182.0 - Nokia) Nokia Software Recovery Tool 6.0.2 (HKLM-x32\...\{4911c957-ebe6-4b6a-9609-4fb36c03941f}) (Version: 6.0.2 - Microsoft) Nokia Software Recovery Tool 6.0.2 (x32 Version: 6.0.2 - Microsoft) Hidden NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.630 - NewTech Infosystems) NTI Backup Now Standard (x32 Version: 5.1.2.630 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6636 - NewTech Infosystems) NTI Media Maker 8 (x32 Version: 8.0.12.6636 - NewTech Infosystems) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4919.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4919.1002 - Microsoft Corporation) Hidden Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version: - Oberon Media) Product API Installer (x32 Version: 6.0.2 - Microsoft) Hidden Quick Startup 5.10.1.103 (HKLM-x32\...\Quick Startup) (Version: 5.10.1.103 - Glarysoft Ltd) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.) Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.) Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 35.3.39010 - Sonos, Inc.) Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media) Spotify (HKU\S-1-5-21-4276663131-3465244740-1094672977-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB) Stuurprogrammapakket voor Windows - Fedict SmartCard (11/30/2016 4.1.9) (HKLM\...\A9FBB4D4E267FA9BF2CEBF564F02DB39E147B466) (Version: 11/30/2016 4.1.9 - Fedict) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated) Taalpakket voor Microsoft .NET Framework 4.5 - NLD (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50709 - Microsoft Corporation) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Uw bedrijfsnaam) TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Uw bedrijfsnaam) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom) USB Serial Port Driver (HKLM-x32\...\{FE11883D-EA67-473C-BDD1-8D6B6DFCBEAC}) (Version: 1.1.8.1526 - Microsoft) VASCO Card Reader Plug-In (64-Bit) (Version: 3.2.3.4 - VASCO Data Security) Hidden VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-4276663131-3465244740-1094672977-1001\...\{c77cb28d-ddd3-46f7-b51a-14a599127ba7}) (Version: 3.2.3.4 - VASCO Data Security) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated) Windows Device Recovery Tool 3.1.5 (HKLM-x32\...\{c47fc5ee-8e06-46e8-95e4-389d2d1c9cb3}) (Version: 3.1.5 - Microsoft) Windows Live - Hulpprogramma voor uploaden (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Live aanmeldhulp (HKLM-x32\...\{1BD6AE96-4742-4498-9D03-9451C7E5A214}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}) (Version: 14.0.8117.416 - Microsoft Corporation) WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft) WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft) WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft) WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. ) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-4276663131-3465244740-1094672977-1001_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll (VASCO Data Security) CustomCLSID: HKU\S-1-5-21-4276663131-3465244740-1094672977-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0870D8B1-1306-43BC-97EC-5226B096F690} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {1B905867-F277-44F2-9F54-D5AA0848A226} - System32\Tasks\{DD293CA4-DE1B-4673-801E-E148D01AE0ED} => Chrome.exe hxxps://ui.skype.com/ui/0/7.33.0.105/nl/abandoninstall?page=tsProgressBar Task: {21C7AF5C-535F-49F7-877B-96C66D7058BA} - System32\Tasks\{A053A2A9-0BDC-4A0D-8239-B13E599521FB} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.367&LastError=404 Task: {46B45D60-971F-4AC5-A7EC-AB7D0E6A66AF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.) Task: {4CF7C429-DEE2-4B3B-901E-D2024892CCF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated) Task: {4D96D4DF-4602-4668-827D-7D5326E29B1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation) Task: {4F453773-E78F-4D97-9B9C-7D101D751F41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd) Task: {508E527B-860E-43F3-8692-8AA0FA7615A5} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-13] (WinZip Computing, S.L.) Task: {54A43952-F078-4A3C-ABCF-348C88B016D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-03] (Google Inc.) Task: {5CB84A08-180A-420E-A2D8-8BA68653B4FE} - System32\Tasks\{0DE93B29-A291-46F5-87AB-4127B6215D49} => Chrome.exe hxxps://ui.skype.com/ui/0/7.33.0.105/nl/abandoninstall?page=tsProgressBar Task: {65FD0BFD-2F27-42FF-9686-188488C798B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-03] (Google Inc.) Task: {6757EAFA-69AC-40C2-B294-787F5CAE6A3B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation) Task: {7107C5ED-8CF6-4958-8AD5-AFA3958F5DA3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-03-14] (Microsoft Corporation) Task: {74A8889D-8601-474A-82E1-E19A1F6A12D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation) Task: {857A202C-D30D-4D7F-A4CB-A00EB5B55B9B} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-13] (WinZip) Task: {AA3F6F95-CD51-43DA-8D1A-1C3E0F38C204} - System32\Tasks\{CA229D9E-BCA9-46D2-8AA3-B9E9C4A08A43} => Chrome.exe hxxps://ui.skype.com/ui/0/7.33.0.105/nl/abandoninstall?page=tsProgressBar (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Kris\Desktop\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Kris\AppData\Local\Google\Chrome\User Data\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Ad Block Plus.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=niojlnaiknmeeddcghnlbhnfplpiimjk ==================== Geladen Modules (gefilterd) ============== 2015-09-30 16:03 - 2015-09-30 16:03 - 00094888 _____ () C:\Program Files (x86)\Common Files\Microsoft\Care Suite\ADUService\ADUService.exe 2015-06-03 22:06 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2017-04-11 00:57 - 2017-04-11 00:57 - 00073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2017-05-12 19:46 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-05-12 19:46 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll 2007-04-18 19:30 - 2007-04-18 19:30 - 00393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll 2007-04-18 19:30 - 2007-04-18 19:30 - 00471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll 2011-01-12 16:05 - 2011-01-12 16:05 - 00065536 _____ () C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc80-mt-1_32.dll 2011-01-12 20:46 - 2011-01-12 20:46 - 00150032 _____ () C:\Program Files (x86)\McAfee\VirusScan Enterprise\WscAv.dll 2010-06-29 00:20 - 2010-06-29 00:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll 2010-06-29 00:12 - 2010-06-29 00:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll 2017-05-02 20:46 - 2017-05-01 16:44 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2017-04-27 14:08 - 2017-04-13 01:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2017-04-27 14:08 - 2017-04-13 01:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2017-04-27 14:08 - 2017-04-13 01:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2017-04-27 14:08 - 2017-05-01 16:48 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2017-04-27 14:08 - 2017-04-13 01:44 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2017-04-27 14:08 - 2017-04-13 01:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2017-05-02 20:46 - 2017-04-13 01:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2017-05-02 20:46 - 2017-04-13 01:44 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2017-05-02 20:46 - 2017-04-13 01:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2017-04-27 14:08 - 2017-04-13 01:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2017-05-02 20:46 - 2017-04-13 01:43 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2017-05-02 20:46 - 2017-04-13 01:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2017-04-27 14:08 - 2017-04-13 01:45 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2017-04-27 14:08 - 2017-04-13 01:44 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2017-04-27 14:08 - 2017-04-13 01:46 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2017-05-02 20:46 - 2017-04-13 01:37 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2017-05-02 20:46 - 2017-05-01 16:48 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2017-04-27 14:08 - 2017-05-01 16:49 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2017-05-02 20:46 - 2017-04-13 01:50 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2017-05-02 20:46 - 2017-04-13 01:50 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2017-05-02 20:46 - 2017-05-01 16:48 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2017-04-27 14:08 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2017-05-02 20:46 - 2017-05-01 16:48 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2017-05-02 20:46 - 2017-04-13 01:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-06-03 22:06 - 2016-09-20 05:54 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Users\Kris\Desktop\Nieuwe spelers te mailen voor pasdag en start trainingen - Snelkoppeling.lnk:com.dropbox.attributes [168] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-4276663131-3465244740-1094672977-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 195.130.130.5 - 195.130.131.5 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\Services: WMPNetworkSvc => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update-melder.lnk => C:\Windows\pss\Update-melder.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.636.11167\AdAwareTray.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ALU => C:\Program Files\Acer\Acer Updater\ALU.exe -r MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k MSCONFIG\startupreg: beid => "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup MSCONFIG\startupreg: BrMfcWnd => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun MSCONFIG\startupreg: Gadwin PrintScreen 2.6 => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash MSCONFIG\startupreg: GUSDelayStartup => "C:\Program Files (x86)\Glarysoft\Quick Startup\StartupManager.exe" -delayrun MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{B32357CD-8A70-4B89-99A1-BD8B03D494BF}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{AA3D018B-5B9D-4C58-97D4-AD2B841A4324}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{D1189855-1005-457D-9F51-7E4FF3791830}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{C0C743CD-8EC2-4796-8EEE-E24991061463}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{0E26E48A-9ADC-4268-BBC7-5E2F5DDC4175}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe FirewallRules: [{587DD746-F5D0-4A1D-9C72-D1A771D3B63D}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe FirewallRules: [{40800153-8998-480E-99B7-1751C6374C86}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe FirewallRules: [{C2A53EAD-8555-4401-8141-41CB620C0F81}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe FirewallRules: [{2367CEE9-5F4C-47FE-A4F2-998A22E99CD0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe FirewallRules: [{6779F479-788B-4894-96B5-DEA5FACFC781}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{99BA8AF9-C9EE-46A3-9444-ACAC50C2798C}] => (Allow) svchost.exe FirewallRules: [{8F12428A-53DA-4971-8A2C-91BBB0FE967C}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{F349BF03-8596-4997-BDE3-65607E28D4B2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{01B318AB-473E-4056-88BA-1B9AE6C27BBB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{4AF0DC41-CD1D-4D05-9CE2-B1F044A245D1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{FD2265B3-1AE0-40A6-97DD-76C02D4E5DF3}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe FirewallRules: [{39051236-058C-414D-BDDD-16F8EFED4BC7}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe FirewallRules: [{BAFFA05D-4C83-4D30-9441-3D88AF79CA37}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe FirewallRules: [{4A83C3B4-90FF-4923-A137-5A4E5A2CC6CE}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe FirewallRules: [{CA4F7061-1B9D-4793-AC66-593E9006D282}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{8BB404B1-A7B4-4CC9-8530-673A707C1B86}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{72355D81-2F45-445B-A73E-66645816D6F7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [TCP Query User{347674D6-AD20-4C92-930D-0992F11CBD64}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuseservice.exe FirewallRules: [UDP Query User{26DC5013-806D-4BB8-BCD5-9CC64DCE8202}C:\program files (x86)\common files\nokia\fuse\fuseservice.exe] => (Allow) C:\program files (x86)\common files\nokia\fuse\fuseservice.exe FirewallRules: [TCP Query User{FC24DFB1-D875-4978-BE84-FBF4E5875E2D}C:\program files (x86)\microsoft care suite\nokia software recovery tool\nokiasoftwarerecoverytool.exe] => (Allow) C:\program files (x86)\microsoft care suite\nokia software recovery tool\nokiasoftwarerecoverytool.exe FirewallRules: [UDP Query User{1BD3B013-21BD-4CB6-8BCC-2AFE8E89389E}C:\program files (x86)\microsoft care suite\nokia software recovery tool\nokiasoftwarerecoverytool.exe] => (Allow) C:\program files (x86)\microsoft care suite\nokia software recovery tool\nokiasoftwarerecoverytool.exe FirewallRules: [TCP Query User{9DB9DDCD-1E42-4FCA-AEDB-0AC57D45B8C7}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{D945B64A-8268-496D-B23A-2F8DD8860BAD}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{5B0C62F4-918A-464E-BD97-A8B94C4C59B1}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{45980545-E033-444D-A725-0B6C18877B58}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{368B1352-56ED-4DBE-891E-616C60499919}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe FirewallRules: [UDP Query User{BC6E744B-2D1D-4D74-AD5F-2F1C0FA710AE}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe FirewallRules: [{41A04025-D488-47F2-A074-1DA641119378}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{3006DDDE-387A-4BA5-A897-163631082584}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 13-05-2017 17:30:35 End of disinfection 13-05-2017 22:14:44 Installed Sophos Virus Removal Tool. 14-05-2017 11:30:37 Removed Sophos Virus Removal Tool. 14-05-2017 11:40:47 AA11 ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (05/15/2017 12:17:48 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe' niet maken. Fout in manifest of beleidsbestand 'c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL op regel 8. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definitie is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (05/15/2017 12:15:37 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Kan activeringscontext voor 'c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand 'c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel 3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR van kenmerk version in element assemblyIdentity is ongeldig. Error: (05/15/2017 12:14:05 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'c:\program files\microsoft office 15\root\office15\lync.exe.Manifest' niet maken. Fout in manifest of beleidsbestand 'c:\program files\microsoft office 15\root\office15\UccApi.DLL op regel 1. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definitie is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (05/15/2017 12:12:30 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\WinZip\adxloader.dll.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files\WinZip\adxloader.dll.Manifest' op regel 2. Het hoofdelement van het manifestbestand moet een assemblage zijn. Error: (05/15/2017 11:45:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: rundll32.exe_appraiser.dll, versie: 6.1.7600.16385, tijdstempel: 0x4a5bc9e0 Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23796, tijdstempel: 0x59029714 Uitzonderingscode: 0xc06d007f Foutoffset: 0x000000000001a06d Id van proces met fout: 0x550 Starttijd van toepassing met fout: 0x01d2cd6003f376ff Pad naar toepassing met fout: C:\Windows\system32\rundll32.exe Pad naar module met fout: C:\Windows\system32\KERNELBASE.dll Rapport-id: 431cde0b-3953-11e7-8d96-00262d90d508 Error: (05/14/2017 05:31:33 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe' niet maken. Fout in manifest of beleidsbestand 'c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL op regel 8. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definitie is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (05/14/2017 05:30:28 PM) (Source: SideBySide) (EventID: 63) (User: ) Description: Kan activeringscontext voor 'c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' niet maken. Fout in manifest of beleidsbestand 'c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll' op regel 3. De waarde MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR van kenmerk version in element assemblyIdentity is ongeldig. Error: (05/14/2017 05:29:41 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Kan activeringscontext voor 'c:\program files\microsoft office 15\root\office15\lync.exe.Manifest' niet maken. Fout in manifest of beleidsbestand 'c:\program files\microsoft office 15\root\office15\UccApi.DLL op regel 1. Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel. Verwijzing is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definitie is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Gebruik sxstrace.exe voor gedetailleerde diagnose. Error: (05/14/2017 05:28:54 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Kan activeringscontext voor 'C:\Program Files\WinZip\adxloader.dll.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files\WinZip\adxloader.dll.Manifest' op regel 2. Het hoofdelement van het manifestbestand moet een assemblage zijn. Error: (05/14/2017 04:48:01 PM) (Source: Outlook) (EventID: 34) (User: ) Description: Kan het bereik van verkennerbeheer niet ophalen. Fout: 0x80070015. Systeemfouten: ============= Error: (05/14/2017 04:46:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/14/2017 04:46:02 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: De Windows Search-service is gestopt met de specifieke servicefout %%-1073473535. Error: (05/14/2017 10:42:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De McAfee McShield-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/14/2017 10:38:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De McAfee McShield-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/14/2017 09:45:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De McAfee McShield-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/14/2017 09:11:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De McAfee McShield-service is onverwacht gestopt. Dit is 3 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/14/2017 09:09:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De McAfee McShield-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/14/2017 09:06:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De McAfee McShield-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (05/14/2017 08:52:54 AM) (Source: NetBT) (EventID: 4307) (User: ) Description: Initialisatie is mislukt omdat het transport heeft geweigerd beginadressen te openen. Error: (05/14/2017 08:52:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: seclogon. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz Percentage geheugen in gebruik: 56% Totaal fysiek RAM-geheugen: 3764.5 MB Beschikbaar fysiek RAM-geheugen: 1653.14 MB Totaal Virtueel geheugen: 7527.18 MB Beschikbaar Virtual geheugen: 5100.44 MB ==================== Schijven ================================ Drive c: (ACER) (Fixed) (Total:452.97 GB) (Free:317.06 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: C133C133) Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================