Extra scanresultaten van Farbar Recovery Scan Tool (x86) Versie: 12.02.2018 Gestart door francist (12-02-2018 19:33:20) Gestart vanaf C:\Users\francist\Downloads Microsoft Windows 10 Pro Versie 1709 16299.125 (X86) (2018-02-12 14:02:46) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3730078115-3281393171-2249441152-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3730078115-3281393171-2249441152-503 - Limited - Disabled) francist (S-1-5-21-3730078115-3281393171-2249441152-1000 - Administrator - Enabled) => C:\Users\francist Gast (S-1-5-21-3730078115-3281393171-2249441152-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3730078115-3281393171-2249441152-1005 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-3730078115-3281393171-2249441152-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Disabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Disabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) ABBYY FineReader 10 Professional Edition (HKLM\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.501.324.70022 - ABBYY) Adobe Acrobat Reader DC - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated) Adobe Flash Player 29 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 29.0.0.96 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Catalyst Install Manager (HKLM\...\{F39BE87B-E80E-AF64-8722-A5BA2FF82997}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) ATI AVIVO Codecs (HKLM\...\{322AD726-32AE-0D44-21CD-3682D0D38E1C}) (Version: 10.12.0.00302 - ATI Technologies Inc.) Hidden ATI Problem Report Wizard (HKLM\...\{E7043CC5-0ABF-03C8-5B34-2C385E62ABBB}) (Version: 3.0.816.0 - ATI Technologies) Hidden AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies) Belgium e-ID middleware 4.1.10 (build 1698) (HKLM\...\{4DDF16AE-8D5D-4027-A2D1-8CBB498E1698}) (Version: 4.1.1698 - Belgian Government) CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform) ConvertHelper 2.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKLM\...\Dropbox) (Version: 43.4.50 - Dropbox, Inc.) Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden EclipseCrossword (HKLM\...\{F389DB8F-0716-4FC6-82B2-02B2FA2B4F24}) (Version: 1.2.61 - Green Eclipse) Foxit PhantomPDF (HKLM\...\{BD1D7C83-6BBC-4AC3-9F72-44206623E765}) (Version: 5.5.6.218 - Foxit Corporation) Google Chrome (HKLM\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software) HD Tune Pro 5.70 (HKLM\...\HD Tune Pro_is1) (Version: - EFD Software) honestech VHS to DVD 2.0 SE (HKLM\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech) HydraVision (HKLM\...\{914A8694-9CDC-1F8E-4D21-D1013CDB04CD}) (Version: 4.2.188.0 - ATI Technologies Inc.) Hidden Java 8 Update 161 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Malwarebytes versie 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0413-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3730078115-3281393171-2249441152-1000\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility) Motorola Device Software Update (HKLM\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{BA562260-B4FA-4D87-ADC5-963783028C68}) (Version: 6.4.0 - Motorola Mobility LLC) Movie Maker (HKLM\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 47.0 (x86 nl) (HKLM\...\Mozilla Firefox 47.0 (x86 nl)) (Version: 47.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) OKI C3200 Status Monitor (HKLM\...\{936E1869-822B-4520-8748-C0AD0CC069AB}) (Version: 1.2.5 - Okidata) OKI Print Job Accounting (HKLM\...\{17190520-1717-11D5-A854-00105A80791C}) (Version: 1.00.000 - Okidata) OpenOffice.org 3.4.1 (HKLM\...\{C169BD5F-00C1-437C-8162-88FA6BE495D5}) (Version: 3.41.9593 - Apache Software Foundation) Opera Stable 35.0.2066.92 (HKLM\...\Opera 35.0.2066.92) (Version: 35.0.2066.92 - Opera Software) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Pixbook (HKU\S-1-5-21-3730078115-3281393171-2249441152-1000\...\Pixbook) (Version: - ) RealDownloader (HKLM\...\{e6171278-8759-449d-9e0b-c1825debc2ad}) (Version: 17.0.15.7 - RealNetworks) Hidden RealDownloader (HKLM\...\{EAC491EB-9FD9-4B6A-A277-047C7DE2C4B4}) (Version: 18.1.10.217 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 18.1) (Version: 18.1.10 - RealNetworks) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.58.411.2012 - Realtek) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden Scoresheet ORTEC (HKLM\...\Scoresheet ORTEC_is1) (Version: - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft) SMI Grabber Device (HKLM\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.0.29 - Somagic) Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden USB Audio/Video Driver (HKLM\...\{015C057F-D7B9-4D82-B266-FBCF0178F382}) (Version: 1.00.0000 - ) Hidden USB Audio/Video Driver (HKLM\...\InstallShield_{015C057F-D7B9-4D82-B266-FBCF0178F382}) (Version: 1.00.0000 - ) VASCO Card Reader Plug-In (32-Bit) (HKLM\...\{47659F12-27AE-3200-9B8A-2BD803020302}) (Version: 3.2.3.2 - VASCO Data Security) Hidden VASCO Smart Card Reader Plug-In (User) (HKU\S-1-5-21-3730078115-3281393171-2249441152-1000\...\{8bc0c044-0d13-4fe6-90c1-af39c36cb927}) (Version: 3.2.3.2 - VASCO Data Security) vc2012_redist (HKLM\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden Video Downloader (HKLM\...\{62796191-6F12-4ABE-BA8B-B4D4A266C997}) (Version: 1.0.0 - RealNetworks) Hidden Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 10 Update Assistant (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version: - ) WinX DVD Ripper Platinum 7.5.15 (HKLM\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-3730078115-3281393171-2249441152-1000_Classes\CLSID\{9E436272-69C3-5FBA-9C1D-15694337F4AC}\InprocServer32 -> C:\Users\francist\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll (VASCO Data Security) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => -> Geen bestand ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2018-01-09] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers1: [FineReader10ContextMenu] -> {bc5e1455-02ca-4b30-8eed-91d52a38da75} => C:\Program Files\ABBYY FineReader 10\FRIntegration.dll [2010-10-15] (ABBYY.) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x86.dll [2012-05-28] (Foxit Corporation) ContextMenuHandlers1: [Foxit_RMS] -> {5513ABDD-1D4F-4F0A-BC9E-7B48F5F1D515} => C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\FoxitRMSShellExtension_x86.dll [2012-11-16] (Foxit Corporation) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files\real\realplayer\RPDS\Bin\rpcontextmenu.dll [2018-01-27] (RealNetworks, Inc.) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation) ContextMenuHandlers5: [BCSShellMenuExt] -> {947217BD-E967-400A-B14A-BA851A8EDCBB} => -> Geen bestand ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-08] (Dropbox, Inc.) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> Geen bestand ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2018-01-09] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [FineReader10ContextMenu] -> {bc5e1455-02ca-4b30-8eed-91d52a38da75} => C:\Program Files\ABBYY FineReader 10\FRIntegration.dll [2010-10-15] (ABBYY.) ContextMenuHandlers6: [Foxit_RMS] -> {5513ABDD-1D4F-4F0A-BC9E-7B48F5F1D515} => C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\FoxitRMSShellExtension_x86.dll [2012-11-16] (Foxit Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {01D2042A-B123-43D9-9838-4E9526FEA2BF} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {0862D682-8F82-40FE-8943-5067ECDF5D1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-12] (Microsoft Corporation) Task: {0BABD61F-9D98-434C-9AC2-EC925B6871BA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {0C02BFE9-1951-44A5-8D5A-97932BDF87A4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {0DA52D92-FC78-4C4A-8511-780D7085F702} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {0F2B8386-C913-4632-9A4E-8F3606C95228} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {101C19BE-AFA8-4FEF-A99C-4233BF49B7FE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {10353800-6964-421E-B9D7-1F4694F53A69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {148DF134-EE3B-41D5-AC23-7AF5D9545453} - \{E2D57E2C-544E-4C2B-89DF-3B5A9EF8E7FB} -> Geen bestand <==== AANDACHT Task: {17B3E228-097E-4E1B-8638-FF33128A7DF5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-06] (Adobe Systems Incorporated) Task: {22D1EF02-4E60-4BA7-A4EE-98219090CE04} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd) Task: {2475AD5B-30B5-42E2-A81E-BECA3D5CA836} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {264C7994-FC06-434C-8A3C-49F513B05C25} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {26CC6FFE-B27C-4444-BD42-455EA7778971} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {27064A07-2455-4C5B-8749-BEF06FE47213} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {2EC47339-106B-4D76-A433-3368B611676B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {302AF02F-439F-4841-8F76-0F30C0B56FED} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] () Task: {311C7F41-BC07-4E64-BCF3-6E45F43196DE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {3201407A-AB42-413F-98B4-BCBF402D7052} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {367A638A-3F3E-4C6B-9280-7D07C669C9C7} - System32\Tasks\Opera scheduled Autoupdate 1378240423 => C:\Program Files\Opera\launcher.exe [2016-03-01] (Opera Software) Task: {3B13AE24-D62C-4C76-B7C1-2DF4774537D5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3730078115-3281393171-2249441152-1000 => C:\program files\real\RealDownloader\RealUpgrade.exe [2017-11-29] (RealNetworks, Inc.) Task: {4553ED3B-4F5C-4D4D-BAA7-42C050E90AC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {47B7F57B-6635-4E40-948C-E03166308708} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {4FC025C0-D6CA-46BA-A993-9877E82EAEFD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {504426DA-B12F-4B2E-9C91-D66ACAD22C46} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5381DDD2-DECA-440B-A8E5-C0FD9F0D8BB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.) Task: {54947027-48E5-4BCF-9EB5-ADE17761CC99} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {59270EEC-77CA-4199-AFB7-179222529FB4} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2018-01-09] (AVG Technologies CZ, s.r.o.) Task: {5F96450B-896C-4968-914A-E38E2A5F1A97} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {66BC24B9-08DC-4E8F-96CB-4C081DBE3EBD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated) Task: {674783DE-469D-483C-B4DB-79679CAF3467} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3730078115-3281393171-2249441152-1000 => C:\program files\real\RealDownloader\RealUpgrade.exe [2017-11-29] (RealNetworks, Inc.) Task: {70C9076A-34F9-44FC-8FAB-299A1CF7374F} - System32\Tasks\RealDownloader Update Check => c:\program files\real\RealDownloader\downloader2.exe [2017-11-29] () Task: {71243B60-C2D8-4239-8404-F1806E0639DA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {74FAFC08-2CE6-4B9C-B6B5-F35E41DF6997} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-12-19] (Oracle Corporation) Task: {801CED6D-ED43-4803-92A9-9F27B5FEBD09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-17] (Google Inc.) Task: {80EEA76B-89ED-43F4-80FD-2AC46CB0CB59} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8167C1E4-3F01-4F8D-8F30-16FFED7C7634} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {81F2B387-7E2E-4310-888C-E3F6C46FC318} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {845EDCDF-6A0B-446E-9FF8-195AAA4F042D} - System32\Tasks\{FCC2367D-24A1-490C-B2C4-CFC8ABC4CA51} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\YouTube Accelerator\YTAUninstall.exe" Task: {88A483AD-70AB-46E0-B2A9-96C5AB593422} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-12] (Microsoft Corporation) Task: {8A3921EF-5186-4175-989A-3F2D682DB350} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {8ACCDD21-190E-4CEF-95CC-5D2653EA0D42} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd) Task: {9012C9C6-5866-491D-B5C0-3C32134FBC62} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {96785FFA-CD3B-48FF-8A29-3ACC75050940} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-12] (Microsoft Corporation) Task: {9792B9A3-17E1-468B-876C-1D86A8E31F7C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {9A298F4A-5846-4138-B870-183DDFF3AA74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-12] (Microsoft Corporation) Task: {A5196EC5-AD65-47CE-8DF2-2D09DD01B018} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {AC2C4BD0-0766-4625-80C9-AA03C9B9CBE8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT Task: {AC3D7683-879F-4FD3-B9D5-6A4D368C3773} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> Geen bestand <==== AANDACHT Task: {AC696A6B-CEEA-41A0-AB7F-48D3A17E56B7} - \AVG_SYS_TASK_0615av_RUN -> Geen bestand <==== AANDACHT Task: {B14EF11D-5745-428C-AEFC-72770F9B706B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {B786BBDD-D464-46D8-8876-A77BF7E0998C} - System32\Tasks\Motorola Device Manager Update => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] () Task: {B925E13C-9120-4FE7-BFEF-B6F1919008E0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT Task: {B9261034-45F7-4564-B270-95743C78B2E7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {BC15BD1F-8CEC-4718-997E-4210CF1010D4} - \RealPlayer (32-bit) -> Geen bestand <==== AANDACHT Task: {C8EDFD69-86EC-46A3-A0A7-FC6168264565} - System32\Tasks\{41083538-AF1C-4CA4-901D-A07E2BAE1DE5} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Google\Picasa3\Picasa3.exe" -d "C:\Program Files\Google\Picasa3" Task: {C9BCD18F-C593-4F92-B03A-DF33FCA37B5E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D0AD20D4-DCB4-491A-8EA2-8B21387EADD8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D5EB5B91-D755-432C-823E-FB1028AA38AF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {E3A24CBC-2A00-4475-AF07-6C43B11CCE2E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E757C6F0-FFB1-41B6-B4EA-46C718EDEA95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-12-17] (Google Inc.) Task: {E77FE782-9808-4006-A062-B158F575EBAB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EECA13BC-1E7D-419E-BB08-4141B8531866} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {F01BD2BF-9B04-450C-84E2-7168126397A3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT Task: {F129ED77-42FB-43AC-B3BA-DC5C0A1B6A72} - System32\Tasks\{DD63C23E-7F4B-4A04-8FB8-5946CFE9CAE0} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\francist\Downloads\vbrun60.exe -d C:\Users\francist\Downloads Task: {F184185A-5C6B-4209-99FD-6BBA45E24E0D} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-02-09] (AVG Technologies CZ, s.r.o.) Task: {F19DC295-D68D-4236-811F-B0FFD13AE235} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F664424B-576C-4AB2-9105-C610179F1802} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {FEF31C1F-0C2A-440B-BFAC-960FB354C98A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ==================== Geladen Modules (gefilterd) ============== 2017-09-29 12:49 - 2017-09-29 12:49 - 000149840 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2014-04-07 15:31 - 2014-04-07 15:31 - 000172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll 2013-08-19 12:46 - 2013-08-19 12:46 - 000203776 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2012-10-22 13:24 - 2012-10-22 13:24 - 000573440 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2012-10-22 13:24 - 2012-10-22 13:24 - 003854336 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2013-09-03 11:53 - 2012-05-31 20:36 - 000157696 _____ () C:\Program Files\Okidata\Print Job Accounting\snmp_pp.dll 2013-09-03 11:53 - 2012-05-31 20:44 - 000477696 _____ () C:\Program Files\Okidata\Print Job Accounting\sqlite3.dll 2018-02-10 20:02 - 2017-11-29 09:11 - 001934792 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-02-10 20:02 - 2017-11-29 09:11 - 001798608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-01-09 01:39 - 2018-01-09 01:39 - 000058624 _____ () C:\Program Files\AVG\Antivirus\dll_loader.dll 2018-01-09 01:39 - 2018-01-09 01:39 - 000059136 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll 2017-12-13 23:57 - 2017-12-13 23:57 - 007817728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-12-13 23:57 - 2017-12-13 23:57 - 001518592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-02-09 01:13 - 2018-02-08 21:10 - 000740168 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll 2018-02-09 01:13 - 2018-02-08 21:10 - 002079048 _____ () C:\Program Files\Dropbox\Client\dropbox_crashpad.dll 2018-01-24 21:25 - 2018-02-08 21:10 - 000100312 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000018896 _____ () C:\Program Files\Dropbox\Client\select.pyd 2018-01-24 21:25 - 2018-02-08 21:12 - 000020808 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000035808 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000694232 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000021856 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000130520 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 001856864 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000022880 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2018-02-09 01:13 - 2018-02-08 21:10 - 000145880 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd 2018-02-09 01:13 - 2018-02-08 21:10 - 000116696 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll 2018-01-24 21:25 - 2018-02-08 21:10 - 000105944 _____ () C:\Program Files\Dropbox\Client\win32api.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000022872 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000063312 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000024536 _____ () C:\Program Files\Dropbox\Client\win32event.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000077120 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd 2018-02-09 01:13 - 2018-02-08 21:10 - 000020952 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000124888 _____ () C:\Program Files\Dropbox\Client\win32file.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000116184 _____ () C:\Program Files\Dropbox\Client\win32security.pyd 2018-02-09 01:13 - 2018-02-08 21:10 - 000392664 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll 2018-01-24 21:25 - 2018-02-08 21:12 - 000392520 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000026464 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000175576 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000030168 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000043480 _____ () C:\Program Files\Dropbox\Client\win32process.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000026072 _____ () C:\Program Files\Dropbox\Client\win32job.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000048600 _____ () C:\Program Files\Dropbox\Client\win32service.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000057816 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000021840 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000023376 _____ () C:\Program Files\Dropbox\Client\winshell.compiled._winshell.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000022864 _____ () C:\Program Files\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2018-01-24 21:25 - 2018-02-08 21:12 - 000066400 _____ () C:\Program Files\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 001796416 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000084944 _____ () C:\Program Files\Dropbox\Client\sip.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 001956672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 003859272 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000155472 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000521032 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000051024 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000043336 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000131400 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000219984 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000204104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000025440 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000060888 _____ () C:\Program Files\Dropbox\Client\win32print.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000054616 _____ () C:\Program Files\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000022880 _____ () C:\Program Files\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2018-01-24 21:25 - 2018-02-08 21:12 - 000100704 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000028632 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000022368 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000021856 _____ () C:\Program Files\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000022368 _____ () C:\Program Files\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000027496 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2018-01-24 21:25 - 2018-02-08 21:10 - 000349144 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000101704 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWinExtras.pyd 2018-01-24 21:25 - 2018-02-08 21:13 - 000023904 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000025432 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2018-02-09 01:13 - 2018-02-08 21:10 - 000036312 _____ () C:\Program Files\Dropbox\Client\librsync.dll 2018-02-09 01:13 - 2018-02-08 21:12 - 000032608 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2018-02-09 01:13 - 2018-02-08 21:10 - 000293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll 2018-01-24 21:25 - 2018-02-08 21:13 - 000021856 _____ () C:\Program Files\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000181064 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-01-24 21:25 - 2018-02-08 21:12 - 000030544 _____ () C:\Program Files\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000024384 _____ () C:\Program Files\Dropbox\Client\libEGL.DLL 2018-02-09 01:13 - 2018-02-08 21:12 - 001638208 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll 2018-01-24 21:25 - 2018-02-08 21:13 - 000026464 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000545096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000359232 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd 2018-02-09 01:13 - 2018-02-08 21:12 - 000038216 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngine.pyd 2018-01-09 01:39 - 2018-01-09 01:39 - 000207272 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll 2017-07-11 10:02 - 2017-07-11 10:02 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll 2018-01-09 01:39 - 2018-01-09 01:39 - 000290392 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll 2011-02-09 21:34 - 2011-02-09 21:34 - 000094208 _____ () C:\Program Files\ATI Technologies\HydraVision\HydraNln.dll 2018-01-30 06:35 - 2018-01-30 06:36 - 000075264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x86__kzf8qxf38zg5c\SkypeHost.exe 2018-01-30 06:35 - 2018-01-30 06:36 - 000166400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-01-30 06:35 - 2018-01-30 06:36 - 018161664 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x86__kzf8qxf38zg5c\SkyWrap.dll 2018-01-30 06:35 - 2018-01-30 06:36 - 001784320 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x86__kzf8qxf38zg5c\skypert.dll 2017-09-29 12:49 - 2017-09-29 12:49 - 001190400 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll 2017-09-29 12:49 - 2017-09-29 12:49 - 000756736 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll 2017-09-29 12:49 - 2017-09-29 12:49 - 001812480 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll 2017-09-29 12:49 - 2017-09-29 12:49 - 001468416 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.Relevance.dll 2017-11-29 18:13 - 2017-11-29 18:13 - 001268048 _____ () c:\program files\real\RealDownloader\downloader2.exe ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118] AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [238] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts Inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 03:04 - 2009-06-10 22:39 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-0-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-3730078115-3281393171-2249441152-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\francist\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 195.130.130.5 - 195.130.131.5 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\Services: RealPlayer Cloud Service => 2 MSCONFIG\startupreg: Bonus.SSR.FR10 => "C:\Program Files\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun MSCONFIG\startupreg: NeroCheck => C:\Windows\system32\NeroCheck.exe MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot HKLM\...\StartupApproved\StartupFolder: => "Snagit 11.lnk" HKLM\...\StartupApproved\Run: => "Windows Mobile-based device management" HKLM\...\StartupApproved\Run: => "RealDownloader" HKU\S-1-5-21-3730078115-3281393171-2249441152-1000\...\StartupApproved\StartupFolder: => "OneNote 2010 Schermopname en Snel starten.lnk" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{3348F20A-9783-4468-931B-1ED76E0A1731}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe FirewallRules: [{CF109EF5-7F12-4D5C-AC41-65BA4CDB1D85}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{8868A128-385B-4E44-86DE-21206177AF8D}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [UDP Query User{FC7A3CFD-D5A9-47B9-A58D-49BB6A119F8B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{8E4509E6-E95C-4764-9750-8258BBB2A3C9}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe FirewallRules: [{8B30BB26-B376-4961-87E5-C54FC8B39AB4}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [TCP Query User{3E3CB668-8A68-432B-B99D-17D8BB1C5299}C:\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{E2CDC01F-B429-4AE9-A369-CE255E7C54DB}C:\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{EA1F355B-D21E-4304-8CC0-F5AA61C4E158}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe FirewallRules: [UDP Query User{21CC9E13-E856-40F7-94A4-F9E5B5973F55}C:\program files\real\realplayer\realplay.exe] => (Allow) C:\program files\real\realplayer\realplay.exe FirewallRules: [TCP Query User{AF2A4F61-4BD1-4F67-AF10-5BE893E6121D}C:\program files\media crawler\mediacrawler.exe] => (Allow) C:\program files\media crawler\mediacrawler.exe FirewallRules: [UDP Query User{82BBB69D-C76E-4587-8495-6433554E73E8}C:\program files\media crawler\mediacrawler.exe] => (Allow) C:\program files\media crawler\mediacrawler.exe FirewallRules: [TCP Query User{1A0019FC-7812-460C-A320-6BCF090075F4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{04EE0C47-4C31-4FC4-9DD1-42949EDA7008}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{42745D0D-0628-40CC-A7F9-B356E4F64C6A}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{597D9A79-5B5F-4127-B222-586E17BD9913}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{327B8E26-9FA2-4222-A2E8-0D54CD052E04}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C81D4E85-44AB-46F5-9FB7-9BB9146ED35E}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{0914BB62-9955-4805-A4D7-9332E11B1CB8}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{63C6AFFC-8149-4294-A7E0-DDA58481A8A2}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{72D16914-B7B2-4D19-BC93-2AC56309163C}] => (Allow) LPort=2869 FirewallRules: [{550084DD-1B10-4EBC-A550-FAB03649B6AC}] => (Allow) LPort=1900 FirewallRules: [{23DC7D8B-33A8-4FF8-B797-30B282D0F186}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{349DFB82-158C-489E-B276-BD4F23E95062}] => (Allow) C:\WINDOWS\system32\hasplms.exe ==================== Herstelpunten ========================= 12-02-2018 18:20:12 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (02/12/2018 06:20:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Toegang geweigerd. . Error: (02/12/2018 06:04:32 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Windows\Installer\{EAC491EB-9FD9-4B6A-A277-047C7DE2C4B4}\recordingmanager.exe' niet maken. Kan afhankelijke assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (02/12/2018 06:02:00 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: soffice.bin, versie: 3.4.9593.500, tijdstempel: 0x5028bfc0 Naam van module met fout: shcore.dll, versie: 10.0.16299.15, tijdstempel: 0x30134c68 Uitzonderingscode: 0xc0000005 Foutmarge: 0x00038091 Id van proces met fout: 0x2168 Starttijd van toepassing met fout: 0x01d3a4230bc7824b Pad naar toepassing met fout: C:\Program Files\OpenOffice.org 3\program\soffice.bin Pad naar module met fout: C:\WINDOWS\System32\shcore.dll Rapport-id: decd9361-a520-4ca5-849f-12e81945a41b Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (02/12/2018 06:01:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: MicrosoftEdgeCP.exe, versie: 11.0.16299.15, tijdstempel: 0x59cda307 Naam van module met fout: ntdll.dll, versie: 10.0.16299.64, tijdstempel: 0x1d27c592 Uitzonderingscode: 0xcfffffff Foutmarge: 0x00091670 Id van proces met fout: 0xbac Starttijd van toepassing met fout: 0x01d3a422c327e484 Pad naar toepassing met fout: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: 1a309874-829e-4a48-bd51-62d6476df7ed Volledige pakketnaam met fout: Microsoft.MicrosoftEdge_41.16299.15.0_neutral__8wekyb3d8bbwe Relatieve toepassings-id van pakket met fout: ContentProcess Error: (02/12/2018 02:53:41 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: ) Description: Kan de status van clusterknooppunt niet ophalen. De geretourneerde foutcode: 0x8007085A Error: (02/12/2018 02:45:48 PM) (Source: ESENT) (EventID: 455) (User: ) Description: mighost (3148,R,0) TILEREPOSITORYS-1-0-0: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\Users\Default\AppData\Local\TileDataLayer\Database\EDB.log. Error: (02/12/2018 02:45:08 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: ) Description: Kan de status van clusterknooppunt niet ophalen. De geretourneerde foutcode: 0x8007085A Error: (02/12/2018 02:45:07 PM) (Source: MSDTC 2) (EventID: 4104) (User: ) Description: Kan de status van clusterknooppunt niet ophalen. De geretourneerde foutcode: 0x8007085A Systeemfouten: ============= Error: (02/12/2018 07:02:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De WarpJITSvc-service is onverwacht beëindigd. Dit is nu 2 keer gebeurd. Error: (02/12/2018 06:41:06 PM) (Source: DCOM) (EventID: 10010) (User: francis) Description: De server Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe!App.AppX7jktj9tkq9wvy6vgdmk01c27hm98yt2s.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (02/12/2018 06:39:48 PM) (Source: DCOM) (EventID: 10010) (User: francis) Description: De server Microsoft.Windows.Photos_2017.39101.16720.0_x86__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (02/12/2018 06:39:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/12/2018 06:39:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/12/2018 06:39:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen standaard voor deze computer wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} en APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/12/2018 06:39:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (02/12/2018 06:39:12 PM) (Source: WudfUsbccidDriver) (EventID: 7) (User: NT AUTHORITY) Description: Event-ID 7 Windows Defender: =================================== Date: 2018-02-12 19:14:59.815 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Naam: HackTool:Win32/Keygen Id: 2147593794 Ernst: Middel Categorie: Hulpprogramma Pad: containerfile:_C:\Users\francist\Desktop\sleutels\Office 2010 Toolkit.exe;containerfile:_C:\WINDOWS\Office 2010 Toolkit.exe;file:_C:\Users\francist\Desktop\sleutels\Office 2010 Toolkit.exe->[MSILRES:OfficeToolkit.Properties.Resources.resources]#1;file:_C:\WINDOWS\Office 2010 Toolkit.exe->[MSILRES:OfficeToolkit.Properties.Resources.resources]#1 Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Systeem Gebruiker: NT AUTHORITY\SYSTEM Procesnaam: Unknown Handtekeningversie: AV: 1.261.1097.0, AS: 1.261.1097.0, NIS: 118.2.0.0 Engineversie: AM: 1.1.14500.5, NIS: 2.1.14202.0 Date: 2018-02-12 15:05:55.094 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Naam: HackTool:Win32/Keygen Id: 2147593794 Ernst: Middel Categorie: Hulpprogramma Pad: containerfile:_C:\Users\francist\Desktop\sleutels\Office 2010 Toolkit.exe;containerfile:_C:\WINDOWS\Office 2010 Toolkit.exe;file:_C:\Users\francist\Desktop\sleutels\Office 2010 Toolkit.exe->[MSILRES:OfficeToolkit.Properties.Resources.resources]#1;file:_C:\WINDOWS\Office 2010 Toolkit.exe->[MSILRES:OfficeToolkit.Properties.Resources.resources]#1 Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Systeem Gebruiker: NT AUTHORITY\SYSTEM Procesnaam: C:\Windows\System32\SearchProtocolHost.exe Handtekeningversie: AV: 1.245.71.0, AS: 1.245.71.0, NIS: 116.97.0.0 Engineversie: AM: 1.1.13804.0, NIS: 2.1.12706.0 Date: 2018-02-12 15:05:53.835 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Naam: HackTool:Win32/Keygen Id: 2147593794 Ernst: Middel Categorie: Hulpprogramma Pad: containerfile:_C:\WINDOWS\Office 2010 Toolkit.exe;file:_C:\Users\francist\Desktop\sleutels\Office 2010 Toolkit.exe->[MSILRES:OfficeToolkit.Properties.Resources.resources]#1;file:_C:\WINDOWS\Office 2010 Toolkit.exe->[MSILRES:OfficeToolkit.Properties.Resources.resources]#1 Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Systeem Gebruiker: NT AUTHORITY\SYSTEM Procesnaam: C:\Windows\System32\SearchProtocolHost.exe Handtekeningversie: AV: 1.245.71.0, AS: 1.245.71.0, NIS: 116.97.0.0 Engineversie: AM: 1.1.13804.0, NIS: 2.1.12706.0 Date: 2018-02-12 15:02:58.475 Description: Windows Defender Antivirus heeft malware of andere mogelijk ongewenste software gedetecteerd. Zie voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Naam: HackTool:Win32/Keygen Id: 2147593794 Ernst: Middel Categorie: Hulpprogramma Pad: containerfile:_C:\WINDOWS\Office 2010 Toolkit.exe;file:_C:\WINDOWS\Office 2010 Toolkit.exe->[MSILRES:OfficeToolkit.Properties.Resources.resources]#1 Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Systeem Gebruiker: NT AUTHORITY\SYSTEM Procesnaam: Unknown Handtekeningversie: AV: 1.245.71.0, AS: 1.245.71.0, NIS: 116.97.0.0 Engineversie: AM: 1.1.13804.0, NIS: 2.1.12706.0 CodeIntegrity: =================================== Date: 2018-02-12 19:09:33.916 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements. Date: 2018-02-12 18:56:03.457 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements. Date: 2018-02-12 18:55:54.705 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements. Date: 2018-02-12 18:52:25.849 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements. Date: 2018-02-12 18:52:25.055 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements. Date: 2018-02-12 18:41:49.618 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements. Date: 2018-02-12 18:41:48.979 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements. Date: 2018-02-12 18:41:42.841 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements. ==================== Geheugen info =========================== Processor: AMD Athlon(tm) 7750 Dual-Core Processor Percentage geheugen in gebruik: 84% Totaal fysiek RAM-geheugen: 2814.49 MB Beschikbaar fysiek RAM-geheugen: 427.06 MB Totaal Virtueel geheugen: 5630.49 MB Beschikbaar Virtual geheugen: 2217.98 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:465.32 GB) (Free:314.74 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)] Drive d: (NieuwVolume) (Fixed) (Total:931.51 GB) (Free:533.77 GB) NTFS \\?\Volume{dabeb32f-0000-0000-0000-705474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DABEB32F) Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 76FDCB3E) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================