Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-04-2021 Gestart door flami (19-04-2021 10:49:50) Gestart vanaf C:\Users\flami\Downloads Windows 10 Home Versie 1909 18363.1500 (X64) (2019-11-21 17:58:10) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-229794501-1121372831-532239594-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-229794501-1121372831-532239594-503 - Limited - Disabled) flami (S-1-5-21-229794501-1121372831-532239594-1001 - Administrator - Enabled) => C:\Users\flami Gast (S-1-5-21-229794501-1121372831-532239594-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-229794501-1121372831-532239594-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: BullGuard Antivirus (Disabled - Out of date) {29B419CF-9052-C34D-7F2F-5A507C45FA59} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: BullGuard Antivirus (Enabled - Up to date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4} AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4} AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: BullGuard Antispyware (Enabled - Up to date) {B73BE81F-4345-B6C3-E5AB-80F647E9AA59} FW: BullGuard Firewall (Enabled) {346188DE-2F10-B815-F444-12B1C2BDA79F} FW: BullGuard Firewall (Enabled) {118F98EA-DA3D-C215-5470-F3658296BD22} FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A} FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 21.001.20149 - Adobe Systems Incorporated) DC++ 0.868 (HKLM-x32\...\DC++) (Version: 0.868 - Jacek Sieka) Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Microsoft .NET Framework 4.8 Targeting Pack (ENU) (HKLM-x32\...\{A4EA9EE5-7CFF-4C5F-B159-B9B4E5D2BDE2}) (Version: 4.8.03761 - Microsoft Corporation) Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Mozilla Firefox 87.0 (x64 nl) (HKLM\...\Mozilla Firefox 87.0 (x64 nl)) (Version: 87.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.6.0 - Mozilla) NVIDIA 3D Vision stuurprogramma 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.69 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) ON1 Effects 2021 (HKU\S-1-5-21-229794501-1121372831-532239594-1001\...\{825e25f8-8e07-4e67-9194-41f8cbf5037e}) (Version: 1500 - ON1) Open-Shell (HKLM\...\{1CAB353D-D3F9-4C5D-A305-33D7BF270F1B}) (Version: 4.4.142 - The Open-Shell Team) osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden Transmission 2.92 (14714) (x64) (HKLM\...\{E2B281FA-6236-4F0D-B710-ECDB6B60EB5E}) (Version: 2.92.0 - Transmission Project) UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version: - ) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Packages: ========= Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-29] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => -> Geen bestand ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Geen bestand ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Geen bestand ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Geen bestand ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-03-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-03-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers2: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} => -> Geen bestand ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Geen bestand ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Geen bestand ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Geen bestand ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-03-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers4: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} => -> Geen bestand ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> ) ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Geen bestand ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2021-03-30] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Geen bestand ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] ContextMenuHandlers6: [UltraISO] -> [CC]{AD392E40-428C-459F-961E-9B147782D099} => -> Geen bestand ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (gefilterd) ==================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.) ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= 2021-04-16 19:06 - 2017-09-16 19:17 - 000873320 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll 2021-04-16 19:06 - 2017-09-16 19:17 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll 2019-10-26 19:30 - 2019-10-26 19:30 - 000872960 _____ (Open-Shell) [Bestand niet getekend] C:\Program Files\Open-Shell\ClassicExplorer64.dll 2019-10-26 19:31 - 2019-10-26 19:31 - 003388928 _____ (Open-Shell) [Bestand niet getekend] C:\Program Files\Open-Shell\StartMenuDLL.dll 2019-10-26 19:31 - 2019-10-26 19:31 - 000312832 _____ (Open-Shell) [Bestand niet getekend] C:\WINDOWS\system32\StartMenuHelper64.dll ==================== Alternate Data Streams (gefilterd) ======== (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\Users\flami\AppData\Local\Temp:com.affinity.photo.2 [240] ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\S-1-5-21-229794501-1121372831-532239594-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] BHO-x32: Geen Naam -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> Geen bestand Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2019-10-26] (Open-Shell) [Bestand niet getekend] (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-229794501-1121372831-532239594-1001\...\localhost -> localhost ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2017-03-18 23:03 - 2020-07-27 23:56 - 000029470 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 activation.freemake.com 127.0.0.1 www.activation.freemake.com 0.0.0.0 blob.weather.microsoft.com 0.0.0.0 feedback.microsoft-hohm.com 0.0.0.0 search.msn.com 0.0.0.0 tile-service.weather.microsoft.com 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.rad.msn.com 0.0.0.0 ac3.msn.com 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msn.com 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.rad.msn.com 0.0.0.0 c.msn.com 0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com 0.0.0.0 flex.msn.com 0.0.0.0 g.msn.com 0.0.0.0 geo-prod.do.dsp.mp.microsoft.com 0.0.0.0 geover-prod.do.dsp.mp.microsoft.com 0.0.0.0 h1.msn.com 0.0.0.0 kv401-prod.do.dsp.mp.microsoft.com 0.0.0.0 live.rads.msn.com 0.0.0.0 mobile.pipe.aria.microsoft.com 0.0.0.0 preview.msn.com 0.0.0.0 rad.msn.com 0.0.0.0 schemas.microsoft.akadns.net 0.0.0.0 settings.data.glbdns2.microsoft.com 0.0.0.0 survey.watson.microsoft.com 2020-04-03 18:46 - 2020-05-20 21:31 - 000000535 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.17.168.234 57320bbc-d674-4c40-9df3-a6fe8112cf83.mshome.net # 2020 5 3 27 19 31 14 845 172.17.168.225 DESKTOP-TIJPHM2.mshome.net # 2025 5 1 19 19 31 14 845 ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-229794501-1121372831-532239594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\flami\Downloads\new photo's\Unnamed do jan 14 2025.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk" HKLM\...\StartupApproved\Run32: => "Greenshot" HKLM\...\StartupApproved\Run32: => "vmware-tray.exe" HKU\S-1-5-21-229794501-1121372831-532239594-1001\...\StartupApproved\StartupFolder: => "Logitech . Productregistratie.lnk" HKU\S-1-5-21-229794501-1121372831-532239594-1001\...\StartupApproved\Run: => "Skype for Desktop" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{4654A370-C0A7-40F3-B458-4EF47864AB99}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{BD516A1A-6AC2-4B62-98E5-0AA7A2C2172A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{9BB5C9C5-86CB-42AB-81C2-52882328F780}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F926C0C2-8CC7-4E46-A4B4-78043FFF4B0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{EE1C119C-AECF-4373-9319-E6C810E92F5D}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, Mike Gelfand -> Transmission Project) FirewallRules: [UDP Query User{8D5F27A9-9C87-4241-BCF9-4B8CAF11BE45}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, Mike Gelfand -> Transmission Project) FirewallRules: [TCP Query User{51EBCC31-E219-45B8-AF8D-DC57E148540F}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{725BE3B0-E23B-4124-B20E-BDBEF3859B13}C:\program files\dc++\dcplusplus.exe] => (Allow) C:\program files\dc++\dcplusplus.exe () [Bestand niet getekend] FirewallRules: [{60E6D465-398E-4850-BE86-7EF7620A2377}] => (Block) C:\windows\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{2765E0F4-2918-4A46-B9C9-43CDD8FCBA2B}] => (Block) C:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{427A506A-9D42-4731-BA42-12AEAB8324FB}] => (Block) C:\Windows\explorer.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [TCP Query User{312AC766-38F0-48AA-AA10-FBC25009A715}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, Mike Gelfand -> Transmission Project) FirewallRules: [UDP Query User{783AC6BA-2AFB-4C7A-93CC-3D2670991794}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Open Source Developer, Mike Gelfand -> Transmission Project) FirewallRules: [TCP Query User{962D5A21-5486-471B-8C0E-B5A4A02D44FB}G:\portableapps\delugeportable\app\deluge\deluge.exe] => (Allow) G:\portableapps\delugeportable\app\deluge\deluge.exe => Geen bestand FirewallRules: [UDP Query User{5DFEC417-EF36-4D8D-86E9-A2D6AA7BF307}G:\portableapps\delugeportable\app\deluge\deluge.exe] => (Allow) G:\portableapps\delugeportable\app\deluge\deluge.exe => Geen bestand FirewallRules: [TCP Query User{A8BC2614-F558-4B7F-B8E2-02A089EF9EB7}C:\users\flami\documents\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) C:\users\flami\documents\qbittorrentportable\app\qbittorrent\qbittorrent.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{BAAB62E1-1BD6-47DE-A205-58EE7A8C2758}C:\users\flami\documents\qbittorrentportable\app\qbittorrent\qbittorrent.exe] => (Allow) C:\users\flami\documents\qbittorrentportable\app\qbittorrent\qbittorrent.exe () [Bestand niet getekend] FirewallRules: [TCP Query User{EEC14FF8-675C-42DF-BA7F-019C612A107B}C:\users\flami\documents\opera portable\71.0.3770.284\opera.exe] => (Allow) C:\users\flami\documents\opera portable\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{8678CE08-CD0E-416A-9DC6-6D88F9C30403}C:\users\flami\documents\opera portable\71.0.3770.284\opera.exe] => (Allow) C:\users\flami\documents\opera portable\71.0.3770.284\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{AC8806E0-0CE1-4045-8F97-1D1604CA98C4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B6BB6AB3-55AE-48F6-99F6-B51B93ABF3CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{D9C74C4F-59D3-4840-B047-BFC12278A9FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{9A5ED64B-1A55-4387-A602-70902FDA2FFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8C7A5229-2BC3-4C2A-9B3D-86D951B5F38D}] => (Allow) C:\Program Files\ON1\ON1 Effects 2021\ON1 Effects 2021.exe (ON1, Inc (Onone Software, Inc.) -> ON1, Inc.) FirewallRules: [{1F575485-2C00-4A85-A9C6-D9741DAC8ED7}] => (Allow) C:\Program Files\ON1\ON1 Effects 2021\ON1 Effects 2021.exe (ON1, Inc (Onone Software, Inc.) -> ON1, Inc.) FirewallRules: [{4364EE67-4B79-4C0B-BD91-9ACD4ECD7E9B}] => (Allow) C:\Program Files\ON1\ON1 Effects 2021\on1sandbox.exe (ON1, Inc (Onone Software, Inc.) -> ) FirewallRules: [{5ABD674A-5899-4D7E-A272-6E5F2DC0D6CA}] => (Allow) C:\Program Files\ON1\ON1 Effects 2021\on1sandbox.exe (ON1, Inc (Onone Software, Inc.) -> ) ==================== Herstelpunten ========================= AANDACHT: Systeemherstel is uitgeschakeld (Total:64.24 GB) (Free:25.46 GB) (40%) ==================== Defecte Apparaatbeheer Apparaten ============ Name: Qualcomm Atheros AR5BWB222 Wireless Network Adapter Description: Qualcomm Atheros AR5BWB222 Wireless-netwerkadapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Qualcomm Atheros Communications Inc. Service: athr Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (04/19/2021 10:49:31 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4980,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/19/2021 10:44:15 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9760,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/19/2021 10:34:27 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3336,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/18/2021 10:05:06 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2480,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/18/2021 08:16:42 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7308,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/18/2021 05:55:55 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3228,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/18/2021 05:47:29 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (7064,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (04/18/2021 03:23:42 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (4552,R,98) TILEREPOSITORYS-1-5-18: Fout -1023 (0xfffffc01) is opgetreden tijdens het openen van logboekbestand C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Systeemfouten: ============= Error: (04/19/2021 10:28:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (04/18/2021 02:59:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De MozillaMaintenance-service is gestopt met de volgende foutcode: Onjuiste functie. . Error: (04/18/2021 02:59:01 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crashdumpinitialisatie is mislukt! Error: (04/17/2021 03:55:52 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY) Description: K:\Device\HarddiskVolume123 Error: (04/16/2021 08:07:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Search-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/16/2021 08:07:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Windows Search-service is gestopt met de volgende foutcode: Het apparaat is niet klaar. . Error: (04/16/2021 08:07:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/16/2021 08:07:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: De service Windows Search is gestopt met de volgende specifieke servicefout: %%2147749126 Windows Defender: ================ Date: 2021-01-17 19:50:22.699 Description: Windows Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: Vorige versie van beveiligingsinformatie: 1.329.2321.0 Updatebron: Microsoft-updateserver Type beveiligingsinformatie: AntiVirus Updatetype: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.17700.4 Foutcode: 0x8024001e Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2020-12-31 00:03:17.935 Description: Windows Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: Vorige versie van beveiligingsinformatie: 1.313.2610.0 Updatebron: Microsoft-updateserver Type beveiligingsinformatie: AntiVirus Updatetype: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.17700.4 Foutcode: 0x80240022 Foutbeschrijving: Er kan niet naar definitie-updates worden gezocht. Date: 2020-04-03 22:08:17.270 Description: Windows Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: Vorige versie van beveiligingsinformatie: 1.305.2530.0 Updatebron: Microsoft-updateserver Type beveiligingsinformatie: AntiVirus Updatetype: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.16500.1 Foutcode: 0x8024001e Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. P11-A4 03/21/2014 Moederbord: Acer Aspire TC-605 Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Percentage geheugen in gebruik: 42% Totaal fysiek RAM-geheugen: 8131.42 MB Beschikbaar fysiek RAM-geheugen: 4670.75 MB Totaal Virtueel geheugen: 9411.42 MB Beschikbaar Virtueel geheugen: 5660.76 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:64.24 GB) (Free:25.46 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)] Drive e: () (Fixed) (Total:858.81 GB) (Free:400.39 GB) NTFS Drive x: (X) (Fixed) (Total:7.91 GB) (Free:6.81 GB) NTFS \\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.59 GB) NTFS \\?\Volume{ff011397-0000-0000-0000-700f10000000}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: FF011397) Partition 1: (Active) - (Size=64.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=563 MB) - (Type=27) Partition 3: (Not Active) - (Size=866.7 GB) - (Type=0F Extended) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4) Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS) ==================== Einde van Addition.txt =======================