Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 05-07-2017 Gestart door mathi (05-07-2017 20:55:43) Gestart vanaf D:\Muziek\NYC Windows 10 Home Versie 1607 (X64) (2016-08-09 21:25:58) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3708396653-16006867-1780968584-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3708396653-16006867-1780968584-503 - Limited - Disabled) Gast (S-1-5-21-3708396653-16006867-1780968584-501 - Limited - Disabled) mathi (S-1-5-21-3708396653-16006867-1780968584-1001 - Administrator - Enabled) => C:\Users\mathi ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) µTorrent (HKU\S-1-5-21-3708396653-16006867-1780968584-1001\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.) Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.53 - NVIDIA Corporation) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ArcGIS Pro (HKLM\...\{3D77DC61-4F04-4A38-B565-5120F736699F}) (Version: 1.3.5861 - Environmental Systems Research Institute, Inc.) Hidden ArcGIS Pro (HKLM\...\ArcGISPro) (Version: 1.3.5861 - Environmental Systems Research Institute, Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.4.223 - ASUSTek Computer Inc) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.30 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0040 - ASUS) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.85 - ICEpower a/s) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2302 - AVAST Software) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant) CopyTrans Suite Alleen Verwijderen (HKU\S-1-5-21-3708396653-16006867-1780968584-1001\...\CopyTrans Suite) (Version: 4.013 - WindSolutions) Core Temp 1.0 RC8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0193 - Disc Soft Ltd) Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.) Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Foxit PhantomPDF (HKLM-x32\...\{E40149BB-552F-44C8-A10F-4188ADC5AD70}) (Version: 7.0.510.429 - Foxit Software Inc.) GameFirst IV (HKLM-x32\...\{2B5BE4E7-3E40-4BC4-A534-5342E3078F89}) (Version: 1.5.12 - ASUS) Hidden GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line) Intel Security True Key (HKLM\...\TrueKey) (Version: 4.18.110.1 - Intel Security) Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation) Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) League of Legends (HKLM-x32\...\{31AC3B64-AB6C-4659-BB1A-EEDFBA9B98F7}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) Malwarebytes versie 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.584.4 - McAfee, Inc.) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3708396653-16006867-1780968584-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Ori and the Blind Forest ver. 1.0 *update 2* (HKLM-x32\...\{26157000-33CV-33VB-22R6-67DD6F2186AC}_is1) (Version: 1.0 *update 2* - Microsoft Studios) Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.35 - ASUS) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10143.21278 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek) ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.1 - ASUS) SafeZone Stable 3.55.2393.609 (HKLM-x32\...\SafeZone 3.55.2393.609) (Version: 3.55.2393.609 - Avast Software) Hidden SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3708396653-16006867-1780968584-1001\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer) Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version: - Microsoft) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.5.541 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH) XSplit Gamecaster (HKLM-x32\...\{0E12BEC0-F2EE-43FA-AEA0-24B5E9F80167}) (Version: 2.5.1507.3011 - SplitmediaLabs) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.5.541\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.5.541\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.5.541\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-04] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-04] (AVAST Software) ContextMenuHandlers01: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-04] (AVAST Software) ContextMenuHandlers01: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-04-30] (Foxit Software Inc.) ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\rarext.dll [2016-06-25] (Alexander Roshal) ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Geen bestand ContextMenuHandlers03: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-04] (AVAST Software) ContextMenuHandlers03: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes) ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Intel Corporation) ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-06-08] (NVIDIA Corporation) ContextMenuHandlers06: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-04] (AVAST Software) ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes) ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\rarext.dll [2016-06-25] (Alexander Roshal) ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Geen bestand ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {07880964-1B4A-43B3-84DC-F4186BF18F6F} - System32\Tasks\ASUS\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-03-22] (ASUSTek Computer Inc) Task: {0B45B3F8-7285-4ED8-AC85-7487ECE02C1A} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-24] (Intel Corporation) Task: {0E7305EA-F078-4CD5-A9FF-BBBB8B174A41} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.) Task: {1435414B-D0E4-4DFF-8A12-3F95D681ACD4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-04] (AVAST Software) Task: {14D9510C-B370-42B8-AA96-0142CB7864DD} - System32\Tasks\SafeZone scheduled Autoupdate 1466526841 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-06-13] (Avast Software) Task: {1A470E5C-5817-44D2-A77B-B6D56FF81591} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.) Task: {1D8779C3-1839-4ABF-85AF-8D327E3FD240} - System32\Tasks\{6EBA8ABD-BB30-4EC0-A195-F0949C1B0E43} => pcalua.exe -a D:\lol.launcher.exe -d D:\ Task: {224B87D2-E927-4F10-9E8B-187A801D33A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd) Task: {242D068F-3A2C-4C9E-8ED1-6C4B4EA92ACF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation) Task: {2825BA3D-0638-4AE5-B668-3E08BA787181} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] () Task: {319D24A0-A835-4B12-B467-0BBD73C81A2E} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {3469BCFB-9FEB-4A7E-A7C1-91BB1D1BC913} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {4255988E-DF6C-4A12-8A43-13072A027D66} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {45A79935-BB5B-4BDC-877E-AB092CF92FFC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-04] (Google Inc.) Task: {4610D826-7096-4DDD-B957-36C631E9B6FB} - System32\Tasks\{55A6B3EB-ACA1-41B4-811F-DB8D828B6C76} => pcalua.exe -a D:\lol.launcher.exe -d D:\ Task: {4B7DFB20-7E1F-4331-A53B-1DF609155E4D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation) Task: {4B953147-4B75-4D6B-9241-438499097F9C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.) Task: {591E0515-97F0-4049-B806-859947BB971A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-18] (Adobe Systems Incorporated) Task: {5F058BFA-70F8-4530-8E5E-1D58BAC66570} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation) Task: {5FFD7382-61C8-4712-839F-74B7EAA783F1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {60F569D7-49A7-4937-8B34-D48881776412} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-14] (AVAST Software) Task: {6E943288-99E4-4360-948E-ABCFF6E3E0E5} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS) Task: {7115E5B0-684E-4F6E-AB29-7E08A9E0B976} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {8B5A88B6-C7B5-423B-A1CA-222AB72AC8D4} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation) Task: {934F7271-19AE-4EE8-8F03-D19257AC4F62} - System32\Tasks\AutoPico Daily Restart => D:\KMSpico\AutoPico.exe Task: {9565F2F6-2466-4641-9F67-EC2ABCBFAF1A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation) Task: {99941478-FB9C-4B15-A8E1-92F6CAAA020F} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-24] (Intel Corporation) Task: {B0D92780-61F3-4631-A385-89CE9729A9D5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.) Task: {BE40AB22-2BCF-480D-98DF-521D04A4FDB6} - System32\Tasks\{93E1A133-3DF4-4526-88E8-2A3217E1AE17} => pcalua.exe -a D:\lol.launcher.exe -d D:\ Task: {CB91C07A-5632-471A-ADC9-D24CDFEC6C53} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation) Task: {CDEE06C8-4818-47CD-B9E2-FDF4FE00C799} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation) Task: {D61D0B94-3FDA-47F6-9BAD-7ED32DA49035} - System32\Tasks\{B892ACDC-877F-4A50-8CDE-5143722C56D9} => pcalua.exe -a D:\lol.launcher.exe -d D:\ Task: {DF1ADC37-14FD-4507-9531-ED7BCB1295F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-04] (Google Inc.) Task: {E052125F-B9BF-4CFF-9584-D915EBCBE4FC} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {E0BB927C-330C-40A9-A58D-4CA07A4436D9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-18] (Adobe Systems Incorporated) Task: {E3354234-B71F-4068-812E-1A34950805E1} - System32\Tasks\{93DC3B70-ADC2-4CD3-93C6-36A23CF91B0F} => pcalua.exe -a D:\lol.launcher.exe -d D:\ Task: {E4677286-30DD-4D1C-82F2-AF9268E63219} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation) Task: {E902F47D-7BFB-47FF-AD0D-AA596585B3C1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation) Task: {E958F268-6632-4042-B85C-2A9A989CF340} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.) Task: {ED891B8C-0A1A-47E3-980C-D9F615073FF3} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] () Task: {EDA7B2A3-E2F3-45C3-8633-06238F42B9CC} - System32\Tasks\{82F1462B-C2A5-4B43-9795-21DF14004F74} => pcalua.exe -a D:\lol.launcher.exe -d D:\ Task: {F4A3D77F-8926-40E2-8165-8EFA645A901E} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [2015-08-13] (ASUSTek Computer Inc.) Task: {F56D8BE9-CC7E-4ADC-9FCA-FC37B40AD563} - System32\Tasks\{E67B0B56-E6B0-487C-A6CA-8DC3CE6BB3D4} => pcalua.exe -a D:\lol.launcher.exe -d D:\ (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\mathi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7634a48803fa655b\ASUS GIFTBOX.lnk -> C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe (ASUSTek Computer Inc) -> --user-data-dir="C:\Users\mathi\AppData\Local\ASUS GIFTBOX\User Data" --profile-directory=Default --app-id=gicdkbgeaegfghgkdgaejkfeppmlobel ==================== Geladen Modules (gefilterd) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-06-17 11:43 - 2017-06-03 12:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-08-09 23:15 - 2017-06-08 01:55 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-05-19 11:11 - 2015-05-19 11:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe 2017-02-11 13:48 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-04-26 23:35 - 2017-03-22 10:24 - 02271520 _____ () D:\ANTI-MALWARE\PoliciesControllerImpl.dll 2016-05-17 06:36 - 2016-05-17 06:36 - 08901800 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-09-13 22:59 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-14 22:57 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-14 22:58 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-14 22:58 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-14 22:58 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-06-17 11:43 - 2017-06-03 10:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-06-17 11:43 - 2017-06-03 10:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-06-21 17:19 - 2017-06-21 17:19 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-06-21 17:19 - 2017-06-21 17:19 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-06-21 17:19 - 2017-06-21 17:19 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-06-21 17:19 - 2017-06-21 17:19 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll 2017-06-27 21:36 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll 2017-06-27 21:36 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll 2017-02-11 13:48 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-03-22 20:04 - 2017-03-22 20:04 - 01937408 _____ () C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll 2015-08-25 11:40 - 2015-08-25 11:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2015-08-25 11:40 - 2015-08-25 11:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2017-03-22 20:04 - 2017-03-22 20:04 - 02177536 _____ () C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll 2017-03-22 20:04 - 2017-03-22 20:04 - 00079360 _____ () C:\Program Files (x86)\ASUS\Giftbox\libegl.dll 2017-03-22 20:04 - 2017-03-22 20:04 - 03561984 _____ () C:\Program Files (x86)\ASUS\Giftbox\node.dll 2017-03-22 20:03 - 2017-03-22 20:04 - 00286144 _____ () \\?\C:\Program Files (x86)\ASUS\Giftbox\node_modules\appcloud-native-utils\anu.node 2017-03-22 20:03 - 2017-03-22 20:03 - 00236032 _____ () \\?\C:\Program Files (x86)\ASUS\Giftbox\node_modules\appcloud-engine\node_modules\appcloud-native-utils\anu.node 2017-07-04 16:33 - 2017-07-04 16:33 - 00170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-07-04 16:33 - 2017-07-04 16:33 - 01038952 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-07-04 16:33 - 2017-07-04 16:33 - 67109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-07-04 16:33 - 2017-07-04 16:33 - 00192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-07-04 16:33 - 2017-07-04 16:33 - 00224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-07-04 16:33 - 2017-07-04 16:33 - 00292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-07-04 16:33 - 2017-07-04 16:33 - 02962096 _____ () C:\Program Files\AVAST Software\Avast\aswDataScan.dll 2017-07-04 16:33 - 2017-07-04 16:33 - 00689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-10-29 10:08 - 2017-06-22 19:15 - 00189040 _____ () C:\Users\mathi\AppData\Roaming\Spotify\SpotifyWinRT.dll 2017-02-11 13:49 - 2017-05-03 22:20 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2016-03-14 19:57 - 2017-06-22 19:15 - 67117168 _____ () C:\Users\mathi\AppData\Roaming\Spotify\libcef.dll 2016-03-14 19:57 - 2017-06-22 19:15 - 02253424 _____ () C:\Users\mathi\AppData\Roaming\Spotify\libglesv2.dll 2016-03-14 19:57 - 2017-06-22 19:15 - 00086640 _____ () C:\Users\mathi\AppData\Roaming\Spotify\libegl.dll 2015-07-22 02:18 - 2015-07-22 02:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) HKU\S-1-5-21-3708396653-16006867-1780968584-1001\Software\Classes\regfile: regedit.exe "%1" <==== AANDACHT ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-10-30 09:24 - 2017-06-27 16:34 - 00000861 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3708396653-16006867-1780968584-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mathi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKU\S-1-5-21-3708396653-16006867-1780968584-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3708396653-16006867-1780968584-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3708396653-16006867-1780968584-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{4522BC85-684E-4C1F-B234-2D255F88D1AE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{73F421E2-86B7-4043-B205-0DE8D5F8CECE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{EBD47050-073C-4584-A914-CF250A466093}] => (Allow) D:\iTunes\iTunes.exe FirewallRules: [{72029BD1-908C-4C4C-94DB-21EDAFA4FB37}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CEA81A0D-A9BC-4917-BA2A-843678D0E23B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2173AA93-9733-48D4-A97C-ED3458C951DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{B63F3A63-B0BE-4933-90FF-1DF9E0932A5A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5BA7B29F-91D8-4170-AD94-170B5FA8D42D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{70DAECBC-A8A2-404A-A273-5F5FF63B4890}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{7AD4E284-2F83-4746-A905-78478D98F3F9}] => (Allow) D:\Steam\bin\steamwebhelper.exe FirewallRules: [{9052D69A-696E-43FA-A0F2-1DEA9B3281D5}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{C79000EC-0422-4071-9977-435CEB0A4073}] => (Allow) D:\Steam\Steam.exe FirewallRules: [UDP Query User{6AE2CFF5-6A80-4A51-8836-026A281BEE38}C:\users\mathi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mathi\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{E92CD0F1-7B93-4EA9-832E-B8C8037D1EB0}C:\users\mathi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mathi\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{F690F482-A78E-4114-827B-35650BE72CF5}C:\users\mathi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mathi\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{FBB81C88-54A0-4FD0-A8FF-3329A6953539}C:\users\mathi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mathi\appdata\roaming\spotify\spotify.exe FirewallRules: [{C3B89BC0-C5DC-49CA-88B9-45C40AA31C37}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{8E4783EF-6C50-4D9A-9FF7-F31499BDF4F3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{CE525633-26BC-4030-9B4E-3F09FBC0A3EB}] => (Allow) C:\Users\mathi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8593775D-8F4C-433A-AD9A-3277158E1F94}] => (Allow) C:\Users\mathi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F383EB2A-7F2C-4829-A6F5-C106ADEC36D7}] => (Allow) C:\Users\mathi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{587773FB-7914-478D-B164-44323D9161DF}] => (Allow) C:\Users\mathi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A3BC09A5-AC26-490B-B766-6A8768E2BE9A}] => (Allow) C:\Users\mathi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{732F41E2-8DEB-4496-8126-AC960584B040}] => (Allow) C:\Users\mathi\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E5E9F97F-C3B8-4671-8B1F-2DEEB24A1B97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{40825D15-9058-428B-8FAF-5FCC68285365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{51907F68-1F29-4CD6-98DA-04730BB4E94A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{4B54B6D1-7DC3-4E48-A200-95A70685572F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{9B74BB97-FA3D-413B-BCB1-F61422641A0C}] => (Allow) C:\Windows\SysWOW64\ftp.exe FirewallRules: [{4BB08522-6BC3-49F1-85AB-DC7979F27294}] => (Allow) C:\Windows\SysWOW64\ftp.exe FirewallRules: [{5B7FBDC5-651C-4EBA-B7CA-D0D29CB170E0}] => (Allow) C:\Windows\system32\ftp.exe FirewallRules: [{01FBA13A-A6FE-4116-B9A9-67AF9C12B98D}] => (Allow) C:\Windows\system32\ftp.exe FirewallRules: [{1EA35D40-D8D0-47F0-B651-4020DED7FD6F}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe FirewallRules: [{292570F9-EC71-42E3-BF2C-4FECC5C3ADC6}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe FirewallRules: [{C71F9022-25E9-433B-B10A-38395A14F63E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe FirewallRules: [{C17327C6-32F2-475C-8D63-B76F581019A2}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{EC1E69B5-684C-460E-8D2E-9041B9BF477B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{06A20EE4-AB32-4CDE-93DB-B8D23CF0B8EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{69DF8972-A769-4705-B234-08EEE2BA1593}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{BE2092D4-3426-4DDD-9104-7DFA30737556}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{6926BB39-98EA-4269-93AD-1A3CE5DE733A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{2D665CDD-48A9-49AA-B9BA-B66778C37F69}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{47D6DB8C-3082-4C38-8391-41B82E22F8AD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe FirewallRules: [{D45C8B3F-D149-4F3C-A002-8E65B35DB1CE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{CDE3F09B-CFC8-4CF2-B0CA-5D234E589264}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (07/05/2017 08:36:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ShellExperienceHost.exe, versie: 10.0.14393.447, tijdstempel: 0x5819bf85 Naam van module met fout: twinapi.appcore.dll, versie: 10.0.14393.1198, tijdstempel: 0x590280b1 Uitzonderingscode: 0xc000027b Foutmarge: 0x000000000006d1b4 Id van proces met fout: 0x3220 Starttijd van toepassing met fout: 0x01d2f59b155b2d19 Pad naar toepassing met fout: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Pad naar module met fout: C:\Windows\System32\twinapi.appcore.dll Rapport-id: 0b879202-b73d-4a38-8f29-9cadc929aa2c Volledige pakketnaam met fout: Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: App Error: (07/05/2017 04:28:11 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR DPTF Build Version: 8.1.10600.150 DPTF Build Date: Jun 26 2015 11:46:12 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (07/05/2017 12:02:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-K474BPS) Description: Het activeren van de app Microsoft.WindowsStore_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (07/05/2017 12:02:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-K474BPS) Description: Het activeren van de app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (07/04/2017 04:31:06 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR DPTF Build Version: 8.1.10600.150 DPTF Build Date: Jun 26 2015 11:46:12 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (07/03/2017 04:45:43 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR DPTF Build Version: 8.1.10600.150 DPTF Build Date: Jun 26 2015 11:46:12 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (07/03/2017 12:26:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-K474BPS) Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie. Error: (07/02/2017 10:28:27 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR DPTF Build Version: 8.1.10600.150 DPTF Build Date: Jun 26 2015 11:46:12 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (07/02/2017 10:31:39 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname DESKTOP-K474BPS.local already in use; will try DESKTOP-K474BPS-2.local instead Error: (07/02/2017 10:31:39 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 DESKTOP-K474BPS.local. Addr 192.168.1.4 Systeemfouten: ============= Error: (07/05/2017 08:49:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (07/05/2017 08:49:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (07/05/2017 08:49:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (07/05/2017 08:49:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (07/05/2017 08:49:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (07/05/2017 08:49:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Service KMSELDI-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (07/05/2017 08:49:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De InstallerService-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (07/05/2017 08:49:04 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY) Description: Het DLL-meldingsbestand "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" voor wachtwoorden kan niet worden geladen door de fout 126. Controleer of het pad van het DLL-meldingsbestand dat is gedefinieerd in het register (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages), verwijst naar een juist en absoluut pad (:\\.) en niet naar een relatief of ongeldig pad. Als het pad van het DLL-bestand juist is, controleert u of eventuele ondersteunende bestanden zich in dezelfde map bevinden en of het systeemaccount over leestoegang beschikt voor zowel het pad van het DLL-bestand als eventuele ondersteunende bestanden. Neem contact op met de leverancier van het DLL-meldingsbestand voor aanvullende ondersteuning. Meer informatie vindt u op de webpagina http://go.microsoft.com/fwlink/?LinkId=245898. Error: (07/05/2017 08:48:57 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: ACPI5 Error: (07/05/2017 08:48:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. CodeIntegrity: =================================== Date: 2016-08-09 23:17:15.557 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2016-08-09 23:17:15.529 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2016-08-09 23:17:15.511 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2016-08-09 23:17:15.494 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2016-08-09 23:17:15.477 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. Date: 2016-08-09 23:17:15.460 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Percentage geheugen in gebruik: 44% Totaal fysiek RAM-geheugen: 8060.04 MB Beschikbaar fysiek RAM-geheugen: 4489.63 MB Totaal Virtueel geheugen: 8572.04 MB Beschikbaar Virtual geheugen: 4707.27 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:118.48 GB) (Free:48.74 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:849.11 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: C3D4E642) Partition: GPT. ======================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: D5289EE1) Partition: GPT. ==================== Eind van Addition.txt ============================