Extra scanresultaten van Farbar Recovery Scan Tool (x86) Versie: 15-11-2017 Gestart door jan (15-11-2017 22:42:22) Gestart vanaf C:\Users\jan\Dropbox\Downloads Microsoft Windows 10 Home Versie 1703 15063.674 (X86) (2017-08-24 06:15:25) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2578272341-3324075177-2043743870-500 - Administrator - Disabled) administrator001 (S-1-5-21-2578272341-3324075177-2043743870-1006 - Administrator - Enabled) => C:\Users\administrator001 Charlotte (S-1-5-21-2578272341-3324075177-2043743870-1003 - Limited - Enabled) => C:\Users\Charlotte DefaultAccount (S-1-5-21-2578272341-3324075177-2043743870-503 - Limited - Disabled) Gast (S-1-5-21-2578272341-3324075177-2043743870-501 - Limited - Disabled) hilde (S-1-5-21-2578272341-3324075177-2043743870-1004 - Limited - Enabled) => C:\Users\hilde HomeGroupUser$ (S-1-5-21-2578272341-3324075177-2043743870-1002 - Limited - Enabled) jan (S-1-5-21-2578272341-3324075177-2043743870-1001 - Administrator - Enabled) => C:\Users\jan ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden Adobe Acrobat Reader DC - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Adobe Flash Player 27 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.) AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{425AEEB2-8D1C-F62C-731A-80A8CD7AB6DF}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government) Brother MFL-Pro Suite MFC-5890CN (HKLM\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.) Citrix Online Launcher (HKLM\...\{CC8F903A-9698-4245-9A38-22412DEF1029}) (Version: 1.0.446 - Citrix) Compatibiliteitspakket voor het 2007 Microsoft Office system (HKLM\...\{90120000-0020-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CorelDRAW Essentials 4 - Content (HKLM\...\{19AC095C-3520-4999-AA15-93B6D0248A50}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Draw (HKLM\...\{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Extra Content (HKLM\...\_{806422F8-8E0A-494A-A369-0F34F1B89160}) (Version: - Corel Corporation) CorelDRAW Essentials 4 - Extra Content (HKLM\...\{806422F8-8E0A-494A-A369-0F34F1B89160}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Filters (HKLM\...\{F16841F6-5F0F-4DBE-B318-63CEB916F21D}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - ICA (HKLM\...\{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - IPM - No VBA (HKLM\...\{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang BR (HKLM\...\{ABD8B955-1C69-4AF3-949B-13CD587C175F}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang DE (HKLM\...\{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang EN (HKLM\...\{34A9406E-1994-4C20-AC72-04CFA2B24545}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang ES (HKLM\...\{C682F3F0-00A6-4379-B083-4F3273624D7B}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang FR (HKLM\...\{BA9319FE-BCEF-4C99-8039-F464648D046E}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang IT (HKLM\...\{3576C335-958D-4D60-A812-F68F9A2796AF}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 - Lang NL (HKLM\...\{5500BB35-1C21-4328-9F16-F894B860FADE}) (Version: 4.0 - Uw bedrijfsnaam) Hidden CorelDRAW Essentials 4 - PHOTO-PAINT (HKLM\...\{07B62101-7EBD-434A-94B1-B38063BE5516}) (Version: 4.0 - Corel Corporation) Hidden CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation) CorelDRAW Essentials 4 (HKLM\...\{9043B9A0-9505-405B-8202-E7167A38A89C}) (Version: 4.0 - Corel Corporation) Hidden CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3213 - CyberLink Corp.) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKU\S-1-5-21-2578272341-3324075177-2043743870-1001\...\Dropbox) (Version: 38.4.27 - Dropbox, Inc.) Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Google Chrome (HKLM\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Earth Pro (HKLM\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google) Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden GoToMeeting 8.16.0.7881 (HKU\S-1-5-21-2578272341-3324075177-2043743870-1001\...\GoToMeeting) (Version: 8.16.0.7881 - LogMeIn, Inc.) HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security) Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - ) Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office 97, Professional (HKLM\...\Office8.0) (Version: - ) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2578272341-3324075177-2043743870-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft Publisher 97 (HKLM\...\MSPUB4) (Version: - ) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works (HKLM\...\{5158F1F5-FA1B-4D49-B546-55A5004B89BD}) (Version: 9.7.0621 - Microsoft Corporation) Movie Maker (HKLM\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - ) OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - ) QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5995 - Realtek Semiconductor Corp.) Revo Uninstaller 1.94 (HKLM\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group) ScanSoft OmniPage SE 4.0 (HKLM\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.) ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated) swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 7 Upgrade Advisor (HKLM\...\{0DC66F25-C58F-40d3-86BC-CA29C6D99BF8}) (Version: 2.0.5000.0 - Microsoft Corporation) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Sync (HKLM\...\{CD19EDD9-1632-4002-9212-7478E4BA0423}) (Version: 14.0.8089.726 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED}\InprocServer32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.51.1\psuser.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F}\InprocServer32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.57.1\psuser.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\jan\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\jan\AppData\Local\Citrix\GoToMeeting\6140\G2MOutlookAddin.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\jan\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\jan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\jan\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files\Common Files\AVSMedia\ActiveX\AVSShellConverter.dll -> Geen bestand ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2015-11-04] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes) ContextMenuHandlers1_S-1-5-21-2578272341-3324075177-2043743870-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers4_S-1-5-21-2578272341-3324075177-2043743870-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ContextMenuHandlers5_S-1-5-21-2578272341-3324075177-2043743870-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\jan\AppData\Roaming\Dropbox\bin\DropboxExt.19.0.dll [2017-11-01] (Dropbox, Inc.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {065C929A-D5BB-4F98-94CE-6826C09EAB0F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {072894B6-D16A-4D48-A5C6-16DA8C0D7E41} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {0A4B9368-A680-4124-B9F0-999C2120E704} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-15] (Adobe Systems Incorporated) Task: {0DA0C348-3699-4A57-AA47-C552D85A3A06} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {215E59E0-0C40-4FAC-A40E-FF6BD9D97EBB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {220BC237-719D-48E9-8E2B-322D5FADE92F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {288C5D11-5113-4F71-883D-AF7693D812D5} - System32\Tasks\{2C0DE3B4-15AA-4337-AF09-C31431A84B9D} => C:\Program Files\Microsoft Office\Office14\EXCEL.EXE [2017-10-29] (Microsoft Corporation) Task: {29D96DCF-2A09-4C8B-A690-5D16024B5935} - System32\Tasks\{8BCFB761-3EF0-44BE-96CC-3EC038C5A943} => C:\Program Files\Microsoft Office\Office14\EXCEL.EXE [2017-10-29] (Microsoft Corporation) Task: {2D15D88B-4426-453A-9C85-DD9CAD8978C5} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {2FB9BC35-DABE-4C18-99E4-45ED455D9B2A} - System32\Tasks\{3FEAF751-D6A1-47D6-BF8F-FAA2DC6AD175} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller" Task: {3704C825-BEE3-4C5A-B471-ED3477978E0A} - System32\Tasks\{CE41B97F-0825-4CD8-BF22-3DB8F9595398} => C:\Windows\system32\pcalua.exe -a E:\Welcome.exe -d E:\ Task: {3A5E03D5-72FE-4717-A73B-5EEFCE0A8261} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3B4C3DBF-4078-4175-B187-FF8386F6E718} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_27_0_0_187_pepper.exe [2017-11-15] (Adobe Systems Incorporated) Task: {41E17C85-4F0B-4EEA-8E44-BAA6324080E0} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation) Task: {4204DA93-A125-4EA9-B84E-E8AA9D9608D5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4245F462-40D0-43CE-B9B3-6ED8F56CD193} - System32\Tasks\{269647FB-1CF8-4995-8B5A-4FD8FC55D9F0} => C:\Windows\system32\pcalua.exe -a "C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" -c REMOVE=TRUE MODIFY=FALSE Task: {4D6DF43C-5C94-45A5-801A-743041B9DEF5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4DE133B2-B5FF-41D2-AF57-F52D8660BC3F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {56989A8E-5CB0-47B7-B1FB-EA9F11F8B274} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {575806DA-84AC-43FF-942E-DDD67F85B0E3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {57DC98CD-E9FD-4104-B982-3C4738F4DB4B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {57E8EFF6-AC5E-4DEB-ABF1-B73EC85BBADB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {59B9E5D9-84CB-4863-A90A-559437443DE9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5B4CEAAE-67D4-4A69-B518-423AE400B6B0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {5E19E443-B9D0-41F3-8B8B-707CE98A8222} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA1d23924ef09816b => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.) Task: {6558109B-FD6E-4045-874F-B5E35BE8D24B} - System32\Tasks\G2MUpdateTask-S-1-5-21-2578272341-3324075177-2043743870-1001 => C:\Users\jan\AppData\Local\GoToMeeting\7881\g2mupdate.exe [2017-11-05] (LogMeIn, Inc.) Task: {6B1B0CAC-CA53-42CD-9B5F-2D289825F9D7} - System32\Tasks\{D45F91E6-A3E9-45E5-8A06-6E0B6CCB40C9} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\Nikon\PictureProject\NkbPProj.exe" Task: {6F86EC8E-D1A9-46C8-9FD2-682F17DF964E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core1d23924eeddfc2e => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.) Task: {70430B61-4F7D-4E18-8E68-DB9E375D03B4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {73B4AFC6-4D96-40AA-9BD0-DF7EC68C8494} - System32\Tasks\{EF262CD6-44AA-4FE0-87A0-0A2926A08AB4} => C:\Program Files\Microsoft Office\Office14\EXCEL.EXE [2017-10-29] (Microsoft Corporation) Task: {77657FC5-5E15-4B45-B505-7DE736A7606C} - System32\Tasks\Norton Security Scan for jan => C:\PROGRA~1\NORTON~2\Engine\352~1.10\Nss.exe Task: {85BC11C6-1A7F-4331-867C-AEFBF44BC2C9} - System32\Tasks\{82EE04FF-D714-4E7A-A184-7DF5FDE00F1E} => C:\Windows\system32\pcalua.exe -a C:\Users\jan\Downloads\jxpiinstall.exe -d "C:\Program Files\Windows Live\Mail" Task: {8CA295DB-0230-495C-86F5-5364F0CB816E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {8F3DD573-D141-41CB-B5A3-15077B95D5BA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8F754734-BA54-49C2-A20F-5C860B70F22C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {90F30CE2-35E6-4A90-9C68-331CD6F493F0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core => C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {9539788F-6CD9-45DB-A650-53A57350D37A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A6A26F38-1784-4EB3-B3A2-5CF60DEB4750} - System32\Tasks\{E42D2B6A-179D-4BAD-AE32-401592338362} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\jan\AppData\Local\Microsoft\Windows\INetCache\IE\2TQ7UYM9\MFC-5890CN-inst-win8-A1[1].EXE -d C:\WINDOWS\System32 Task: {A6BD2CE5-4F1C-41F5-992C-9248D31F7658} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B4AA9B2F-8D00-42F1-806F-C081BC265DBD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B7B1B4A7-14D9-43FD-8403-D2C2C5649D0F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B84DB46E-FAE3-41DB-9BD3-19A447C4E833} - System32\Tasks\{C2D2C80C-650F-4860-B0E3-CCA95CEE8B0A} => C:\Program Files\Microsoft Office\Office14\EXCEL.EXE [2017-10-29] (Microsoft Corporation) Task: {BAF62CC1-FFA5-45ED-97C8-6B2FFFD55776} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {C1158257-E24E-422A-87C1-6F955FCEDC62} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-11-15] (Microsoft Corporation) Task: {CD78F36F-04E1-47BA-8981-B8B9084A9C61} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {D465B66C-6117-457F-B163-86725724D448} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {D6519650-0130-43E1-836A-22D236CAA06E} - System32\Tasks\Adobe-online actualiseringsprogramma => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {D7849047-70F4-4CAB-A11F-34523EAC7631} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.) Task: {D936EC08-6D3C-4942-84FD-7A29A426A6C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {DC34E517-72A2-439F-A3D6-CB6D76B3007C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA => C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {E25E29BE-FE7F-4081-8450-2EFC3FD5ACC6} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E2839705-39C7-4DDA-9873-8C0E0A38D1E9} - System32\Tasks\{CDCA2640-39CE-48F0-AB99-26B6D83200E7} => C:\Program Files\Nikon\PictureProject\NkbPProj.exe [2004-02-23] (Nikon Corporation) Task: {EDD2B226-EAFA-4459-851F-473EA7A72E84} - System32\Tasks\{1FDC8C56-1E11-43A0-A1C9-93EAE3812A1E} => C:\Windows\system32\pcalua.exe -a C:\Users\jan\AppData\Local\Temp\jre-8u66-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT Task: {FB1CE982-A0C7-4E05-AB3E-4BA1AE759A60} - System32\Tasks\G2MUploadTask-S-1-5-21-2578272341-3324075177-2043743870-1001 => C:\Users\jan\AppData\Local\GoToMeeting\7881\g2mupload.exe [2017-11-05] (LogMeIn, Inc.) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core1d23924eeddfc2e.job => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA1d23924ef09816b.job => C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core.job => C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA.job => C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2578272341-3324075177-2043743870-1001.job => C:\Users\jan\AppData\Local\GoToMeeting\7881\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2578272341-3324075177-2043743870-1001.job => C:\Users\jan\AppData\Local\GoToMeeting\7881\g2mupload.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2015-11-04 15:43 - 2015-11-04 15:43 - 000114688 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2012-02-22 23:30 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll 2017-03-18 19:19 - 2017-03-18 19:19 - 000116824 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-18 19:19 - 2017-03-19 10:36 - 001456128 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2009-06-03 20:59 - 2009-06-03 20:59 - 000619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll 2009-06-03 20:59 - 2009-06-03 20:59 - 000013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll 2017-11-12 08:00 - 2017-11-12 08:00 - 000075264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x86__kzf8qxf38zg5c\SkypeHost.exe 2017-11-12 08:00 - 2017-11-12 08:00 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2014-03-31 21:35 - 2014-03-31 21:35 - 000278208 _____ () C:\Program Files\Windows Live\Writer\nl\WindowsLive.Writer.Localization.resources.dll 2017-03-18 19:19 - 2017-03-18 19:19 - 000036352 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll 2017-07-11 02:11 - 2017-07-11 02:11 - 001499648 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll 2017-07-11 02:11 - 2017-07-11 02:11 - 001802240 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Users\jan\Documents\creating-a-global-qsr-leader-1.pdf:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\jan\Documents\earnings-conference-call-third-quarter-2014.pdf:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\jan\Documents\earnings-presentation-27-10-2015.pdf:com.dropbox.attributes [168] AlternateDataStreams: C:\Users\jan\Documents\Investor Deck 9 04 15_The HabitClean (1).pdf:com.dropbox.attributes [168] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-2578272341-3324075177-2043743870-1001\...\amazon.com -> hxxps://amazon.com ==================== Hosts Inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 03:04 - 2017-03-02 14:02 - 000000045 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2578272341-3324075177-2043743870-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 195.130.131.1 - 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\startupfolder: C:^Users^jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: Facebook Update => "C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: IndexSearch => "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" MSCONFIG\startupreg: OpwareSE4 => "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" MSCONFIG\startupreg: PPort11reminder => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" HKLM\...\StartupApproved\Run: => "StartCCC" HKLM\...\StartupApproved\Run: => "ControlCenter3" HKU\S-1-5-21-2578272341-3324075177-2043743870-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{9FF2449D-414F-48C6-B3E9-C03FE20B32A2}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{9A94EC9F-1936-4A6D-8610-D388131DA435}] => (Allow) LPort=1900 FirewallRules: [{4CD4D39F-8ED3-4031-918D-50F51653AD1F}] => (Allow) LPort=2869 FirewallRules: [{25FF7971-899A-473C-9482-D70C70D52189}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{81093A89-C469-41B8-B600-BB1D9947B7A8}] => (Allow) C:\Users\jan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{7139DE4F-A082-49BB-BD17-57B7147E45E3}] => (Allow) C:\Users\jan\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{4A3D6600-64C6-462C-98C7-92A88310A341}] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [{987B9856-423B-4AA4-9273-9373A1F2C28A}] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [UDP Query User{2D6CDCC8-BA18-41D5-BC3E-CD326FAA46AB}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe FirewallRules: [TCP Query User{903E1D40-2D81-4885-A1A4-5ADD3227E63F}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe FirewallRules: [{DC1806EA-B632-40CC-88A9-0CA81A568713}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [UDP Query User{0562183F-B1B8-42A8-9C7F-AD0634D1EB4E}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{7E5DFB64-4372-46B4-9DA0-0A6C628488C8}C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\jan\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{E6083991-D744-4837-B1D5-FDA2EB574E27}C:\program files\google\google earth\plugin\geplugin.exe] => (Block) C:\program files\google\google earth\plugin\geplugin.exe FirewallRules: [TCP Query User{559F91AF-E4A5-4632-B1B1-DE6F2D082921}C:\program files\google\google earth\plugin\geplugin.exe] => (Block) C:\program files\google\google earth\plugin\geplugin.exe FirewallRules: [{D00F54C2-97A9-442A-ADCD-08A1B2E22AF1}] => (Allow) LPort=5000 FirewallRules: [{F69B1F7F-E78A-4BF4-9937-0BCA1A66EB75}] => (Allow) LPort=49177 FirewallRules: [{92032919-98D5-4F1F-8546-8AB7EE51FFDB}] => (Allow) C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{89E2A106-16C0-47CB-809D-1BC72B6AA456}] => (Allow) C:\Users\jan\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{B3E2F9B5-31E7-4DF2-B919-D447ECF335A1}] => (Allow) LPort=5000 FirewallRules: [{84C1CD24-614E-44BA-AC46-0D37C3F83712}] => (Allow) LPort=49169 FirewallRules: [UDP Query User{4E915B7D-AB45-42F8-9D5C-2B8F56497CE8}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [TCP Query User{D756146B-53DA-477D-9662-E0FC690A6402}C:\program files\google\google earth\client\googleearth.exe] => (Block) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [{8B8806B1-7EFE-4C25-B66A-1136E975A4CF}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{AF1FF823-AF21-4E73-8EBF-1946B66B4CDB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{4E8769EE-8DC2-458D-8B4C-E8EC725BC8F5}] => (Allow) C:\Users\jan\Dropbox\Downloads\FRST (1).exe FirewallRules: [{2FE0A606-E597-4FBE-ABBC-819C678B73C3}] => (Allow) C:\Users\jan\Dropbox\Downloads\FRST (1).exe FirewallRules: [{8CE6B90E-90CF-4854-A2EB-83F60FD585F3}] => (Allow) C:\Users\jan\Dropbox\Downloads\FRST (1).exe FirewallRules: [{9C063D39-761C-4632-BBDE-AB4B30CDBCC1}] => (Allow) C:\Users\jan\Dropbox\Downloads\FRST (1).exe ==================== Herstelpunten ========================= 05-11-2017 19:00:36 Windows Back-up 12-11-2017 19:01:40 Windows Back-up 15-11-2017 19:51:33 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/15/2017 10:33:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BUREAU-PC) Description: Het activeren van de app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (11/15/2017 09:51:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BUREAU-PC) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!microsoft.windowslive.mail is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (11/15/2017 08:30:09 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de aspnet_state-service in DLL-bestand aspnet_counters.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (11/15/2017 08:30:09 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de ASP.NET_4.0.30319-service in DLL-bestand aspnet_counters.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (11/15/2017 08:30:09 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: De openprocedure voor de ASP.NET-service in DLL-bestand aspnet_counters.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode. Error: (11/15/2017 07:52:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (11/15/2017 07:43:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BUREAU-PC) Description: Het pakket Microsoft.Windows.Photos_2017.39091.16340.0_x86__8wekyb3d8bbwe+App is beëindigd omdat het onderbreken te lang duurde. Error: (11/15/2017 07:37:55 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2017/11/15 19:37:55.674]: [00002548]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5 Error: (11/15/2017 12:42:39 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2017/11/15 12:42:39.658]: [00002548]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5 Error: (11/15/2017 10:29:42 AM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: STI BrtSTI: [2017/11/15 10:29:42.519]: [00002548]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5 Systeemfouten: ============= Error: (11/15/2017 09:51:51 PM) (Source: DCOM) (EventID: 10010) (User: BUREAU-PC) Description: De server microsoft.windowscommunicationsapps_17.8700.40645.0_x86__8wekyb3d8bbwe!microsoft.windowslive.mail heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/14/2017 10:11:43 PM) (Source: DCOM) (EventID: 10010) (User: BUREAU-PC) Description: De server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/14/2017 10:11:39 PM) (Source: DCOM) (EventID: 10010) (User: BUREAU-PC) Description: De server Microsoft.MicrosoftSolitaireCollection_3.18.10182.0_x86__8wekyb3d8bbwe!App.AppXcc14htf1fp3nt27stc0fcm9dshkn3y7m.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/14/2017 06:35:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Interactive Services Detection-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (11/12/2017 08:52:28 PM) (Source: amdsata) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\RaidPort0. Error: (11/12/2017 08:00:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80073d02: 9WZDNCRFJ364-Microsoft.SkypeApp. Error: (11/05/2017 09:25:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/05/2017 09:25:30 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (11/05/2017 09:24:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart: De aanvraag wordt niet ondersteund. Error: (11/05/2017 09:24:00 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY) Description: Het DLL-meldingsbestand "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" voor wachtwoorden kan niet worden geladen door de fout 126. Controleer of het pad van het DLL-meldingsbestand dat is gedefinieerd in het register (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages), verwijst naar een juist en absoluut pad (:\\.) en niet naar een relatief of ongeldig pad. Als het pad van het DLL-bestand juist is, controleert u of eventuele ondersteunende bestanden zich in dezelfde map bevinden en of het systeemaccount over leestoegang beschikt voor zowel het pad van het DLL-bestand als eventuele ondersteunende bestanden. Neem contact op met de leverancier van het DLL-meldingsbestand voor aanvullende ondersteuning. Meer informatie vindt u op de webpagina http://go.microsoft.com/fwlink/?LinkId=245898. CodeIntegrity: =================================== Date: 2017-10-30 15:13:56.045 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-12 17:01:29.135 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-12 17:01:29.074 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-12 17:01:29.040 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-12 17:01:28.951 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-12 17:01:28.885 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-12 17:01:28.839 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-12 17:01:27.176 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-12 17:01:26.772 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2017-10-12 15:18:15.235 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: AMD Phenom(tm) II X4 925 Processor Percentage geheugen in gebruik: 49% Totaal fysiek RAM-geheugen: 3326.3 MB Beschikbaar fysiek RAM-geheugen: 1676.57 MB Totaal Virtueel geheugen: 6654.3 MB Beschikbaar Virtual geheugen: 4490.58 MB ==================== Schijven ================================ Drive c: (Boot) (Fixed) (Total:1356.16 GB) (Free:960.33 GB) NTFS Drive d: (Recover) (Fixed) (Total:40 GB) (Free:0 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 1397.3 GB) (Disk ID: F77D35BA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1356.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1 GB) - (Type=12) ==================== Eind van Addition.txt ============================