Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 06-11-2022 Gestart door Etienne (08-11-2022 09:17:53) Gestart vanaf C:\Users\Etienne\Desktop Microsoft Windows 10 Pro Versie 21H1 19043.2130 (X64) (2021-02-05 10:45:27) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-4182651854-4289876487-1575895177-500 - Administrator - Disabled) Administrator Spare (S-1-5-21-4182651854-4289876487-1575895177-1003 - Administrator - Enabled) => C:\Users\Administrator Spare DefaultAccount (S-1-5-21-4182651854-4289876487-1575895177-503 - Limited - Disabled) Etienne (S-1-5-21-4182651854-4289876487-1575895177-1002 - Administrator - Enabled) => C:\Users\Etienne Gast (S-1-5-21-4182651854-4289876487-1575895177-501 - Limited - Disabled) komem (S-1-5-21-4182651854-4289876487-1575895177-1001 - Administrator - Enabled) => C:\Users\komem WDAGUtilityAccount (S-1-5-21-4182651854-4289876487-1575895177-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team) Avanquest Message (HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\{20573C69-4A68-4BEF-A23D-365CB66924CE}) (Version: 2.16.0 - Avanquest Software) Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden Banana Boekhouding 8.0 (HKLM\...\Banana80_is1) (Version: 8.0.6.0 - Banana.ch SA) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 107.1.45.118 - De auteurs van Brave) calibre 64bit (HKLM\...\{5D6852FB-8784-4B43-BE3D-05B9658F95E5}) (Version: 6.7.1 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 6.05 - Piriform) ComicRack v0.9.160 (HKLM\...\ComicRack) (Version: v0.9.160 - cYo Soft) Compressie van zip-zip-bestand (HKLM-x32\...\ExpressZip) (Version: 8.01 - NCH Software) Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 6.22 - NCH Software) EaseUS Data Recovery Wizard Technician (HKLM-x32\...\{725A287D-8CC2-4AF5-9F29-6A1B777D9F0F}) (Version: 9.9.0.0 - SamuRa1) EaseUS Partition Master (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.88 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - ) HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software) inPixio Photo 10 (HKLM-x32\...\{DA108E47-377C-4C49-ABEC-42AADEE1C17B}) (Version: 10.04.0 - inPixio) Java 8 Update 333 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180333F0}) (Version: 8.0.3330.2 - Oracle Corporation) Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky VPN (HKLM-x32\...\{FEA95EF1-A4FE-3E02-B1C8-B79136C3A44A}) (Version: 21.8.5.452 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{FEA95EF1-A4FE-3E02-B1C8-B79136C3A44A}) (Version: 21.8.5.452 - Kaspersky) KeePass Password Safe 2.52 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.52 - Dominik Reichl) Logitech SetPoint 6.70 (HKLM\...\sp6) (Version: 6.70.55 - Logitech) Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.15726.20174 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.35 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.35 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.212.1009.0004 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\Teams) (Version: 1.5.00.28361 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24123 (HKLM\...\{21134089-9B59-34C8-BE11-929D26AD5207}) (Version: 14.0.24123 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24123 (HKLM\...\{FDBE9DB4-7A91-3A28-B27E-705EF7CFAE57}) (Version: 14.0.24123 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Mozilla Firefox 81.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 81.0.2 (x64 nl)) (Version: 81.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 81.0.1 - Mozilla) NVIDIA 3D Vision stuurprogramma 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation) NVIDIA PhysX Systeem Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden Opera Stable 92.0.4561.33 (HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\Opera 92.0.4561.33) (Version: 92.0.4561.33 - Opera Software) PDF-XChange Editor (HKLM\...\{0A1AB01E-23A3-44F7-8D98-FA72FAE2A75D}) (Version: 9.0.352.0 - Tracker Software Products (Canada) Ltd.) Hidden PDF-XChange Editor (HKLM-x32\...\{279ffadb-8f1f-4f3a-b2fe-660e0032ab35}) (Version: 9.0.352.0 - Tracker Software Products (Canada) Ltd.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) SnapAPI (HKLM-x32\...\{3C801B68-5ADE-456D-A149-3A0E39F75319}) (Version: 4.2.709 - Acronis) Hidden Spotify (HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\Spotify) (Version: 1.1.60.672.g6ad9c215 - Spotify AB) Spotnet (HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\Spotnet) (Version: 2.0.0.284 - Spotnet) Switch Audiobestand Converter (HKLM-x32\...\Switch) (Version: 10.06 - NCH Software) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation) Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH) VariCAD 2013-2.02 EN (HKLM\...\VariCAD_20130303_EN) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WhatsApp (HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\WhatsApp) (Version: 2.2228.14 - WhatsApp) Windows Pc-statuscontrole (HKLM\...\{4C95130F-4638-4B19-B1B4-DA7CB78A2911}) (Version: 3.6.2204.08001 - Microsoft Corporation) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) WinX DVD Author 6.3.10 (HKLM-x32\...\WinX DVD Author_is1) (Version: - DigiartySoft, Inc.) WinZip 25.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2412F}) (Version: 25.0.14273 - Corel Corporation) Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.) Zoom (HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.) Zoom Outlook Plugin (HKLM-x32\...\{60556448-01BC-41B9-89D6-B0FBDEAEAD2A}) (Version: 5.4.59734 - Zoom) Packages: ========= AutoCAD - DWG Viewer & Editor -> C:\Program Files\WindowsApps\89006A2E.AutoCAD360_8.40.0.0_x64__tf1gferkr813w [2022-10-29] (Autodesk Inc.) AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52074.0_x64__8wekyb3d8bbwe [2022-10-14] (Microsoft Corporation) Foto's-invoegtoepassing -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-10-28] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_140.1.307.0_x64__v10z8vjag6ke6 [2022-11-05] (HP Inc.) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa [2022-10-27] (Apple Inc.) [Startup Task] Media-engine-invoegtoepassing voor Foto's -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-05] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-05] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-4182651854-4289876487-1575895177-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Etienne\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22234.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4182651854-4289876487-1575895177-1002_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> ) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll -> Geen bestand ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-02-18] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => E:\Programma van C\PDF exchange\Shell Extensions\XCShellMenu.x64.dll [2021-02-04] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Programma van C\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Programma van C\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2020-09-28] (Corel Corporation -> WinZip Computing) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-02-18] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-02-18] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd) ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2020-09-28] (Corel Corporation -> WinZip Computing) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll -> Geen bestand ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-02-18] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Programma van C\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Programma van C\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\WZSHLS64.DLL [2020-09-28] (Corel Corporation -> WinZip Computing) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\Etienne\Desktop\Etienne (Persoon 1) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default" ==================== Geladen Modules (gefilterd) ============= 2022-06-10 15:23 - 2021-09-26 08:31 - 000194048 _____ () [Bestand niet getekend] C:\Program Files (x86)\EaseUS\ENS\libssh2.dll 2022-06-10 15:23 - 2022-05-12 11:43 - 000509064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\ENS\AliyunWrap.DLL 2022-06-10 15:23 - 2022-05-12 11:43 - 000141448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\ENS\EnsHelper.dll 2022-06-10 15:23 - 2022-05-12 11:43 - 000098440 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\ENS\register.dll 2022-06-10 15:23 - 2022-05-12 11:43 - 000461448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\ENS\wpnr.dll 2022-06-10 15:23 - 2022-02-17 15:32 - 000066696 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\DC\bin\x64\VssEaseusProvider.dll 2022-10-18 15:46 - 2018-03-24 00:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll 2022-10-18 15:46 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll 2022-06-10 15:23 - 2021-09-26 08:31 - 000428544 _____ (The curl library, hxxps://curl.se/) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\ENS\libcurl.dll 2022-06-10 15:23 - 2021-09-26 08:31 - 002523136 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\ENS\libcrypto-1_1.dll 2022-06-10 15:23 - 2021-09-26 08:31 - 000531456 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\ENS\libssl-1_1.dll ==================== Alternate Data Streams (gefilterd) ======== (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152] ==================== Veilige Modus (gefilterd) ================== ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_333\bin\ssv.dll [2022-10-18] (Oracle America, Inc. -> Oracle Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-10-18] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2020-11-21] (Logitech Inc -> Logitech, Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\sharepoint.com -> hxxps://ebl6-files.sharepoint.com ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2019-03-19 05:49 - 2022-10-18 15:25 - 000000641 __RSH C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 license.piriform.com 127.0.0.1 www.license.piriform.com 127.0.0.1 speccy.piriform.com 127.0.0.1 www.speccy.piriform.com 127.0.0.1 recuva.piriform.com 127.0.0.1 www.recuva.piriform.com 127.0.0.1 defraggler.piriform.com 127.0.0.1 www.defraggler.piriform.com 127.0.0.1 ccleaner.piriform.com 127.0.0.1 www.ccleaner.piriform.com 127.0.0.1 license-api.ccleaner.com ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Calibre2\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\dotnet\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common HKU\S-1-5-21-4182651854-4289876487-1575895177-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\Control Panel\Desktop\\Wallpaper -> G:\Slot t Loo 2.jpg HKU\S-1-5-21-4182651854-4289876487-1575895177-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 84.116.46.21 - 84.116.46.20 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\Run: => "WinZip UN" HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad" HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\StartupApproved\Run: => "Avanquest Message" HKU\S-1-5-21-4182651854-4289876487-1575895177-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [UDP Query User{AEDB5F1E-DE25-44F8-B2AF-E55E6AE138FD}C:\users\etienne\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\etienne\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{E69D494A-F7E2-4D42-B853-B538279B5193}C:\users\etienne\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\etienne\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3EC72769-B6DE-4DA4-BCD9-E761C3B52312}] => (Allow) C:\Users\Etienne\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{D40ACAE0-D435-4052-B608-123C015100CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{349B7F65-B625-4CB9-AE1E-FFB21A324C37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{5BBA179C-DF77-42DE-BB84-99A651DAA0A8}E:\programma van c\comicrack\comicrack.exe] => (Block) E:\programma van c\comicrack\comicrack.exe () [Bestand niet getekend] FirewallRules: [TCP Query User{8EA8F344-61E2-4CE6-A965-38EC9AA37CA2}E:\programma van c\comicrack\comicrack.exe] => (Block) E:\programma van c\comicrack\comicrack.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{CA47B2DC-0432-4FB5-98E1-378E54EB21C7}C:\users\etienne\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\etienne\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{80DB6CCC-1F09-4827-8A75-16440F1D5C7A}C:\users\etienne\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\etienne\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{76529FB8-6A47-4022-AFFB-2E81ECCBDD12}E:\programma van c\vlc\vlc.exe] => (Block) E:\programma van c\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [TCP Query User{1267185B-7D03-4A9F-AE5C-4D8339868A4F}E:\programma van c\vlc\vlc.exe] => (Block) E:\programma van c\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{43AE8A35-3151-48AD-9753-4BE0FD924A34}C:\users\etienne\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\etienne\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{4794D02B-6B60-44AE-972A-C16224806D6A}C:\users\etienne\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\etienne\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CDD91BE7-0DEB-43E6-BE16-9B82AA8335C6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => Geen bestand FirewallRules: [{4A26EBF4-1442-47C4-93E7-7F91063232BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => Geen bestand FirewallRules: [TCP Query User{0459DF95-E276-4F8E-B00D-91E6A0DB14D8}C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Block) C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe => Geen bestand FirewallRules: [UDP Query User{0BD9B2BE-8415-4C18-AF3D-21C6CFB6362D}C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Block) C:\users\etienne\appdata\local\programs\opera\76.0.4017.154\opera.exe => Geen bestand FirewallRules: [TCP Query User{8A18E0BB-A8FA-4D1D-9409-E0E82B48F68F}C:\users\etienne\appdata\local\programs\opera\opera.exe] => (Block) C:\users\etienne\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{420AF74F-5784-46CF-8BA3-D1C247025C26}C:\users\etienne\appdata\local\programs\opera\opera.exe] => (Block) C:\users\etienne\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{0BF7BDEC-71FD-456C-9033-01FEA469E88B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{4B6CB709-B6FE-4D01-9D67-BFBA50ED885F}C:\users\etienne\appdata\local\programs\opera\opera.exe] => (Block) C:\users\etienne\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{12FA35FA-A60B-4265-A0AE-6A850EAD6B96}C:\users\etienne\appdata\local\programs\opera\opera.exe] => (Block) C:\users\etienne\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{2317CEA9-0956-4295-AE8C-C06E270DF574}] => (Allow) E:\Programma van C\Parallels Transporter Agent\ParallelsTransporterAgent.exe (Parallels International GmbH -> Parallels International GmbH) FirewallRules: [{48642308-6903-48FF-86DA-C89C5422EB67}] => (Allow) E:\Programma van C\Parallels Transporter Agent\ParallelsTransporterAgent.exe (Parallels International GmbH -> Parallels International GmbH) FirewallRules: [{C79A909D-C183-4EB9-9AC6-E8841FD53132}] => (Allow) E:\Programma van C\Parallels Transporter Agent\ParallelsTransporterAgent.exe (Parallels International GmbH -> Parallels International GmbH) FirewallRules: [{166B72F8-EB0E-45C7-99F7-3CE580801279}] => (Allow) E:\Programma van C\Parallels Transporter Agent\ParallelsTransporterAgent.exe (Parallels International GmbH -> Parallels International GmbH) FirewallRules: [{525C44DF-058C-476B-ADC6-E5FED6FE33DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{72B03CF3-C490-40A6-99D3-23DABF192B2B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{488233B5-D74B-48FE-8914-6B9B90E3743A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{760D7C6A-E0B5-431D-9B92-31ED00DAC72C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{010DEB6D-1B35-4801-89EA-62C3A76A6507}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{0CB230E3-C7A9-4AF1-A36B-6F49AD4CE2A8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5AF6921E-683D-466A-9624-360C66334034}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B35A12F1-17AA-4310-904E-47DEB9D4159D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5AECC8CA-5AEB-4D9C-B918-B105EA482708}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F61BA067-D4BC-447C-9912-A80A567FCEB9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{01F98F47-AA79-4B96-A039-06EBB94BD245}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{B14C9E72-F69F-49F5-AD89-B1A44F51716C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{829D5A22-2F82-40CE-AACC-B09F97E67A65}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{2808D32F-D0F2-4336-BA83-E3B5C45C16EF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{583658B1-24D8-4C07-BF50-055D36E12318}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Herstelpunten ========================= 18-10-2022 15:42:25 Piriform Driver Updater - Update 1.3.35.1 26-10-2022 07:28:57 Gepland controlepunt 05-11-2022 07:45:28 Gepland controlepunt ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (11/05/2022 05:42:39 PM) (Source: Microsoft Office 16) (EventID: 2001) (User: ) Description: Microsoft Excel: Rejected Safe Mode action : U houdt de Ctrl-toets ingedrukt. Wilt u Excel starten in de veilige modus?. Error: (11/05/2022 04:57:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma expresszip.exe, versie 0.0.0.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 2964 Starttijd: 01d8f12f258056aa Eindtijd: 9 Toepassingspad: C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe Rapport-id: c382e559-aff8-459e-9d92-55dadc1365ae Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Unknown Error: (11/05/2022 04:24:53 PM) (Source: ESENT) (EventID: 428) (User: ) Description: SearchIndexer (14668,D,0) Windows: De database-engine weigert bijwerkbewerkingen uit te voeren omdat de schijf met het logboek over onvoldoende beschikbare ruimte beschikt. Error: (11/05/2022 04:24:30 PM) (Source: ESENT) (EventID: 482) (User: ) Description: SearchIndexer (14668,D,22) Windows: Een poging te schrijven naar bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs bij een offset van 0 (0x0000000000000000) voor 1048576 (0x00100000) bytes is mislukt na 0.000 seconden. Systeemfout 112 (0x00000070): Onvoldoende schijfruimte beschikbaar. . Tijdens de leesbewerking treedt fout -1808 (0xfffff8f0) op. Als dit probleem zich blijft voordoen, wordt het bestand mogelijk beschadigd en moet het worden hersteld vanaf een vorige back-up. Error: (11/05/2022 04:24:30 PM) (Source: ESENT) (EventID: 482) (User: ) Description: SearchIndexer (14668,D,22) Windows: Een poging te schrijven naar bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs bij een offset van 0 (0x0000000000000000) voor 1048576 (0x00100000) bytes is mislukt na 0.000 seconden. Systeemfout 112 (0x00000070): Onvoldoende schijfruimte beschikbaar. . Tijdens de leesbewerking treedt fout -1808 (0xfffff8f0) op. Als dit probleem zich blijft voordoen, wordt het bestand mogelijk beschadigd en moet het worden hersteld vanaf een vorige back-up. Error: (11/05/2022 04:24:29 PM) (Source: ESENT) (EventID: 482) (User: ) Description: SearchIndexer (14668,D,22) Windows: Een poging te schrijven naar bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs bij een offset van 0 (0x0000000000000000) voor 1048576 (0x00100000) bytes is mislukt na 0.000 seconden. Systeemfout 112 (0x00000070): Onvoldoende schijfruimte beschikbaar. . Tijdens de leesbewerking treedt fout -1808 (0xfffff8f0) op. Als dit probleem zich blijft voordoen, wordt het bestand mogelijk beschadigd en moet het worden hersteld vanaf een vorige back-up. Error: (11/05/2022 04:24:26 PM) (Source: ESENT) (EventID: 482) (User: ) Description: SearchIndexer (14668,D,22) Windows: Een poging te schrijven naar bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs bij een offset van 0 (0x0000000000000000) voor 1048576 (0x00100000) bytes is mislukt na 0.000 seconden. Systeemfout 112 (0x00000070): Onvoldoende schijfruimte beschikbaar. . Tijdens de leesbewerking treedt fout -1808 (0xfffff8f0) op. Als dit probleem zich blijft voordoen, wordt het bestand mogelijk beschadigd en moet het worden hersteld vanaf een vorige back-up. Error: (11/05/2022 04:24:26 PM) (Source: ESENT) (EventID: 482) (User: ) Description: SearchIndexer (14668,D,22) Windows: Een poging te schrijven naar bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs bij een offset van 0 (0x0000000000000000) voor 1048576 (0x00100000) bytes is mislukt na 0.000 seconden. Systeemfout 112 (0x00000070): Onvoldoende schijfruimte beschikbaar. . Tijdens de leesbewerking treedt fout -1808 (0xfffff8f0) op. Als dit probleem zich blijft voordoen, wordt het bestand mogelijk beschadigd en moet het worden hersteld vanaf een vorige back-up. Systeemfouten: ============= Error: (11/08/2022 09:07:03 AM) (Source: LEqdUsb) (EventID: 12293) (User: ) Description: An attempt to clear an error on the USB bus failed. Error: (11/08/2022 08:17:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741. Error: (11/06/2022 12:21:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741. Error: (11/05/2022 05:32:36 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY) Description: Er is een beschadiging ontdekt in de bestandssysteemstructuur op het volume S:. De exacte beschadiging is onbekend. De bestandssysteemstructuren moeten offline worden gescand en hersteld. Error: (11/05/2022 05:32:36 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY) Description: S:\Device\HarddiskVolume253 Error: (11/05/2022 03:54:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741. Error: (11/05/2022 07:52:39 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY) Description: Minipoort Apple Mobile Device Ethernet, {b156ccc4-28e4-467d-ad8a-bb270ecc2f4f}: gebeurtenis 76 Error: (11/05/2022 07:39:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741. Windows Defender: ================ Date: 2021-05-30 09:48:14 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {843FFC26-FD33-4BE9-9B1E-C51FF94B5100} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2021-05-30 09:35:05 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {C7526140-CBF5-4909-8910-224398D9BEA7} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2021-02-20 08:52:12 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Naam: Trojan:Win32/Tiggre!rfn Ernst: Ernstig Categorie: Trojaans paard Pad: file:_E:\Download map\incomplete\Bitdefender Total Security 2019 v23.0.8.17 32-bit en 64-bit (Best getest Consumentenbond 2019)\__unpack\Bitdefender Total Security 2019 - by SolidSnake\Bitdefender Total Security 2019 v23.0.8.17 32 Bit\Trial Reset.zip Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-KLET6VM\Etienne Procesnaam: C:\Users\Etienne\AppData\Local\Spotnet\app-2.0.0.284\Spotnet.exe Versie van beveiligingsinformatie: AV: 1.331.1426.0, AS: 1.331.1426.0, NIS: 1.331.1426.0 Engineversie: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-20 08:51:55 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Naam: Trojan:Win32/Tiggre!rfn Ernst: Ernstig Categorie: Trojaans paard Pad: file:_E:\Download map\incomplete\Bitdefender Total Security 2019 v23.0.8.17 32-bit en 64-bit (Best getest Consumentenbond 2019)\__unpack\Bitdefender Total Security 2019 - by SolidSnake\Bitdefender Total Security 2019 v23.0.8.17 32 Bit\Trial Reset.zip Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-KLET6VM\Etienne Procesnaam: C:\Users\Etienne\AppData\Local\Spotnet\app-2.0.0.284\Spotnet.exe Versie van beveiligingsinformatie: AV: 1.331.1426.0, AS: 1.331.1426.0, NIS: 1.331.1426.0 Engineversie: AM: 1.1.17800.5, NIS: 1.1.17800.5 Date: 2021-02-20 08:51:45 Description: Microsoft Defender Antivirus heeft malware of andere mogelijke ongewenste software gedetecteerd. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Naam: Trojan:Win32/Tiggre!rfn Ernst: Ernstig Categorie: Trojaans paard Pad: file:_E:\Download map\incomplete\Bitdefender Total Security 2019 v23.0.8.17 32-bit en 64-bit (Best getest Consumentenbond 2019)\__unpack\Bitdefender Total Security 2019 - by SolidSnake\Bitdefender Total Security 2019 v23.0.8.17 32 Bit\Trial Reset.zip; file:_E:\Download map\incomplete\Bitdefender Total Security 2019 v23.0.8.17 32-bit en 64-bit (Best getest Consumentenbond 2019)\__unpack\Bitdefender Total Security 2019 - by SolidSnake\Bitdefender Total Security 2019 v23.0.8.17 64 Bit\Trial Reset.zip Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-KLET6VM\Etienne Procesnaam: C:\Users\Etienne\AppData\Local\Spotnet\app-2.0.0.284\UnRAR.exe Versie van beveiligingsinformatie: AV: 1.331.1426.0, AS: 1.331.1426.0, NIS: 1.331.1426.0 Engineversie: AM: 1.1.17800.5, NIS: 1.1.17800.5 Event[0]: Date: 2022-10-28 18:23:24 Description: Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: Vorige versie van beveiligingsinformatie: 1.339.1754.0 Updatebron: Microsoft-updateserver Type beveiligingsinformatie: AntiVirus Updatetype: Volledig Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: 1.1.18100.6 Foutcode: 0x8024001e Foutbeschrijving: Er is tijdens het zoeken naar updates een onverwacht probleem opgetreden. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates en het oplossen van problemen. Date: 2021-02-20 08:52:12 Description: Microsoft Defender Antivirus heeft een niet-kritieke fout gevonden tijdens het nemen van maatregelen ten aanzien van malware of andere mogelijk ongewenste software. Zie het volgende voor meer informatie: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Naam: Trojan:Win32/Tiggre!rfn Ernst: Ernstig Categorie: Trojaans paard Pad: file:_E:\Download map\incomplete\Bitdefender Total Security 2019 v23.0.8.17 32-bit en 64-bit (Best getest Consumentenbond 2019)\__unpack\Bitdefender Total Security 2019 - by SolidSnake\Bitdefender Total Security 2019 v23.0.8.17 32 Bit\Trial Reset.zip Detectieoorsprong: Lokale computer Detectietype: Concreet Detectiebron: Real-timebeveiliging Gebruiker: DESKTOP-KLET6VM\Etienne Procesnaam: C:\Users\Etienne\AppData\Local\Spotnet\app-2.0.0.284\Spotnet.exe Actie: Onbekend Actiestatus: No additional actions required Foutcode: 0x80508033 Foutbeschrijving: Er is een onverwacht probleem opgetreden. Installeer beschikbare updates en probeer het programma opnieuw te starten. Raadpleeg Help en ondersteuning voor meer informatie over het installeren van updates. Versie van beveiligingsinformatie: AV: 1.331.1426.0, AS: 1.331.1426.0, NIS: 1.331.1426.0 Engineversie: AM: 1.1.17800.5, NIS: 1.1.17800.5 CodeIntegrity: =============== Date: 2022-11-08 07:54:08 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. 3602 11/01/2012 Moederbord: ASUSTeK Computer INC. P8P67 Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Percentage geheugen in gebruik: 66% Totaal fysiek RAM-geheugen: 8159.13 MB Beschikbaar fysiek RAM-geheugen: 2739.32 MB Totaal Virtueel geheugen: 9439.13 MB Beschikbaar Virtueel geheugen: 3108.11 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:231.27 GB) (Free:22.06 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS Drive e: (1e Hardeschijf) (Fixed) (Total:931.51 GB) (Free:466.94 GB) (Model: SAMSUNG HD103SJ) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive f: (2e Hardeschijf) (Fixed) (Total:298.07 GB) (Free:62.16 GB) (Model: WDC WD32 00AAJS-56M0A0 SCSI Disk Device) NTFS Drive g: (3e Hardeschijf) (Fixed) (Total:930.95 GB) (Free:141.13 GB) (Model: WDC WDS 100T2B0A-00SM50 SCSI Disk Device) NTFS Drive i: (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: WDC WDS 100T2B0A-00SM50 SCSI Disk Device) NTFS ==>[systeem met boot componenten (verkregen van schijf)] Drive m: (Mac 500 Gb) (Removable) (Total:499.79 GB) (Free:499.78 GB) exFAT \\?\Volume{a86c59dc-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{a86c59dc-0000-0000-0000-f0f739000000}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS \\?\Volume{b160e353-5d22-11ed-8cda-f46d04ac7381}\ (EFI) (Removable) (Total:0.19 GB) (Free:0.19 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: FA217389) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=474 MB) - (Type=27) ========================================================== Disk: 1 (Size: 298.1 GB) (Disk ID: 6608D20D) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: A86C59DC) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=231.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=555 MB) - (Type=27) ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: CE27F751) Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS) ========================================================== Disk: 8 (Protective MBR) (Size: 500 GB) (Disk ID: 00000000) Partition: GPT. ==================== Einde van Addition.txt =======================