Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 10-08-2019 Gestart door Nasim (10-08-2019 20:31:43) Gestart vanaf C:\Users\Nasim\Desktop Windows 8.1 (Update) (X64) (2015-04-13 17:38:37) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2769203267-2919422116-2587263349-500 - Administrator - Disabled) Gast (S-1-5-21-2769203267-2919422116-2587263349-501 - Limited - Enabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-2769203267-2919422116-2587263349-1003 - Limited - Enabled) Nasim (S-1-5-21-2769203267-2919422116-2587263349-1001 - Administrator - Enabled) => C:\Users\Nasim ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) µTorrent (HKU\S-1-5-21-2769203267-2919422116-2587263349-1001\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-2769203267-2919422116-2587263349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08032019020714568\...\uTorrent) (Version: 3.5.5.45311 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-2769203267-2919422116-2587263349-501\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 372.90 - NVIDIA Corporation) Hidden ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0036 - ASUS) AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.6.3098 - AVG Technologies) CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform) ChromecastApp (HKU\S-1-5-21-2769203267-2919422116-2587263349-501\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.) dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - ) Egyptoball (HKLM-x32\...\Egyptoball_is1) (Version: 1.0 - GameTop Pte. Ltd.) Fishdom 3 (HKLM-x32\...\Fishdom 3_is1) (Version: 1.0 - GameTop Pte. Ltd.) Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.77.522 - Digital Wave Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation) Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation) Mahjong Quest (HKLM-x32\...\Mahjong Quest_is1) (Version: 1.0 - GameTop Pte. Ltd.) Malwarebytes versie 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2769203267-2919422116-2587263349-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2769203267-2919422116-2587263349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08032019020714568\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2769203267-2919422116-2587263349-501\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 68.0.1 (x64 nl) (HKLM\...\Mozilla Firefox 68.0.1 (x64 nl)) (Version: 68.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 68.0.1.7137 - Mozilla) NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.) Star Defender 4 (HKLM-x32\...\Star Defender 4_is1) (Version: 1.0 - GameTop Pte. Ltd.) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer) The Chronicles of Emerland Solitaire (HKLM-x32\...\The Chronicles of Emerland Solitaire_is1) (Version: 1.0 - GameTop Pte. Ltd.) Turtle Odyssey 2 (HKLM-x32\...\Turtle Odyssey 2_is1) (Version: 1.0 - GameTop Pte. Ltd.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows Driver Package - ASUS (ATP) Mouse (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinZip 18.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DE}) (Version: 18.0.10661 - WinZip Computing, S.L. ) Packages: ========= - Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-06-27] (WildTangent Games) ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2015-05-11] (ASUS Cloud Corporation) Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-15] (Flipboard) Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-12-11] (Microsoft Corporation) [MS Ad] LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_1.0.15.112_x64__8ptj331gd3tyt [2016-10-06] (LINE Corporation) MSN eten en drinken -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN geldzaken -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad] MSN gezondheid en fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN nieuws -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad] MSN reizen -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad] MSN weer -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-08] (MAGIX) Muziek -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-04-17] (Microsoft Corporation) [MS Ad] Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-21] (Skype) [MS Ad] Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2015-04-17] (Skype) Spider Solitaire' -> C:\Program Files\WindowsApps\44364DreamMobileStudio.SpiderSolitaire_1.3.1.16_neutral__kktfx1x8prfnp [2015-04-16] (Dream Mobile Studio) Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad] Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2015-04-17] (Zinio LLC) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2769203267-2919422116-2587263349-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => -> Geen bestand ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [Bestand niet getekend] ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [Bestand niet getekend] ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-06-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2013-10-23] (WinZip Computing -> WinZip Computing, S.L.) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:/Program Files (x86)/Common Files/AWS/2.2.12.577/ASUSWSContextMenu.dll [2016-10-19] (ASUS Cloud Corporation -> ASUS Cloud Corporation) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2013-10-23] (WinZip Computing -> WinZip Computing, S.L.) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-06-30] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2013-10-23] (WinZip Computing -> WinZip Computing, S.L.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Nasim\Desktop\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ShortcutWithArgument: C:\Users\Nasim\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cnciopoikihiagdjbjpnocolokfelagl\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ShortcutWithArgument: C:\Users\Nasim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ==================== Geladen Modules (gefilterd) ============== 2015-04-22 15:59 - 2015-04-22 15:59 - 001489920 _____ (ASUS Cloud Corporation.) [Bestand niet getekend] C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-2769203267-2919422116-2587263349-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2769203267-2919422116-2587263349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08032019020714568\...\localhost -> localhost ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2013-08-22 15:25 - 2018-12-31 23:40 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-2769203267-2919422116-2587263349-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nasim\AppData\Roaming\Mozilla\Firefox\Bureaubladachtergrond.bmp HKU\S-1-5-21-2769203267-2919422116-2587263349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08032019020714568\Control Panel\Desktop\\Wallpaper -> C:\Users\Nasim\AppData\Roaming\Mozilla\Firefox\Bureaubladachtergrond.bmp HKU\S-1-5-21-2769203267-2919422116-2587263349-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg DNS Servers: 62.179.104.196 - 213.46.228.196 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{A52DAF81-4DD2-496C-8F3A-9CAEBEE2DB0F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A928658F-E3FD-4056-8A8C-C914AFA10976}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2D1D99FD-9C21-4EC4-8D10-F1087E9A1111}] => (Allow) C:\Users\Nasim\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{68FD7ADB-3773-45ED-99A4-C019BE0627C3}] => (Allow) C:\Users\Nasim\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{6F5FC570-33E1-4076-801D-96E073859955}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3206DA32-29F3-44CE-AB24-1825A2242F5F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BAB70581-BF06-478B-9B37-B016894EA01C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{96C332F3-8047-4469-BF83-790E2364FD3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DF7512FD-30E1-445B-B823-319AB9E18DD4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{58B02BA4-6DC0-4DA6-BEEB-E3553B26CB0D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{1F62EE0C-E86D-4CF6-8BDF-4508461983A9}] => (Allow) LPort=5556 FirewallRules: [{C80DF7B9-496D-442D-BAE4-07888C6A2B22}] => (Allow) LPort=5558 FirewallRules: [{432CD287-03D4-4F48-9E08-BD7546091D16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{CE7EF8F4-5F2B-464B-AAAB-844CC74F9192}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8BD1A26F-EBBB-4B05-A6E4-1EADA6E6BC5A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Bestand niet getekend] FirewallRules: [{8F165572-CF54-40F8-AE40-9F0C0DCD004A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [Bestand niet getekend] FirewallRules: [{39ACEF02-7D2A-4F7C-9523-679F11A5C1B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{380537D2-07FD-420C-AE81-C5DED34226D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{26256C33-B0A1-4654-9DE2-6B65CD35BF42}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{756A84B8-34B9-4A25-98E2-53FF2FA8ECD0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E5FD00AD-612D-4E87-BD63-A99D8970C5DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{163B64A4-4AC4-450B-AF19-F5941D34527B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5057BB2F-B632-4FFA-B44F-EB0DE8737244}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{07CF976F-5CA5-4BD3-B5CD-68422F4EE315}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{096C45FD-8FFF-438E-870B-B0A4372F666F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{BCAB4B1F-EDD4-4057-BE27-3D59A1AD6B5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F17DF06C-0BAF-4321-8731-D02E8E926492}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4566CDCC-0E64-4C54-A45B-3F643A53C829}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A68E3105-1A70-42DC-9D31-E93F84B4B409}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{A97AED51-C0B1-4FDE-B38C-2250A1E02514}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8F860F47-717D-4BA2-B309-6DA2986E9C94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{773DD102-4FF1-4DDA-965F-F4567F4BF3D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{326E6FCB-76AA-4C45-8ABE-5FD26AC5A663}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{F590D6FE-C70C-4D16-ACDB-458F6BF07B0F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{4A4B2DBE-21EB-4E5E-A62A-70DD0E781BF4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{21002433-22F7-436B-B275-428AE65A7FD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{71D737B7-8575-4863-B078-2C697296E85D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{C52B6887-0EC5-4F48-A8F8-A2FEA75172C9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{2A7ABBF8-B768-413C-9CEB-9C0C5D1DF0EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Herstelpunten ========================= 13-06-2019 22:50:37 Windows Update 25-06-2019 14:45:47 Windows Update 11-07-2019 00:20:41 Windows Update 14-07-2019 18:44:55 Windows Update 21-07-2019 22:48:47 Windows Update 01-08-2019 21:43:05 AdwCleaner_BeforeCleaning_01/08/2019_21:43:00 ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (08/10/2019 08:26:12 PM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyLpmServiceHelper WinMain: CreateSharedMemory() failed. Session ID = 17 Error: (08/10/2019 08:26:12 PM) (Source: DptfEvent) (EventID: 3) (User: ) Description: DptfPolicyLpmServiceHelper CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed Last error = [0x00000102] Session ID = 17 Error: (08/10/2019 08:21:10 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1612) SRUJet: Database C:\Windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp van tabel {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is beschadigd (0). Error: (08/10/2019 07:00:10 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1612) SRUJet: Database C:\Windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp van tabel {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is beschadigd (0). Error: (08/10/2019 06:28:23 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Event-ID 0 Error: (08/10/2019 06:24:20 PM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyLpmServiceHelper WinMain: CreateSharedMemory() failed. Session ID = 16 Error: (08/10/2019 06:24:20 PM) (Source: DptfEvent) (EventID: 3) (User: ) Description: DptfPolicyLpmServiceHelper CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed Last error = [0x00000102] Session ID = 16 Error: (08/10/2019 06:18:22 PM) (Source: ESENT) (EventID: 467) (User: ) Description: svchost (1612) SRUJet: Database C:\Windows\system32\SRU\SRUDB.dat: Index UserIdTimeStamp van tabel {D10CA2FE-6FCF-4F6D-848E-B2E99266FA89} is beschadigd (0). Systeemfouten: ============= Error: (08/09/2019 07:26:23 PM) (Source: DCOM) (EventID: 10010) (User: NASIM) Description: De server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (08/02/2019 01:32:01 AM) (Source: DCOM) (EventID: 10010) (User: NASIM) Description: De server {4545DEA0-2DFC-4906-A728-6D986BA399A9} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (08/02/2019 01:32:01 AM) (Source: DCOM) (EventID: 10010) (User: NASIM) Description: De server {4545DEA0-2DFC-4906-A728-6D986BA399A9} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (08/01/2019 10:19:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De GamesAppIntegrationService-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (08/01/2019 10:14:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Asus WebStorage Windows Service-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (08/01/2019 10:13:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De Windows Media Player Network Sharing Service-service is afhankelijk van de Windows Search-service, die vanwege de volgende fout niet kan worden gestart: De service is niet gestart vanwege een aanmeldingsfout. Error: (08/01/2019 10:13:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De Windows Search-service kan vanwege de volgende fout niet worden gestart: De service is niet gestart vanwege een aanmeldingsfout. Error: (08/01/2019 10:13:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: De WSearch-service kan niet als NT AUTHORITY\SYSTEM met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout: De aanvraag wordt niet ondersteund. Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd. Windows Defender: =================================== Date: 2017-05-17 23:47:24.375 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: 1.243.631.0 Vorige handtekeningversie: 1.199.2528.0 Bron update: Gebruiker Type handtekening: AntiSpyware Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: 1.1.13704.0 Vorige engineversie: 1.1.11701.0 Foutcode: 0x80509004 Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. Date: 2017-05-17 23:47:24.375 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: 1.243.631.0 Vorige handtekeningversie: 1.199.2528.0 Bron update: Gebruiker Type handtekening: AntiVirus Type update: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: 1.1.13704.0 Vorige engineversie: 1.1.11701.0 Foutcode: 0x80509004 Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. Date: 2017-05-17 23:47:24.375 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van de engine. Nieuwe engineversie: 1.1.13704.0 Vorige engineversie: 1.1.11701.0 Gebruiker: NT AUTHORITY\SYSTEM Foutcode: 0x80509004 Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. Date: 2017-05-17 23:46:58.713 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 116.94.0.0 Bron update: Microsoft Centrum voor beveiliging tegen malware Type handtekening: Systeem voor netwerkinspectie Type update: Volledig Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: Vorige engineversie: 2.1.12706.0 Foutcode: 0x80070652 Foutbeschrijving: Er wordt al een andere installatie uitgevoerd. Voltooi eerst die installatie voordat u doorgaat met deze. Date: 2017-05-17 23:46:57.338 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van de engine. Nieuwe engineversie: Vorige engineversie: 2.1.12706.0 Gebruiker: NT AUTHORITY\NETWORK SERVICE Foutcode: 0x80070666 Foutbeschrijving: Er is al een andere versie van dit product geïnstalleerd. Kan de installatie van deze versie niet voltooien. Gebruik het onderdeel Programma's van het Configuratiescherm om de bestaande versie van dit product te configureren of te verwijderen. CodeIntegrity: =================================== Date: 2018-02-25 17:57:27.757 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-25 17:57:23.975 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-25 17:57:20.285 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-25 17:57:16.558 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-25 17:57:12.843 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-25 17:57:08.697 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-25 17:57:04.318 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2018-02-25 17:57:01.256 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. X555LD.403 01/23/2019 Motherboard: ASUSTeK COMPUTER INC. X555LD Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentage geheugen in gebruik: 38% Totaal fysiek RAM-geheugen: 6027.33 MB Beschikbaar fysiek RAM-geheugen: 3719.98 MB Totaal Virtueel geheugen: 12171.33 MB Beschikbaar Virtueel geheugen: 10000.47 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:193.42 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:479.68 GB) NTFS \\?\Volume{65b5e446-fb18-4879-b1ff-061622197a34}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.57 GB) NTFS \\?\Volume{120632b7-7e83-44f6-a553-792b8d714cfc}\ (Restore) (Fixed) (Total:20.01 GB) (Free:8.94 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 5FEC376D) Partition: GPT. ==================== Einde van Addition.txt ============================