Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 26-10-2017 Gestart door OEMBIE (30-10-2017 07:44:41) Gestart vanaf C:\Users\umber\Desktop Windows 10 Pro Versie 1703 15063.674 (X64) (2017-09-29 12:56:24) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-706604028-3452249179-1621320311-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-706604028-3452249179-1621320311-503 - Limited - Disabled) defaultuser0 (S-1-5-21-706604028-3452249179-1621320311-1000 - Limited - Disabled) Gast (S-1-5-21-706604028-3452249179-1621320311-501 - Limited - Disabled) OEMBIE (S-1-5-21-706604028-3452249179-1621320311-1001 - Administrator - Enabled) => C:\Users\umber ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avira (HKLM-x32\...\{79C4A62C-8CC2-44AC-91FE-1299A215B4B7}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{f5da837f-e932-4f55-995c-7e97c5cbebdd}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG) AxCrypt 2.1.1516.0 (HKLM\...\{BFBC38E2-EC48-B539-314D-A8CCC87AA1C3}) (Version: 2.1.1516.0 - AxCrypt AB) Hidden AxCrypt 2.1.1536.0 (HKLM\...\{2BC37358-56F5-2602-9596-9E2CCCF9A52B}) (Version: 2.1.1536.0 - AxCrypt AB) Hidden AxCrypt 2.1.1536.0 (HKLM-x32\...\{9f4cc45a-3160-4a77-8926-379a9e188612}) (Version: 2.1.1536.0 - AxCrypt AB) Beatport Pro (HKLM-x32\...\{6DD1A4E5-C3F9-48CE-A452-CFDBA3526BEE}) (Version: 1.0.0.22000 - Beatport) Belgium e-ID middleware 4.2.8 (build 3252) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73252}) (Version: 4.2.3252 - Belgian Government) Belgium e-ID viewer 4.2.10 (build 3311) (HKLM-x32\...\{F3DC7F06-92FF-4C98-87F5-72C0B7863311}) (Version: 4.2.3311 - Belgian Government) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation) Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.850 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform) DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 3.HDJS.2016 - Guillemot Corporation) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) FastPictureViewer Professional 1.9.360.0 (64-bit) (HKLM\...\{62325857-12BD-4A08-97BE-E5E2510DDD5B}) (Version: 1.9.360.0 - Axel Rietschin Software Developments) FastStone Capture 8.5 (HKLM-x32\...\FastStone Capture) (Version: 8.5 - FastStone Soft) FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time) Free WMA MP3 Converter (HKLM-x32\...\Free WMA MP3 Converter) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP) HP BIOS Configuration Utility (HKLM-x32\...\{AA94D0AB-5A14-4CBD-BA39-DD73D2E9024C}) (Version: 4.0.23.1 - HP Inc.) HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.17.2042 - HP Inc.) HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - Hewlett-Packard Company) HP Hotkey Support (HKLM-x32\...\{6E7401DB-B722-4428-BE94-DD4740CF6464}) (Version: 5.0.28.1 - Hewlett-Packard Company) HP SoftPaq Download Manager (HKLM-x32\...\{fc153673-e23b-4908-93b9-164cc056a3c4}) (Version: 4.3.19.0 - HP) HP System Default Settings (HKLM-x32\...\{E570B9C2-9A83-4938-BBD5-0A8C068083C1}) (Version: 1.2.1.4 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company) HP System Software Manager (HKLM-x32\...\{0654A5BE-4E69-4F93-88B2-A81B13A7960C}) (Version: 3.2.7.1 - HP) HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.14 - SunplusIT) HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6499.0 - IDT) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1045 - Intel Corporation) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.4 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation) iTunes (HKLM\...\{4C27D135-9BF4-4C4E-8380-420FFAA116AA}) (Version: 12.7.0.166 - Apple Inc.) Malwarebytes versie 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Mozilla Firefox 56.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 56.0.2 (x64 nl)) (Version: 56.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments) Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments) Native Instruments Traktor Audio 2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 Driver) (Version: - Native Instruments) Native Instruments Traktor Audio 2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Audio 2 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol D2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol D2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol F1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol F1 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version: - Native Instruments) Native Instruments Traktor Kontrol Z1 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol Z1 Driver) (Version: - Native Instruments) OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Pioneer MIX 64bit Driver (HKLM\...\Pioneer MIX) (Version: 5.0.1.0002 - Pioneer DJ Corporation.) Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.6.1.0 - Popcorn Time) <==== AANDACHT Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.146 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) rekordbox 5.0.0 64bit (HKLM\...\Pioneer rekordbox 5.0.0) (Version: 5.0.0.0040 - Pioneer DJ) rekordbox 5.0.1 64bit (HKLM\...\Pioneer rekordbox 5.0.1) (Version: 5.0.1.0002 - Pioneer DJ) Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated) Synaptics WBF Fingerprint Reader (HKLM\...\{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}) (Version: 4.5.321.0 - Synaptics) Syncios 6.2.3 (HKLM-x32\...\Syncios) (Version: 6.2.3 - Anvsoft) Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden VirtualDJ 8 (HKLM-x32\...\{661A505F-01EA-479D-A753-20EB80887843}) (Version: 8.2.3624.0 - Atomix Productions) VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation) Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation) WinRAR 5.50 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.5 - win.rar GmbH) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-706604028-3452249179-1621320311-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.) ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\AxCrypt\AxCrypt\ShellExt.dll [2017-08-29] (AxCrypt AB) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-06] (Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-07-02] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-07-02] (Alexander Roshal) ContextMenuHandlers2: [ARSD.FastPictureViewer] -> {B4F3C99C-6099-4617-8052-82ABF04C2F6E} => C:\Program Files\FastPictureViewer\FastPictureViewer.dll [2017-04-25] (Axel Rietschin Software Developments) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [ARSD.FastPictureViewer] -> {B4F3C99C-6099-4617-8052-82ABF04C2F6E} => C:\Program Files\FastPictureViewer\FastPictureViewer.dll [2017-04-25] (Axel Rietschin Software Developments) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-07-14] (Intel Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] () ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.) ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:\Program Files\AxCrypt\AxCrypt\ShellExt.dll [2017-08-29] (AxCrypt AB) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-06] (Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-07-02] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-07-02] (Alexander Roshal) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0DA83870-2007-4919-9DF9-1FA7AB1BA7FB} - System32\Tasks\S-1-5-21-706604028-3452249179-1621320311-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation) Task: {250B540B-DDAA-4F24-9DF0-D41F129FAD74} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-14] (Google Inc.) Task: {6E4ABCD3-6D97-494B-996D-E8CCB2265AE1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd) Task: {73BBF9B2-A3A3-4AE3-81B4-5025F23E7AAF} - System32\Tasks\S-1-5-21-706604028-3452249179-1621320311-500\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation) Task: {7CF13D01-574E-4E29-9815-3BF975E4E224} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.) Task: {9A08A198-E236-4372-8F21-E6BF051793B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {A080DE54-B6F1-4DDD-9620-4E6E4EEB2072} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation) Task: {A2601457-66C4-4969-96C6-C2525685A0A7} - System32\Tasks\Norton Security with Backup\Norton Security with Backup Autofix => C:\Program Files\Norton Security with Backup\Engine\22.10.1.10\SymErr.exe Task: {A2A9AC9E-F4F3-4C5A-9929-FB319805AEF7} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-706604028-3452249179-1621320311-500 => C:\Users\umber\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {BCDB6BDF-D09D-4CED-9F3A-2FB4135F22F5} - System32\Tasks\{63A7528F-892F-4E39-8C62-488B22AA6944} => C:\Windows\system32\pcalua.exe -a C:\Users\umber\Desktop\sp65631.exe -d C:\Users\umber\Desktop Task: {E3FC586C-31BC-4D37-B7AF-5C15783458C6} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe Task: {E4427869-7E5F-4787-A049-E73C79AAB8E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-14] (Google Inc.) Task: {E7EC6851-352A-4415-9EC3-DCD077FCDA3C} - System32\Tasks\Norton Security with Backup\Norton Security with Backup Error Processor => C:\Program Files\Norton Security with Backup\Engine\22.10.1.10\SymErr.exe Task: {F00A3A07-4A81-42D2-98C4-0F36125268E2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {F0600C9C-3017-486A-BE26-818EE7AA6B32} - System32\Tasks\Norton Security with Backup\Norton Security with Backup Error Analyzer => C:\Program Files\Norton Security with Backup\Engine\22.10.1.10\SymErr.exe Task: {F99B63DF-EB4D-4B41-978D-5A466CF027FD} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-10-06] (Avira Operations GmbH & Co. KG) (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\umber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki Shortcut: C:\Users\umber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com ==================== Geladen Modules (gefilterd) ============== 2017-05-08 23:44 - 2017-05-08 23:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-08-14 02:48 - 2017-08-14 02:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll 2017-07-14 13:58 - 2017-07-14 13:58 - 000384496 _____ () C:\WINDOWS\system32\igfxTray.exe 2017-03-18 21:59 - 2017-03-20 04:56 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-03-17 00:34 - 2015-03-17 00:34 - 000141312 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\nl_nl\PDFMaker\PDFMOutlookAddin.NLD 2017-08-10 16:24 - 2017-08-10 16:24 - 007112688 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\X64\AdobePDFMakerX.dll 2017-08-10 16:25 - 2017-08-10 16:25 - 003473920 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\nl_NL\PDFMaker\AdobePDFMakerX.NLD 2015-07-31 08:58 - 2015-07-31 08:58 - 000588968 _____ () C:\Program Files\Microsoft Office\Office16\msfad.dll 2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\nl_nl\AcroTray.nld ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorB.sys:com.dropbox.attributes [168] AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorS.sys:com.dropbox.attributes [168] AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-706604028-3452249179-1621320311-1001\...\1001movie.com -> 1001movie.com Er zijn 6091 Meer websites. ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2016-07-16 12:47 - 2017-10-23 20:32 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-706604028-3452249179-1621320311-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\umber\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == MSCONFIG\Services: !SASCORE => 2 MSCONFIG\Services: a2AntiMalware => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: Avira.ServiceHost => 2 MSCONFIG\Services: AviraPhantomVPN => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: DpHost => 2 MSCONFIG\Services: fpCsEvtSvc => 2 MSCONFIG\Services: HerculesDJControlMP3 => 2 MSCONFIG\Services: hpHotkeyMonitor => 2 MSCONFIG\Services: hpqcaslwmiex => 3 MSCONFIG\Services: hpqwmiex => 3 MSCONFIG\Services: hpsrv => 2 MSCONFIG\Services: HPWMISVC => 2 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: irmon => 3 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MBAMService => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: SynTPEnhService => 2 MSCONFIG\Services: valWBFPolicyService => 2 MSCONFIG\Services: XblAuthManager => 3 MSCONFIG\Services: XblGameSave => 3 MSCONFIG\Services: XboxNetApiSvc => 3 HKLM\...\StartupApproved\Run: => "AvastUI.exe" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [TCP Query User{4CC8DDE8-DFD3-46D9-8FC2-5E848263D57F}C:\users\umber\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\umber\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{3628B490-9681-46DB-AC90-F13F560A56AC}C:\users\umber\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\umber\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{72FAAC9D-FB25-4AAF-9359-5E3BBAB38D52}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [UDP Query User{678B0A94-50B6-4E4B-960B-8216AA2EB2D5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{A8B47069-FB98-4160-8FBA-290267FE000C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{93655B1B-49DD-448D-9D22-39C99530EB50}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{79634DCA-2BAA-4A11-B0D9-D8BD3BEE4E82}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6341486B-B94D-43E9-B14F-C876E07E0E01}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Herstelpunten ========================= 26-10-2017 10:23:57 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============= Name: HP HD Webcam Description: HP HD Webcam Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: SunplusIT Service: SPUVCbv Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft Kernel Debug Network Adapter Description: Netwerkadapter voor Microsoft Kernel-foutopsporing Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: kdnic Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Broadcom Bluetooth 4.0 Adapter Description: Broadcom Bluetooth 4.0 Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Broadcom Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Broadcom 802.11n-netwerkadapter Description: Broadcom BCM943228HMB 802.11abgn 2x2 Wi-Fi Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Broadcom Service: BCMWL63A Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (10/30/2017 07:10:23 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/29/2017 04:23:13 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (10/29/2017 04:22:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY) Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 12830. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values. Error: (10/29/2017 04:22:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY) Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 12830. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values. Error: (10/29/2017 04:22:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY) Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 12830. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values. Error: (10/27/2017 02:28:31 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Kan activeringscontext voor c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest. Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest. Error: (10/27/2017 08:54:49 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Kan activeringscontext voor c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest. Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest. Error: (10/27/2017 07:13:34 AM) (Source: Microsoft Office 16) (EventID: 2001) (User: ) Description: Microsoft Outlook: Rejected Safe Mode action : Outlook is de vorige keer niet gestart. In de veilige modus kunt u proberen het probleem op te lossen, maar diverse functies zijn mogelijk niet beschikbaar in deze modus. Wilt u de veilige modus starten?. Rejected Safe Mode action : Microsoft Outlook. Error: (10/27/2017 07:09:05 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Kan activeringscontext voor c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe niet maken. Fout in manifest of beleidsbestand op regel . Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest. Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest. Error: (10/27/2017 07:09:04 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Systeemfouten: ============= Error: (10/30/2017 07:41:39 AM) (Source: DCOM) (EventID: 10016) (User: ASAP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker ASAP\OEMBIE SID (S-1-5-21-706604028-3452249179-1621320311-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/30/2017 07:41:39 AM) (Source: DCOM) (EventID: 10016) (User: ASAP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker ASAP\OEMBIE SID (S-1-5-21-706604028-3452249179-1621320311-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/30/2017 07:41:39 AM) (Source: DCOM) (EventID: 10016) (User: ASAP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker ASAP\OEMBIE SID (S-1-5-21-706604028-3452249179-1621320311-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/30/2017 07:41:39 AM) (Source: DCOM) (EventID: 10016) (User: ASAP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker ASAP\OEMBIE SID (S-1-5-21-706604028-3452249179-1621320311-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/30/2017 07:41:39 AM) (Source: DCOM) (EventID: 10016) (User: ASAP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker ASAP\OEMBIE SID (S-1-5-21-706604028-3452249179-1621320311-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/30/2017 07:41:39 AM) (Source: DCOM) (EventID: 10016) (User: ASAP) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} en APPID {9E175B9C-F52A-11D8-B9A5-505054503030} aan de gebruiker ASAP\OEMBIE SID (S-1-5-21-706604028-3452249179-1621320311-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/30/2017 07:04:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/30/2017 07:04:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (10/30/2017 07:04:09 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1794) (User: NT AUTHORITY) Description: The Trusted Platform Module (TPM) firmware on this PC has a known security problem. Please contact your PC manufacturer to find out if an update is available. For more information please go to https://go.microsoft.com/fwlink/?linkid=852572 Error: (10/30/2017 07:03:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart: De aanvraag wordt niet ondersteund. CodeIntegrity: =================================== Date: 2017-10-29 16:22:58.411 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-29 16:22:58.409 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-29 16:20:52.879 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-29 15:12:35.691 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-27 19:47:37.460 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-27 15:25:26.858 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-27 09:49:48.482 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-27 08:05:47.958 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-26 22:38:33.553 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2017-10-26 19:46:44.248 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz Percentage geheugen in gebruik: 43% Totaal fysiek RAM-geheugen: 4009.11 MB Beschikbaar fysiek RAM-geheugen: 2251.86 MB Totaal Virtueel geheugen: 7209.11 MB Beschikbaar Virtual geheugen: 5217.79 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:294.62 GB) (Free:51.38 GB) NTFS Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.28 GB) FAT32 ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0AA672E7) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=294.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=991 MB) - (Type=27) Partition 4: (Not Active) - (Size=2 GB) - (Type=0C) ==================== Eind van Addition.txt ============================