Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 28-06-2020 Gestart door iemand (29-06-2020 12:27:21) Gestart vanaf C:\Users\iemand\Desktop Windows 10 Home Versie 1903 18362.900 (X64) (2019-07-03 23:50:14) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-638272939-3707876983-2389510384-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-638272939-3707876983-2389510384-503 - Limited - Disabled) Gast (S-1-5-21-638272939-3707876983-2389510384-501 - Limited - Disabled) iemand (S-1-5-21-638272939-3707876983-2389510384-1001 - Administrator - Enabled) => C:\Users\iemand WDAGUtilityAccount (S-1-5-21-638272939-3707876983-2389510384-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 7-Zip 19.02 alpha (x64) (HKLM\...\7-Zip) (Version: 19.02 alpha - Igor Pavlov) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe) CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP) ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.) Dell Product Registration (HKLM-x32\...\InstallShield_{85B14AE3-1624-45BE-942B-A528DF6F1CCE}) (Version: 3.0.123.0 - Dell Inc.) Dell SupportAssist (HKLM\...\{6D2933E3-DC42-44E5-B80E-DACDD64ADFF5}) (Version: 3.5.0.448 - Dell Inc.) Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff) Gaaiho Reader (HKLM-x32\...\{15E4A071-0262-4D87-A6ED-023A1C553000}) (Version: 5.3 - ZEON Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden Intel Driver && Support Assistant (HKLM-x32\...\{E1C3385B-A188-4174-9302-A526B453CC1C}) (Version: 20.7.26.6 - Intel) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Computing Improvement Program (HKLM\...\{D98C2DF9-C731-4322-A5F0-D897300216EE}) (Version: 2.4.05718 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001010-0210-1043-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{93bdcd2c-3dd3-4b2e-908e-a2335626b73a}) (Version: 20.7.26.6 - Intel) Intel® PROSet/Wireless Software (HKLM-x32\...\{063dc3ff-473a-4a8e-ad8d-b872e9ce5aa4}) (Version: 21.10.1 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.56 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - ) Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{64C12304-7010-43F3-A25B-BDC38DE41E46}) (Version: 4.0.4276.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Communicator 2007 (HKLM-x32\...\{DB69E0FB-FF6C-4C47-A048-C66710E79EE6}) (Version: 2.0.6362.0 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-638272939-3707876983-2389510384-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation) Mozilla Firefox 77.0.1 (x64 nl) (HKLM\...\Mozilla Firefox 77.0.1 (x64 nl)) (Version: 77.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla) OpenOffice 4.1.5 (HKLM-x32\...\{6649DD88-354B-40C3-94D1-11178CF5CCB2}) (Version: 4.15.9789 - Apache Software Foundation) Product Registration (HKLM\...\{85B14AE3-1624-45BE-942B-A528DF6F1CCE}) (Version: 3.0.123.0 - Dell Inc.) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Spotify (HKU\S-1-5-21-638272939-3707876983-2389510384-1001\...\Spotify) (Version: 1.1.25.559.g85cf5e4c - Spotify AB) System Ninja version 3.1.8 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.1.8 - SingularLabs) Tweaking.com - Advanced System Tweaker (HKLM-x32\...\Tweaking.com - Advanced System Tweaker) (Version: 2.0.0 - Tweaking.com) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_ENTERPRISER_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_ENTERPRISER_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft) Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_ENTERPRISER_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft) VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-638272939-3707876983-2389510384-1001\...\WhatsApp) (Version: 2.2025.7 - WhatsApp) Packages: ========= Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.5.13.0_x64__htrsf667h5kn2 [2020-06-23] (Dell Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad] MSN weer -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad] Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-16] (Adobe Systems Incorporated) ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-638272939-3707876983-2389510384-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] [Bestand is in gebruik] CustomCLSID: HKU\S-1-5-21-638272939-3707876983-2389510384-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) CustomCLSID: HKU\S-1-5-21-638272939-3707876983-2389510384-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] [Bestand is in gebruik] CustomCLSID: HKU\S-1-5-21-638272939-3707876983-2389510384-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] [Bestand is in gebruik] CustomCLSID: HKU\S-1-5-21-638272939-3707876983-2389510384-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [Bestand niet getekend] [Bestand is in gebruik] CustomCLSID: HKU\S-1-5-21-638272939-3707876983-2389510384-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] [Bestand is in gebruik] CustomCLSID: HKU\S-1-5-21-638272939-3707876983-2389510384-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] [Bestand is in gebruik] ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip32.dll [2019-09-05] (Igor Pavlov) [Bestand niet getekend] [Bestand is in gebruik] ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Geen bestand ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> Geen bestand ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip32.dll [2019-09-05] (Igor Pavlov) [Bestand niet getekend] [Bestand is in gebruik] ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> Geen bestand ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip32.dll [2019-09-05] (Igor Pavlov) [Bestand niet getekend] [Bestand is in gebruik] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= 2020-05-03 05:13 - 2020-05-03 05:13 - 001899008 _____ (SQLite Development Team) [Bestand niet getekend] [Bestand is in gebruik] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll 2020-03-10 10:31 - 2020-03-10 10:31 - 001918464 _____ (SQLite Development Team) [Bestand niet getekend] [Bestand is in gebruik] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer vertrouwde/beperkte toegang ========== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-638272939-3707876983-2389510384-1001\...\localhost -> localhost ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2018-07-02 12:24 - 2018-07-02 12:24 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2018-02-01 14:33 - 2020-06-29 08:30 - 000000601 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.137.1 DESKTOP-A63MGJM.mshome.net # 2025 6 6 28 6 30 23 550 192.168.137.196 HUAWEI_P20_lite-29f4518dd.mshome.net # 2020 7 1 6 6 30 23 550 871 ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL HKU\S-1-5-21-638272939-3707876983-2389510384-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\iemand\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg DNS Servers: 192.168.150.250 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "SynTPEnh" HKU\S-1-5-21-638272939-3707876983-2389510384-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-638272939-3707876983-2389510384-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-638272939-3707876983-2389510384-1001\...\StartupApproved\Run: => "DellSystemDetect" HKU\S-1-5-21-638272939-3707876983-2389510384-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{8FEF669F-257C-4FBF-82AB-585C3225E878}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{A3A5E6C9-F97A-4DB3-95E8-3770429B9710}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd) FirewallRules: [{555C99D5-373A-4EE1-8925-BE456E82E1CE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{91CB639E-1672-4A04-8D8F-73679960DE43}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B9C4B0A9-6D1C-4B93-8668-303DC97884CB}] => (Block) C:\users\iemand\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{72610184-C870-4536-A652-ABC3AB459FC9}] => (Block) C:\users\iemand\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{40F37920-5819-404B-BCF2-4D0363917CC3}C:\users\iemand\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\iemand\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{75E538AB-474B-483A-8E9B-CD6711123969}C:\users\iemand\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\iemand\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{68FFC6C7-11B3-40AA-B19C-9C1602CFE388}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{79E53A8E-F040-4E2E-B9A3-57AD91CC0C6D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B335A8B4-750C-4494-A67C-CC21B4ADC8A7}] => (Allow) C:\Users\iemand\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{01D987D6-1020-492F-868C-6343A44C4FA3}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{C15673E6-371A-4110-9B04-669C38C60FE1}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{04F5C3D1-F299-4981-BA48-344AB525CF4B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{FB5A6D46-539A-492C-AB32-B5803AE66CD2}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{991D948C-8C19-4334-9F43-CAC059DFB804}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{906CD347-0C34-4807-9D63-DDF83DE9390C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{BEEA0B79-D9D3-4A01-9590-DA72D69304FD}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{8E537281-01F8-4CF9-B780-936CE4F6F8BF}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{615354ED-8FAB-4CC7-AD19-94732B14194A}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{0BE52E13-A8C9-44CD-A0F7-14624B4B6EAE}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{C79DB0B9-DC2E-4B16-8CED-AC0C7B845F4F}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation) ==================== Herstelpunten ========================= 25-06-2020 21:48:23 AVG 28-06-2020 18:50:42 AdwCleaner_BeforeCleaning_28/06/2020_18:50:41 ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (06/29/2020 07:39:32 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-A63MGJM) Description: Kan het prestatieobject voor de Server-service niet openen. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de statuscode. Error: (06/29/2020 07:35:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: ZeroConfigService.exe, versie: 21.10.1.0, tijdstempel: 0x5cbdd040 Naam van module met fout: RPCRT4.dll, versie: 10.0.18362.628, tijdstempel: 0x20fafd3a Uitzonderingscode: 0xc0020043 Foutmarge: 0x00000000000a66a4 Id van proces met fout: 0xb10 Starttijd van toepassing met fout: 0x01d64dd6f3efe27e Pad naar toepassing met fout: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Pad naar module met fout: C:\WINDOWS\System32\RPCRT4.dll Rapport-id: bdb35308-dfbd-45a4-a1a2-7dcad534209c Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (06/28/2020 09:42:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma FRST64.exe, versie 28.6.2020.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 2714 Starttijd: 01d64d826d013492 Eindtijd: 14 Toepassingspad: C:\Users\iemand\Desktop\FRST64.exe Rapport-id: 1405e391-c74b-4dc5-8209-03fcababcffc Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Unknown Error: (06/28/2020 09:29:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma FRST64.exe, versie 28.6.2020.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 2e48 Starttijd: 01d64d818a8cb763 Eindtijd: 4 Toepassingspad: C:\Users\iemand\Desktop\FRST64.exe Rapport-id: c1864d96-849c-4080-bb01-4cb93e7a3326 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Unknown Error: (06/28/2020 09:22:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma FRST64.exe, versie 28.6.2020.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 2ffc Starttijd: 01d64d7b7ea22a33 Eindtijd: 13 Toepassingspad: C:\Users\iemand\Desktop\FRST64.exe Rapport-id: 1d08c926-cd1d-4cf7-b7e6-511fc2b94de8 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Unknown Systeemfouten: ============= Error: (06/29/2020 07:39:56 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: De Energy Server Service queencreek-service is bij het starten vastgelopen. Error: (06/29/2020 07:35:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Intel(R) PROSet/Wireless Zero Configuration Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (06/29/2020 07:34:16 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: De vorige afsluiting van het systeem om 00:14:06 op ‎29-‎6-‎2020 is onverwacht gebeurd. Error: (06/29/2020 12:58:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (60000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE. Error: (06/29/2020 12:57:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (60000 seconden) tijdens het wachten op een reactie op een transactie van deze service: BFE. Error: (06/29/2020 12:24:15 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A63MGJM) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (06/29/2020 12:24:15 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A63MGJM) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (06/29/2020 12:24:15 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A63MGJM) Description: De server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Windows Defender: =================================== Date: 2020-06-27 08:09:08.443 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {10F245EF-7AF1-4484-B537-DFF9608D49EB} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-06-27 08:04:07.782 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {C82B5399-190D-4C20-BF68-7780137C7CCA} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-06-22 08:09:14.420 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {FF69F45A-9AED-496D-941F-56DC6DFDB438} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-06-18 21:12:54.147 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {27171E44-D035-45BC-8765-A93B766B59A0} Type scan: Antimalware Scanparameters: Volledige scan Gebruiker: DESKTOP-A63MGJM\iemand Date: 2020-06-12 23:58:11.780 Description: Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {FFCAF652-927F-4EBB-936F-CEB150EE47F3} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2020-06-27 09:33:38.630 Description: Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Bij toegang Foutcode: 0x8007043c Foutbeschrijving: Deze service kan niet in veilige modus worden gestart. Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten. Date: 2020-06-25 21:26:42.172 Description: Real-timebeveiligingsonderdeel van Windows Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Bij toegang Foutcode: 0x8007043c Foutbeschrijving: Deze service kan niet in veilige modus worden gestart. Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten. CodeIntegrity: =================================== Date: 2020-06-25 00:03:07.632 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-06-25 00:03:07.589 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-06-25 00:03:07.542 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-06-24 17:18:33.993 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-06-24 17:18:33.961 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-06-24 17:18:33.923 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-06-24 16:36:32.247 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-06-24 16:36:32.213 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Geheugen info =========================== BIOS: Dell Inc. 1.6.0 05/10/2019 Moederbord: Dell Inc. 047TR1 Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz Percentage geheugen in gebruik: 40% Totaal fysiek RAM-geheugen: 16275.98 MB Beschikbaar fysiek RAM-geheugen: 9743.45 MB Totaal Virtueel geheugen: 20883.98 MB Beschikbaar Virtueel geheugen: 13784.64 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:451.41 GB) (Free:385.71 GB) NTFS Drive e: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:220.5 GB) NTFS Drive g: (KINGSTON) (Removable) (Total:14.4 GB) (Free:10.15 GB) FAT32 \\?\Volume{34a398cc-0013-436d-9c0f-40ac0565bf4d}\ () (Fixed) (Total:0.78 GB) (Free:0.27 GB) NTFS \\?\Volume{73406526-def3-49d6-b446-e3642b246642}\ (Image) (Fixed) (Total:12.96 GB) (Free:0.63 GB) NTFS \\?\Volume{6871f128-2e8a-41d8-85d9-91d14edb1a58}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 1EEBEB42) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: DE34AA8E) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ========================================================== Disk: 2 (Size: 14.4 GB) (Disk ID: 6EBD5706) Partition 1: (Active) - (Size=14.4 GB) - (Type=0B) ==================== Einde van Addition.txt =======================