Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 11-05-2022 Gestart door Gerda (15-05-2022 18:03:28) Gestart vanaf C:\Users\Gerda\Desktop Microsoft Windows 10 Pro Versie 20H2 19042.1165 (X64) (2021-01-26 15:56:36) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-706193113-4269388807-4058006214-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-706193113-4269388807-4058006214-503 - Limited - Disabled) Gast (S-1-5-21-706193113-4269388807-4058006214-501 - Limited - Disabled) Gerda (S-1-5-21-706193113-4269388807-4058006214-1001 - Administrator - Enabled) => C:\Users\Gerda WDAGUtilityAccount (S-1-5-21-706193113-4269388807-4058006214-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.) Adobe Photoshop Elements 2021 (HKLM-x32\...\PSE_19_3) (Version: 19.0 - Adobe Inc.) Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.) AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: 6.9.1 - AOMEI International Network Limited.) Auslogics BoostSpeed 10 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 10.0.4.0 - Auslogics Labs Pty Ltd) Auslogics Driver Updater (HKLM-x32\...\{23BB1B18-3537-48F7-BEF7-42BC65DBF993}_is1) (Version: 1.21.3.0 - Auslogics Labs Pty Ltd) Belarc Advisor 9.7 (HKLM-x32\...\Belarc Advisor) (Version: 9.7.0.0 - Belarc Inc.) CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform) Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.8.364 - Corel corporation) Hidden Diamond Club Casino 2 (HKLM-x32\...\Diamond Club Casino 2) (Version: - ) Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) FileZilla Client 3.59.0 (HKLM-x32\...\FileZilla Client) (Version: 3.59.0 - Tim Kosse) FreeFileSync 11.5 (HKLM-x32\...\FreeFileSync_is1) (Version: 11.5 - FreeFileSync.org) HP Officejet 6500 E710n-z Basissoftware van het apparaat (HKLM\...\{541B2013-8349-421C-B551-892A4AC82CD4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.0.2.20 - IObit) IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan) Kobo (HKLM-x32\...\Kobo) (Version: 4.30.16653 - Rakuten Kobo Inc.) Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo) Lenovo Diagnostics Tool (HKLM\...\{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}_is1) (Version: 4.37.0.209 - LENOVO (UNITED STATES) INC.) Lenovo Service Bridge (HKU\S-1-5-21-706193113-4269388807-4058006214-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.12 - Lenovo) Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0136 - Lenovo) LibreOffice 7.1.0.3 (HKLM\...\{FF0BB16C-BD95-497C-BCE6-4B567668AF1B}) (Version: 7.1.0.3 - The Document Foundation) Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech) Macromedia Dreamweaver 4 (HKLM-x32\...\{ABDA9912-5D00-11D4-BAE7-9367CA097955}) (Version: 4.0 - Macromedia) Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.2 - Macromedia) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.47 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - nl-nl (HKLM\...\ProPlus2019Volume - nl-nl) (Version: 16.0.10385.20027 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-706193113-4269388807-4058006214-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Mozilla Firefox (x64 nl) (HKLM\...\Mozilla Firefox 100.0 (x64 nl)) (Version: 100.0 - Mozilla) Mozilla Thunderbird (x64 nl) (HKLM\...\Mozilla Thunderbird 91.5.0 (x64 nl)) (Version: 91.5.0 - Mozilla) Mozilla Thunderbird (x64 nl) (HKU\S-1-5-21-706193113-4269388807-4058006214-1001\...\Mozilla Thunderbird 91.9.0 (x64 nl)) (Version: 91.9.0 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10385.20027 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10385.20027 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.10385.20027 - Microsoft Corporation) Hidden Offline Rekening Overzicht (HKLM-x32\...\{80D2DAFC-A65D-4317-8A75-15286181EC23}) (Version: 1.0.2.0 - J.J.F. Verhaag) Software voor Intel® Chipset-apparaten (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel(R) Corporation) TeamViewer (HKLM\...\TeamViewer) (Version: 15.29.4 - TeamViewer) Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1555 - Microsoft Corporation) Windows Driver Package - Intel (XtuAcpiDriver) System (01/14/2019 4.0.0.69) (HKLM\...\3A99CB44A2E54EA755CC2AFB6051D7B280A10CA1) (Version: 01/14/2019 4.0.0.69 - Intel) Windows Pc-statuscontrole (HKLM\...\{4C95130F-4638-4B19-B1B4-DA7CB78A2911}) (Version: 3.6.2204.08001 - Microsoft Corporation) WordPerfect Office 2002 (HKLM-x32\...\{A0B295C3-FD3C-11D4-A811-0090279106C3}) (Version: 10 - Corel) Hidden WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation) WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation) WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - IPM (HKLM-x32\...\{AF93DEF7-008A-430B-B1D0-50A9D707ACF8}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - IPM Content (HKLM-x32\...\{3F93A142-9033-471E-BDE8-EFF0A1F170F2}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 - Corel Corporation) Hidden WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation) WordPerfect Office X9 (HKLM-x32\...\{60338C41-EFE7-42C2-9442-46AE4FE90CC5}) (Version: 19.0 - Corel Corporation) Hidden Packages: ========= HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-05-09] (HP Inc.) Intel® Graphics besturingscentrum -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-05-09] (INTEL CORP) [Startup Task] Media-engine-invoegtoepassing voor Foto's -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-09] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-05-09] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-05-09] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-05-09] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-05-09] (Netflix, Inc.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0 [2022-05-14] (Spotify AB) [Startup Task] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-706193113-4269388807-4058006214-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BB2020}\localserver32 -> C:\Program Files\Adobe\Elements 2021 Organizer\Elements Auto Creations 2021.exe (Adobe Inc. -> Adobe) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ContextMenuHandlers2-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation) ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ContextMenuHandlers4-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-02-03] (Adobe Inc. -> ) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= 2022-05-09 14:11 - 2021-06-22 14:41 - 000014336 _____ () [Bestand niet getekend] C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1(1)\libamcbconsole.dll 2022-05-09 14:11 - 2015-05-21 14:32 - 000068784 _____ (Aomei Technology Co., Limited -> Microsoft Corporation) [Bestand niet getekend] C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1(1)\vcomp.dll ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== HKU\S-1-5-21-706193113-4269388807-4058006214-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/ BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2021-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2020-10-15] (Belarc, Inc. -> Belarc, Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-16] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2021-01-26 17:45 - 2021-01-26 17:43 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-706193113-4269388807-4058006214-1001\Control Panel\Desktop\\Wallpaper -> F:\Nora\nora_2021\n2021_08 (aug)\IMG_3283.JPG DNS Servers: 192.168.2.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\StartupFolder: => "CorelCENTRAL 10.lnk" HKLM\...\StartupApproved\Run: => "AdobePSE19AutoAnalyzer" HKLM\...\StartupApproved\Run32: => "Corel Registration" HKLM\...\StartupApproved\Run32: => "QuickFinder Scheduler" HKU\S-1-5-21-706193113-4269388807-4058006214-1001\...\StartupApproved\Run: => "OneDrive" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [TCP Query User{9D9287A5-6738-4A57-831B-8442DD3C6D4F}C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe] => (Allow) C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe (Naviant, Inc.) [Bestand niet getekend] FirewallRules: [UDP Query User{F1D27296-86D4-406C-ACD2-FA69FC56A8A9}C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe] => (Allow) C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe (Naviant, Inc.) [Bestand niet getekend] FirewallRules: [{AA85381D-1A17-4BE5-A6A9-E1F08FE5C19D}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) FirewallRules: [{ECBDCD2E-66D3-4F10-B4EF-E90A1A216EF9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0A7328AD-239F-480E-8B38-1CC3E3DED744}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{5263875F-4D4F-4BA8-90A9-8AE425B6FC60}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8C73422E-7DEE-42F2-B58F-270074955D8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BEDE8B15-CD9F-4949-A357-1CCDD7204B12}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{61B6A46A-BF28-4FA3-BCE0-BC7EEA1D1522}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2B6CE02B-1E4F-4FC2-8985-7B4625C49F2F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{8B77E425-D282-471B-8A64-6A0EBAA3D4FF}C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe] => (Allow) C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe (Naviant, Inc.) [Bestand niet getekend] FirewallRules: [UDP Query User{0BAC6463-01DA-4A0E-8BB0-2842F5247073}C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe] => (Allow) C:\program files (x86)\corel\wordperfect office 2002\register\navbrowser.exe (Naviant, Inc.) [Bestand niet getekend] FirewallRules: [{A310EFE0-114A-46B5-AE89-1FDA750FAE12}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{7764B4F2-21FE-4E04-BC61-C6B334B18BA4}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{AA6BDECB-4303-4BD9-821F-5BAEB356A0A9}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{9629CFF4-1AAC-4D58-BDDA-CC39C0FB317D}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{0C335047-52FC-48FE-B31F-20ED4DF14DCE}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{6AE9A8E3-1827-492C-B5F8-47DD352EA873}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{1915397A-566B-46A4-8795-34A1860EA7BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8F93D27B-B1F8-473F-AD20-0F3497B85342}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8AEBAA76-C061-4591-8361-38174E7EF74A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D8451F28-99C0-4F41-A205-D12672D4A074}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4ED083C6-6B95-423E-9FCF-3330F3F0CBFE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{11139ADC-98DA-4EBA-B60B-7D23D3DFCF68}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{DCFB5F79-0FC1-43D9-B475-96432AD468E1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{8C865B6D-86C1-464A-A3E9-01C4991050CE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{0258E6D6-FEA9-43E9-B439-7E61AAAB1CA2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{9EE61670-6506-4320-AAB7-F4C42FF2918A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> ) FirewallRules: [{1FF4007F-98DD-44A8-9196-587F85BA9B54}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1(1)\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{B5AF6327-0737-48F9-8411-1DDFA0433BD1}] => (Allow) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.9.1(1)\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited) FirewallRules: [{F29DFD33-B688-4D00-BC03-BAB577884C34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1B5EAC7C-F153-4BB4-A4A6-C2F07A30E56D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5EFCC838-4431-43E1-B2E2-F67B87A3DDB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E4957C2C-E655-4358-B733-02037A5836B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6F62BF95-A5C2-40CD-9BE5-5BCC392BF97D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7AB07D43-53AF-4B31-B9DF-5099DB8E3337}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F017CF7B-AF45-4DC8-99F5-E3996548DDEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{AC3648E6-ECE6-4796-AEDE-BE71CBE386AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Herstelpunten ========================= ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (05/15/2022 04:39:00 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Error: (05/15/2022 04:39:00 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (05/15/2022 10:27:39 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma GameBar.exe, versie 5.722.3302.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: c60 Starttijd: 01d868343ca8e10a Eindtijd: 4294967295 Toepassingspad: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe\GameBar.exe Rapport-id: f8b986a2-03b5-495c-959c-2d0ade622e04 Volledige pakketnaam met fout: Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe Relatieve toepassings-id van pakket met fout: App Type vastlopen: Navigation Error: (05/14/2022 11:52:51 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Error: (05/14/2022 11:52:51 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (05/14/2022 11:52:51 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Error: (05/14/2022 11:52:51 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (05/14/2022 11:52:51 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Systeemfouten: ============= Error: (05/15/2022 05:28:20 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY) Description: Er is een beschadiging ontdekt in de bestandssysteemstructuur op het volume I:. De exacte beschadiging is onbekend. De bestandssysteemstructuren moeten online worden gescand. Error: (05/15/2022 05:28:20 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY) Description: Er is een beschadiging ontdekt in de bestandssysteemstructuur op het volume I:. De exacte beschadiging is onbekend. De bestandssysteemstructuren moeten offline worden gescand en hersteld. Error: (05/15/2022 04:44:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0xc1900101: Onderdelenupdate naar Windows 10, versie 21H2. Error: (05/15/2022 04:44:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De jhi_service-service is afhankelijk van de iphlpsvc-service, die vanwege de volgende fout niet kan worden gestart: Kan de service niet starten omdat deze is uitgeschakeld of omdat het geen ingeschakelde apparaten met zich heeft verbonden. Error: (05/15/2022 04:44:30 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crashdumpinitialisatie is mislukt! Error: (05/15/2022 04:30:45 PM) (Source: WinRM) (EventID: 10142) (User: ) Description: Kan de listener met adres * en transport HTTP niet migreren. Er bestaat al een listener met dezelfde configuratie voor adres en transport. Error: (05/15/2022 12:28:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0xc1900101: Onderdelenupdate naar Windows 10, versie 21H2. Error: (05/15/2022 12:27:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: De jhi_service-service is afhankelijk van de iphlpsvc-service, die vanwege de volgende fout niet kan worden gestart: Kan de service niet starten omdat deze is uitgeschakeld of omdat het geen ingeschakelde apparaten met zich heeft verbonden. Windows Defender: ================ Date: 2022-05-15 15:05:26 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {16A6628A-A2B4-48D3-B61B-945FAB41814E} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2022-05-14 17:09:45 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/DriverPack&threatid=311940&enterprise=0 Naam: PUABundler:Win32/DriverPack Ernst: Laag Categorie: Mogelijk ongewenste software Pad: file:_E:\downloads64\DriverPack-17-Online_undefined__1p9ruxqgdg3nvl7.exe Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-DK8TUIM\Gerda Procesnaam: C:\WINDOWS\explorer.exe Versie van beveiligingsinformatie: AV: 1.363.1959.0, AS: 1.363.1959.0, NIS: 1.363.1959.0 Engineversie: AM: 1.1.19200.5, NIS: 1.1.19200.5 Date: 2022-05-14 16:59:53 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {CBD14A56-C56B-4808-901C-FDD08C6C65CD} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2022-05-14 16:54:02 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {86F080BC-F237-4845-8C3C-4A7521B21C22} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2022-05-14 16:49:40 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {A1DC1B9C-81F3-4A89-979E-281F49A37D7B} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Event[0]: Date: 2022-05-10 19:16:04 Description: Real-timebeveiligingsonderdeel van Microsoft Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Bij toegang Foutcode: 0x8007043c Foutbeschrijving: Deze service kan niet in veilige modus worden gestart. Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten. Date: 2022-05-10 18:54:20 Description: Real-timebeveiligingsonderdeel van Microsoft Defender Antivirus heeft een fout aangetroffen en is niet uitgevoerd. Onderdeel: Bij toegang Foutcode: 0x8007043c Foutbeschrijving: Deze service kan niet in veilige modus worden gestart. Reden: Antimalware beveiligingsinformatie werkt om onbekende redenen niet meer. In sommige gevallen kan het probleem worden verholpen door de service opnieuw op te starten. CodeIntegrity: =============== Date: 2022-05-15 16:45:15 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\klhk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-05-15 16:44:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-05-15 15:05:12 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== BIOS: LENOVO N1CET86W (1.54 ) 12/06/2021 Moederbord: LENOVO 20FAS09Y04 Processor: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz Percentage geheugen in gebruik: 29% Totaal fysiek RAM-geheugen: 20335.51 MB Beschikbaar fysiek RAM-geheugen: 14237.32 MB Totaal Virtueel geheugen: 23407.51 MB Beschikbaar Virtueel geheugen: 17554.85 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:243.44 GB) (Free:33.91 GB) NTFS Drive d: (PROGRAMMA'S) (Fixed) (Total:100.7 GB) (Free:85.93 GB) NTFS Drive e: (BESTANDEN) (Fixed) (Total:196.58 GB) (Free:111.04 GB) NTFS Drive f: (FOTO'S) (Fixed) (Total:380.86 GB) (Free:60.84 GB) NTFS Drive g: (ESD-USB) (Removable) (Total:31.99 GB) (Free:27.8 GB) FAT32 \\?\Volume{79653c1e-e1ad-4d99-ad1f-377d8e72c45b}\ (Recovery) (Fixed) (Total:9.31 GB) (Free:8.84 GB) NTFS \\?\Volume{52837e62-bb00-410c-8897-cf918b02a2c7}\ (BOOT) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: E2FBD085) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 57.8 GB) (Disk ID: 6D4B9A8A) Partition 1: (Active) - (Size=32 GB) - (Type=0C) ==================== Einde van Addition.txt =======================