Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 30-08-2022 Gestart door HZ1RU (30-09-2022 08:14:20) Run:2 Gestart vanaf C:\Users\HZ1RU\Downloads Geladen Profielen: HZ1RU & Administrator Boot Modus: Normal ============================================== fixlist inhoud: ***************** Start:: CreateRestorePoint: CloseProcesses: ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Geen bestand ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Geen bestand ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Geen bestand SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Geen Naam -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> Geen bestand BHO-x32: Geen Naam -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> Geen bestand FirewallRules: [{A653AB49-75FA-4BF2-9D91-DD46A030248D}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe => Geen bestand FirewallRules: [{1BFAA1CF-DD98-4C53-80FC-7CCB0C4EB546}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe => Geen bestand FirewallRules: [{FB592567-C25C-4E89-ACEA-7C23695BDDE8}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe => Geen bestand FirewallRules: [{AFC7386D-670A-443C-B2F7-DA5478AB9D55}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe => Geen bestand FirewallRules: [TCP Query User{04AD22F9-83BA-418A-A37B-F3D48A099ECE}C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe => Geen bestand FirewallRules: [UDP Query User{F717EB38-6548-4A60-9955-029D7499036C}C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe => Geen bestand FirewallRules: [{E9747705-ACF9-4AD8-95AB-0A15BC20CD76}] => (Allow) C:\Users\HZ1RU\Downloads\ultdata-android-bing.exe => Geen bestand FirewallRules: [{CAEF783B-1631-4A56-99AC-5A9BFC623674}] => (Allow) C:\Users\HZ1RU\Downloads\ultdata-android-bing.exe => Geen bestand FirewallRules: [TCP Query User{88AFD7DC-7B9B-4B37-8178-52786571A5CE}C:\program files (x86)\tenorshare\ultdata - android data recovery\ultdata for android.exe] => (Block) C:\program files (x86)\tenorshare\ultdata - android data recovery\ultdata for android.exe => Geen bestand FirewallRules: [UDP Query User{F781DB8F-4381-44C3-BB00-E810B53924F1}C:\program files (x86)\tenorshare\ultdata - android data recovery\ultdata for android.exe] => (Block) C:\program files (x86)\tenorshare\ultdata - android data recovery\ultdata for android.exe => Geen bestand FirewallRules: [TCP Query User{BE12523A-8488-4154-B66B-C739B8A9259D}C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe] => (Block) C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe => Geen bestand FirewallRules: [UDP Query User{13110FB4-6023-47B3-8B22-A171E3831566}C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe] => (Block) C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe => Geen bestand FirewallRules: [TCP Query User{57F70094-46A7-4002-9C88-72637A53D818}C:\program files (x86)\common files\oracle\java\javapath_target_66718796\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_66718796\java.exe => Geen bestand FirewallRules: [UDP Query User{294EF352-7FCC-494B-B564-BAA2D92117BB}C:\program files (x86)\common files\oracle\java\javapath_target_66718796\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_66718796\java.exe => Geen bestand FirewallRules: [TCP Query User{03A49C43-A812-4803-9DFF-772C781B5361}C:\users\hz1ru\downloads\winbox64.exe] => (Allow) C:\users\hz1ru\downloads\winbox64.exe => Geen bestand FirewallRules: [TCP Query User{31E56EFE-C10F-41ED-98D9-E4E6EE94BBE7}C:\program files (x86)\netgear\prosafe plus utility\nsdpmanager.exe] => (Allow) C:\program files (x86)\netgear\prosafe plus utility\nsdpmanager.exe => Geen bestand FirewallRules: [UDP Query User{B0A009EF-68C3-4950-A706-191F17092D6C}C:\program files (x86)\netgear\prosafe plus utility\nsdpmanager.exe] => (Allow) C:\program files (x86)\netgear\prosafe plus utility\nsdpmanager.exe => Geen bestand FirewallRules: [TCP Query User{727510E6-FAC9-449B-B60F-7BB6ED4DF408}C:\program files (x86)\netgear\prosafe plus utility\prosafe plus utility.exe] => (Allow) C:\program files (x86)\netgear\prosafe plus utility\prosafe plus utility.exe => Geen bestand FirewallRules: [UDP Query User{818D5DEB-4098-4A96-A5EF-7A265B5E6C90}C:\program files (x86)\netgear\prosafe plus utility\prosafe plus utility.exe] => (Allow) C:\program files (x86)\netgear\prosafe plus utility\prosafe plus utility.exe => Geen bestand FirewallRules: [TCP Query User{5D9CA6BC-1FF5-444B-B051-2F543A7A0169}C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe] => (Allow) C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe => Geen bestand FirewallRules: [UDP Query User{9F82255B-74C8-42C5-AB5A-E34A73A7127E}C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe] => (Allow) C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe => Geen bestand FirewallRules: [{EDD543D1-2087-4FEC-A7EB-E996320E7A41}] => (Block) C:\Program Files\HP\Consent Manager\AddHPConsentManagerLauncherScheduledTask.exe (HP Inc. -> HP Inc.) FirewallRules: [{30FDE14A-D040-4D24-9415-F06772563070}] => (Block) %ProgramFiles%\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6\HP.Smart.exe => Geen bestand FirewallRules: [TCP Query User{4F8E0587-7A31-4E21-BEA9-F287236E9797}C:\users\hz1ru\downloads\winbox.exe] => (Allow) C:\users\hz1ru\downloads\winbox.exe => Geen bestand FirewallRules: [{472BABD9-CFF5-4A1E-9BE8-603FA4D4A817}] => (Block) C:\users\hz1ru\downloads\winbox (1).exe => Geen bestand FirewallRules: [{9D3B49E5-E60B-46A5-8C07-4FF54B2F1DAA}] => (Block) C:\users\hz1ru\downloads\winbox (1).exe => Geen bestand FirewallRules: [TCP Query User{D7EFFD74-B890-450C-A1AD-A07795008227}C:\users\hz1ru\downloads\winbox.exe] => (Allow) C:\users\hz1ru\downloads\winbox.exe => Geen bestand FirewallRules: [UDP Query User{D505D2B9-7004-4865-BADA-B882116AD0FC}C:\users\hz1ru\downloads\winbox.exe] => (Allow) C:\users\hz1ru\downloads\winbox.exe => Geen bestand FirewallRules: [{85317D57-BC81-4B41-A932-B46F7F632A18}] => (Block) %ProgramFiles%\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6\HP.Smart.exe => Geen bestand FirewallRules: [TCP Query User{39BCC591-D504-4DB3-8A44-6C27E6D5E274}C:\users\hz1ru\appdata\local\temp\7zs5c52\enterprisedu.exe] => (Allow) C:\users\hz1ru\appdata\local\temp\7zs5c52\enterprisedu.exe => Geen bestand FirewallRules: [UDP Query User{3F1546D9-854D-441C-AEDA-BC24E9C287AC}C:\users\hz1ru\appdata\local\temp\7zs5c52\enterprisedu.exe] => (Allow) C:\users\hz1ru\appdata\local\temp\7zs5c52\enterprisedu.exe => Geen bestand FirewallRules: [{EFC75BE5-8AF2-4C93-908B-A5C86DD803A2}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => Geen bestand FirewallRules: [{F37FCCD4-C0CA-4E9C-AD2B-46B5787BCB14}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => Geen bestand FirewallRules: [{19F6B181-F076-4A53-8EB6-9960D30E33D6}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => Geen bestand FirewallRules: [{6D59BD71-0805-4210-B762-0E6F829E300F}] => (Allow) C:\Users\HZ1RU\Downloads\4winkey.exe => Geen bestand FirewallRules: [{FE1562A8-B6A7-48E1-8EAF-6E00C858837D}] => (Allow) C:\Users\HZ1RU\Downloads\4winkey.exe => Geen bestand FirewallRules: [{E2725041-A0D5-42CE-A8AA-88BC0479EC6E}] => (Allow) C:\Users\HZ1RU\Downloads\4winkey_0927.exe => Geen bestand FirewallRules: [{F0EEE27D-39F2-417D-8D02-D841027EF806}] => (Allow) C:\Users\HZ1RU\Downloads\4winkey_0927.exe => Geen bestand FirewallRules: [{8B4CEAC9-8202-4DCF-A3BF-B6E6A5608F64}] => (Allow) C:\Users\HZ1RU\Downloads\4winkey_0927 (1).exe => Geen bestand FirewallRules: [{AA9EC36A-AC9F-4089-9C3A-ED038907157D}] => (Allow) C:\Users\HZ1RU\Downloads\4winkey_0927 (1).exe => Geen bestand FirewallRules: [TCP Query User{5FB8F272-E9BC-455E-9509-72A48F6960C9}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe => Geen bestand FirewallRules: [UDP Query User{1B1E14BE-2E08-4511-B7C1-9A6A9F4DBF38}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe => Geen bestand FirewallRules: [TCP Query User{A3A52E1D-3D2F-4C6B-B4CC-0B3F6D14701F}C:\program files (x86)\sadptool\sadptool.exe] => (Block) C:\program files (x86)\sadptool\sadptool.exe => Geen bestand FirewallRules: [UDP Query User{C9BBC249-CB81-4B03-89E3-603CF8E0212B}C:\program files (x86)\sadptool\sadptool.exe] => (Block) C:\program files (x86)\sadptool\sadptool.exe => Geen bestand FirewallRules: [TCP Query User{137D3FF9-71DE-4FC6-B089-93C442035B03}C:\program files\angry ip scanner\jre\bin\javaw.exe] => (Allow) C:\program files\angry ip scanner\jre\bin\javaw.exe => Geen bestand FirewallRules: [UDP Query User{60C72C79-8F83-4CAF-A521-F61B0741380D}C:\program files\angry ip scanner\jre\bin\javaw.exe] => (Allow) C:\program files\angry ip scanner\jre\bin\javaw.exe => Geen bestand HKLM\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT HKU\S-1-5-21-346357692-1366640249-2590671835-1001\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT Task: {CF2FC78A-45DB-4912-9954-09CA33541667} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-346357692-1366640249-2590671835-500 => C:\Users\HZ1RU\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Geen bestand) Task: {FB6294FF-834F-4346-B582-D7C90BB0600E} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 -> Geen bestand <==== AANDACHT Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] FF HKLM-x32\...\Firefox\Extensions: [brofox_host@bromium.com] - C:\Program Files\HP\Sure Click\4.1.8.2387\servers\FakeDir => niet gevonden S4 DFWSIDService; C:\Program Files (x86)\Wondershare\drfone\WsidService.exe [X] S4 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\ElevationService.exe [X] S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X] S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X] S4 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe [X] U4 npcap_wifi; geen ImagePath 2022-09-15 01:58 - 2022-09-15 01:58 - 000000048 ____H () C:\Program Files (x86)\3bg2xkb8bu.dat 2017-09-01 16:39 - 2017-09-17 11:07 - 000000079 _____ () C:\Users\HZ1RU\AppData\Roaming\.ettercap_gtk 2017-08-14 12:54 - 2017-08-14 12:55 - 000000004 _____ () C:\Users\HZ1RU\AppData\Local\.dotcache 2016-04-26 19:48 - 2016-04-26 19:48 - 000178658 _____ () C:\Users\HZ1RU\AppData\Local\ars.cache 2016-04-26 19:48 - 2016-04-26 19:48 - 000563889 _____ () C:\Users\HZ1RU\AppData\Local\census.cache 2016-10-24 11:09 - 2021-08-04 10:49 - 000018944 _____ () C:\Users\HZ1RU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-04-26 19:38 - 2016-04-26 19:38 - 000000036 _____ () C:\Users\HZ1RU\AppData\Local\housecall.guid.cache 2017-01-29 17:53 - 2017-07-13 17:10 - 000000414 _____ () C:\Users\HZ1RU\AppData\Local\MZD-AIO-TI.log 2019-03-22 15:19 - 2019-11-09 15:06 - 000000128 _____ () C:\Users\HZ1RU\AppData\Local\PUTTY.RND 2017-01-05 17:56 - 2017-01-05 17:56 - 000000001 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.1.02.agreement 2018-07-25 12:51 - 2018-07-25 12:51 - 000000001 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.1.10.agreement 2017-01-05 17:58 - 2018-07-28 10:35 - 000000022 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.savedialog.dir 2017-01-05 17:58 - 2018-07-28 10:35 - 000000001 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.savedialog.filterindex 2017-01-05 17:56 - 2018-07-28 10:35 - 000000001 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.sourcedisk.index 2017-10-13 18:31 - 2017-10-13 18:31 - 000002331 _____ () C:\Users\HZ1RU\AppData\Local\recently-used.xbel 2017-05-01 12:10 - 2020-04-29 12:23 - 000000487 _____ () C:\Users\HZ1RU\AppData\Local\ReclaiMe.config 2019-07-06 15:48 - 2019-07-12 18:03 - 000000487 _____ () C:\Users\HZ1RU\AppData\Local\ReclaiMePro.config 2019-02-05 13:29 - 2019-02-05 13:29 - 000007605 _____ () C:\Users\HZ1RU\AppData\Local\Resmon.ResmonCfg 2016-04-26 19:43 - 2016-09-26 13:18 - 000000010 _____ () C:\Users\HZ1RU\AppData\Local\sponge.last.runtime.cache 2017-01-02 14:18 - 2021-12-26 10:53 - 000000286 _____ () C:\Users\HZ1RU\AppData\Local\zenmap.exe.log 2017-07-21 12:18 - 2020-11-22 15:28 - 000001933 _____ () C:\Users\HZ1RU\AppData\Local\_ExceptionTrace EmptyTemp: Reboot: End:: ***************** Herstelpunt is succesvol gemaakt. Proces succesvol afgesloten. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => is succesvol verwijderd HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => is succesvol verwijderd HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => is succesvol verwijderd HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => is succesvol verwijderd HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => is succesvol verwijderd HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => is succesvol verwijderd "HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => is succesvol verwijderd HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => is succesvol verwijderd HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} => is succesvol verwijderd HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A653AB49-75FA-4BF2-9D91-DD46A030248D}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1BFAA1CF-DD98-4C53-80FC-7CCB0C4EB546}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB592567-C25C-4E89-ACEA-7C23695BDDE8}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AFC7386D-670A-443C-B2F7-DA5478AB9D55}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{04AD22F9-83BA-418A-A37B-F3D48A099ECE}C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F717EB38-6548-4A60-9955-029D7499036C}C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9747705-ACF9-4AD8-95AB-0A15BC20CD76}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CAEF783B-1631-4A56-99AC-5A9BFC623674}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{88AFD7DC-7B9B-4B37-8178-52786571A5CE}C:\program files (x86)\tenorshare\ultdata - android data recovery\ultdata for android.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F781DB8F-4381-44C3-BB00-E810B53924F1}C:\program files (x86)\tenorshare\ultdata - android data recovery\ultdata for android.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BE12523A-8488-4154-B66B-C739B8A9259D}C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{13110FB4-6023-47B3-8B22-A171E3831566}C:\program files (x86)\common files\oracle\java\javapath_target_84375671\java.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{57F70094-46A7-4002-9C88-72637A53D818}C:\program files (x86)\common files\oracle\java\javapath_target_66718796\java.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{294EF352-7FCC-494B-B564-BAA2D92117BB}C:\program files (x86)\common files\oracle\java\javapath_target_66718796\java.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{03A49C43-A812-4803-9DFF-772C781B5361}C:\users\hz1ru\downloads\winbox64.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{31E56EFE-C10F-41ED-98D9-E4E6EE94BBE7}C:\program files (x86)\netgear\prosafe plus utility\nsdpmanager.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B0A009EF-68C3-4950-A706-191F17092D6C}C:\program files (x86)\netgear\prosafe plus utility\nsdpmanager.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{727510E6-FAC9-449B-B60F-7BB6ED4DF408}C:\program files (x86)\netgear\prosafe plus utility\prosafe plus utility.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{818D5DEB-4098-4A96-A5EF-7A265B5E6C90}C:\program files (x86)\netgear\prosafe plus utility\prosafe plus utility.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5D9CA6BC-1FF5-444B-B051-2F543A7A0169}C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F82255B-74C8-42C5-AB5A-E34A73A7127E}C:\program files (x86)\smartwizard discovery\smartwizard discovery.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDD543D1-2087-4FEC-A7EB-E996320E7A41}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30FDE14A-D040-4D24-9415-F06772563070}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4F8E0587-7A31-4E21-BEA9-F287236E9797}C:\users\hz1ru\downloads\winbox.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{472BABD9-CFF5-4A1E-9BE8-603FA4D4A817}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D3B49E5-E60B-46A5-8C07-4FF54B2F1DAA}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D7EFFD74-B890-450C-A1AD-A07795008227}C:\users\hz1ru\downloads\winbox.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D505D2B9-7004-4865-BADA-B882116AD0FC}C:\users\hz1ru\downloads\winbox.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{85317D57-BC81-4B41-A932-B46F7F632A18}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{39BCC591-D504-4DB3-8A44-6C27E6D5E274}C:\users\hz1ru\appdata\local\temp\7zs5c52\enterprisedu.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3F1546D9-854D-441C-AEDA-BC24E9C287AC}C:\users\hz1ru\appdata\local\temp\7zs5c52\enterprisedu.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFC75BE5-8AF2-4C93-908B-A5C86DD803A2}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F37FCCD4-C0CA-4E9C-AD2B-46B5787BCB14}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{19F6B181-F076-4A53-8EB6-9960D30E33D6}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D59BD71-0805-4210-B762-0E6F829E300F}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE1562A8-B6A7-48E1-8EAF-6E00C858837D}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2725041-A0D5-42CE-A8AA-88BC0479EC6E}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0EEE27D-39F2-417D-8D02-D841027EF806}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B4CEAC9-8202-4DCF-A3BF-B6E6A5608F64}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA9EC36A-AC9F-4089-9C3A-ED038907157D}" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5FB8F272-E9BC-455E-9509-72A48F6960C9}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1B1E14BE-2E08-4511-B7C1-9A6A9F4DBF38}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A3A52E1D-3D2F-4C6B-B4CC-0B3F6D14701F}C:\program files (x86)\sadptool\sadptool.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C9BBC249-CB81-4B03-89E3-603CF8E0212B}C:\program files (x86)\sadptool\sadptool.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{137D3FF9-71DE-4FC6-B089-93C442035B03}C:\program files\angry ip scanner\jre\bin\javaw.exe" => is succesvol verwijderd "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{60C72C79-8F83-4CAF-A521-F61B0741380D}C:\program files\angry ip scanner\jre\bin\javaw.exe" => is succesvol verwijderd HKLM\SOFTWARE\Policies\Microsoft\Edge => is succesvol verwijderd HKU\S-1-5-21-346357692-1366640249-2590671835-1001\SOFTWARE\Policies\Microsoft\Edge => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF2FC78A-45DB-4912-9954-09CA33541667}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF2FC78A-45DB-4912-9954-09CA33541667}" => is succesvol verwijderd C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-346357692-1366640249-2590671835-500 => is succesvol verplaatst "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-346357692-1366640249-2590671835-500" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB6294FF-834F-4346-B582-D7C90BB0600E}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB6294FF-834F-4346-B582-D7C90BB0600E}" => is succesvol verwijderd "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => niet gevonden HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => is succesvol verwijderd HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => is succesvol verwijderd HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => is succesvol verwijderd HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => is succesvol verwijderd "HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\brofox_host@bromium.com" => is succesvol verwijderd HKLM\System\CurrentControlSet\Services\DFWSIDService => is succesvol verwijderd DFWSIDService => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\ElevationService => is succesvol verwijderd ElevationService => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\rpcapd => is succesvol verwijderd rpcapd => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\Wondershare InstallAssist => is succesvol verwijderd Wondershare InstallAssist => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\WsDrvInst => is succesvol verwijderd WsDrvInst => service is succesvol verwijderd HKLM\System\CurrentControlSet\Services\npcap_wifi => is succesvol verwijderd npcap_wifi => service is succesvol verwijderd C:\Program Files (x86)\3bg2xkb8bu.dat => is succesvol verplaatst C:\Users\HZ1RU\AppData\Roaming\.ettercap_gtk => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\.dotcache => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\ars.cache => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\census.cache => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\housecall.guid.cache => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\MZD-AIO-TI.log => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\PUTTY.RND => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\RawCopy.1.02.agreement => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\RawCopy.1.10.agreement => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\RawCopy.savedialog.dir => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\RawCopy.savedialog.filterindex => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\RawCopy.sourcedisk.index => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\recently-used.xbel => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\ReclaiMe.config => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\ReclaiMePro.config => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\Resmon.ResmonCfg => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\sponge.last.runtime.cache => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\zenmap.exe.log => is succesvol verplaatst C:\Users\HZ1RU\AppData\Local\_ExceptionTrace => is succesvol verplaatst =========== EmptyTemp: ========== FlushDNS => voltooid BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13847118 B Java, Discord, Steam htmlcache => 0 B Windows/system/drivers => 3395612 B Edge => 0 B Chrome => 150107502 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 2990 B HZ1RU => 2008546 B Administrator => 2008546 B RecycleBin => 2264414990 B EmptyTemp: => 2.3 GB tijdelijke gegevens verwijderd. ================================ Het systeem moest herstart worden. ==== Einde van Fixlog 08:14:33 ====