Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-04-2017 01 Gestart door Ramon (01-05-2022 10:46:12) Gestart vanaf C:\Users\rtull\Downloads Windows 10 Home Versie 2009 (X64) (2020-10-10 14:30:30) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2897933121-1580215152-3316838448-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2897933121-1580215152-3316838448-503 - Limited - Disabled) Gast (S-1-5-21-2897933121-1580215152-3316838448-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2897933121-1580215152-3316838448-1003 - Limited - Enabled) Ramon (S-1-5-21-2897933121-1580215152-3316838448-1001 - Administrator - Enabled) => C:\Users\rtull WDAGUtilityAccount (S-1-5-21-2897933121-1580215152-3316838448-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.) . . (Version: 7.1 - Intel) Hidden . . . (x32 Version: 3.1.1.2 - Intel) Hidden 1.0.0 (HKLM-x32\...\{257B5922-2435-4FDA-900A-AEA29ED0A8D5}_is1) (Version: 1.0.0 - Gianpaolo Bottin) Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version: - ) Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{2B2310B1-FBC0-4933-8C73-1CBAD0D7CA28}) (Version: 1.6 - Eyeo GmbH) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1043-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe) Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 100.0.15871.128 - De auteurs van Avast Secure Browser) Avast Update Helper (x32 Version: 1.8.1065.0 - AVAST Software) Hidden AVS Audio Converter 9.1.3 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 9.1.3.601 - Online Media Technologies Ltd.) AVS Audio Editor 9.1.3 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 9.1.3.541 - Online Media Technologies Ltd.) AVS Disc Creator 6.1.9 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 6.1.9.559 - Online Media Technologies Ltd.) AVS Document Converter 4.2.4 (HKLM-x32\...\AVS Document Converter_is1) (Version: 4.2.4.269 - Online Media Technologies Ltd.) AVS Image Converter 5.2.4 (HKLM-x32\...\AVS Image Converter_is1) (Version: 5.2.4.303 - Online Media Technologies Ltd.) AVS Media Player 5.1.4 (HKLM-x32\...\AVS Media Player_is1) (Version: 5.1.4.137 - Online Media Technologies Ltd.) AVS Photo Editor 3.2.4 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 3.2.4.168 - Online Media Technologies Ltd.) AVS Update Manager 2.0.1 (HKLM-x32\...\AVS Update Manager_is1) (Version: 2.0.1.162 - Online Media Technologies Ltd.) AVS Video Converter 12.0.3 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.3.654 - Online Media Technologies Ltd.) AVS Video Editor 9.6.2 (HKLM-x32\...\AVS Video Editor_is1) (Version: 9.6.2.391 - Online Media Technologies Ltd.) AVS Video ReMaker 6.3.4 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 6.3.4.238 - Online Media Technologies Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform) Chromium (HKLM-x32\...\{602088E0-30A0-5960-8120-29E051A0FA60}) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.12.0219 - Lenovo) EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 7.51 - Astonsoft Ltd) Excel (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel) Free YouTube Downloader (Build 7.4.7.3) (HKLM-x32\...\Free YouTube Downloader_is1) (Version: 7.4.7.3 - Free YouTube Downloader) FrostWire 6.5.1 (HKLM-x32\...\FrostWire 6) (Version: 6.5.1.238 - FrostWire LLC) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC) HP ENVY 4500 series Basissoftware van het apparaat (HKLM\...\{E7E2EB53-AA2D-4068-8242-28859DCB7C3A}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP ENVY 4500 series Help (HKLM-x32\...\{8E0DEA5E-822C-4993-8D47-9305D61E6188}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\HP Photo Creations) (Version: 1.0.0.22192 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Online Connect Software Asset Manager (x32 Version: 3.4.2072 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7925 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.2.1002 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.45358 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1043-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{35fa0dcf-eda2-402b-b1f0-64973bb1938a}) (Version: 3.1.1.2 - Intel) Intel® PROSet/Wireless Software (HKLM-x32\...\{227fd89d-2205-499a-8b73-9ec775789c4d}) (Version: 19.70.0 - Intel Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Lenovo Service Bridge (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.11 - Lenovo) Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\InstallShield_{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo) Lenovo Silver Silk Wireless Keyboard (x32 Version: 1.05 - Lenovo) Hidden Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.12.13.0 - Lenovo Group Ltd.) LibreOffice 6.4 Help Pack (Dutch) (HKLM\...\{44A438E8-AADC-4E95-BEFA-5AA540F7DC33}) (Version: 6.4.4.2 - The Document Foundation) LibreOffice 7.1.1.2 (HKLM\...\{14E9DACB-8945-4B62-A19B-2C6245D48490}) (Version: 7.1.1.2 - The Document Foundation) Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.32 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.161.35 - ) Microsoft OneDrive (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30037 (HKLM-x32\...\{dfea0fad-88b2-4a1f-8536-3f8f9391f4ef}) (Version: 14.29.30037.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.1.0 - Mozilla) Mozilla Thunderbird (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 91.8.1 (x86 nl)) (Version: 91.8.1 - Mozilla) OpenOffice 4.1.6 (HKLM-x32\...\{16E4FF6B-31E8-4037-B627-D87CF872E32B}) (Version: 4.16.9790 - Apache Software Foundation) paint.net (HKLM\...\{28718A56-50EF-4867-B4C8-0860228B5EC9}) (Version: 4.3.8 - dotPDN LLC) Productverbeteringsonderzoek voor HP ENVY 4500 series (HKLM\...\{A0B1D150-9577-4F9C-9FC7-AD8557C6BDFC}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: 2.17.1 - Rainy) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Revo Uninstaller 2.2.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.5 - VS Revo Group, Ltd.) Roxio Creator Audio (HKLM-x32\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio) Roxio Creator Basic v9 (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio) Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio) Roxio Creator Data (HKLM-x32\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio) Roxio Creator Tools (HKLM-x32\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio) Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio) Roxio Express Labeler 3 (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio) Roxio MyDVD Basic v9 (HKLM-x32\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.117 - Roxio) Sonic Activation Module (x32 Version: 1.0 - Sonic Solutions) Hidden Surinaams eten – Kookvideo’s (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\0da3405fb538f0d22db72ee070ae84b6) (Version: 1.0 - Surinaams eten – Kookvideo’s) Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Upload _ Photobucket (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\11fcbcb2f8faa357d19cd485d17365b4) (Version: 1.0 - Upload _ Photobucket) Viddly YouTube Downloader 5.0.336 (HKLM\...\{9217DBAB-2532-4811-98D6-450CEF0D1BA7}_is1) (Version: 5.0.336 - Viddly Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN) VSDC Free Video Converter version 2.4.7.339 (HKLM-x32\...\VSDC Free Video Converter_is1) (Version: 2.4.7.339 - Flash-Integro LLC) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.33.0 (Version: 1.0.33.0 - LunarG, Inc.) Hidden Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1555 - Microsoft Corporation) Windows Pc-statuscontrole (HKLM\...\{4C95130F-4638-4B19-B1B4-DA7CB78A2911}) (Version: 3.6.2204.08001 - Microsoft Corporation) YouTube (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\1b7f0f9cea9afc81c18730c6107e4fb1) (Version: 1.0 - Google\Chrome) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\rtull\AppData\Local\Microsoft\OneDrive\22.065.0412.0004_1\FileCoAuthLib64.dll (Microsoft Corporation) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {008539BF-83F9-4483-9E0A-EEEE6EAC0A08} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask Task: {0470B79B-1C04-4BA3-B33A-E4104CAC36DF} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" Task: {06656156-B213-4A55-B349-ADC29CCE3900} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2019-12-07] (Microsoft Corporation) Task: {077333D6-06BA-4EA4-BDF4-1CD1439558F2} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {0B5032D5-6E0A-4D25-80C7-CB1F26E6FB3B} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [2021-09-09] (Lenovo Group Ltd.) Task: {0CBABB27-6DFC-4155-BAE7-AE919B92FEF2} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2021-04-16] (Microsoft Corporation) Task: {0CE30B30-58CF-424F-90EF-7530F4DBF1AD} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\SHAREit\SHAREit\ShareitPrompt.exe Task: {0CEC0B91-4AE9-4E8A-ACB2-3B4C811F442C} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation Task: {0E2DCCB3-7B11-40CF-B973-90F22732E317} - System32\Tasks\Microsoft\Windows\EDP\EDP Inaccessible Credentials Task Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2022-03-14] (Microsoft Corporation) Task: {12494D28-4D24-42A8-867D-A75284540AC2} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => Rundll32.exe %windir%\system32\PcaSvc.dll,PcaPatchSdbTask Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2021-10-16] () Task: {1353E1AD-6850-48A2-A2C5-9FB98692D6D7} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [2022-03-20] (Lenovo Group Ltd.) Task: {1619C0F6-F473-4593-B2E8-94DA1A5F111F} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [2021-04-05] (BlueStack Systems, Inc.) Task: {1DB7233E-9C82-402A-833D-7E8604F97C94} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2021-11-18] (Adobe Inc.) Task: {21C9D413-005A-4B7D-8035-FFE3093271FF} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe Task: {2836CC41-D0DC-46B5-8CB8-C74A088D4531} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup Task: {2A2B0762-7191-4BA8-B3F5-A2A77B087D27} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2897933121-1580215152-3316838448-1001 => C:\Users\rtull\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2022-04-28] (Lenovo Group Limited) Task: {2D768074-44E1-4B67-92CB-605370B5EAC7} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2019-12-07] (Microsoft Corporation) Task: {304D2127-E6ED-4C82-B9B3-63B3B54A4D66} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan Task: {31C7C4D6-D97B-4AA7-A649-396B0833B1D6} - System32\Tasks\Agent Activation Runtime\S-1-5-21-2897933121-1580215152-3316838448-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [2021-05-12] () Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives Task: {35525E8D-FD60-47BF-8D11-FA4F778C57C3} - System32\Tasks\Microsoft\Windows\Printing\EduPrintProv => C:\WINDOWS\system32\eduprintprov.exe [2019-12-07] (Microsoft Corporation) Task: {357A50C5-7002-4E02-8A90-B9DB89F146A5} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation) Task: {3BA0A8B4-C0CA-48FB-9EF3-DAF7C7A27876} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe Task: {3C3D52E4-0D0E-481A-B7BC-DDCDD4EDD2B9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-21] (Lenovo) Task: {3FC4BE91-4A96-48F5-8858-1628CB88EFB5} - System32\Tasks\Microsoft\Windows\Chkdsk\SyspartRepair => C:\WINDOWS\system32\bcdboot.exe [2021-09-17] (Microsoft Corporation) Task: {441C90A8-F790-402A-B26D-1996B4B6C4D5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2022-01-28] (Lenovo Group Ltd.) Task: {44AF7ADA-1C0D-43B1-A063-9E7581F7730B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry Task: {4927486F-D937-4160-AD09-491B723320CC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\bbe32d4e-133b-44da-99b3-724a540aa142 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2022-01-28] (Lenovo Group Ltd.) Task: {4A0DEFDA-A2B8-4736-88E1-A578E00D9704} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable Task: {4A6D7510-3206-4A6A-8FE3-014BA0616CB7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69f0fd8c53dca => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-05-17] (Microsoft Corporation) <==== AANDACHT Task: {4A7FB758-C455-4877-B567-FA766F94D1EE} - System32\Tasks\CCleanerSkipUAC - Ramon => C:\Program Files\CCleaner\CCleaner.exe [2022-03-10] (Piriform Software Ltd) Task: {4AD2601C-7570-413E-8D2C-FE017795B151} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8adf4da4-f8fe-46c0-bf10-158604cfaffa => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2022-01-28] (Lenovo Group Ltd.) Task: {4BCE6391-0B05-40B4-B642-910B37FB1CE6} - System32\Tasks\Microsoft\Windows\PushToInstall\Registration => Sc.exe start pushtoinstall registration Task: {4F2030CE-BA8E-4122-B9A8-29AA5858973E} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache Task: {515DBA5B-714F-4647-89E0-5DB08016F734} - System32\Tasks\{A8783C5D-7F51-42A3-BE51-76EA0EF204B7} => pcalua.exe -a "C:\Program Files (x86)\Felitec\Mindful\unins000.exe" Task: {523C4003-8A61-4C5E-B3CB-ED6D849C9C4C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2022-04-15] (AVAST Software) Task: {539DDDD9-B07A-4E74-9256-44B0EA043E94} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [2022-03-20] (Lenovo Group Ltd.) Task: {55B1C85E-5BEF-4EDB-ADD0-ECEAEF261E7C} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2021-04-16] (Microsoft Corporation) Task: {56145F7C-141D-4884-895C-13354C428169} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation) Task: {571A0A5E-B60E-4A25-BEFB-ABB3C6BB6B78} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync Task: {5999F85D-B161-4981-A02A-91186CE83A4B} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe Task: {5E351EE7-F0D4-4F41-A05C-907EB1A33CE8} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync Task: {66A3F618-0C70-4F70-9BBA-735CCDB43A09} - System32\Tasks\Microsoft\Windows\EDP\StorageCardEncryption Task Task: {68C95FDC-3A70-40E3-8463-29089EEF311C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [2022-04-08] (Microsoft Corporation) Task: {7C4733D2-81D6-4CA3-B30C-E00B496B9857} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable Task: {7E624FD5-42EF-4E34-9A83-C8F798A0EDD4} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService Task: {82989BE9-4DD9-46C3-8082-E566B1ED87EF} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh Task: {8D5A1687-7239-480B-A2BE-41598DB0FCCE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback Task: {8DB8E155-7903-4FA6-96BF-122852A56287} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner Task: {92DDCA47-E075-43B8-9794-EED95D10D0F2} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe Task: {93BE6E32-2A74-4938-882F-9211712310C0} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [2022-03-20] (Lenovo Group Ltd.) Task: {93F831A5-3E25-43FD-A7AD-11E478689794} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [2022-03-20] (Lenovo Group Ltd.) Task: {97C2B119-B7A6-4987-8284-094D3FFCA6B4} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery Task: {9875EF7E-9F94-4BD9-893C-1BB15C72AC99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-06-08] (Google LLC) Task: {987EA20C-4100-41CF-A97C-B56703B46B7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-06-08] (Google LLC) Task: {9B29B882-A95C-438B-BF91-E7C31B1D82D1} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates Task: {9C1D22DB-8CBD-4790-B8B9-C12E36F86FD8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {A01F34D5-7DCA-448D-882B-6F642F9D58F3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2022-02-14] (Piriform) Task: {A08D6A77-C926-4E78-9ED0-09836E2769AE} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates Task: {A2FADBDF-6855-42F7-BDFC-F0C510EDA9BC} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser Task: {A3332E1F-0A8D-43DA-83EE-04E98BBAB5B6} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing Task: {A499FA48-7057-4AC1-9702-44C6FD924058} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources Task: {A60D9ECB-A6F4-4FE1-9BD7-B049487A67E7} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings Task: {A74EF9D1-6D6B-4566-8E25-782430F970E5} - System32\Tasks\Microsoft\Windows\PushToInstall\LoginCheck => Sc.exe start pushtoinstall login Task: {AF73DAAA-53AE-4CC8-8671-BE29D886B057} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {AFC485E6-32E2-4C33-AE7B-31460F829F7D} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {BD1F6FE9-906F-4B75-89AD-CE5F2ADDA5BD} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => %programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe Task: {C5D47392-881C-422A-9BF8-E4916B55CD22} - System32\Tasks\Microsoft\Windows\USB\Usb-Notifications Task: {C89C82C6-BD0A-47B8-B47D-3C4799017A5A} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-05-17] (Microsoft Corporation) <==== AANDACHT Task: {C8C0AAC4-6A65-476D-89BB-3BCBD2026BEA} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => Sc.exe start LenovoVantageService Task: {C9398972-7257-424B-8287-7C2E5B7889F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [2022-04-08] (Microsoft Corporation) Task: {C9874C08-3709-4687-849F-8368943E42A5} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {CAB76809-EDC0-40D2-A888-AD9BEDF4E88A} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => C:\WINDOWS\System32\UNP\UpdateNotificationMgr.exe [2021-10-16] (Microsoft Corporation) Task: {CADF1293-5495-426F-8E37-A30F69274AF4} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable Task: {D17A151A-2F2D-48AD-936F-4A10DAF0DA90} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a11bd1d8-e893-4392-8892-cc460b82eed9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2022-01-28] (Lenovo Group Ltd.) Task: {D4A307D4-94D9-409E-8251-E4AE8CADB1E3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2022-04-15] (AVAST Software) Task: {D9F4CD9C-D60D-4193-AB16-E51C52DF3186} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [2022-04-08] (Microsoft Corporation) Task: {DA42085F-11E4-4EE1-A363-1898204812F5} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable Task: {E43E86E2-1624-431A-AF05-1ACEA643DB8B} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe Task: {E6D6B3EF-55BC-42FB-986A-9C1C68E3DB3D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\24ce06fe-df90-4293-848c-a51f4cc2f672 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2022-01-28] (Lenovo Group Ltd.) Task: {E9E8E6FC-C98B-4A6C-97D4-2BF297671B5C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe Task: {EC3EFE4E-A2E4-4C66-975C-CA2EFD0D42CD} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates Task: {ECA6647A-EA0A-481D-A7E1-426F2EB05BBA} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures Task: {EF11EFBC-BFC4-4E1C-8063-9365D2C00664} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe Task: {F0857E7B-B694-4B7C-B0BD-D9F6105BFA92} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\SHAREit\SHAREit\ShareitUpdater.exe Task: {F0D317B1-7CAD-463F-A6C7-A7D09C1F42B8} - System32\Tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask => powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" Task: {F287B883-A741-4E72-8513-E28DD06F905A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [2022-04-08] (Microsoft Corporation) Task: {F6F3FE68-8F1A-4985-84B4-779CC4F09828} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {F8FEDA28-6261-4385-844A-684E6C988577} - System32\Tasks\Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh Task: {FD38890B-7138-4A2C-9B69-85723C0A3312} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Snelkoppelingen ============================= (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\rtull\Dropbox\Mijn pc (PC-RAMON)\Documents\Favorites\NCH Audio and Telephony Software.lnk -> hxxp://www.nch.com.au/index.htm Shortcut: C:\Users\rtull\Dropbox\Mijn pc (PC-RAMON)\Documents\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm Shortcut: C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.4.5-SafeMode.lnk -> C:\Program Files (x86)\FrostWire 6\frostwire.bat () Shortcut: C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.5.1-SafeMode.lnk -> C:\Program Files (x86)\FrostWire 6\frostwire.bat () ShortcutWithArgument: C:\Users\rtull\Dropbox\Mijn pc (PC-RAMON)\Desktop\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml ShortcutWithArgument: C:\Users\rtull\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default ==================== Geladen Modules (gefilterd) ============== 2020-10-17 12:55 - 2020-10-17 12:55 - 00064552 _____ () C:\WINDOWS\system32\UMPDC.dll 2020-10-17 12:55 - 2020-10-17 12:55 - 00064552 _____ () c:\windows\system32\UMPDC.dll 2020-10-17 12:55 - 2020-10-17 12:55 - 00064552 _____ () C:\WINDOWS\SYSTEM32\UMPDC.dll 2020-10-17 12:55 - 2020-10-17 12:55 - 00064552 _____ () C:\WINDOWS\System32\UMPDC.dll 2016-10-05 13:15 - 2016-10-05 13:15 - 00107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll 2016-10-05 13:15 - 2016-10-05 13:15 - 00412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll 2021-06-12 12:18 - 2021-06-12 12:18 - 00657464 _____ () C:\Windows\System32\WindowManagementAPI.dll 2019-12-07 11:08 - 2019-12-07 11:08 - 00039424 _____ () C:\Windows\System32\usocoreps.dll 2016-10-04 18:09 - 2016-10-04 18:09 - 00253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll 2021-06-12 12:18 - 2021-06-12 12:18 - 00657464 _____ () C:\Windows\System32\windowmanagementapi.dll 2021-10-16 12:53 - 2021-10-16 12:53 - 00706536 _____ () C:\WINDOWS\System32\TextShaping.dll 2020-10-17 12:55 - 2020-10-17 12:55 - 00064552 _____ () C:\Windows\System32\UMPDC.dll 2022-03-14 12:20 - 2022-03-14 12:20 - 02260992 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-10-16 12:53 - 2021-10-16 12:53 - 00706536 _____ () C:\WINDOWS\SYSTEM32\TextShaping.dll 2021-01-15 14:45 - 2021-01-15 14:45 - 00095744 _____ () C:\Windows\System32\VirtualMonitorManager.dll 2020-12-15 15:14 - 2020-12-15 15:14 - 00363520 _____ () C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll 2017-09-24 14:50 - 2008-02-22 10:22 - 00049648 _____ () C:\WINDOWS\SYSTEM32\DLAAPI_W.DLL 2019-12-07 11:08 - 2019-12-07 11:08 - 00499200 _____ () C:\Windows\ShellExperiences\TileControl.dll 2021-08-13 11:09 - 2021-08-13 11:09 - 02158592 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2022-02-15 12:27 - 2022-02-15 12:27 - 00793416 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe 2021-06-12 12:18 - 2021-06-12 12:18 - 00657464 _____ () C:\WINDOWS\SYSTEM32\WindowManagementAPI.dll 2021-10-16 12:53 - 2021-10-16 12:53 - 00706536 _____ () C:\Windows\System32\TextShaping.dll 2022-04-25 11:58 - 2022-04-25 11:59 - 06079920 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.WinRT.dll 2022-03-12 12:15 - 2022-03-12 12:16 - 00830464 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2022-04-25 11:58 - 2022-04-25 12:00 - 03803568 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.ScreenMirroring.dll 2022-04-25 11:58 - 2022-04-25 11:59 - 00534448 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Background.CX.dll 2022-04-25 11:59 - 2022-04-25 12:03 - 00693168 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhoneControls.dll 2022-04-25 11:58 - 2022-04-25 11:59 - 00752560 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Connectivity.dll 2022-04-25 11:58 - 2022-04-25 11:59 - 01481136 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Connectivity.YPP.dll 2022-04-25 11:58 - 2022-04-25 12:00 - 00132528 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Flyouts.WinRT.dll 2022-04-25 11:58 - 2022-04-25 11:59 - 02203568 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Calling.CX.dll 2022-04-25 11:58 - 2022-04-25 11:59 - 01439152 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Calling.WinRT.dll 2022-04-25 11:58 - 2022-04-25 11:59 - 00543152 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Contacts.WinRT.dll 2022-04-25 11:58 - 2022-04-25 12:00 - 01170352 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.ScreenMirroring.WinRT.dll 2022-04-25 11:58 - 2022-04-25 12:00 - 00743856 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Devices.WinRT.dll 2022-04-25 11:58 - 2022-04-25 12:00 - 01030048 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Photos.dll 2022-04-25 11:58 - 2022-04-25 12:00 - 03787184 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Messaging.WinRT.dll 2022-04-25 11:58 - 2022-04-25 12:00 - 00185264 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Notifications.WinRT.dll 2022-04-25 11:58 - 2022-04-25 11:59 - 01293744 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.Contacts.dll 2021-10-08 09:40 - 2021-10-08 09:40 - 03415552 _____ () C:\Program Files\Rainlendar2\Rainlendar2.exe 2017-08-02 13:37 - 2017-08-02 13:37 - 00063488 _____ () C:\Program Files\Rainlendar2\libicalss.dll 2017-08-02 13:24 - 2017-08-02 13:24 - 00314880 _____ () C:\Program Files\Rainlendar2\lua53.dll 2017-08-02 13:37 - 2017-08-02 13:37 - 00331776 _____ () C:\Program Files\Rainlendar2\libical.dll 2021-10-08 09:41 - 2021-10-08 09:41 - 00130560 _____ () C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll 2017-08-02 13:24 - 2017-08-02 13:24 - 00017920 _____ () C:\Program Files\Rainlendar2\lfs.dll 2022-04-27 15:56 - 2022-04-27 15:56 - 00461312 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\Search.Core.dll 2021-10-16 12:53 - 2021-10-16 12:53 - 00706536 _____ () C:\WINDOWS\system32\TextShaping.dll 2022-05-01 09:59 - 2022-04-28 09:08 - 05774728 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.32\libglesv2.dll 2022-05-01 09:59 - 2022-04-28 09:08 - 00457608 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.32\libegl.dll 2022-05-01 10:00 - 2022-04-28 09:06 - 04000672 _____ () C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.32\vk_swiftshader.dll 2022-04-29 11:46 - 2022-02-07 12:47 - 00155752 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igdinfo64.dll 2022-04-25 11:55 - 2022-04-25 11:55 - 02461576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\ffmpeg.dll 2022-03-23 11:33 - 2022-03-23 11:33 - 01336192 _____ () \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\msix_utility.node 2022-03-23 11:32 - 2022-03-23 11:33 - 00845728 _____ () \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\electron_utility.node 2022-04-25 11:55 - 2022-04-25 11:56 - 03069856 _____ () \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\skypert.dll 2022-03-23 11:32 - 2022-03-23 11:33 - 02130848 _____ () \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\call_manager.node 2022-03-23 11:32 - 2022-03-23 11:33 - 00491368 _____ () \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\keytar.node 2022-04-25 11:55 - 2022-04-25 11:55 - 06831488 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\libglesv2.dll 2022-04-25 11:55 - 2022-04-25 11:55 - 00360328 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\libegl.dll 2022-04-29 11:46 - 2022-02-07 12:47 - 00131568 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igdinfo32.dll 2022-04-25 11:55 - 2022-04-25 11:56 - 04290464 _____ () \\?\C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar.unpacked\modules\Processing.NDI.Lib.x86.dll 2022-04-25 11:55 - 2022-04-25 11:56 - 00046592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\SkypeContext.dll 2022-04-25 12:57 - 2022-04-25 12:57 - 01104880 _____ () C:\Program Files (x86)\Mozilla Thunderbird\libotr.dll 2022-04-25 12:57 - 2022-04-25 12:57 - 00330984 _____ () C:\Program Files (x86)\Mozilla Thunderbird\libssp-0.dll 2022-04-25 12:57 - 2022-04-25 12:57 - 04434928 _____ () C:\Program Files (x86)\Mozilla Thunderbird\libGLESv2.dll 2022-04-25 12:57 - 2022-04-25 12:57 - 00034800 _____ () C:\Program Files (x86)\Mozilla Thunderbird\libEGL.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.) AlternateDataStreams: C:\Users\rtull\Dropbox\Mijn pc (PC-RAMON)\Documents\desktop (Nieuw).ini:com.dropbox.attrs [54] AlternateDataStreams: C:\Users\rtull\Dropbox\Mijn pc (PC-RAMON)\Documents\Favorites:com.dropbox.attrs [54] AlternateDataStreams: C:\Users\rtull\Dropbox\Mijn pc (PC-RAMON)\Documents\Scanned Documents:com.dropbox.attrs [54] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.) ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.) ==================== Hosts inhoud: ========================== (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.) 2015-10-30 09:24 - 2022-04-30 16:21 - 00001306 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com Er zijn 7 meer regels. ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg DNS Servers: 62.179.104.196 - 213.46.228.196 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == HKLM\...\StartupApproved\StartupFolder: => "Twonky Server.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY" HKLM\...\StartupApproved\Run32: => "RoxioDragToDisc" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "Lenovo Silver Silk Wireless Keyboard" HKLM\...\StartupApproved\Run32: => "SDTray" HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp" HKLM\...\StartupApproved\Run32: => "LogitechQuickCamRibbon" HKLM\...\StartupApproved\Run32: => "DSATray" HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "HP ENVY 4500 series (NET)" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "Logitech Vid" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "LightScribe Control Panel" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_0E113014B90951FAF820BC2914A8EFCB" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "Skype for Desktop" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "BingWallpaperApp" HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "Viddly YouTube Downloader" ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe FirewallRules: [UDP Query User{72656AA8-2B3E-4759-B294-E92AEFEF7D28}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [TCP Query User{B9D15EE3-F84F-40E3-A6FC-8B0DEBD69C86}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{F427BF2A-D70C-4B7A-9221-5CF2103AA552}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{98ABC8A1-A959-4E38-841A-A3124E130182}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{8368EC92-EE81-47A7-8A55-26DDE896B425}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [{60ADE355-9044-4126-B93D-73F767ACFB8D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe FirewallRules: [UDP Query User{0077DEC4-5516-4B32-86EA-41037DFC7D93}C:\program files (x86)\frostwire 6\frostwire.exe] => (Allow) C:\program files (x86)\frostwire 6\frostwire.exe FirewallRules: [TCP Query User{978356A5-C306-41CF-8B3C-161F6D02E2FD}C:\program files (x86)\frostwire 6\frostwire.exe] => (Allow) C:\program files (x86)\frostwire 6\frostwire.exe FirewallRules: [{F29166B9-D87F-4660-9F5F-E95D7878E7CD}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{63F9D269-F05E-4E94-A578-4282DBC235EC}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{F99A7D6B-332A-4A1F-9875-42706208867A}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{63A966E6-AC83-46D1-BE2C-A269464133EB}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe FirewallRules: [{15D619C9-F084-4E11-B830-C18AD4155992}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe FirewallRules: [{E0C1235F-FBF3-4CFF-B51A-9AB5C9279C4B}] => (Allow) LPort=1900 FirewallRules: [{85E88C33-4CA6-473B-B1E4-1278CFF8C5A4}] => (Allow) LPort=2869 FirewallRules: [{3F51499A-7071-4B6D-9A76-44AB9B4DD464}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{DE6C9A8D-B952-437B-9278-BB1D36832CAF}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{D149358E-0B79-4564-8525-B793DB62401D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{91E06080-BF83-40C0-B58C-DB3066968E74}] => (Allow) C:\Users\rtull\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{CC654A1B-E454-4919-8F9B-EC384379D7C2}] => (Allow) LPort=5357 FirewallRules: [{120F42C2-E9CE-420A-8EBF-BE3D5DF2A990}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{D154D396-342E-47DA-B8C5-E4E7D0219AF4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe FirewallRules: [{5B6571F0-1D85-4F71-BB8B-A838489F62C0}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoConverter\VideoConverter.exe FirewallRules: [{B77B61F1-186F-45B4-AEDD-2539886F20BB}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoConverter\VideoConverter.exe FirewallRules: [{9890718D-5C3E-429B-BCA5-E9EF65941C00}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoConverter\Updater.exe FirewallRules: [{E49F99C8-5588-4F3B-95D3-167B0B660194}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoConverter\Updater.exe FirewallRules: [{70254615-89A8-4D9B-B708-BA1315B918D4}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe FirewallRules: [{18E41E50-7298-4343-AFB6-71F2B397F310}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4636B4A5-3208-4695-8222-16AA48212301}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{4AC8A3E4-DF21-4703-8880-7F6810EF1563}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe FirewallRules: [{7BE704FA-0102-4319-8892-F64B9A9825CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe FirewallRules: [{F9B4FB64-4D37-46A0-B596-0CB35ACE00A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe FirewallRules: [{2469BF5F-38A2-4B2B-92D5-26B26F8C9E5C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe FirewallRules: [{135BE956-907C-4C86-A836-C4DE1B3E60F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe FirewallRules: [{0579E3F8-8052-4C80-9518-CEDB599D4C30}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E9223215-656A-40BC-8BAD-133841E5F709}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe FirewallRules: [{AD8C278A-712A-465C-BDBF-BAA7F6AE9668}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ==================== Herstelpunten ========================= 25-04-2022 11:31:20 Installatieprogramma voor Windows-modules 27-04-2022 09:22:54 Installatieprogramma voor Windows-modules 29-04-2022 11:37:33 Installatieprogramma voor Windows-modules ==================== Defecte Apparaatbeheer Apparaten ============= ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (04/30/2022 04:19:16 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Error: (04/30/2022 04:19:16 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (04/30/2022 04:18:32 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x8007001f, Een apparaat dat op het systeem is aangesloten, werkt niet. . Bewerking: Asynchrone bewerking uitvoeren Context: Huidige status: DoSnapshotSet Error: (04/30/2022 04:17:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Avast Tools since QueryServiceConfig API failed System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (04/30/2022 04:17:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (04/30/2022 04:17:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (04/30/2022 04:17:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary aswVmm. System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (04/30/2022 04:17:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary aswSP. System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (04/30/2022 04:17:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary aswSnx. System Error: Het systeem kan het opgegeven bestand niet vinden. . Error: (04/30/2022 04:17:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary aswRvrt. System Error: Het systeem kan het opgegeven bestand niet vinden. . Systeemfouten: ============= Error: (04/30/2022 04:21:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De LMS-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (04/30/2022 04:21:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De AvastWscReporter-service kan vanwege de volgende fout niet worden gestart: Het systeem kan het opgegeven bestand niet vinden. Error: (04/30/2022 04:19:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN-uitbreidingsmodule is onverwacht gestopt. Pad naar module: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (04/30/2022 04:19:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN-uitbreidingsmodule is onverwacht gestopt. Pad naar module: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (04/30/2022 04:19:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN-uitbreidingsmodule is onverwacht gestopt. Pad naar module: C:\WINDOWS\system32\IntelIHVRouter04.dll Error: (04/30/2022 04:18:30 PM) (Source: DCOM) (EventID: 10010) (User: PC-RAMON) Description: De server {3EB3C877-1F16-487C-9050-104DBCD66683} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (04/30/2022 04:18:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De Intel(R) Security Assist-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (04/30/2022 04:18:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Media Player Network Sharing Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. Error: (04/30/2022 04:18:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De System Interface Foundation Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (04/30/2022 04:18:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten. CodeIntegrity: =================================== Date: 2022-05-01 10:08:35.2400000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-05-01 09:58:03.4130000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-05-01 09:49:57.0430000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-04-30 16:43:48.3000000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-04-30 16:33:16.8520000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-04-30 16:22:52.8580000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-04-30 15:57:17.6250000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-04-30 15:57:06.3690000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-04-30 15:56:42.8590000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-04-30 10:14:57.0820000Z Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\setup\uat_3176.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz Percentage geheugen in gebruik: 57% Totaal fysiek RAM-geheugen: 8106.61 MB Beschikbaar fysiek RAM-geheugen: 3441.14 MB Totaal Virtueel geheugen: 9386.61 MB Beschikbaar Virtual geheugen: 3608.75 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:899.67 GB) (Free:723.08 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 310D8D7D) Partition: GPT. ==================== Eind van Addition.txt ============================