Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 24-01-2023 Gestart door Jean Paul (25-01-2023 18:29:55) Gestart vanaf D:\Jean Paul\Downloads Microsoft Windows 10 Home Versie 22H2 19045.2546 (X64) (2022-12-25 14:22:08) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-2231512183-731198017-2482854759-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2231512183-731198017-2482854759-503 - Limited - Disabled) Gast (S-1-5-21-2231512183-731198017-2482854759-501 - Limited - Disabled) Jean Paul (S-1-5-21-2231512183-731198017-2482854759-1001 - Administrator - Enabled) => C:\Users\Jean Paul WDAGUtilityAccount (S-1-5-21-2231512183-731198017-2482854759-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1043-1033-7760-BC15014EA700}) (Version: 22.003.20314 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 109.0.19817.75 - De auteurs van Avast Secure Browser) Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden Belgium e-ID middleware 5.0.17 (build 5498) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A75498}) (Version: 5.0.5498 - Belgian Government) Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation) FrostWire 6.9.10 (HKLM\...\FrostWire 6) (Version: 6.9.10.315 - FrostWire LLC) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.75 - Google LLC) Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google) Google Maps (HKU\S-1-5-21-2231512183-731198017-2482854759-1001\...\5be538e91976e17ff489784f8ed00e02) (Version: 1.0 - Google\Chrome) HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{67C613ED-4FFC-4CBF-B884-AA3F5D185497}) (Version: 28.1.1320.0 - Hewlett-Packard Co.) HP Photosmart 5520 series Help (HKLM-x32\...\{193C95A3-E4D5-4482-A9C9-1510E29849E4}) (Version: 27.0.0 - Hewlett Packard) HP Photosmart 5520 series Productverbeteringsonderzoek (HKLM\...\{BE652D5A-9C6A-4CD3-B89B-F4F4DAA2ED28}) (Version: 28.1.1320.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation) Microsoft 365 (HKU\S-1-5-21-2231512183-731198017-2482854759-1001\...\8d74e6a1a54b60357ade96769fbe598c) (Version: 1.0 - Google\Chrome) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.61 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.61 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) OpenOffice 4.1.10 (HKLM-x32\...\{6D02E23B-944B-4979-852E-DC94BB9824F9}) (Version: 4.110.9807 - Apache Software Foundation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.) Skype versie 8.93 (HKLM-x32\...\Skype_is1) (Version: 8.93 - Skype Technologies S.A.) Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Windows Pc-statuscontrole (HKLM\...\{4C95130F-4638-4B19-B1B4-DA7CB78A2911}) (Version: 3.6.2204.08001 - Microsoft Corporation) Wondershare Recoverit(Build 10.6.7.2) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 10.6.7.2 - Wondershare Software Co.,Ltd.) Packages: ========= Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt [2022-12-26] (Meta) [Startup Task] Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.88.6132.0_x64__8wekyb3d8bbwe [2023-01-25] (Microsoft Corporation) [Startup Task] ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2231512183-731198017-2482854759-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-2231512183-731198017-2482854759-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-2231512183-731198017-2482854759-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-2231512183-731198017-2482854759-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-2231512183-731198017-2482854759-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] CustomCLSID: HKU\S-1-5-21-2231512183-731198017-2482854759-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [Bestand niet getekend] ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-26] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-26] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-26] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-26] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.007.0109.0004\FileSyncShell64.dll [2023-01-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxDTCM.dll [2017-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-26] (Avast Software s.r.o. -> AVAST Software) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\Jean Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.9.10-SafeMode.lnk -> C:\Program Files\FrostWire 6\frostwire.bat () ShortcutWithArgument: C:\Users\Jean Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Google Maps.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=madaokiaakmolodgdodmadcoainhjege ShortcutWithArgument: C:\Users\Jean Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Microsoft 365.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ocdlmjhbenodhlknglojajgokahchlkk ==================== Geladen Modules (gefilterd) ============= ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-12-26] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation -> Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-12-26] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation -> Microsoft Corporation.) ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2022-12-23 06:46 - 2022-12-23 06:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2231512183-731198017-2482854759-1001\Control Panel\Desktop\\Wallpaper -> d:\jean paul\pictures\20220710_221020 (1).jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{C2B77A48-34D6-4BF0-AFDD-6471F6E34AB6}] => (Allow) C:\Program Files\FrostWire 6\FrostWire.exe (FrostWire) [Bestand niet getekend] FirewallRules: [{C66E9CB5-3AD5-49F1-AE1F-39A50F6AD01C}] => (Allow) C:\Program Files\FrostWire 6\FrostWire.exe (FrostWire) [Bestand niet getekend] FirewallRules: [{7A7BD715-7BDC-4A91-BE20-D775B3DD0FB3}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{884A6207-270F-4EC6-94D3-1AD970DECF6B}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{FA64DDA4-D6B3-4279-9D17-5FF81BE6D2C2}] => (Allow) LPort=57209 FirewallRules: [{9AD3CCA8-6EA7-4160-B044-2E8DA0663B03}] => (Allow) LPort=57210 FirewallRules: [{515CE4CD-A8A2-4E0D-A9CF-103E8015D8BC}] => (Allow) LPort=57211 FirewallRules: [{0C9C8870-862D-4D56-B7C5-528848CF168D}] => (Allow) LPort=57212 FirewallRules: [{F7DB6DFF-3495-4CF0-9152-9681C586E2AA}] => (Allow) LPort=57213 FirewallRules: [{997194BC-83EB-4212-A583-2EBCE762800A}] => (Allow) LPort=57214 FirewallRules: [{B5C07C54-1014-47A3-8067-3FF5EE3C3354}] => (Allow) LPort=57215 FirewallRules: [{ACD97E23-91D4-471E-818D-D0AAD3AAF59D}] => (Allow) LPort=57216 FirewallRules: [{657E7342-5EC8-4777-9EB7-D9B77B31D7F6}] => (Allow) LPort=57217 FirewallRules: [{195E09F8-55C2-4439-9383-1AD370A5AD14}] => (Allow) LPort=57218 FirewallRules: [{B45A3287-4870-4AA9-89F6-BD1A2F8C987A}] => (Allow) LPort=57209 FirewallRules: [{026982DE-9652-48DB-9E52-5ADA542D3D5A}] => (Allow) LPort=57210 FirewallRules: [{EDC8727C-F4A2-4358-A277-23AE6944F56E}] => (Allow) LPort=57211 FirewallRules: [{75485EF4-A4B4-4380-AF2C-D8EBFD720446}] => (Allow) LPort=57212 FirewallRules: [{9583F1CF-9056-4849-8220-0283A1B2B4BA}] => (Allow) LPort=57213 FirewallRules: [{80B65914-29F5-43A5-A1EF-68A151BE4854}] => (Allow) LPort=57214 FirewallRules: [{61090652-2316-43DA-8AFC-45C608A20E99}] => (Allow) LPort=57215 FirewallRules: [{9BB2F0DA-CAFE-428C-8F9B-3E6CCEDEF38F}] => (Allow) LPort=57216 FirewallRules: [{DC342897-7D94-4B33-9A5A-DC14B4ABC36F}] => (Allow) LPort=57217 FirewallRules: [{CC8459E0-75B0-43FF-BEC0-908AC3D1C9A4}] => (Allow) LPort=57218 FirewallRules: [{A21E8F53-92BB-4A48-9565-248F3585FEDA}] => (Allow) LPort=23007 FirewallRules: [{8B3139F7-CBDB-4B83-9A48-5C51668AB5D0}] => (Allow) LPort=23008 FirewallRules: [{3FAE0EC8-D7CA-4EC6-9846-7402853A78F3}] => (Allow) LPort=33009 FirewallRules: [{22016332-8F7E-41BC-AE5F-62E166FDA187}] => (Allow) LPort=33010 FirewallRules: [{F0F47C35-5899-4F31-A2E3-24D92E6C4DD0}] => (Allow) LPort=33011 FirewallRules: [{EFF332BF-F099-48A8-9987-42A959C6FF3D}] => (Allow) LPort=43012 FirewallRules: [{89792E1D-7F17-45B5-BE87-2F4E49470B4D}] => (Allow) LPort=43013 FirewallRules: [{77DECA63-F428-4426-96A0-9DD9E0AE7055}] => (Allow) LPort=53014 FirewallRules: [{AB7A376A-3D3E-4572-BF08-A21CFA8E0278}] => (Allow) LPort=53015 FirewallRules: [{69FA5359-B142-45B8-A3BB-0FFAA6CF00A2}] => (Allow) LPort=53016 FirewallRules: [{AF661DA5-A292-4A57-AEA9-338437EC0943}] => (Allow) LPort=23007 FirewallRules: [{4DF5D910-5E4F-423C-B36A-A8A2375BBDB4}] => (Allow) LPort=23008 FirewallRules: [{F5FD3C7A-7256-44A8-B7D8-B3D5C414234C}] => (Allow) LPort=33009 FirewallRules: [{E8F89715-DBE1-4FDA-840D-35ED6ADA34F6}] => (Allow) LPort=33010 FirewallRules: [{955A5EED-A386-439B-978D-B01DBE0C8BF8}] => (Allow) LPort=33011 FirewallRules: [{0E601863-803B-4843-AE78-2AEA8ECC7B76}] => (Allow) LPort=43012 FirewallRules: [{7DA92158-B892-4065-B37E-D99FB4AD4206}] => (Allow) LPort=43013 FirewallRules: [{2046285D-038C-45F7-BC74-4ADCBE602551}] => (Allow) LPort=53014 FirewallRules: [{4B318CC1-B9D6-446A-B709-E3AA4AD095D0}] => (Allow) LPort=53015 FirewallRules: [{12869E09-2B50-4FEB-9701-4A0EF6A94048}] => (Allow) LPort=53016 FirewallRules: [{EBBEB39F-0CEE-4622-AD0D-E551B44663B6}] => (Allow) LPort=50053 FirewallRules: [{4DC60BD2-3DFD-4462-8F38-7EF4FB1E8C11}] => (Allow) LPort=50053 FirewallRules: [{F2D8556C-5ECC-4F7F-A62F-0232F3AEEE68}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe (HP Inc. -> Hewlett-Packard Co.) FirewallRules: [{1A0F4113-F021-467A-991E-734ECBE15D91}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe (HP Inc. -> Hewlett-Packard Co.) FirewallRules: [{F07FC106-415C-4471-B911-684EFBD72DD0}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> Hewlett-Packard Co.) FirewallRules: [{D30A6D73-5701-44F9-B860-33C3B9F23F05}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{413B2AF5-83CB-4C7A-81CA-FBE03701D0CF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{12271773-FF2C-4AA9-AF4E-92635A0BF39F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3445F1F7-0EEE-44DC-BD8C-E98DF681F0AD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6F2C804C-5E4D-4B1F-AC05-B8BC191CE5DB}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software) ==================== Herstelpunten ========================= 23-01-2023 12:20:21 Installatieprogramma voor Windows-modules ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (01/23/2023 12:35:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY) Description: Gebruikerscomponent is geladen door een ander proces (Registry Lock). Procesnaam: C:\Windows\System32\svchost.exe, PID: 7296, ProfSvc PID: 2020. Error: (01/23/2023 12:35:35 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY) Description: Gebruikerscomponent is geladen door een ander proces (Registry Lock). Procesnaam: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe, PID: 3688, ProfSvc PID: 2020. Error: (01/23/2023 12:34:28 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Error: (01/23/2023 12:34:28 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (01/23/2023 12:34:28 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine CoCreateInstance. hr = 0x8007045b, Systeem wordt afgesloten. . Error: (01/23/2023 12:34:28 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informatie voor de Volume Shadow Copy-service: de COM-server met CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} en de naam CEventSystem kan niet worden gestart. [0x8007045b, Systeem wordt afgesloten. ] Error: (01/22/2023 01:55:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: Microsoft.SharePoint.exe, versie: 23.2.102.4, tijdstempel: 0x9ff405d5 Naam van module met fout: ucrtbase.dll, versie: 10.0.19041.789, tijdstempel: 0x2bd748bf Uitzonderingscode: 0xc0000409 Foutmarge: 0x000000000007286e Id van proces met fout: 0xa24 Starttijd van toepassing met fout: 0x01d92e60d23df54f Pad naar toepassing met fout: C:\Users\Jean Paul\AppData\Local\Microsoft\OneDrive\23.002.0102.0004\Microsoft.SharePoint.exe Pad naar module met fout: C:\WINDOWS\System32\ucrtbase.dll Rapport-id: 6383a391-d721-43b0-829d-a0034c0e8b6f Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (01/22/2023 12:10:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: RuntimeBroker.exe, versie: 10.0.19041.746, tijdstempel: 0x5b78739c Naam van module met fout: ntdll.dll, versie: 10.0.19041.2130, tijdstempel: 0xb5ced1c6 Uitzonderingscode: 0xc0000374 Foutmarge: 0x00000000000ff6a9 Id van proces met fout: 0x9b0 Starttijd van toepassing met fout: 0x01d92e4a992ee597 Pad naar toepassing met fout: C:\Windows\System32\RuntimeBroker.exe Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll Rapport-id: 2ddfa536-2e85-4ad8-821d-fc2a0ce48c65 Volledige pakketnaam met fout: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy Relatieve toepassings-id van pakket met fout: runtimebroker07f4358a809ac99a64a67c1 Systeemfouten: ============= Error: (01/24/2023 08:48:35 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GF2A998) Description: De server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/22/2023 06:48:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-GF2A998) Description: De server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/18/2023 08:20:33 PM) (Source: disk) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR4. Error: (01/18/2023 06:48:32 PM) (Source: disk) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR4. Error: (01/18/2023 06:48:32 PM) (Source: disk) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR4. Error: (01/18/2023 06:48:32 PM) (Source: disk) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR4. Error: (01/18/2023 06:48:32 PM) (Source: disk) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR4. Error: (01/18/2023 06:48:31 PM) (Source: disk) (EventID: 11) (User: ) Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR4. Windows Defender: ================Event[0]: Date: 2023-01-16 14:21:45 Description: Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: 1.381.2271.0 Vorige versie van beveiligingsinformatie: 1.381.1117.0 Updatebron: Gebruiker Type beveiligingsinformatie: AntiSpyware Updatetype: Delta Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: 1.1.19900.2 Vorige engineversie: 1.1.19900.2 Foutcode: 0x80004004 Foutbeschrijving: De bewerking is afgebroken Date: 2023-01-16 14:21:45 Description: Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: 1.381.2271.0 Vorige versie van beveiligingsinformatie: 1.381.1117.0 Updatebron: Gebruiker Type beveiligingsinformatie: AntiVirus Updatetype: Delta Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: 1.1.19900.2 Vorige engineversie: 1.1.19900.2 Foutcode: 0x80004004 Foutbeschrijving: De bewerking is afgebroken Date: 2023-01-16 14:21:45 Description: Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: 1.381.2271.0 Vorige versie van beveiligingsinformatie: 1.381.1117.0 Updatebron: Gebruiker Type beveiligingsinformatie: AntiSpyware Updatetype: Delta Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: 1.1.19900.2 Vorige engineversie: 1.1.19900.2 Foutcode: 0x80004004 Foutbeschrijving: De bewerking is afgebroken Date: 2023-01-16 14:21:45 Description: Microsoft Defender Antivirus heeft een fout ontdekt tijdens het bijwerken van beveiligingsinformatie. Nieuwe versie van beveiligingsinformatie: 1.381.2271.0 Vorige versie van beveiligingsinformatie: 1.381.1117.0 Updatebron: Gebruiker Type beveiligingsinformatie: AntiVirus Updatetype: Delta Gebruiker: NT AUTHORITY\NETWORK SERVICE Huidige engineversie: 1.1.19900.2 Vorige engineversie: 1.1.19900.2 Foutcode: 0x80004004 Foutbeschrijving: De bewerking is afgebroken CodeIntegrity: =============== Date: 2023-01-25 18:07:13 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2023-01-25 10:29:32 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Geheugen info =========================== BIOS: Insyde Corp. V1.17 03/20/2018 Moederbord: KBL Dragonite_KL Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz Percentage geheugen in gebruik: 61% Totaal fysiek RAM-geheugen: 8067.6 MB Beschikbaar fysiek RAM-geheugen: 3082.2 MB Totaal Virtueel geheugen: 9347.6 MB Beschikbaar Virtueel geheugen: 3473.06 MB ==================== Schijven ================================ Drive c: () (Fixed) (Total:118.64 GB) (Free:41.03 GB) (Model: KINGSTON RBUSNS8180S3128GI1) NTFS Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:529.44 GB) (Model: WDC WD10SPZX-21Z10T0) NTFS \\?\Volume{d5f53bbc-a66e-45d8-8bfc-b093f16aee53}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS \\?\Volume{f8458e70-569c-464f-b0a5-36d9cc8f49f8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 508D354B) Partition: GPT. ========================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: 508D3525) Partition: GPT. ==================== Einde van Addition.txt =======================