Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 30-01-2022 Gestart door benny (02-02-2022 12:15:43) Gestart vanaf C:\Users\benni\Downloads Microsoft Windows 10 Pro Versie 21H1 19043.1466 (X64) (2022-01-31 08:18:19) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-2171751185-1290622348-2377408102-500 - Administrator - Disabled) benny (S-1-5-21-2171751185-1290622348-2377408102-1001 - Administrator - Enabled) => C:\Users\benni DefaultAccount (S-1-5-21-2171751185-1290622348-2377408102-503 - Limited - Disabled) Gast (S-1-5-21-2171751185-1290622348-2377408102-501 - Limited - Disabled) mante (S-1-5-21-2171751185-1290622348-2377408102-1002 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-2171751185-1290622348-2377408102-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) µTorrent (HKLM-x32\...\uTorrent) (Version: 1.6 - ) 64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden AIDA64 Business Edition (HKLM-x32\...\{48A749F0-B2B8-4662-A603-7A34D5B5A0BE}) (Version: 6.60.5900 - FinalWire) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.3.5 - AnyDesk Software GmbH) Ashampoo Snap 11 (HKLM-x32\...\{0A11EA01-AF34-C9AB-388B-8520DA9E7D92}_is1) (Version: 11.1.0 - Ashampoo GmbH & Co. KG) Belgium e-ID middleware 4.4.24 (build 4261) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A74261}) (Version: 4.4.4261 - Belgian Government) Belgium e-ID middleware 5.0.17 (build 5498) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A75498}) (Version: 5.0.5498 - Belgian Government) Belgium e-ID viewer 4.4.23 (build 4246) (HKLM-x32\...\{F3DC7F06-92FF-4C98-87F5-72C0B7864246}) (Version: 4.4.4246 - Belgian Government) Belgium e-ID viewer 5.0.20 (build 5561) (HKLM-x32\...\{F3DC7F06-92FF-4C98-87F5-72C0B7865561}) (Version: 5.0.5561 - Belgian Government) BluffTitler (HKLM-x32\...\BluffTitler) (Version: - Outerspace Software) By Click Downloader (HKLM-x32\...\{E1277BBD-DF3D-43D1-A85C-C50DB0EA93BD}) (Version: 2.3.2 - ByClick) Hidden By Click Downloader (HKLM-x32\...\By Click Downloader 2.3.2) (Version: 2.3.2 - ByClick) CoolNew PDF (HKLM-x32\...\coolnewpdf) (Version: 3.0.0.1 - CoolNew Software Corporation) Dr. Folder versie 2.8.6.7 (HKLM\...\{1E989158-7B7C-4A69-9038-B010AF3F775A}_is1) (Version: 2.8.6.7 - YL Computing) eID Web Browser Middleware (HKLM\...\eID Web Browser Middleware) (Version: 1.1.11 - e-Contract.be BVBA) ePix Calendar (HKU\S-1-5-21-2171751185-1290622348-2377408102-1001\...\Fotosafari ePix) (Version: 6.6.9.701 - ePixEditions.com) Foxit PhantomPDF (HKLM-x32\...\{7910276E-2DB7-11EB-BD55-54BF64A63C26}) (Version: 10.1.1.37576 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden hott notes 4 (HKLM-x32\...\hott notes 4) (Version: 4.1 - Joel Riley) Internxt Drive 1.5.2 (HKU\S-1-5-21-2171751185-1290622348-2377408102-1001\...\ab6f7ef1-def5-51b3-8e15-b3f9295cf113) (Version: 1.5.2 - Internxt) Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation) Mailbird (HKLM\...\{713927DC-32CC-469A-A141-4DE28F931944}) (Version: 2.9.58 - Mailbird) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation) Microsoft Office LTSC Professional Plus 2021 - nl-nl (HKLM\...\ProPlus2021Volume - nl-nl) (Version: 16.0.14827.20158 - Microsoft Corporation) Microsoft Ondersteunings- en herstelassistent (HKU\S-1-5-21-2171751185-1290622348-2377408102-1001\...\a1a734b8150c1d83) (Version: 17.0.7901.7 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2171751185-1290622348-2377408102-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation) Microsoft Photo Premium 10 (HKLM-x32\...\PictureItPrem_v10) (Version: 10.0.0706 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-2171751185-1290622348-2377408102-1001\...\Teams) (Version: 1.3.00.32283 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden Q-Dir (HKU\S-1-5-21-2171751185-1290622348-2377408102-1001\...\Q-Dir) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9126.1 - Realtek Semiconductor Corp.) Registry Repair 5.0.1.126 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.126 - Glarysoft Ltd) Revo Uninstaller Pro 4.5.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.5.3 - VS Revo Group, Ltd.) SimBoePro (HKLM-x32\...\SimBoePro) (Version: - ) Star Stable Online 2.10.0 (HKLM-x32\...\8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.10.0 - Star Stable Entertainment AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TomTom Sports Connect (HKLM-x32\...\TomTom Sports Connect) (Version: 3.3.9.0 - TomTom International B.V.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) WhatsApp (HKU\S-1-5-21-2171751185-1290622348-2377408102-1001\...\WhatsApp) (Version: 2.2149.4 - WhatsApp) Windows Pc-statuscontrole (HKLM\...\{D1F16371-7951-41EB-A367-507D779F1E64}) (Version: 3.2.2110.14001 - Microsoft Corporation) WinRAR 6.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH) Packages: ========= AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.21.10042.0_x64__0a9344xs7nr4m [2022-01-31] (Advanced Micro Devices Inc.) [Startup Task] Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.23.4.0_x64__6rarf9sa4v8jt [2022-02-01] (Disney) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-31] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-31] (NVIDIA Corp.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-31] (Spotify AB) [Startup Task] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2171751185-1290622348-2377408102-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\benni\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2171751185-1290622348-2377408102-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x5AFE14058E16D801179B15058E16D801010000000400000000000000 => Geen bestand ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-01-31] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-01-31] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-01-31] (Mega Limited -> ) ContextMenuHandlers1: [ coolnewpdf_64bit] -> {5D26A5C8-E94B-44d3-A027-9DF32468F8E7} => C:\Program Files (x86)\coolnewpdf\pdfmenu64.dll [2022-02-02] (Shenzhen Golden Kiwi Technology Co., Ltd. -> Shenzhen Golden Kiwi Technology Co.,Ltd.) ContextMenuHandlers1-x32: [ kpdf_64bit] -> {C329890D-1F3F-4e76-B249-05C8422CC5CE} => C:\Program Files (x86)\coolnewpdf\pdfmenu.dll [2022-02-02] (Shenzhen Golden Kiwi Technology Co., Ltd. -> Shenzhen Golden Kiwi Technology Co.,Ltd.) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-01-31] (Mega Limited -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ coolnewpdf_64bit] -> {5D26A5C8-E94B-44d3-A027-9DF32468F8E7} => C:\Program Files (x86)\coolnewpdf\pdfmenu64.dll [2022-02-02] (Shenzhen Golden Kiwi Technology Co., Ltd. -> Shenzhen Golden Kiwi Technology Co.,Ltd.) ContextMenuHandlers2-x32: [ kpdf_64bit] -> {C329890D-1F3F-4e76-B249-05C8422CC5CE} => C:\Program Files (x86)\coolnewpdf\pdfmenu.dll [2022-02-02] (Shenzhen Golden Kiwi Technology Co., Ltd. -> Shenzhen Golden Kiwi Technology Co.,Ltd.) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-01-31] (Mega Limited -> ) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-01-31] (Mega Limited -> ) ContextMenuHandlers4: [ coolnewpdf_64bit] -> {5D26A5C8-E94B-44d3-A027-9DF32468F8E7} => C:\Program Files (x86)\coolnewpdf\pdfmenu64.dll [2022-02-02] (Shenzhen Golden Kiwi Technology Co., Ltd. -> Shenzhen Golden Kiwi Technology Co.,Ltd.) ContextMenuHandlers4-x32: [ kpdf_64bit] -> {C329890D-1F3F-4e76-B249-05C8422CC5CE} => C:\Program Files (x86)\coolnewpdf\pdfmenu.dll [2022-02-02] (Shenzhen Golden Kiwi Technology Co., Ltd. -> Shenzhen Golden Kiwi Technology Co.,Ltd.) ContextMenuHandlers4: [DrFolderExtension] -> {4ca4fa65-0669-3a6b-8c16-f5c69eaf9fc9} => C:\Program Files\Dr. Folder\DrFolderExtension.DLL [2021-12-10] () [Bestand niet getekend] ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-01-31] (Mega Limited -> ) ContextMenuHandlers5: [ coolnewpdf_64bit] -> {5D26A5C8-E94B-44d3-A027-9DF32468F8E7} => C:\Program Files (x86)\coolnewpdf\pdfmenu64.dll [2022-02-02] (Shenzhen Golden Kiwi Technology Co., Ltd. -> Shenzhen Golden Kiwi Technology Co.,Ltd.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-07-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\benni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent\µTorrent Homepage.lnk -> hxxp://www.utorrent.com ==================== Geladen Modules (gefilterd) ============= 2022-02-02 11:56 - 2022-02-02 11:56 - 001453056 _____ () [Bestand niet getekend] \\?\C:\Users\benni\AppData\Local\Temp\6a14072f-5a79-44b5-b7e7-060b3a4ca50a.tmp.node 2022-01-31 11:41 - 2022-01-20 11:15 - 002821120 _____ () [Bestand niet getekend] C:\Users\benni\AppData\Local\Programs\internxt-drive\ffmpeg.dll 2022-01-31 11:41 - 2022-01-20 11:15 - 000446464 _____ () [Bestand niet getekend] C:\Users\benni\AppData\Local\Programs\internxt-drive\libegl.dll 2022-01-31 11:41 - 2022-01-20 11:15 - 007900160 _____ () [Bestand niet getekend] C:\Users\benni\AppData\Local\Programs\internxt-drive\libglesv2.dll 2020-11-23 04:22 - 2020-11-23 04:22 - 000693760 _____ (Foxit) [Bestand niet getekend] C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\Plugins\phc.dll 2016-06-15 04:36 - 2016-06-15 04:36 - 000050688 _____ (HP Inc.) [Bestand niet getekend] c:\windows\system32\hpzinw12.dll 2016-06-15 04:36 - 2016-06-15 04:36 - 000066048 _____ (HP Inc.) [Bestand niet getekend] c:\windows\system32\hpzipm12.dll 2022-01-31 09:51 - 2022-01-31 09:51 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll 2022-01-31 09:51 - 2022-01-31 09:51 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== SearchScopes: HKU\S-1-5-21-2171751185-1290622348-2377408102-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-01-31] (Oracle America, Inc. -> Oracle Corporation) BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> ) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-01-31] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-01-31] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> ) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2022-01-31 08:42 - 2022-01-31 08:40 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2171751185-1290622348-2377408102-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\benni\AppData\Roaming\Art Plus\Desktop\wallpaper.png DNS Servers: 195.130.131.3 - 195.130.130.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{1E518CAC-7D45-47F3-9DBE-AB4F615CFC0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2C0A70FB-6639-4E89-B9A0-BC2365391263}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EFBD8A49-609A-4997-8F3A-D19F90EC115A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{848FC4DB-2065-4E77-99C4-0C50502D76AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2530EF2B-39DC-403F-8E8A-AF008C21C103}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{3D053B7A-9B89-4386-8DE0-4735C30F2043}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9D6F1155-23C0-4D91-AC48-329C96E787FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{27C072D9-C86B-4FAF-AE4E-E67AB30D8799}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{891426E4-22D1-450D-A37F-77BF73EE89E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0BB196AC-7E19-49F8-B585-3F5AA32D87DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7F00B45D-2C05-4695-B7EE-F0D67BEA8127}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BED913DA-711E-4FAB-BFEB-46230AE7AF92}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1C5ECA06-5550-4D33-BC0D-D7BC7E5CC582}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1CF417D0-3FE7-4EFC-B560-5599C16B0570}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A6DE1FEE-9C10-45BE-9D34-2421A0CF92AA}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe () [Bestand niet getekend] FirewallRules: [{6C6765EB-94E7-4DA0-912C-799CAAF0D3D6}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe () [Bestand niet getekend] FirewallRules: [{962BE593-0383-4012-8C32-6378055F353F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F8091853-018E-4EFA-9648-2568E69A1239}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4607CE31-75B1-4DF2-BC06-B263083C1F11}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E52DB5E5-B0B4-4986-8C76-EEC8D43FD7B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{D35D1FA8-0109-4B4D-B595-1BD807A138F9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{07693E14-C08F-489E-BA40-AB8798739B31}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{43A74609-DB51-4DB4-8FEC-957F9B339DC7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{9D4C3B70-2C38-46ED-9C41-4641D4071F8D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) ==================== Herstelpunten ========================= ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (02/02/2022 11:56:10 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\hottnotes.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (02/02/2022 08:35:01 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\hottnotes.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (02/02/2022 08:34:58 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\hott notes 4\Microsoft.VC80.MFC\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (02/02/2022 08:34:57 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\hott notes 4\Microsoft.VC80.MFC\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (02/01/2022 08:34:24 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\hott notes 4\Microsoft.VC80.MFC\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (02/01/2022 08:34:24 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\Program Files (x86)\hott notes 4\Microsoft.VC80.MFC\MFC80U.DLL' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (02/01/2022 08:34:07 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\hottnotes.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Error: (01/31/2022 07:04:49 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Kan activeringscontext voor 'C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\hottnotes.exe' niet maken. Kan afhankelijke assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" niet vinden. Gebruik sxstrace.exe voor een gedetailleerde diagnose. Systeemfouten: ============= Error: (02/02/2022 09:05:30 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: Er is een onherstelbare fout opgetreden bij het maken van een TLS-referentie voor client. De interne foutstatus is 10013. Error: (02/01/2022 09:09:42 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: Er is een onherstelbare fout opgetreden bij het maken van een TLS-referentie voor client. De interne foutstatus is 10013. Error: (01/31/2022 12:59:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MM71VK5) Description: De server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/31/2022 12:59:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MM71VK5) Description: De server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/31/2022 12:59:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MM71VK5) Description: De server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/31/2022 11:31:39 AM) (Source: SCardSvr) (EventID: 610) (User: ) Description: De smartcardlezer Alcorlink USB Smart Card Reader 0 heeft IOCTL 0x313520 geweigerd: Onjuiste functie.. Als deze fout aanhoudt, werkt uw smartcard of lezer mogelijk niet naar behoren. Header van opdracht: XX XX XX XX Error: (01/31/2022 11:31:36 AM) (Source: SCardSvr) (EventID: 610) (User: ) Description: De smartcardlezer Alcorlink USB Smart Card Reader 0 heeft IOCTL 0x313520 geweigerd: Onjuiste functie.. Als deze fout aanhoudt, werkt uw smartcard of lezer mogelijk niet naar behoren. Header van opdracht: XX XX XX XX Error: (01/31/2022 11:31:36 AM) (Source: SCardSvr) (EventID: 610) (User: ) Description: De smartcardlezer Alcorlink USB Smart Card Reader 0 heeft IOCTL 0x313520 geweigerd: Onjuiste functie.. Als deze fout aanhoudt, werkt uw smartcard of lezer mogelijk niet naar behoren. Header van opdracht: XX XX XX XX Windows Defender: ================ Date: 2022-02-02 11:30:28 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Keygen&threatid=225063&enterprise=0 Naam: PUA:Win32/Keygen Ernst: Laag Categorie: Mogelijk ongewenste software Pad: containerfile:_G:\Setups december\Ashampoo Snap 11.1 Final + Patch\Patch\ashampoo.ash_inet2.v3.0.x.(32-bit)-patch.exe; file:_G:\Setups december\Ashampoo Snap 11.1 Final + Patch\Patch\ashampoo.ash_inet2.v3.0.x.(32-bit)-patch.exe->(VFS:dup2patcher.dll) Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-MM71VK5\benny Procesnaam: C:\Windows\explorer.exe Versie van beveiligingsinformatie: AV: 1.355.2900.0, AS: 1.355.2900.0, NIS: 1.355.2900.0 Engineversie: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-02-02 11:30:07 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Naam: HackTool:Win32/Keygen Ernst: Hoog Categorie: Hulpprogramma Pad: file:_G:\Setups december\Ashampoo Snap 11.1 Final + Patch\Patch\ashampoo.ash_inet2.v3.0.x.(32-bit)-patch.exe Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-MM71VK5\benny Procesnaam: C:\Windows\explorer.exe Versie van beveiligingsinformatie: AV: 1.355.2900.0, AS: 1.355.2900.0, NIS: 1.355.2900.0 Engineversie: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-02-01 11:49:47 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {0830325D-7685-44EC-9929-6283BAAFE228} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2022-02-01 10:52:56 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/OfferCore&threatid=311999&enterprise=0 Naam: PUADlManager:Win32/OfferCore Ernst: Laag Categorie: Mogelijk ongewenste software Pad: file:_G:\Setups december\CheatEngine72.exe Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-MM71VK5\benny Procesnaam: C:\Windows\explorer.exe Versie van beveiligingsinformatie: AV: 1.355.2865.0, AS: 1.355.2865.0, NIS: 1.355.2865.0 Engineversie: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-02-01 10:33:20 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {C0B1E495-CC03-4BB0-BE42-08F9BBFD0D5B} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM  ==================== Geheugen info =========================== BIOS: American Megatrends Inc. V1.1 04/15/2015 Moederbord: MSI A68HM GRENADE (MS-7891) Processor: AMD A8-7650K Radeon R7, 10 Compute Cores 4C+6G Percentage geheugen in gebruik: 29% Totaal fysiek RAM-geheugen: 15308.85 MB Beschikbaar fysiek RAM-geheugen: 10794.11 MB Totaal Virtueel geheugen: 18124.85 MB Beschikbaar Virtueel geheugen: 12389.02 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:930.9 GB) (Free:794.77 GB) NTFS Drive g: (Prulschijf) (Fixed) (Total:1863 GB) (Free:1674.07 GB) NTFS \\?\Volume{96dc9aef-1573-4668-90f9-874840d5b2a4}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS \\?\Volume{509f9eb1-aee8-4ecf-9416-02754ab75c8b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 5209FEAA) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 06123C23) Partition: GPT. ==================== Einde van Addition.txt =======================