Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 10-01-2022 01 Gestart door Passer (11-01-2022 14:59:02) Run:1 Gestart vanaf C:\Users\Passer\Desktop Geladen Profielen: Passer Boot Modus: Normal ============================================== fixlist inhoud: ***************** CreateRestorePoint: CloseProcesses: IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe GroupPolicy: Restrictie ? <==== AANDACHT Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT Task: {05680ECB-0F66-4271-A3FA-E4A5F677915B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Geen bestand) Task: {082A24AB-D43A-42CA-9674-4D6E60C8B020} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1932565159-2512956902-953908438-500 => C:\Users\Passer\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Geen bestand) Task: {11081C39-3B6F-4253-BC84-A0F222B8EDCD} - System32\Tasks\CorelUpdateHelperTask-E527EBDBC17BDED9005BDD1DDD9E7A26 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe -resume (Geen bestand) Task: {24B138F1-CE19-4542-BB0D-FAD17C7D282B} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\Spybot3AntiBeacon.exe /apply /silent /atlogon (Geen bestand) Task: {42E521F8-A78B-4109-BE39-ED0A67622E75} - System32\Tasks\S-1-5-21-1932565159-2512956902-953908438-1002\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Geen bestand) Task: {4CBB43C7-DD04-455D-907F-1655199F2B3F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Geen bestand) Task: {94A240F9-04A9-497B-8BAD-15D727EA8F40} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Geen bestand) Task: {9C7BD637-06BA-47B2-BD71-B2A156990A48} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Geen bestand) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Geen bestand) Task: {E081A338-DB1D-4603-81D9-99B37F4582B0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Geen bestand) Task: {F9D5782E-0588-4952-88D5-5436C52834CC} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\Free Download Manager\winwfpmonitor.exe (Geen bestand) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ShortcutWithArgument: C:\Users\Passer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1" AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [136] FirewallRules: [{03BA21E1-4FF1-4944-8ED0-BBD6A9DFCDBC}] => (Allow) D:\HL2\SteamApps\common\Arctic Adventure Episodes\hl2.exe => Geen bestand FirewallRules: [{9C94A425-D8C3-4148-9554-87B98DBA5FE0}] => (Allow) D:\HL2\SteamApps\common\Arctic Adventure Episodes\hl2.exe => Geen bestand FirewallRules: [{A256A389-73D1-4F1C-8611-FBDBC8B1AA8F}] => (Allow) D:\HL2\SteamApps\common\Snowdrop Escape\hl2.exe => Geen bestand FirewallRules: [{71E33C68-93BE-486B-B41E-3A1857276362}] => (Allow) D:\HL2\SteamApps\common\Snowdrop Escape\hl2.exe => Geen bestand FirewallRules: [TCP Query User{4F52FF11-2B9B-4D8C-8246-8C19FEA08FCF}D:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Allow) D:\program files (x86)\return to castle wolfenstein\wolfmp.exe => Geen bestand FirewallRules: [UDP Query User{8EF6B22B-25DD-4700-89DC-E0CB68A9C7FE}D:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Allow) D:\program files (x86)\return to castle wolfenstein\wolfmp.exe => Geen bestand FirewallRules: [{3BB34EBC-CE60-4315-98D3-A38E085A031D}] => (Block) D:\program files (x86)\return to castle wolfenstein\wolfmp.exe => Geen bestand FirewallRules: [{DCC05168-F836-42DE-81C9-F6945EC43F59}] => (Block) D:\program files (x86)\return to castle wolfenstein\wolfmp.exe => Geen bestand Hosts: EmptyTemp: Reboot: ***************** Herstelpunt is succesvol gemaakt. Proces succesvol afgesloten. HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CompatTelRunner.exe => is succesvol verwijderd C:\WINDOWS\system32\GroupPolicy\Machine => is succesvol verplaatst C:\WINDOWS\system32\GroupPolicy\GPT.ini => is succesvol verplaatst C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst C:\ProgramData\NTUSER.pol => is succesvol verplaatst HKLM\SOFTWARE\Policies\Microsoft\Edge => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05680ECB-0F66-4271-A3FA-E4A5F677915B}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05680ECB-0F66-4271-A3FA-E4A5F677915B}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{082A24AB-D43A-42CA-9674-4D6E60C8B020}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{082A24AB-D43A-42CA-9674-4D6E60C8B020}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1932565159-2512956902-953908438-500 => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-1932565159-2512956902-953908438-500" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11081C39-3B6F-4253-BC84-A0F222B8EDCD}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11081C39-3B6F-4253-BC84-A0F222B8EDCD}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\CorelUpdateHelperTask-E527EBDBC17BDED9005BDD1DDD9E7A26 => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CorelUpdateHelperTask-E527EBDBC17BDED9005BDD1DDD9E7A26" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{24B138F1-CE19-4542-BB0D-FAD17C7D282B}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24B138F1-CE19-4542-BB0D-FAD17C7D282B}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42E521F8-A78B-4109-BE39-ED0A67622E75}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42E521F8-A78B-4109-BE39-ED0A67622E75}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\S-1-5-21-1932565159-2512956902-953908438-1002\DataSenseLiveTileTask => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\S-1-5-21-1932565159-2512956902-953908438-1002\DataSenseLiveTileTask" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CBB43C7-DD04-455D-907F-1655199F2B3F}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CBB43C7-DD04-455D-907F-1655199F2B3F}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_itype_exe" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94A240F9-04A9-497B-8BAD-15D727EA8F40}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94A240F9-04A9-497B-8BAD-15D727EA8F40}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office 15 Subscription Heartbeat" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C7BD637-06BA-47B2-BD71-B2A156990A48}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C7BD637-06BA-47B2-BD71-B2A156990A48}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E081A338-DB1D-4603-81D9-99B37F4582B0}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E081A338-DB1D-4603-81D9-99B37F4582B0}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft_Hardware_Launch_ipoint_exe" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F9D5782E-0588-4952-88D5-5436C52834CC}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9D5782E-0588-4952-88D5-5436C52834CC}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\FreeDownloadManagerNetworkMonitor => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerNetworkMonitor" => is succesvol verwijderd HKLM\System\CurrentControlSet\Services\WinSetupMon => is succesvol verwijderd WinSetupMon => service is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => is succesvol verwijderd "C:\Users\Passer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk" => niet gevonden C:\ProgramData\TEMP => ":5C321E34" ADS is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{03BA21E1-4FF1-4944-8ED0-BBD6A9DFCDBC}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C94A425-D8C3-4148-9554-87B98DBA5FE0}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A256A389-73D1-4F1C-8611-FBDBC8B1AA8F}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{71E33C68-93BE-486B-B41E-3A1857276362}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4F52FF11-2B9B-4D8C-8246-8C19FEA08FCF}D:\program files (x86)\return to castle wolfenstein\wolfmp.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8EF6B22B-25DD-4700-89DC-E0CB68A9C7FE}D:\program files (x86)\return to castle wolfenstein\wolfmp.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BB34EBC-CE60-4315-98D3-A38E085A031D}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DCC05168-F836-42DE-81C9-F6945EC43F59}" => is succesvol verwijderd C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst Hosts met succes hersteld. =========== EmptyTemp: ========== BITS transfer queue => 1048576 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58281017 B Java, Flash, Steam htmlcache => 252848159 B Windows/system/drivers => 44154439 B Edge => 0 B Chrome => 0 B Firefox => 87434852 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 6656 B ProgramData => 6656 B Public => 6656 B systemprofile => 6656 B systemprofile32 => 6661 B LocalService => 9025 B NetworkService => 363621 B Passer => 167257453 B RecycleBin => 9256507 B EmptyTemp: => 591.9 MB tijdelijke gegevens verwijderd. ================================ Het systeem moest herstart worden. ==== Einde van Fixlog 15:01:34 ====