Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 20-09-2020 Gestart door ErwiB (23-09-2020 11:27:37) Gestart vanaf C:\Users\ErwiB\Downloads Windows 10 Home Versie 2004 19041.508 (X64) (2020-08-01 19:49:48) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1219508855-1951504313-3627425905-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1219508855-1951504313-3627425905-503 - Limited - Disabled) ErwiB (S-1-5-21-1219508855-1951504313-3627425905-1001 - Administrator - Enabled) => C:\Users\ErwiB Gast (S-1-5-21-1219508855-1951504313-3627425905-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1219508855-1951504313-3627425905-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.) ASUS Sync Drivers (HKLM\...\{CD2D232E-26B4-4DD0-9D5E-B28977284176}) (Version: 2.3.7593 - Screenovate Technologies Ltd.) AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.15.3 - ICEpower a/s) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software) Belgium e-ID middleware 4.4.27 (build 4277) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A74277}) (Version: 4.4.4277 - Belgian Government) Belgium e-ID viewer 4.4.23 (build 4246) (HKLM-x32\...\{F3DC7F06-92FF-4C98-87F5-72C0B7864246}) (Version: 4.4.4246 - Belgian Government) BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.71 - Piriform) Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden DJ_AIO_06_F4500_SW_MIN (HKLM-x32\...\{8AABFB1F-A5A9-48A6-A8EB-C5F819C89037}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden F4500 (HKLM-x32\...\{6326C5A9-0FC0-4FAF-B675-7333FE16DB57}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{FD126052-310E-4364-937B-6B5564F24578}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes) MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - ) Microsoft OneDrive (HKU\S-1-5-21-1219508855-1951504313-3627425905-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26405 (HKLM-x32\...\{5b295ba9-ef89-4aeb-8acc-b61adb0b9b5f}) (Version: 14.14.26405.0 - Microsoft Corporation) Mozilla Firefox 81.0 (x64 nl) (HKLM\...\Mozilla Firefox 81.0 (x64 nl)) (Version: 81.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla) Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project) OpenOffice 4.1.7 (HKLM-x32\...\{6220C298-75B5-4BE9-A18D-70AAECFE6E4E}) (Version: 4.17.9800 - Apache Software Foundation) OpenShot Video Editor versie 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC) Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden Packages: ========= ASUS Sync -> C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0 [2019-11-30] (Screenovate Technologies.) [Startup Task] AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2020-04-27] (ICEpower) Foto's-invoegtoepassing -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-07-21] (Microsoft Corporation) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-11-30] (LinkedIn) McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.39.0_x64__wafk5atnkzcwy [2020-06-08] (McAfee LLC.) Media-engine-invoegtoepassing voor Foto's -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-12] (Microsoft Corporation) Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13127.20408.0_x86__8wekyb3d8bbwe [2020-09-18] (Microsoft Corporation) Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13127.20408.0_x86__8wekyb3d8bbwe [2020-09-18] (Microsoft Corporation) Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13127.20408.0_x86__8wekyb3d8bbwe [2020-09-18] (Microsoft Corporation) Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13127.20408.0_x86__8wekyb3d8bbwe [2020-09-18] (Microsoft Corporation) Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13127.20408.0_x86__8wekyb3d8bbwe [2020-09-18] (Microsoft Corporation) Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13127.20408.0_x86__8wekyb3d8bbwe [2020-09-18] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-22] (Microsoft Studios) [MS Ad] Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13127.20408.0_x86__8wekyb3d8bbwe [2020-09-18] (Microsoft Corporation) MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.2.38.0_x64__qmba6cd70vzyy [2020-09-18] (ASUSTeK COMPUTER INC.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.168.0_x64__dt26b99r8h8gj [2019-04-12] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0 [2020-09-18] (Spotify AB) [Startup Task] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-02] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-02] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= 2020-01-07 15:00 - 2001-06-29 19:38 - 000712751 _____ () [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\asn.er.dll 2020-01-07 15:00 - 2002-04-05 16:18 - 000462848 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\ACE.dll 2020-01-07 15:00 - 2002-03-13 05:24 - 000929792 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\AGM.dll 2020-01-07 15:00 - 2002-02-27 05:24 - 000167936 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\BIB.dll 2020-01-07 15:00 - 2002-03-26 18:42 - 001458176 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\CoolType.dll 2020-01-07 15:00 - 2002-03-13 05:24 - 000094208 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\OPP.dll 2020-01-07 15:00 - 2002-03-13 05:24 - 002920448 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\PDFL50.dll 2020-01-07 15:00 - 2002-03-23 02:00 - 000978944 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\Required\ADMPlugin.apl 2020-01-07 15:00 - 2002-02-18 13:14 - 000106496 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\Required\ASDataStream.apl 2020-01-07 15:00 - 2001-12-14 19:34 - 000069632 ____N (Adobe Systems Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\Required\PNGIcons.apl 2020-01-07 15:00 - 2002-04-06 17:37 - 000897024 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.dll 2020-01-07 15:00 - 2002-04-01 03:29 - 000053248 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\PLUGIN.dll 2020-01-07 15:00 - 2002-04-01 03:35 - 000045056 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\FastCore.8BX 2020-01-07 15:00 - 2002-04-04 17:01 - 000159744 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\MMXCore.8BX 2020-01-07 15:00 - 2002-04-01 03:39 - 000155648 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\Extensions\MultiProcessor Support.8BX 2020-01-07 15:00 - 2002-04-01 03:43 - 000135168 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\Plug-Ins\Parser\PDF Image Import.8BI 2020-01-07 15:00 - 2002-04-06 17:37 - 002445312 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Adobe\Photoshop 7.0\PSViews.dll 2020-01-07 15:00 - 2002-03-12 17:49 - 001155072 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Adobe\Web\AdobeWeb.dll 2020-01-07 15:00 - 2002-03-12 18:06 - 001069056 ____N (Adobe Systems, Incorporated) [Bestand niet getekend] C:\Program Files (x86)\Common Files\Adobe\Workflow\ARM.dll 2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [Bestand niet getekend] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll 2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [Bestand niet getekend] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll 2011-04-29 11:34 - 2011-04-29 11:34 - 000957440 _____ (Hewlett-Packard Co.) [Bestand niet getekend] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc 2011-04-29 11:34 - 2011-04-29 11:34 - 000012288 _____ (Hewlett-Packard Co.) [Bestand niet getekend] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc 2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [Bestand niet getekend] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc 2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [Bestand niet getekend] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll 2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [Bestand niet getekend] c:\windows\system32\hpzipm12.dll 2010-08-06 12:15 - 2010-08-06 12:15 - 000054784 _____ (Hewlett-Packard) [Bestand niet getekend] C:\WINDOWS\SYSTEM32\hpzipr12.dll 2019-11-30 18:34 - 2019-11-30 18:34 - 003676448 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ) [Bestand niet getekend] C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\avcodec-57.dll 2019-11-30 18:34 - 2019-11-30 18:34 - 001295648 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ) [Bestand niet getekend] C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\avutil-55.dll 2019-11-30 18:34 - 2019-11-30 18:34 - 000034592 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ) [Bestand niet getekend] C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\openobex.dll 2019-11-30 18:34 - 2019-11-30 18:34 - 000065824 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ) [Bestand niet getekend] C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\sbc.dll 2019-11-30 18:34 - 2019-11-30 18:34 - 000046880 _____ (SCREENOVATE TECHNOLOGIES LTD. -> ASUSTeK Computer Inc.) [Bestand niet getekend] C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\ScreenPadSDK.dll 2019-11-30 18:34 - 2019-11-30 18:34 - 037395744 _____ (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [Bestand niet getekend] C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\core.dll ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== HKU\S-1-5-21-1219508855-1951504313-3627425905-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:NewsFeed HKU\S-1-5-21-1219508855-1951504313-3627425905-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-1219508855-1951504313-3627425905-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 195.130.131.1 - 195.130.130.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKU\S-1-5-21-1219508855-1951504313-3627425905-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1219508855-1951504313-3627425905-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{7FDE31A3-98CA-4B3D-A431-0FADFAE7903A}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [Bestand niet getekend] FirewallRules: [{1924F531-200F-459A-89DC-9C2CF512AE5C}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\ASUSSyncClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [Bestand niet getekend] FirewallRules: [{D25449C3-6E83-4268-9C5B-18E020F63F5C}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\ASUSSyncClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [Bestand niet getekend] FirewallRules: [{7C711185-1BB4-4D01-923F-D648E35401FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{15941B9C-FE4E-4598-B974-58E4475597D5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{27B18607-B4A1-43A3-A29A-EF5A8098876D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{37BAD6F9-804D-4C13-8072-2DE11D60B158}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{77491FB7-2235-41C6-8256-43E96AB8D494}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2F95017B-8532-40AA-840C-10FB67E4CC03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CD0A5801-51C7-43CB-BEF1-B94D51491187}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{99B23419-2791-4495-90C9-B3BE88CE7490}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F7A917E1-DFF7-47FF-96A5-B91DF3A14131}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{AC35F227-1409-475C-BFC9-C8C975BD1A3B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0C5725B6-B2A9-4596-8BA5-F0B606A35769}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{67C3A144-59B8-4F12-9AD0-050E5ED3B93E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D4B72810-F53E-45CC-8EA3-A94BE61142BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DCD5D882-A94E-4346-99BD-5CBF47D9D9F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D8D0341E-D4C8-4712-8C48-F161F4191614}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13127.20408.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E2E887D1-36C0-473F-95F5-A74015090D3B}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_38716246a7897090\ASUSLinkNear\AsusLinkNear.exe (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) FirewallRules: [{6D4B05E9-769E-49FD-92CD-898E65D037A1}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_38716246a7897090\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) FirewallRules: [{1B5943B9-5A3C-447E-9844-64EFBE96BBF6}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_38716246a7897090\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.​) ==================== Herstelpunten ========================= 03-09-2020 08:33:02 Gepland controlepunt 10-09-2020 09:37:52 Installatieprogramma voor Windows-modules 10-09-2020 09:39:07 Installatieprogramma voor Windows-modules 10-09-2020 09:40:26 Installatieprogramma voor Windows-modules 15-09-2020 17:31:03 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (09/23/2020 09:40:14 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: SearchApp.exe, versie: 10.0.19041.488, tijdstempel: 0xd9f92eed Naam van module met fout: KERNELBASE.dll, versie: 10.0.19041.488, tijdstempel: 0x5b4a3325 Uitzonderingscode: 0xc000027b Foutmarge: 0x000000000010b3cc Id van proces met fout: 0x4b0 Starttijd van toepassing met fout: 0x01d6917c9bb567e2 Pad naar toepassing met fout: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: c8c85b4a-5381-4481-aa77-0be5fb1556fd Volledige pakketnaam met fout: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: CortanaUI Error: (09/23/2020 09:40:12 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma explorer.exe, versie 10.0.19041.488 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 1720 Starttijd: 01d69172316da645 Eindtijd: 0 Toepassingspad: C:\Windows\explorer.exe Rapport-id: 067d130d-269e-44a2-85c5-c3792f6e77ca Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Cross-process Error: (09/22/2020 01:01:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: mbam.exe, versie: 4.0.0.794, tijdstempel: 0x5f52571e Naam van module met fout: ntdll.dll, versie: 10.0.19041.488, tijdstempel: 0x70e69bad Uitzonderingscode: 0xc0000374 Foutmarge: 0x00000000000fed79 Id van proces met fout: 0x1fc8 Starttijd van toepassing met fout: 0x01d690cfc1870c0f Pad naar toepassing met fout: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: 092b6814-84bf-44d4-ba37-0257b289e3bd Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/21/2020 12:16:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: De opslagoptimalisatie kon Opnieuw knippen niet voltooien op DATA (D:) vanwege: De gevraagde bewerking wordt niet ondersteund door de hardware voor back-up van het volume. (0x8900002A) Error: (09/18/2020 02:58:30 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: De opslagoptimalisatie kon Opnieuw knippen niet voltooien op DATA (D:) vanwege: De gevraagde bewerking wordt niet ondersteund door de hardware voor back-up van het volume. (0x8900002A) Error: (09/15/2020 10:32:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma drvinst.exe, versie 10.0.19041.1 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 3530 Starttijd: 01d68b75488b6b46 Eindtijd: 4 Toepassingspad: C:\Windows\System32\drvinst.exe Rapport-id: de852c87-26b3-4d91-ad05-94fd9daf21e5 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Cross-process Error: (09/10/2020 10:25:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: svchost.exe_stisvc, versie: 10.0.19041.1, tijdstempel: 0x7f0c4c00 Naam van module met fout: wiaservc.dll, versie: 10.0.19041.450, tijdstempel: 0xc31beaff Uitzonderingscode: 0xc0000005 Foutmarge: 0x000000000004d651 Id van proces met fout: 0x129c Starttijd van toepassing met fout: 0x01d6876b2029793e Pad naar toepassing met fout: C:\WINDOWS\system32\svchost.exe Pad naar module met fout: c:\windows\system32\wiaservc.dll Rapport-id: cb5353df-646a-46e0-a122-3e810c249da7 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (09/07/2020 02:25:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma YourPhone.exe, versie 1.20081.117.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 3e10 Starttijd: 01d684fe839fe3c0 Eindtijd: 4294967295 Toepassingspad: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20081.117.0_x64__8wekyb3d8bbwe\YourPhone.exe Rapport-id: 15d7f05b-f63a-4e56-9382-093372e833d4 Volledige pakketnaam met fout: Microsoft.YourPhone_1.20081.117.0_x64__8wekyb3d8bbwe Relatieve toepassings-id van pakket met fout: App Type vastlopen: Quiesce Systeemfouten: ============= Error: (09/22/2020 11:38:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80073d02: 9WZDNCRFJBH4-Microsoft.Windows.Photos. Error: (09/21/2020 10:33:37 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-UPI5185J) Description: Kan geen DCOM-server starten: {0358B920-0AC7-461F-98F4-58E32CD89148}. Foutmelding "2147942767" is opgetreden bij het uitvoeren van de opdracht C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (09/18/2020 10:58:14 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: De service Windows Update is niet juist afgesloten na de ontvangst van een besturingselement voor afsluiten. Error: (09/15/2020 10:32:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x8024200b: ASUSTek Computer Inc. - System - 2.2.27.0. Error: (09/10/2020 02:47:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP. Error: (09/10/2020 02:09:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: ASUSSystemAnalysis. Error: (09/06/2020 01:05:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: avast! Antivirus. Error: (09/05/2020 07:53:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-UPI5185J) Description: De server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. CodeIntegrity: =================================== Date: 2020-09-23 10:49:48.4160000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-09-23 10:49:47.3590000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-09-23 10:49:47.3510000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-09-23 08:24:58.7960000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-09-23 08:24:58.6690000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-09-23 08:24:58.3560000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-09-23 08:24:58.2150000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2020-09-23 08:24:57.9950000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. X705QR.305 07/15/2019 Moederbord: ASUSTeK COMPUTER INC. X705QR Processor: AMD A12-9720P RADEON R7, 12 COMPUTE CORES 4C+8G Percentage geheugen in gebruik: 59% Totaal fysiek RAM-geheugen: 7631.38 MB Beschikbaar fysiek RAM-geheugen: 3105.56 MB Totaal Virtueel geheugen: 8847.38 MB Beschikbaar Virtueel geheugen: 3152.67 MB ==================== Schijven ================================ Drive c: (OS) (Fixed) (Total:118.14 GB) (Free:28.66 GB) NTFS Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:928.99 GB) NTFS \\?\Volume{022766aa-991e-4c30-af21-2cab1978d7a2}\ (RECOVERY) (Fixed) (Total:0.83 GB) (Free:0.38 GB) NTFS \\?\Volume{4d65446d-85ed-4a00-9032-28067f77dd08}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: AAD6A676) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: E188C6EF) Partition: GPT. ==================== Einde van Addition.txt =======================