Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 14-12-2020 Gestart door flami (28-12-2020 00:53:37) Gestart vanaf C:\Users\flami\Downloads Windows 10 Home Versie 1909 18363.1256 (X64) (2019-11-21 17:58:10) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-229794501-1121372831-532239594-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-229794501-1121372831-532239594-503 - Limited - Disabled) flami (S-1-5-21-229794501-1121372831-532239594-1001 - Administrator - Enabled) => C:\Users\flami Gast (S-1-5-21-229794501-1121372831-532239594-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-229794501-1121372831-532239594-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: BullGuard Antivirus (Enabled - Up to date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: BullGuard Antispyware (Enabled - Up to date) {B73BE81F-4345-B6C3-E5AB-80F647E9AA59} FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden BullGuard Internet Security (HKLM\...\BullGuard) (Version: 21.0 - BullGuard Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform) DC++ 0.868 (HKLM-x32\...\DC++) (Version: 0.868 - Jacek Sieka) Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Microsoft .NET Framework 4.8 Targeting Pack (ENU) (HKLM-x32\...\{A4EA9EE5-7CFF-4C5F-B159-B9B4E5D2BDE2}) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Mozilla Firefox 84.0.1 (x64 nl) (HKLM\...\Mozilla Firefox 84.0.1 (x64 nl)) (Version: 84.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.6.0 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA 3D Vision stuurprogramma 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden Open-Shell (HKLM\...\{1CAB353D-D3F9-4C5D-A305-33D7BF270F1B}) (Version: 4.4.142 - The Open-Shell Team) osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden Transmission 2.92 (14714) (x64) (HKLM\...\{E2B281FA-6236-4F0D-B710-ECDB6B60EB5E}) (Version: 2.92.0 - Transmission Project) UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version: - ) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) Packages: ========= Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-29] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-29] (Microsoft Corporation) [MS Ad] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [BackupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-11-27] (BullGuard Ltd. -> BullGuard Ltd.) ShellIconOverlayIdentifiers: [BackupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-11-27] (BullGuard Ltd. -> BullGuard Ltd.) ShellIconOverlayIdentifiers: [BackupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll [2020-11-27] (BullGuard Ltd. -> BullGuard Ltd.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [bgshellext] -> {F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E} => C:\Program Files\BullGuard Ltd\BullGuard\BgShellExt.dll [2020-11-27] (BullGuard Ltd. -> BullGuard Ltd.) ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => ==================== Codecs (gefilterd) ==================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= 2019-11-21 18:46 - 2017-09-16 18:17 - 000873320 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll 2019-11-21 18:46 - 2017-09-16 18:17 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll 2019-10-26 18:30 - 2019-10-26 18:30 - 000872960 _____ (Open-Shell) [Bestand niet getekend] C:\Program Files\Open-Shell\ClassicExplorer64.dll 2019-10-26 18:31 - 2019-10-26 18:31 - 003388928 _____ (Open-Shell) [Bestand niet getekend] C:\Program Files\Open-Shell\StartMenuDLL.dll 2019-10-26 18:31 - 2019-10-26 18:31 - 000312832 _____ (Open-Shell) [Bestand niet getekend] C:\WINDOWS\system32\StartMenuHelper64.dll ==================== Alternate Data Streams (gefilterd) ======== (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\WINDOWS\Minidump\072120-21046-01.dmp:bullguard [0] AlternateDataStreams: C:\WINDOWS\Minidump\080420-25656-01.dmp:bullguard [0] AlternateDataStreams: C:\WINDOWS\Minidump\101620-20218-01.dmp:bullguard [0] AlternateDataStreams: C:\WINDOWS\Minidump\121620-22703-01.dmp:bullguard [0] ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-229794501-1121372831-532239594-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2017-03-18 22:03 - 2020-07-27 22:56 - 000029470 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 activation.freemake.com 127.0.0.1 www.activation.freemake.com 0.0.0.0 blob.weather.microsoft.com 0.0.0.0 feedback.microsoft-hohm.com 0.0.0.0 search.msn.com 0.0.0.0 tile-service.weather.microsoft.com 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 ac3.msn.com 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msn.com 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.rad.msn.com 0.0.0.0 c.msn.com 0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com 0.0.0.0 flex.msn.com 0.0.0.0 g.msn.com 0.0.0.0 geo-prod.do.dsp.mp.microsoft.com 0.0.0.0 geover-prod.do.dsp.mp.microsoft.com 0.0.0.0 h1.msn.com 0.0.0.0 kv401-prod.do.dsp.mp.microsoft.com 0.0.0.0 live.rads.msn.com 0.0.0.0 mobile.pipe.aria.microsoft.com 0.0.0.0 preview.msn.com 0.0.0.0 rad.msn.com 0.0.0.0 schemas.microsoft.akadns.net 0.0.0.0 settings.data.glbdns2.microsoft.com 0.0.0.0 survey.watson.microsoft.com 2020-04-03 17:46 - 2020-05-20 20:31 - 000000535 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.17.168.234 57320bbc-d674-4c40-9df3-a6fe8112cf83.mshome.net # 2020 5 3 27 19 31 14 845 172.17.168.225 DESKTOP-TIJPHM2.mshome.net # 2025 5 1 19 19 31 14 845 ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-229794501-1121372831-532239594-1001\Control Panel\Desktop\\Wallpaper -> E:\wallpapers\wallpapers\301230.png DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk" HKLM\...\StartupApproved\Run32: => "Greenshot" HKLM\...\StartupApproved\Run32: => "vmware-tray.exe" HKU\S-1-5-21-229794501-1121372831-532239594-1001\...\StartupApproved\StartupFolder: => "Logitech . Productregistratie.lnk" HKU\S-1-5-21-229794501-1121372831-532239594-1001\...\StartupApproved\Run: => "Skype for Desktop" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{4654A370-C0A7-40F3-B458-4EF47864AB99}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{BD516A1A-6AC2-4B62-98E5-0AA7A2C2172A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9BB5C9C5-86CB-42AB-81C2-52882328F780}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F926C0C2-8CC7-4E46-A4B4-78043FFF4B0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{EE1C119C-AECF-4373-9319-E6C810E92F5D}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, Mike Gelfand -> Transmission Project) FirewallRules: [UDP Query User{8D5F27A9-9C87-4241-BCF9-4B8CAF11BE45}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, Mike Gelfand -> Transmission Project) FirewallRules: [TCP Query User{51EBCC31-E219-45B8-AF8D-DC57E148540F}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{725BE3B0-E23B-4124-B20E-BDBEF3859B13}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe () [Bestand niet getekend] FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{427A506A-9D42-4731-BA42-12AEAB8324FB}] => (Block) C:\Windows\explorer.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{312AC766-38F0-48AA-AA10-FBC25009A715}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, Mike Gelfand -> Transmission Project) FirewallRules: [UDP Query User{783AC6BA-2AFB-4C7A-93CC-3D2670991794}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, Mike Gelfand -> Transmission Project) FirewallRules: [TCP Query User{CAF6A4FB-AFCC-4670-AA28-85CD39E1D513}G:\portableapps\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) G:\portableapps\qbittorrentportable\app\qbittorrent\qbittorrent.exe => Geen bestand FirewallRules: [UDP Query User{E7BE7803-928F-4295-86E3-AC7D1C7FB2E3}G:\portableapps\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) G:\portableapps\qbittorrentportable\app\qbittorrent\qbittorrent.exe => Geen bestand FirewallRules: [{8C957497-0567-4D03-BB7B-68C3E2A625E3}] => (Allow) G:\PortableApps\uTorrentPortable\App\uTorrent\uTorrent.exe => Geen bestand FirewallRules: [{D55273AD-6A3C-40F1-970E-19145543AA97}] => (Allow) G:\PortableApps\uTorrentPortable\App\uTorrent\uTorrent.exe => Geen bestand FirewallRules: [TCP Query User{DAA9D900-EFD7-4A43-980E-DB8EC7F03F0F}C:\users\flami\documents\opera portable\71.0.3770.228\opera.exe] => (Allow) C:\users\flami\documents\opera portable\71.0.3770.228\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{4445DEF8-AE51-4E21-829C-81BAA7949082}C:\users\flami\documents\opera portable\71.0.3770.228\opera.exe] => (Allow) C:\users\flami\documents\opera portable\71.0.3770.228\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{962D5A21-5486-471B-8C0E-B5A4A02D44FB}G:\portableapps\delugeportable\app\deluge\deluge.exe] => (Allow) G:\portableapps\delugeportable\app\deluge\deluge.exe => Geen bestand FirewallRules: [UDP Query User{5DFEC417-EF36-4D8D-86E9-A2D6AA7BF307}G:\portableapps\delugeportable\app\deluge\deluge.exe] => (Allow) G:\portableapps\delugeportable\app\deluge\deluge.exe => Geen bestand FirewallRules: [TCP Query User{A8BC2614-F558-4B7F-B8E2-02A089EF9EB7}C:\users\flami\documents\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) C:\users\flami\documents\qbittorrentportable\app\qbittorrent\qbittorrent.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{BAAB62E1-1BD6-47DE-A205-58EE7A8C2758}C:\users\flami\documents\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) C:\users\flami\documents\qbittorrentportable\app\qbittorrent\qbittorrent.exe () [Bestand niet getekend] FirewallRules: [TCP Query User{EEC14FF8-675C-42DF-BA7F-019C612A107B}C:\users\flami\documents\opera portable\71.0.3770.284\opera.exe] => (Allow) C:\users\flami\documents\opera portable\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{8678CE08-CD0E-416A-9DC6-6D88F9C30403}C:\users\flami\documents\opera portable\71.0.3770.284\opera.exe] => (Allow) C:\users\flami\documents\opera portable\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{AC8806E0-0CE1-4045-8F97-1D1604CA98C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B6BB6AB3-55AE-48F6-99F6-B51B93ABF3CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D9C74C4F-59D3-4840-B047-BFC12278A9FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9A5ED64B-1A55-4387-A602-70902FDA2FFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld (Total:64.24 GB) (Free:35.97 GB) (56%) ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (12/27/2020 10:54:15 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5872,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/27/2020 10:48:36 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4172,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/27/2020 04:05:43 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4312,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/27/2020 11:46:40 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4260,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/27/2020 12:44:28 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6672,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/27/2020 12:35:09 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (10208,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/27/2020 12:28:01 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4836,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/26/2020 05:55:51 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (1860,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Systeemfouten: ============= Error: (12/27/2020 10:39:29 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (12/27/2020 03:45:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (12/27/2020 11:28:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (12/27/2020 12:18:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (12/26/2020 01:35:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (12/24/2020 08:18:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (12/24/2020 04:00:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (12/23/2020 02:25:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. Windows Defender: =================================== Date: 2020-04-03 22:08:17.270 Description: Windows Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: Vorige versie van beveiligingsinformatie: 1.305.2530.0 Updatebron: Microsoft-updateserver Type beveiligingsinformatie: AntiVirus Updatetype: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.16500.1 Foutcode: 0x8024001e Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. CodeIntegrity: =================================== Date: 2020-12-27 22:49:15.241 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-27 22:49:15.216 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements. Date: 2020-12-27 22:43:36.327 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-12-27 22:43:36.324 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-12-27 22:43:36.268 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-12-27 22:41:12.725 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-12-27 22:41:12.721 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-12-27 22:41:12.717 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\BullGuard Ltd\BullGuard\BgAMSI.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. P11-A4 03/21/2014 Moederbord: Acer Aspire TC-605 Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Percentage geheugen in gebruik: 48% Totaal fysiek RAM-geheugen: 8131.42 MB Beschikbaar fysiek RAM-geheugen: 4167.62 MB Totaal Virtueel geheugen: 9411.42 MB Beschikbaar Virtueel geheugen: 4667.29 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:64.24 GB) (Free:35.97 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)] Drive e: () (Fixed) (Total:866.72 GB) (Free:433.1 GB) NTFS \\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.61 GB) NTFS \\?\Volume{ff011397-0000-0000-0000-700f10000000}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: FF011397) Partition 1: (Active) - (Size=64.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=563 MB) - (Type=27) Partition 3: (Not Active) - (Size=866.7 GB) - (Type=05) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4) Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS) ==================== Einde van Addition.txt =======================