Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 22-12-2019 Gestart door dein (22-12-2019 17:54:01) Run:1 Gestart vanaf C:\Users\deini\Desktop Geladen Profielen: dein & MSSQLFDLauncher$SOLARWINDS_ORION & SQLTELEMETRY$SOLARWINDS_ORION (Beschikbare Profielen: dein & test & MSSQLFDLauncher$SOLARWINDS_ORION & SQLTELEMETRY$SOLARWINDS_ORION & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic) Boot Modus: Normal ============================================== fixlist inhoud: ***************** CreateRestorePoint: CloseProcesses: VirusTotal: C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe GroupPolicy: Restrictie ? <==== AANDACHT Task: {B11276B2-89EA-4985-82FA-1B5EADA89C2D} - System32\Tasks\PulsewayServiceCheck => C:\Program Files\Pulseway\watchdog.bat <==== AANDACHT Toolbar: HKU\S-1-5-21-2510364825-84042443-2860395591-1001 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand] FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [Geen bestand] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Geen bestand ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ShortcutWithArgument: C:\Users\deini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig ShortcutWithArgument: C:\Users\deini\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk -> C:\Users\deini\AppData\Local\Popcorn-Time\Popcorn-Time.exe (The NWJS Community) -> --user-data-dir="C:\Users\deini\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj AlternateDataStreams: C:\Users\deini\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\deini\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] VirusTotal: C:\ProgramData\agent.uninstall.1576780209.bdinstall.v2.bin VirusTotal: C:\ProgramData\cl.uninstall.1576779919.bdinstall.v2.bin RemoveProxy: EmptyTemp: ***************** Herstelpunt is succesvol gemaakt. Proces succesvol afgesloten. VirusTotal: C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe => https://www.virustotal.com/file/7a3a5b5b23422a58f597dde5fc0593ede8ef31a7fb9cb77db3a6aafcca369f3d/analysis/1575490160/ C:\WINDOWS\system32\GroupPolicy\Machine => is succesvol verplaatst C:\WINDOWS\system32\GroupPolicy\GPT.ini => is succesvol verplaatst C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B11276B2-89EA-4985-82FA-1B5EADA89C2D}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B11276B2-89EA-4985-82FA-1B5EADA89C2D}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\PulsewayServiceCheck => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PulsewayServiceCheck" => is succesvol verwijderd "HKU\S-1-5-21-2510364825-84042443-2860395591-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => is succesvol verwijderd HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => is succesvol verwijderd HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1 => is succesvol verwijderd HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Acrobat => is succesvol verwijderd HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => is succesvol verwijderd HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => is succesvol verwijderd "HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => is succesvol verwijderd HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => is succesvol verwijderd HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => is succesvol verwijderd HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => is succesvol verwijderd C:\Users\deini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Ubiquiti Device Discovery Tool.lnk => snelkoppeling argument is succesvol verwijderd C:\Users\deini\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk => snelkoppeling argument is succesvol verwijderd C:\Users\deini\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS is succesvol verwijderd "C:\Users\deini\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS niet gevonden. VirusTotal: C:\ProgramData\agent.uninstall.1576780209.bdinstall.v2.bin => https://www.virustotal.com/file/a3e98f15752ef7e664235a1b7014a3f36598c9f579b7bbc2fb0afe1216abceb4/analysis/1577033660/ VirusTotal: C:\ProgramData\cl.uninstall.1576779919.bdinstall.v2.bin => https://www.virustotal.com/file/693e1f83c165e10b496ae92c79a4309bcdb9b5beda6db68d04ee9b3b4e0bb953/analysis/1577033662/ ========= RemoveProxy: ========= HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => is succesvol verwijderd "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => is succesvol verwijderd "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => is succesvol verwijderd "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => is succesvol verwijderd "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => is succesvol verwijderd "HKU\S-1-5-21-2510364825-84042443-2860395591-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => is succesvol verwijderd "HKU\S-1-5-21-2510364825-84042443-2860395591-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => is succesvol verwijderd ========= Einde van RemoveProxy: ========= =========== EmptyTemp: ========== BITS transfer queue => 11034624 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15958296 B Java, Flash, Steam htmlcache => 346925054 B Windows/system/drivers => 636954963 B Edge => 61713 B Chrome => 62323623 B Firefox => 1165927633 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 7390 B deini => 2423808890 B test => 2460320941 B MSSQLFDLauncher$SOLARWINDS_ORION => 2460362596 B OVRLibraryService => 2460362596 B SQLTELEMETRY$SOLARWINDS_ORION => 2460362596 B .NET v4.5 => 2460362596 B DefaultAppPool => 2460362596 B .NET v4.5 Classic => 2460362596 B RecycleBin => 0 B EmptyTemp: => 20.4 GB tijdelijke gegevens verwijderd. ================================ Het systeem moest herstart worden. ==== Einde van Fixlog 17:54:59 ====