Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 02-10-2021 Gestart door Gerda (02-10-2021 14:00:55) Gestart vanaf E:\downloads64 Windows 10 Pro Versie 20H2 19042.1165 (X64) (2021-01-26 15:56:36) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-706193113-4269388807-4058006214-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-706193113-4269388807-4058006214-503 - Limited - Disabled) Gast (S-1-5-21-706193113-4269388807-4058006214-501 - Limited - Disabled) Gerda (S-1-5-21-706193113-4269388807-4058006214-1001 - Administrator - Enabled) => C:\Users\Gerda WDAGUtilityAccount (S-1-5-21-706193113-4269388807-4058006214-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.) Adobe Photoshop Elements 2021 (HKLM-x32\...\PSE_19_2) (Version: 19.0 - Adobe Inc.) Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.) Auslogics BoostSpeed 10 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 10.0.4.0 - Auslogics Labs Pty Ltd) Auslogics Driver Updater (HKLM-x32\...\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_is1) (Version: 1.21.3.0 - Auslogics Labs Pty Ltd) Belarc Advisor 9.7 (HKLM-x32\...\Belarc Advisor) (Version: 9.7.0.0 - Belarc Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform) Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.8.364 - Corel corporation) Hidden Diamond Club Casino 2 (HKLM-x32\...\Diamond Club Casino 2) (Version: - ) Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) FileZilla Client 3.55.1 (HKLM-x32\...\FileZilla Client) (Version: 3.55.1 - Tim Kosse) FreeFileSync 11.5 (HKLM-x32\...\FreeFileSync_is1) (Version: 11.5 - FreeFileSync.org) IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.0.2.20 - IObit) IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan) Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo) Lenovo Diagnostics Tool (HKLM\...\{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}_is1) (Version: 4.37.0.209 - LENOVO (UNITED STATES) INC.) Lenovo Service Bridge (HKU\S-1-5-21-706193113-4269388807-4058006214-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.6 - Lenovo) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0110 - Lenovo) LibreOffice 7.1.0.3 (HKLM\...\{FF0BB16C-BD95-497C-BCE6-4B567668AF1B}) (Version: 7.1.0.3 - The Document Foundation) Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech) Macromedia Dreamweaver 4 (HKLM-x32\...\{ABDA9912-5D00-11D4-BAE7-9367CA097955}) (Version: 4.0 - Macromedia) Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.2 - Macromedia) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - nl-nl (HKLM\...\ProPlus2019Volume - nl-nl) (Version: 16.0.10378.20029 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-706193113-4269388807-4058006214-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Mozilla Firefox (x64 nl) (HKLM\...\Mozilla Firefox 92.0.1 (x64 nl)) (Version: 92.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.2 - Mozilla) Mozilla Thunderbird 78.14.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 78.14.0 (x86 nl)) (Version: 78.14.0 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10378.20029 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10378.20029 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.10378.20029 - Microsoft Corporation) Hidden Offline Rekening Overzicht (HKLM-x32\...\{80D2DAFC-A65D-4317-8A75-15286181EC23}) (Version: 1.0.2.0 - J.J.F. Verhaag) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel(R) Corporation) TomTom MyDrive Connect 4.2.11.4200 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.11.4200 - TomTom) Windows Driver Package - Intel (XtuAcpiDriver) System (01/14/2019 4.0.0.69) (HKLM\...\3A99CB44A2E54EA755CC2AFB6051D7B280A10CA1) (Version: 01/14/2019 4.0.0.69 - Intel) WordPerfect Office 2002 (HKLM-x32\...\{A0B295C3-FD3C-11D4-A811-0090279106C3}) (Version: 10 - Corel) Hidden WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation) WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation) WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - IPM (HKLM-x32\...\{AF93DEF7-008A-430B-B1D0-50A9D707ACF8}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - IPM Content (HKLM-x32\...\{3F93A142-9033-471E-BDE8-EFF0A1F170F2}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation) WordPerfect Office X9 (HKLM-x32\...\{60338C41-EFE7-42C2-9442-46AE4FE90CC5}) (Version: 19.0 - Corel Corporation) Hidden Packages: ========= Foto's-invoegtoepassing -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation) Intel® Graphics besturingscentrum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-10-01] (INTEL CORP) [Startup Task] Media-engine-invoegtoepassing voor Foto's -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-10-01] (Netflix, Inc.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.628.0_x86__zpdnekdrzrea0 [2021-10-01] (Spotify AB) [Startup Task] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0 [2021-10-01] (Spotify AB) [Startup Task] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-706193113-4269388807-4058006214-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-706193113-4269388807-4058006214-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Gerda\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\amd64\FileCoAuthLib64.dll => Geen bestand CustomCLSID: HKU\S-1-5-21-706193113-4269388807-4058006214-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Gerda\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\MicrosoftListSync.exe" => Geen bestand CustomCLSID: HKU\S-1-5-21-706193113-4269388807-4058006214-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Gerda\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\MicrosoftListSync.exe" => Geen bestand ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ContextMenuHandlers2-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ContextMenuHandlers4-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== HKU\S-1-5-21-706193113-4269388807-4058006214-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/ BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2021-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2020-10-15] (Belarc, Inc. -> Belarc, Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-25] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2021-01-26 17:45 - 2021-01-26 17:43 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-706193113-4269388807-4058006214-1001\Control Panel\Desktop\\Wallpaper -> F:\IMG_9452.JPG DNS Servers: 192.168.2.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\StartupFolder: => "CorelCENTRAL 10.lnk" HKLM\...\StartupApproved\Run: => "AdobePSE19AutoAnalyzer" HKLM\...\StartupApproved\Run32: => "Corel Registration" HKLM\...\StartupApproved\Run32: => "QuickFinder Scheduler" HKU\S-1-5-21-706193113-4269388807-4058006214-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [TCP Query User{9D9287A5-6738-4A57-831B-8442DD3C6D4F}C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe] => (Allow) C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe (Naviant, Inc.) [Bestand niet getekend] FirewallRules: [UDP Query User{F1D27296-86D4-406C-ACD2-FA69FC56A8A9}C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe] => (Allow) C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe (Naviant, Inc.) [Bestand niet getekend] FirewallRules: [{AA85381D-1A17-4BE5-A6A9-E1F08FE5C19D}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{ECBDCD2E-66D3-4F10-B4EF-E90A1A216EF9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0A7328AD-239F-480E-8B38-1CC3E3DED744}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5263875F-4D4F-4BA8-90A9-8AE425B6FC60}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8C73422E-7DEE-42F2-B58F-270074955D8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BEDE8B15-CD9F-4949-A357-1CCDD7204B12}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{61B6A46A-BF28-4FA3-BCE0-BC7EEA1D1522}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2B6CE02B-1E4F-4FC2-8985-7B4625C49F2F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D0812893-58C2-4F9D-AC6D-66374D505EB1}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{3845DCD6-AD87-4777-814E-253D9DAB3639}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [TCP Query User{8B77E425-D282-471B-8A64-6A0EBAA3D4FF}C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe] => (Allow) C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe (Naviant, Inc.) [Bestand niet getekend] FirewallRules: [UDP Query User{0BAC6463-01DA-4A0E-8BB0-2842F5247073}C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe] => (Allow) C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe (Naviant, Inc.) [Bestand niet getekend] FirewallRules: [{004EBAAA-8260-415F-AE13-7F9AFE0706FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B17B2FC7-7D79-40C8-8B28-D3D3D6C8B342}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8F7A9A63-60D4-45EB-9CB2-F89874EAF9B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F2F15518-F4E8-4620-89C6-21C68CFA6BC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{555B0802-2B9D-4C17-951B-17992142EA6E}] => (Allow) D:\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom) FirewallRules: [{770BE2A1-5BD8-4DEA-9EDB-8477B2E2BE62}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4588E8AA-7CB2-4B03-B59E-BBA04395EDD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{785A1DDF-A234-461E-B9E3-0CAAC5667565}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A9197770-155E-4326-9CB1-29AB987508CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E600F7BC-5C33-4D20-A092-003E5C3C25C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E0B34F1E-1126-4821-950C-F90CFD08C9E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9E98F2DE-1164-4473-BDE4-C9D5C4311C69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{59CA2516-7AE4-4011-B5F1-3355B828128E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.169.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Herstelpunten ========================= 17-09-2021 14:48:17 Installatieprogramma voor Windows-modules 18-09-2021 21:03:54 Installatieprogramma voor Windows-modules 20-09-2021 11:15:54 Installatieprogramma voor Windows-modules 23-09-2021 20:39:56 Installatieprogramma voor Windows-modules 26-09-2021 13:16:18 Installatieprogramma voor Windows-modules 28-09-2021 11:00:44 Installatieprogramma voor Windows-modules 29-09-2021 14:47:59 na opruimen 29-09-2021 18:00:29 Installatieprogramma voor Windows-modules 01-10-2021 09:55:55 Installatieprogramma voor Windows-modules 01-10-2021 19:56:59 Herstelbewerking 02-10-2021 11:46:26 Removed HP Officejet 6500 E710n-z Basissoftware van het apparaat ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (10/02/2021 01:53:21 PM) (Source: ESENT) (EventID: 489) (User: ) Description: CCleaner64 (3448,G,0) Een poging het bestand C:\Users\Gerda\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat te openen voor alleen-lezen is mislukt. Systeemfout 32 (0x00000020): Het proces heeft geen toegang tot het bestand omdat het door een ander proces wordt gebruikt. . Tijdens het openen van het bestand treedt fout -1032 (0xfffffbf8) op. Systeemfouten: ============= Windows Defender: ================ Date: 2021-09-29 14:31:16 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/ICBundler&threatid=286849&enterprise=0 Naam: PUA:Win32/ICBundler Ernst: Laag Categorie: Mogelijk ongewenste software Pad: file:_E:\downloads64\utweb_installer.exe Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-DK8TUIM\Gerda Procesnaam: C:\WINDOWS\explorer.exe Versie van beveiligingsinformatie: AV: 1.349.1608.0, AS: 1.349.1608.0, NIS: 1.349.1608.0 Engineversie: AM: 1.1.18500.10, NIS: 1.1.18500.10 Date: 2021-09-29 14:31:04 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=App:ImgBurn_BundleInstaller&threatid=268659&enterprise=0 Naam: App:ImgBurn_BundleInstaller Ernst: Laag Categorie: Mogelijk ongewenste software Pad: file:_E:\downloads64\SetupImgBurn_2.5.8.0.exe Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-DK8TUIM\Gerda Procesnaam: C:\WINDOWS\explorer.exe Versie van beveiligingsinformatie: AV: 1.349.1608.0, AS: 1.349.1608.0, NIS: 1.349.1608.0 Engineversie: AM: 1.1.18500.10, NIS: 1.1.18500.10 Date: 2021-09-29 14:30:45 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=App:FileZilla_BundleInstaller&threatid=268656&enterprise=0 Naam: App:FileZilla_BundleInstaller Ernst: Laag Categorie: Mogelijk ongewenste software Pad: file:_E:\downloads64\FileZilla_3.30.0_win64-setup_bundled.exe Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-DK8TUIM\Gerda Procesnaam: C:\WINDOWS\explorer.exe Versie van beveiligingsinformatie: AV: 1.349.1608.0, AS: 1.349.1608.0, NIS: 1.349.1608.0 Engineversie: AM: 1.1.18500.10, NIS: 1.1.18500.10 Date: 2021-09-29 14:30:41 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/PiriformBundler&threatid=277517&enterprise=0 Naam: PUA:Win32/PiriformBundler Ernst: Laag Categorie: Mogelijk ongewenste software Pad: containerfile:_E:\downloads64\ccsetup539.exe; file:_E:\downloads64\ccsetup539.exe->(nsis-instdata) Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-DK8TUIM\Gerda Procesnaam: C:\WINDOWS\explorer.exe Versie van beveiligingsinformatie: AV: 1.349.1608.0, AS: 1.349.1608.0, NIS: 1.349.1608.0 Engineversie: AM: 1.1.18500.10, NIS: 1.1.18500.10 Date: 2021-09-28 21:02:02 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {C5541A4C-BB59-4145-B0F0-FA476397C524} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2021-10-01 20:02:52 Description: Microsoft Defender Antivirus heeft een fout gevonden tijdens het laden van beveiligingsinformatie en zal proberen terug te keren naar een bekende goede versie. Geprobeerde beveiligingsinformatie: Huidig Foutcode: 0x80070003 Foutbeschrijving: Het systeem kan het opgegeven pad niet vinden. Versie van beveiligingsinformatie: 0.0.0.0;0.0.0.0 Engineversie: 0.0.0.0 Date: 2021-09-12 20:25:45 Description: Microsoft Defender Antivirus heeft een fout gevonden tijdens het laden van beveiligingsinformatie en zal proberen terug te keren naar een bekende goede versie. Geprobeerde beveiligingsinformatie: Huidig Foutcode: 0x80070003 Foutbeschrijving: Het systeem kan het opgegeven pad niet vinden. Versie van beveiligingsinformatie: 0.0.0.0;0.0.0.0 Engineversie: 0.0.0.0 Date: 2021-08-25 10:14:22 Description: Microsoft Defender Antivirus heeft een fout gevonden tijdens het laden van beveiligingsinformatie en zal proberen terug te keren naar een bekende goede versie. Geprobeerde beveiligingsinformatie: Huidig Foutcode: 0x80070003 Foutbeschrijving: Het systeem kan het opgegeven pad niet vinden. Versie van beveiligingsinformatie: 0.0.0.0;0.0.0.0 Engineversie: 0.0.0.0 Date: 2021-08-08 21:32:00 Description: Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: Vorige versie van beveiligingsinformatie: 1.345.111.0 Updatebron: Microsoft-updateserver Type beveiligingsinformatie: AntiVirus Updatetype: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.18400.4 Foutcode: 0x80240438 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2021-07-29 11:37:41 Description: Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: Vorige versie van beveiligingsinformatie: 1.343.1539.0 Updatebron: Microsoft-updateserver Type beveiligingsinformatie: AntiVirus Updatetype: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.18300.4 Foutcode: 0x80240009 Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. CodeIntegrity: =============== Date: 2021-06-13 10:53:33 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\WdiWiFi.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-06-13 10:53:33 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\cimfs.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-06-13 10:53:33 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\cdrom.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-03-13 17:25:35 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\BTHUSB.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-03-13 17:25:32 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\dfsc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Geheugen info =========================== BIOS: LENOVO N1CET82W (1.50 ) 10/15/2020 Moederbord: LENOVO 20FAS09Y04 Processor: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz Percentage geheugen in gebruik: 23% Totaal fysiek RAM-geheugen: 20335.51 MB Beschikbaar fysiek RAM-geheugen: 15656.68 MB Totaal Virtueel geheugen: 23407.51 MB Beschikbaar Virtueel geheugen: 18728.01 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:243.44 GB) (Free:42.48 GB) NTFS Drive d: (PROGRAMMA'S) (Fixed) (Total:100.71 GB) (Free:89.31 GB) NTFS Drive e: (BESTANDEN) (Fixed) (Total:196.58 GB) (Free:127.2 GB) NTFS Drive f: (FOTO'S) (Fixed) (Total:380.86 GB) (Free:212.1 GB) NTFS \\?\Volume{79653c1e-e1ad-4d99-ad1f-377d8e72c45b}\ (Recovery) (Fixed) (Total:9.31 GB) (Free:8.84 GB) NTFS \\?\Volume{52837e62-bb00-410c-8897-cf918b02a2c7}\ (BOOT) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: E2FBD085) Partition: GPT. ==================== Einde van Addition.txt =======================