Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 19.04.2024 01 Gestart door Alain (14-05-2024 19:42:49) Run:1 Gestart vanaf C:\Users\Eigenaar\Downloads Geladen Profielen: Alain Boot Modus: Normal ============================================== fixlist inhoud: ***************** start:: CreateRestorePoint: CloseProcesses: (services.exe ->) (Wondershare Technology Group Co.,Ltd -> wondershare) C:\ProgramData\Wondershare\wsServices\WsidService.exe HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT Task: {0FB312CF-69BE-4520-8D1F-C07E11501521} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Geen bestand) Task: {25FCF09E-5C77-4ABF-93F2-0C01D565589D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Geen bestand) Task: {F1CFF538-4C32-4489-B9A6-1A12D4BF1430} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Geen bestand) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Geen bestand) R2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [3963120 2024-01-30] (Wondershare Technology Group Co.,Ltd -> wondershare) S3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2024-05-13] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== AANDACHT S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] C:\ProgramData\Wondershare ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand 2024-02-20 19:22 - 2023-09-12 11:52 - 008382976 _____ (wondershare) [Bestand niet getekend] C:\ProgramData\Wondershare\wsServices\WsidClient.dll AlternateDataStreams: C:\Users\Eigenaar\Downloads:Shareaza.GUID [34] AlternateDataStreams: C:\Users\Eigenaar\Downloads\Bank:Shareaza.GUID [16] AlternateDataStreams: C:\Users\Eigenaar\Downloads\Fakturen:Shareaza.GUID [34] AlternateDataStreams: C:\Users\Eigenaar\Downloads\FRST64.exe:MBAM.Zone.Identifier [193] Toolbar: HKLM-x32 - Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" EmptyTemp: End:: ***************** Herstelpunt is succesvol gemaakt. Proces succesvol afgesloten. C:\ProgramData\Wondershare\wsServices\WsidService.exe => Geen lopend proces gevonden HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => waarde met succes hersteld HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => waarde met succes hersteld HKLM\SOFTWARE\Policies\Mozilla => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FB312CF-69BE-4520-8D1F-C07E11501521}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FB312CF-69BE-4520-8D1F-C07E11501521}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25FCF09E-5C77-4ABF-93F2-0C01D565589D}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25FCF09E-5C77-4ABF-93F2-0C01D565589D}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1CFF538-4C32-4489-B9A6-1A12D4BF1430}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1CFF538-4C32-4489-B9A6-1A12D4BF1430}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => is succesvol verwijderd HKLM\System\CurrentControlSet\Services\DFWSIDService => is succesvol verwijderd DFWSIDService => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\cpuz158 => is succesvol verwijderd cpuz158 => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\WinSetupMon => is succesvol verwijderd WinSetupMon => service is succesvol verwijderd "C:\ProgramData\Wondershare" Map verplaatsing: C:\ProgramData\Wondershare => is succesvol verplaatst HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => is succesvol verwijderd "C:\ProgramData\Wondershare\wsServices\WsidClient.dll" => niet gevonden C:\Users\Eigenaar\Downloads => ":Shareaza.GUID" ADS kon niet worden verwijderd. C:\Users\Eigenaar\Downloads\Bank => ":Shareaza.GUID" ADS is succesvol verwijderd C:\Users\Eigenaar\Downloads\Fakturen => ":Shareaza.GUID" ADS is succesvol verwijderd C:\Users\Eigenaar\Downloads\FRST64.exe => ":MBAM.Zone.Identifier" ADS is succesvol verwijderd "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => is succesvol verwijderd "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Wondershare Helper Compact.exe" => is succesvol verwijderd "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Wondershare Helper Compact.exe" => niet gevonden =========== EmptyTemp: ========== FlushDNS => voltooid BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37657217 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 10042871 B Windows/system/drivers => 13207977 B Edge => 0 B Firefox => 1117840042 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 124056 B NetworkService => 124056 B Eigenaar => 470020267 B RecycleBin => 319152988 B EmptyTemp: => 1.8 GB tijdelijke gegevens verwijderd. ================================ Het systeem moest herstart worden. ==== Einde van Fixlog 19:43:50 ====