Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 10-06-2022 01
Gestart door zander13381 (12-06-2022 14:23:02) Run:1
Gestart vanaf C:\Users\zander13381\Downloads
Geladen Profielen: False
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Geen bestand)
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\UniConverter 13\WSVCUUpdateHelper.exe (Geen bestand)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Geen bestand)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Geen bestand)
HKLM-x32\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files (x86)\Wondershare\Video Converter Free\WSVCUUpdateHelper.exe (Geen bestand)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize  (Geen bestand)
HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [hiddis 5 check updates and quit] => "C:\Program Files (x86)\Hidden Disk 5\hiddis.exe" protocol3 (Geen bestand)
GroupPolicy: Restrictie ? <==== AANDACHT
Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT
HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
Task: {2531997E-CBA6-433A-9D98-1A65BD082C75} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Geen bestand)
Task: {7E2CA4D9-AE79-4274-90CA-4BE95A22B8FF} - System32\Tasks\Opera GX scheduled Autoupdate 1643383214 => C:\Users\zander13381\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (Geen bestand)
Task: {95D26D33-CE77-4FB9-990E-24D7A696AE37} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2390676961-1970208939-1502202127-1000 => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (Geen bestand)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Geen bestand)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Free\Transfer\DriverInstall.exe" [X]
U4 npcap_wifi; geen ImagePath
2022-06-10 21:27 - 2022-02-24 18:27 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\FreeFirewall
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "WSVCUUpdateHelper.exe"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "WSVCUUpdateHelper.exe"
FirewallRules: [{04704025-7F97-4A0C-B40F-583CFD2881C1}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe => Geen bestand
FirewallRules: [{C093D563-C0EE-4260-9F31-DD80500F2717}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe => Geen bestand
FirewallRules: [{BD60472D-8E60-4D09-B671-02F1967455C6}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe => Geen bestand
FirewallRules: [{7BC95213-608C-4321-A118-E5BD10FE9401}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe => Geen bestand
FirewallRules: [{C64959C2-AA72-45CF-8502-A2CA62ED915E}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe => Geen bestand
FirewallRules: [{7CC60B48-DA13-40CA-9D4D-86AAA4323220}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe => Geen bestand
FirewallRules: [{1385A442-C23E-49FB-A4D7-D46576475026}] => (Allow) C:\Users\zander13381\AppData\Local\Programs\Opera GX\82.0.4227.50\opera.exe => Geen bestand
FirewallRules: [{9751BA05-8A58-4617-A823-DD9ECD481839}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => Geen bestand
FirewallRules: [{378F1224-BB67-4463-8C1F-5ADCC2CA1A83}] => (Allow) C:\Program Files (x86)\iMobie\DroidKit\xldownload\download\MiniThunderPlatform.exe => Geen bestand
FirewallRules: [{C7892E05-0DB5-433B-96BE-243B256ED590}] => (Allow) C:\Users\zander13381\Downloads\freefirewall-setup.exe => Geen bestand
FirewallRules: [{11882AF4-75A7-4C2B-8576-11968BAC5E62}] => (Allow) C:\Users\zander13381\AppData\Roaming\uTorrent\uTorrent.exe => Geen bestand
FirewallRules: [{8784BA47-F27F-4CCE-830C-A91CAC148639}] => (Allow) C:\Users\zander13381\AppData\Roaming\uTorrent\uTorrent.exe => Geen bestand
FirewallRules: [{C11E52AD-7833-44DB-B536-3B220E5916F3}] => (Allow) C:\Users\zander13381\AppData\Roaming\uTorrent Web\utweb.exe => Geen bestand
FirewallRules: [{41C921C4-79A4-4E39-B7C8-673F764C4226}] => (Allow) C:\Users\zander13381\AppData\Roaming\uTorrent Web\utweb.exe => Geen bestand
EmptyTemp:
Reboot:

*****************

Fout: (0) Mislukt om een herstelpunt te maken.
Proces succesvol afgesloten.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\WSVCUUpdateHelper.exe" => is succesvol verwijderd
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => is succesvol verwijderd
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => is succesvol verwijderd
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WSVCUUpdateHelper.exe" => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => waarde met succes hersteld
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => waarde met succes hersteld
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => is succesvol verwijderd
"HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion" => is succesvol verwijderd
"HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\Software\Microsoft\Windows\CurrentVersion\Run\\hiddis 5 check updates and quit" => is succesvol verwijderd
C:\WINDOWS\system32\GroupPolicy\Machine => is succesvol verplaatst
C:\WINDOWS\system32\GroupPolicy\GPT.ini => is succesvol verplaatst
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst
C:\ProgramData\NTUSER.pol => is succesvol verplaatst
HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\SOFTWARE\Policies\Google => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2531997E-CBA6-433A-9D98-1A65BD082C75}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2531997E-CBA6-433A-9D98-1A65BD082C75}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7E2CA4D9-AE79-4274-90CA-4BE95A22B8FF}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E2CA4D9-AE79-4274-90CA-4BE95A22B8FF}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\Opera GX scheduled Autoupdate 1643383214 => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera GX scheduled Autoupdate 1643383214" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95D26D33-CE77-4FB9-990E-24D7A696AE37}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95D26D33-CE77-4FB9-990E-24D7A696AE37}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-2390676961-1970208939-1502202127-1000 => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-2390676961-1970208939-1502202127-1000" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\WsDrvInst => is succesvol verwijderd
WsDrvInst => service is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\npcap_wifi => is succesvol verwijderd
npcap_wifi => service is succesvol verwijderd
C:\Users\zander13381\AppData\Roaming\FreeFirewall => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Wondershare Helper Compact.exe" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\WSVCUUpdateHelper.exe" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WSVCUUpdateHelper.exe" => niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Wondershare Helper Compact.exe" => is succesvol verwijderd
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\WSVCUUpdateHelper.exe" => is succesvol verwijderd
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WSVCUUpdateHelper.exe" => niet gevonden
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04704025-7F97-4A0C-B40F-583CFD2881C1}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C093D563-C0EE-4260-9F31-DD80500F2717}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD60472D-8E60-4D09-B671-02F1967455C6}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BC95213-608C-4321-A118-E5BD10FE9401}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C64959C2-AA72-45CF-8502-A2CA62ED915E}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7CC60B48-DA13-40CA-9D4D-86AAA4323220}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1385A442-C23E-49FB-A4D7-D46576475026}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9751BA05-8A58-4617-A823-DD9ECD481839}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{378F1224-BB67-4463-8C1F-5ADCC2CA1A83}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7892E05-0DB5-433B-96BE-243B256ED590}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11882AF4-75A7-4C2B-8576-11968BAC5E62}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8784BA47-F27F-4CCE-830C-A91CAC148639}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C11E52AD-7833-44DB-B536-3B220E5916F3}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{41C921C4-79A4-4E39-B7C8-673F764C4226}" => is succesvol verwijderd

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17085034 B
Java, Discord, Steam htmlcache => 44526885 B
Windows/system/drivers => 61169015 B
Edge => 0 B
Chrome => 2344783621 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
zander13381 => 50363029 B
systemprofile => 50420607 B
systemprofile32 => 50424127 B
LocalService => 50660241 B
NetworkService => 50748313 B
mc => 50748313 B
secret => 50748313 B
kioskUser0 => 50748313 B
LansweeperLocalDbService => 50748313 B

RecycleBin => 5460728 B
EmptyTemp: => 2.7 GB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Einde van Fixlog 14:24:19 ====