Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-12-2017 Gestart door Nasim (17-12-2017 21:51:28) Gestart vanaf C:\Users\Nasim\Desktop Windows 8.1 (Update) (X64) (2015-04-13 17:38:37) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2769203267-2919422116-2587263349-500 - Administrator - Disabled) Gast (S-1-5-21-2769203267-2919422116-2587263349-501 - Limited - Enabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-2769203267-2919422116-2587263349-1003 - Limited - Enabled) Nasim (S-1-5-21-2769203267-2919422116-2587263349-1001 - Administrator - Enabled) => C:\Users\Nasim ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-2769203267-2919422116-2587263349-1001\...\uTorrent) (Version: 3.5.0.44294 - BitTorrent Inc.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 372.90 - NVIDIA Corporation) Hidden ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS) AVG (HKLM\...\{E61E6143-4937-43FC-8C12-06B8A987484D}) (Version: 1.211.3 - AVG Technologies) Hidden AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.8.3036 - AVG Technologies) CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform) ChromecastApp (HKU\S-1-5-21-2769203267-2919422116-2587263349-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.) Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) Egyptoball (HKLM-x32\...\Egyptoball_is1) (Version: 1.0 - GameTop Pte. Ltd.) Fishdom 3 (HKLM-x32\...\Fishdom 3_is1) (Version: 1.0 - GameTop Pte. Ltd.) FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation) Golden Path (HKLM-x32\...\Golden Path_is1) (Version: 1.0 - GameTop Pte. Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) Mahjong Quest (HKLM-x32\...\Mahjong Quest_is1) (Version: 1.0 - GameTop Pte. Ltd.) Malwarebytes versie 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2769203267-2919422116-2587263349-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 57.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 57.0.2 (x64 nl)) (Version: 57.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.2.6549 - Mozilla) NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.) Snail Bob 2 (HKLM-x32\...\Snail Bob 2_is1) (Version: 1.0 - GameTop Pte. Ltd.) Star Defender 4 (HKLM-x32\...\Star Defender 4_is1) (Version: 1.0 - GameTop Pte. Ltd.) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) The Chronicles of Emerland Solitaire (HKLM-x32\...\The Chronicles of Emerland Solitaire_is1) (Version: 1.0 - GameTop Pte. Ltd.) Update for Skype for Business 2015 (KB4011284) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0CFCD910-8950-4626-80EB-AA0B64A186E8}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4011284) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0CFCD910-8950-4626-80EB-AA0B64A186E8}) (Version: - Microsoft) Update for Skype for Business 2015 (KB4011284) 64-Bit Edition (HKLM\...\{90150000-012B-0413-1000-0000000FF1CE}_Office15.PROPLUS_{0CFCD910-8950-4626-80EB-AA0B64A186E8}) (Version: - Microsoft) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.12.577 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent) Windows Driver Package - ASUS (ATP) Mouse (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinZip 18.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. ) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2769203267-2919422116-2587263349-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2769203267-2919422116-2587263349-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Nasim\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2769203267-2919422116-2587263349-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nasim\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-11-25] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2013-10-23] (WinZip Computing, S.L.) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2013-10-23] (WinZip Computing, S.L.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-18] (Intel Corporation) ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-18] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-11-25] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2013-10-23] (WinZip Computing, S.L.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {03193649-D621-4E51-8453-5FE3BFB7EC37} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor) Task: {058B67AE-F1B6-46C8-B61C-DC2225BB89F9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor) Task: {0928431D-FF7E-4470-9096-BFEA91496673} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-11-25] (AVG Technologies CZ, s.r.o.) Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Geen bestand <==== AANDACHT Task: {116D0EE7-939C-4D2A-8FD8-B49B6B171FA6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Geen bestand <==== AANDACHT Task: {142C54B1-02D5-4494-B181-1A57F074BB05} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Geen bestand <==== AANDACHT Task: {1A7F3A55-887A-44B2-A867-5A2DAC00FBB9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation) Task: {22799B58-DBF0-4A10-B0CA-B8EDE1BBB70B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {3326F1A5-BF51-401F-A6F8-D9C951199BFB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-01] (Piriform Ltd) Task: {36702375-17FC-41D4-AB1A-A93745EC5C80} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.) Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {379FD9CA-AF46-4303-8C14-BF6E464E06CB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation) Task: {3911D90C-C70C-4D3B-A10F-3ECC099E65CA} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek) Task: {45AB1105-2808-463C-9720-56EA3C464167} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {470DC629-2BA2-4927-897A-30329ACCC76A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation) Task: {49C8D249-4F94-4988-A6DB-249853AEAD8A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation) Task: {5B8F2C84-B30F-4F30-8585-83C327149DCA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001UA => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-13] (Google Inc.) Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Geen bestand <==== AANDACHT Task: {71582357-71DA-474B-9713-710D5A690EE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated) Task: {727A609C-334D-43D6-BF31-06F99E17C184} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation) Task: {7F8E1EDA-A227-4BE0-93F3-18A408113372} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor) Task: {8B29929E-4F13-4E86-B2FE-AF81C753FF86} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core1d1e992c266172f => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-13] (Google Inc.) Task: {8C88D30A-5875-4A84-A3E5-CF5BC78955F3} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.) Task: {A0F2EA48-5F9D-4B6B-8CC9-7FE33B41C1F5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {AA322511-41B0-4C60-870A-5E0DE9A4ACBC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation) Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Geen bestand <==== AANDACHT Task: {CA1C69A5-4C09-473B-990A-89671EA1F2FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Geen bestand <==== AANDACHT Task: {DF328656-F84D-4895-B4DE-4CD0595C1836} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-14] (Google Inc.) Task: {E543F41F-5CBB-40AD-9794-5765A84109FA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-01] (Piriform Ltd) Task: {E5443497-A14C-4F37-AB19-7D2DCB66A677} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {EECBB89D-EFFF-4C97-AC01-0408AD7E2EDA} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS) Task: {F01E53FB-106B-4125-A9A3-01D64C5FAC25} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {F71A479E-7648-4DA4-8249-1135411762B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-14] (Google Inc.) Task: {FF6AABC5-AC1E-44D5-B255-1E56C0E5B606} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core.job => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core1d0bdac4b4f3a86.job => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core1d0bfc25d814b50.job => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core1d0e18f29cf7e22.job => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core1d0f074d11bd656.job => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core1d12f59dd7c2ebe.job => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core1d15d33c0a965e6.job => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2769203267-2919422116-2587263349-1001Core1d1ab77751635b5.job => C:\Users\Nasim\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Nasim\Desktop\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Nasim\Desktop\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ShortcutWithArgument: C:\Users\Nasim\AppData\Local\Google\Chrome\User Data\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Nasim\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cnciopoikihiagdjbjpnocolokfelagl\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ShortcutWithArgument: C:\Users\Nasim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\Nasim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ShortcutWithArgument: C:\Users\Nasim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\App-opstartprogramma van Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ==================== Geladen Modules (gefilterd) ============== 2016-12-16 17:19 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2014-12-11 08:13 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-12-01 16:23 - 2017-12-01 16:23 - 000089472 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2015-04-16 20:58 - 2015-04-16 20:58 - 000235008 _____ () C:\Program Files\WindowsApps\44364DreamMobileStudio.SpiderSolitaire_1.3.1.16_neutral__kktfx1x8prfnp\SpiderSolitaireWin.exe 2017-10-07 15:47 - 2017-10-04 12:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2014-12-11 08:06 - 2013-10-23 14:44 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 000117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 000037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 000018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll 2014-04-02 15:46 - 2014-04-02 15:46 - 000020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll 2016-12-16 17:19 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-12-08 17:40 - 2016-12-08 17:40 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll 2017-11-25 13:14 - 2017-11-25 13:14 - 000168216 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll 2017-11-25 13:14 - 2017-11-25 13:14 - 000060160 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll 2017-07-08 22:49 - 2017-07-08 22:49 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll 2017-11-25 13:14 - 2017-11-25 13:14 - 000238928 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll 2017-11-25 13:14 - 2017-11-25 13:14 - 000245704 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll 2017-10-18 19:28 - 2017-10-18 19:28 - 003190784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\93f70b53a4d2ff037d31f80c46f7be46\Windows.UI.Xaml.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 001032192 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\b8976d459b7f430631f8df61f2c341da\Windows.ApplicationModel.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000864768 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI\ab4c8bc401d34b3f4be792e6ee306c1e\Windows.UI.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000212992 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\3953b05b0f473302925bf5ae0a436f49\Windows.Globalization.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000192512 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\bff233ca535292364dc8654614f72cda\Windows.Foundation.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000750592 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Storage\5c79d07a63bd133c1101437c8c14be18\Windows.Storage.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000304640 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Data\c916f9cbd6a770a9a6340eb749324fbe\Windows.Data.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000345088 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Security\8b74fce5f963c0eeb393fc18e7fee3fb\Windows.Security.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000113664 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.System\d83d18db2045be5b7869fcf5393090ed\Windows.System.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000274432 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\c4b34b1057f47d8d5b8fc4d727d436a3\Windows.Graphics.ni.dll 2017-10-18 19:29 - 2017-10-18 19:29 - 000704000 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Networking\62ee6404ff17c786b461ec890dae92ac\Windows.Networking.ni.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\ProgramData\TEMP:2AEA4C0D [144] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 14:25 - 2016-09-25 19:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2769203267-2919422116-2587263349-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nasim\AppData\Roaming\Mozilla\Firefox\Bureaubladachtergrond.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{A52DAF81-4DD2-496C-8F3A-9CAEBEE2DB0F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A928658F-E3FD-4056-8A8C-C914AFA10976}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2D1D99FD-9C21-4EC4-8D10-F1087E9A1111}] => (Allow) C:\Users\Nasim\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{68FD7ADB-3773-45ED-99A4-C019BE0627C3}] => (Allow) C:\Users\Nasim\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6F5FC570-33E1-4076-801D-96E073859955}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{3206DA32-29F3-44CE-AB24-1825A2242F5F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{BAB70581-BF06-478B-9B37-B016894EA01C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{96C332F3-8047-4469-BF83-790E2364FD3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{DF7512FD-30E1-445B-B823-319AB9E18DD4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{58B02BA4-6DC0-4DA6-BEEB-E3553B26CB0D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{1F62EE0C-E86D-4CF6-8BDF-4508461983A9}] => (Allow) LPort=5556 FirewallRules: [{C80DF7B9-496D-442D-BAE4-07888C6A2B22}] => (Allow) LPort=5558 FirewallRules: [{432CD287-03D4-4F48-9E08-BD7546091D16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CE7EF8F4-5F2B-464B-AAAB-844CC74F9192}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3896678F-7CFE-490B-9B9B-689BF7036EFA}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{1B0E55FE-7D52-4249-B294-0E8018127258}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{8BD1A26F-EBBB-4B05-A6E4-1EADA6E6BC5A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{8F165572-CF54-40F8-AE40-9F0C0DCD004A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{39ACEF02-7D2A-4F7C-9523-679F11A5C1B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{380537D2-07FD-420C-AE81-C5DED34226D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{26256C33-B0A1-4654-9DE2-6B65CD35BF42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{756A84B8-34B9-4A25-98E2-53FF2FA8ECD0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{E5FD00AD-612D-4E87-BD63-A99D8970C5DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{163B64A4-4AC4-450B-AF19-F5941D34527B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{5057BB2F-B632-4FFA-B44F-EB0DE8737244}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{07CF976F-5CA5-4BD3-B5CD-68422F4EE315}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [TCP Query User{096C45FD-8FFF-438E-870B-B0A4372F666F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{BCAB4B1F-EDD4-4057-BE27-3D59A1AD6B5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{F17DF06C-0BAF-4321-8731-D02E8E926492}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{4566CDCC-0E64-4C54-A45B-3F643A53C829}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{064D979D-4853-4787-B715-6C9124E8A09C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E71EC02B-BC51-48FD-AC9A-FFAD58A87AC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D7010284-2761-463C-B61B-8D681468AEC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{EA03A244-86AC-4E7F-8F06-2EA1611BF01F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Herstelpunten ========================= 05-12-2017 17:36:04 Windows Update 09-12-2017 20:59:54 Windows Update 14-12-2017 13:39:07 Windows Update 17-12-2017 20:19:41 Installed HiJackThis ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (12/17/2017 09:34:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIM) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147009284. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (12/17/2017 09:34:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIM) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147009284. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (12/17/2017 09:00:04 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1628) SRUJet: Database C:\Windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp van tabel {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is beschadigd (0). Error: (12/17/2017 08:56:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 3.0.0.1169, tijdstempel: 0x599723f1 Naam van module met fout: Qt5Core.dll, versie: 5.6.2.0, tijdstempel: 0x59a63e00 Uitzonderingscode: 0xc0000005 Foutmarge: 0x001aa3b6 Id van proces met fout: 0x1bf4 Starttijd van toepassing met fout: 0x01d3777129acc4f5 Pad naar toepassing met fout: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Pad naar module met fout: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll Rapport-id: 6ce8af2c-e364-11e7-82fe-f0795923d15b Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (12/17/2017 08:56:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbamservice.exe, versie: 3.1.0.556, tijdstempel: 0x5988c3f1 Naam van module met fout: mbamservice.exe, versie: 3.1.0.556, tijdstempel: 0x5988c3f1 Uitzonderingscode: 0xc0000005 Foutmarge: 0x00000000001b6596 Id van proces met fout: 0x1f28 Starttijd van toepassing met fout: 0x01d377712ab0a41e Pad naar toepassing met fout: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe Pad naar module met fout: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe Rapport-id: 689d8faa-e364-11e7-82fe-f0795923d15b Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (12/17/2017 08:53:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIM) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147009284. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (12/17/2017 08:53:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIM) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147009284. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (12/17/2017 08:53:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIM) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147009284. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (12/17/2017 08:53:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIM) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147009284. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (12/17/2017 08:53:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NASIM) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147009284. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Systeemfouten: ============= Error: (12/17/2017 09:34:22 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server Error: (12/17/2017 09:34:22 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server Error: (12/17/2017 08:56:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Malwarebytes Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (12/17/2017 08:53:31 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server Error: (12/17/2017 08:53:31 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server Error: (12/17/2017 08:53:26 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server Error: (12/17/2017 08:53:26 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server Error: (12/17/2017 08:53:21 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server Error: (12/17/2017 08:53:21 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server Error: (12/17/2017 08:53:21 PM) (Source: DCOM) (EventID: 10001) (User: NASIM) Description: Kan DCOM Server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding "15612" is opgetreden bij het uitvoeren van de opdracht "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server CodeIntegrity: =================================== Date: 2017-05-17 23:41:01.406 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:59.816 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:57.772 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:55.641 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:53.786 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:51.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:49.836 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:48.296 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:46.461 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-05-17 23:40:44.776 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentage geheugen in gebruik: 59% Totaal fysiek RAM-geheugen: 6027.26 MB Beschikbaar fysiek RAM-geheugen: 2421.44 MB Totaal Virtueel geheugen: 12171.26 MB Beschikbaar Virtual geheugen: 7805.81 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:174.78 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:378.93 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 5FEC376D) Partition: GPT. ==================== Eind van Addition.txt ============================