Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-04-2017 01 Gestart door Haaring (02-11-2021 10:32:19) Gestart vanaf C:\Users\Haaring\Downloads Windows 10 Home Versie 2009 (X64) (2021-07-23 22:01:01) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3537370988-3025272537-2333332426-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3537370988-3025272537-2333332426-503 - Limited - Disabled) Gast (S-1-5-21-3537370988-3025272537-2333332426-501 - Limited - Disabled) Haaring (S-1-5-21-3537370988-3025272537-2333332426-1001 - Administrator - Enabled) => C:\Users\Haaring WDAGUtilityAccount (S-1-5-21-3537370988-3025272537-2333332426-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) CCleaner (HKLM\...\CCleaner) (Version: 5.86 - Piriform) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC) HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.8.14.907 - SurfRight B.V.) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.40 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.153.47 - ) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {007DE519-1ACF-44DE-9C5E-3C953BD52912} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting Task: {04E6B581-9DFD-4E4B-89FC-383D2F26761F} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser Task: {07639781-67F2-4C27-A772-AB94FE2A6772} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2019-12-07] (Microsoft Corporation) Task: {0799EB79-CB83-4345-8DAF-E88C52BC5C3B} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2021-09-15] (Microsoft Corporation) Task: {088F318D-8516-4FB1-A1CE-83BABBD46D87} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2019-12-07] (Microsoft Corporation) Task: {11C14223-52F5-4386-BDDF-3118C2595355} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing Task: {1873F958-7BB3-4CA3-BFF6-96A00BDB794C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [2021-10-06] (Microsoft Corporation) Task: {193F3826-6616-477A-BC89-3292E7AEC5E3} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login Task: {1A9E513D-48DE-40B9-8613-B6CAA1946682} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources Task: {1D24309F-AB0D-435F-8821-3CE664F4F7E6} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable Task: {22FE6642-02F2-4DC4-BF04-248A3D5E64C7} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates Task: {266591E4-F9DD-49CB-ADAB-83B7174C5BCB} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [2020-04-22] (Intel(R) Corporation) Task: {2E9AFB30-B1CF-4A9A-9414-9AF9ACC1D03A} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3537370988-3025272537-2333332426-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [2021-05-12] () Task: {2F787152-FCEB-4B1F-8D61-FBDDC7A54FA0} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync Task: {32A674F2-DA8F-4700-99C2-A3513063EC3C} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task Task: {3486006C-DE4B-49DA-8A8C-D1291B08C560} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh Task: {41ED9190-5503-46C1-B713-5109680B0853} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures Task: {5D3EC477-B57F-49DA-A76A-33B0318940B6} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings Task: {5D900478-CDE6-4994-9D6A-8A9D9D8FFBBA} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync Task: {641166F4-B511-40E6-BA9A-990ADE0F6C64} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback Task: {64CB1336-F0B3-4245-BDE4-4F6B8806CD6D} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => Rundll32.exe %windir%\system32\PcaSvc.dll,PcaPatchSdbTask Task: {681FE3A3-F31F-44C7-8785-2BD3ECC9E9BA} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask Task: {685B9189-FC46-463A-9AB0-FBF568881DDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-07-24] (Google LLC) Task: {71842ABF-F35E-489B-8088-626F8951A1AD} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry Task: {71F2946D-B7AE-4182-BECE-8ED6741FBD0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-07-24] (Google LLC) Task: {7854ED6A-6A90-4704-867D-8B0D4226375A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [2021-10-06] (Microsoft Corporation) Task: {7BE3C3EA-615B-4DE9-AFA6-3626C8667699} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {83253053-B785-4AA4-A2B1-A91321480514} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration Task: {83382D4C-EA26-4786-AB30-29B98B6FA8A7} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2021-10-13] () Task: {83D46CD1-153B-49D9-82D8-7CBA7788B856} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan Task: {869DC0D7-D1BC-4577-BD66-F0A1F34AA7A7} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task Task: {8896C702-2A43-4C05-97E7-467DC541C3BE} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation Task: {8D371B4A-BC86-4D52-87ED-50B42579B0E4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2021-10-19] (Piriform) Task: {8EAC12DF-25F1-45F9-875C-380CE0229BF5} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2021-04-14] (Microsoft Corporation) Task: {930D3E70-98F5-4B6C-BCDB-66B9EECCD2E9} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications Task: {9774BE85-33FC-4596-8331-9BD4601263DF} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2021-04-14] (Microsoft Corporation) Task: {97DAD931-1925-43E2-B074-C87C33BF2735} - System32\Tasks\CCleanerSkipUAC - Haaring => C:\Program Files\CCleaner\CCleaner.exe [2021-10-19] (Piriform Software Ltd) Task: {98E6A899-A2F5-4E37-A19A-0714F37EAC47} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates Task: {9EBE9B95-BF2B-4C92-8169-7650BC9C5C25} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh Task: {AF6667F3-EF22-479B-AC79-6C14B50891E8} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => Rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks Task: {B30DBCEF-9B57-4419-BDA5-CCE99741155D} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01] (Microsoft Corporation) <==== AANDACHT Task: {B57A8A75-6345-4CAF-99D9-1AE2D9DA5A58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [2021-10-06] (Microsoft Corporation) Task: {B9243BD8-AD6C-47BC-9F96-6DB8A60AA821} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates Task: {C5781816-5696-4212-A4E4-25F9FFA2A860} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-12-07] (Microsoft Corporation) Task: {C7FCAA81-2493-4629-8EAB-D068B34B4E28} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery Task: {CC3F1ABA-1E35-442C-B36F-F29343D10A33} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {CD4AFAA3-A2BD-45C6-888F-CB909F784A67} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner Task: {D15FBEC0-80C0-4F3C-81DA-3EF7C5BC8C59} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable Task: {D4E606FD-E1C2-4278-8BE1-DAD4B6CCE9C7} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2021-10-13] (Microsoft Corporation) Task: {E827EAC7-8172-4C13-A212-643C3ECA385F} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable Task: {EC28DEDC-BB52-4990-8B3C-2091FD3EE1AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [2021-10-06] (Microsoft Corporation) Task: {F15DD529-6636-4734-AD0A-F1F864C1D210} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable Task: {F2C74935-C0E0-48C4-BD61-6B46BD70A935} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01] (Microsoft Corporation) <==== AANDACHT Task: {F391E00E-30C6-4318-A4A3-601F4A3CDE4A} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives Task: {F95DAF42-A102-4F55-8E77-597C1386E291} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2021-10-19] (Piriform Software Ltd) Task: {FE89F111-E83D-410C-8992-3BD5B35350A7} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Haaring\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ==================== Geladen Modules (gefilterd) ============== 2020-10-31 16:50 - 2020-10-31 16:50 - 00064552 _____ () C:\WINDOWS\system32\UMPDC.dll 2020-10-31 16:50 - 2020-10-31 16:50 - 00064552 _____ () c:\windows\system32\UMPDC.dll 2020-10-31 16:50 - 2020-10-31 16:50 - 00064552 _____ () C:\WINDOWS\SYSTEM32\UMPDC.dll 2021-06-11 18:39 - 2021-06-11 18:39 - 00657464 _____ () C:\Windows\System32\windowmanagementapi.dll 2021-10-13 18:55 - 2021-10-13 18:55 - 00706536 _____ () C:\WINDOWS\system32\TextShaping.dll 2020-10-31 16:50 - 2020-10-31 16:50 - 00064552 _____ () C:\WINDOWS\System32\UMPDC.dll 2021-09-14 13:03 - 2021-09-14 13:03 - 02260992 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-10-13 18:55 - 2021-10-13 18:55 - 00706536 _____ () C:\WINDOWS\SYSTEM32\TextShaping.dll 2021-06-11 18:39 - 2021-06-11 18:39 - 00657464 _____ () C:\Windows\System32\WindowManagementAPI.dll 2021-01-15 14:16 - 2021-01-15 14:16 - 00095744 _____ () C:\Windows\System32\VirtualMonitorManager.dll 2020-12-10 14:30 - 2020-12-10 14:30 - 00363520 _____ () C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll 2019-12-07 10:08 - 2019-12-07 10:08 - 00499200 _____ () C:\Windows\ShellExperiences\TileControl.dll 2021-07-31 14:34 - 2021-07-31 14:34 - 02158592 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2020-11-02 22:44 - 2020-11-02 22:44 - 00793416 _____ () C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe 2021-06-11 18:39 - 2021-06-11 18:39 - 00657464 _____ () C:\WINDOWS\SYSTEM32\WindowManagementAPI.dll 2020-10-31 16:50 - 2020-10-31 16:50 - 00064552 _____ () C:\Windows\System32\UMPDC.dll 2021-11-01 22:38 - 2021-11-01 22:38 - 00443904 _____ () C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\Search.Core.dll 2021-10-13 18:55 - 2021-10-13 18:55 - 00706536 _____ () C:\Windows\System32\TextShaping.dll 2021-07-06 12:38 - 2021-07-06 12:38 - 00047824 _____ () C:\Program Files\CCleaner\branding.dll 2021-10-19 13:04 - 2021-10-19 13:04 - 00161800 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2019-12-07 10:08 - 2019-12-07 10:08 - 00039424 _____ () C:\Windows\System32\usocoreps.dll 2021-10-30 21:54 - 2021-10-29 16:27 - 02811808 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\ffmpeg.dll 2021-10-30 21:54 - 2021-10-29 16:28 - 06351704 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\libglesv2.dll 2021-10-30 21:54 - 2021-10-29 16:28 - 00454488 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.40\libegl.dll 2021-04-09 00:03 - 2021-04-09 00:03 - 00155752 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdinfo64.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Users\Haaring\Downloads\ccsetup583_pro.exe:SmartScreen [7] AlternateDataStreams: C:\Users\Haaring\Downloads\ChromeSetup (1).exe:SmartScreen [7] AlternateDataStreams: C:\Users\Haaring\Downloads\ChromeSetup.exe:SmartScreen [7] AlternateDataStreams: C:\Users\Haaring\Downloads\FRST64 (1).exe:SmartScreen [7] AlternateDataStreams: C:\Users\Haaring\Downloads\FRST64.exe:SmartScreen [7] AlternateDataStreams: C:\Users\Haaring\Downloads\hmpalert.exe:SmartScreen [7] AlternateDataStreams: C:\Users\Haaring\Downloads\hmpalert3.exe:SmartScreen [7] AlternateDataStreams: C:\Users\Haaring\Downloads\rcsetup153.exe:SmartScreen [7] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: =============================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2021-07-23 23:29 - 2021-11-01 21:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-3537370988-3025272537-2333332426-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Haaring\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\topper wilh pier.png DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe FirewallRules: [{03F658AD-126B-446C-A67F-F2270E6DA2CA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{4E5859A3-ED59-4303-A3C7-304FAF2BFD68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe FirewallRules: [{E0DE2C90-ACA9-4048-9670-274A8E591B28}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe FirewallRules: [{601E3BF6-21D1-4B37-9BA1-93BF820D64D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe FirewallRules: [{52B1D357-ED7E-4920-9554-2E1B9DFF5C85}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe FirewallRules: [{809F944E-37F3-48FB-BF86-CED2F1E3E4D2}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe FirewallRules: [{6F4F0DAC-D9B0-41C2-A58F-400F162D68FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{AAE22A22-80AD-415F-9CE4-ABECC8155454}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{5CE52CE1-274A-4D0F-8072-0888D392436E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{B3E6D815-7F85-4EAD-9F16-F0563050E022}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{E19176E7-A44A-4EA5-B330-B4AC86A80B7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{D5326154-5965-4DD1-BFF8-E634586B849A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{F5CAB228-8700-4827-9CD0-58D838C9AEAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{85565E18-017E-4689-A7AE-0BCE0E63918E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/01/2021 10:07:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: MBAMService.exe, versie: 3.2.0.1004, tijdstempel: 0x6166141b Naam van module met fout: LicenseControllerImpl.dll, versie: 3.2.0.443, tijdstempel: 0x6140b1ec Uitzonderingscode: 0xc0000005 Foutmarge: 0x000000000004f9db Id van proces met fout: 0xc04 Starttijd van toepassing met fout: 0x01d7cf64753f4b91 Pad naar toepassing met fout: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe Pad naar module met fout: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\LicenseControllerImpl.dll Rapport-id: 89230e04-3aea-45de-b6ff-b543a2a636f9 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (11/01/2021 09:39:09 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center kan oproeper niet valideren met fout %1. Error: (11/01/2021 09:39:09 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/01/2021 09:39:09 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/01/2021 09:39:08 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/01/2021 09:39:08 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/01/2021 09:39:08 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/01/2021 09:39:08 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/01/2021 09:39:08 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Error: (11/01/2021 09:39:08 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Fout tijdens bijwerken van status naar SECURITY_PRODUCT_STATE_OFF. Systeemfouten: ============= Error: (11/01/2021 10:52:24 PM) (Source: DCOM) (EventID: 10000) (User: HAARING-PC) Description: Kan geen DCOM-server starten: {0358B920-0AC7-461F-98F4-58E32CD89148}. Foutmelding "2147942767" is opgetreden bij het uitvoeren van de opdracht C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} Error: (11/01/2021 10:42:15 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: De service Malwarebytes Service is niet juist afgesloten na de ontvangst van een besturingselement voor afsluiten. Error: (11/01/2021 10:23:57 PM) (Source: DCOM) (EventID: 10010) (User: HAARING-PC) Description: De server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/01/2021 10:21:56 PM) (Source: DCOM) (EventID: 10010) (User: HAARING-PC) Description: De server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/01/2021 10:19:55 PM) (Source: DCOM) (EventID: 10010) (User: HAARING-PC) Description: De server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/01/2021 10:17:55 PM) (Source: DCOM) (EventID: 10010) (User: HAARING-PC) Description: De server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/01/2021 10:15:55 PM) (Source: DCOM) (EventID: 10010) (User: HAARING-PC) Description: De server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/01/2021 10:13:55 PM) (Source: DCOM) (EventID: 10010) (User: HAARING-PC) Description: De server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/01/2021 10:11:54 PM) (Source: DCOM) (EventID: 10010) (User: HAARING-PC) Description: De server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (11/01/2021 10:09:54 PM) (Source: DCOM) (EventID: 10010) (User: HAARING-PC) Description: De server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. CodeIntegrity: =================================== Date: 2021-07-24 09:31:35.7700000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-07-24 09:31:35.7110000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-07-24 01:42:34.3730000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-07-24 01:42:34.2090000Z Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-07-24 01:05:52.1490000Z Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2021-07-24 01:05:52.1270000Z Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. ==================== Geheugen info =========================== Processor: Intel(R) Pentium(R) CPU G4400 @ 3.30GHz Percentage geheugen in gebruik: 63% Totaal fysiek RAM-geheugen: 3982.24 MB Beschikbaar fysiek RAM-geheugen: 1470.39 MB Totaal Virtueel geheugen: 4686.24 MB Beschikbaar Virtual geheugen: 1837.16 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:110.76 GB) (Free:78.9 GB) NTFS Drive d: () (Fixed) (Total:465.76 GB) (Free:443.15 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 111.8 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8A6A671A) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================