Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 05.01.2024 Gestart door hurkm (05-01-2024 16:25:40) Gestart vanaf C:\Users\hurkm\Desktop Microsoft Windows 11 Home Versie 23H2 22631.2861 (X64) (2023-11-10 14:03:50) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-2343222833-1654671474-3426894111-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2343222833-1654671474-3426894111-503 - Limited - Disabled) Gast (S-1-5-21-2343222833-1654671474-3426894111-501 - Limited - Disabled) hurkm (S-1-5-21-2343222833-1654671474-3426894111-1001 - Administrator - Enabled) => C:\Users\hurkm WDAGUtilityAccount (S-1-5-21-2343222833-1654671474-3426894111-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee (Enabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 4K Video Downloader 4.9 (HKLM-x32\...\{66A3F673-6062-4616-94B3-52F0F56E7DB8}) (Version: 4.9.2.3082 - Open Media LLC) 4K YouTube to MP3 (HKLM\...\{F1DCC16A-913A-4563-9C7F-DD6A36CA3B06}) (Version: 4.13.0.5540 - Open Media LLC) Hidden 4K YouTube to MP3 (HKLM-x32\...\{d2ffb51a-a270-413c-9d24-372e3f5525c5}) (Version: 4.13.0.5540 - Open Media LLC) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1043-1033-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe) AquaSoft DiaShow 9 Premium (HKLM-x32\...\AquaSoft DiaShow 9 Premium) (Version: 9.7.07.00360 - AquaSoft) Ashampoo Music Studio 2019 (HKLM-x32\...\{91B33C97-051F-D232-FDFC-17A33450B629}_is1) (Version: 1.7.0 - Ashampoo GmbH & Co. KG) Brother P-touch Address Book 1.4 (HKLM-x32\...\{183610C9-C423-4EF3-8B05-5B194851F9BA}) (Version: 1.4.0010 - Brother Industries, Ltd.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.6.1.2 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.) CanoScan 9000F Mark II Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9604) (Version: - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP) COMODO Antivirus (HKLM\...\{529CC629-B436-4886-B322-4BE75B97783D}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 120.0.6099.110 - Comodo) FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2532 - HYBRIDWEB.de) fotofabriekSoftware 4.10.0 (HKLM\...\fotofabriek_is1) (Version: - 1STEIN Corp.) Grammarly for Windows (HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\...\Grammarly Desktop Integrations) (Version: 1.2.55.1217 - Grammarly) Intel(R) Chipset Device Software (HKLM\...\{C844CC39-BC28-46CA-8239-3F37D8FE2A59}) (Version: 10.1.17541.8066 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1813.12.0.1124 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{40771DE2-6328-4D68-950F-3BA3D32E0944}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{40A2F54E-1774-4CD4-BFBF-E612D501A50E}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{A20E4D51-AFF5-4E93-A0AB-3173FF405B1F}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5017 - Intel Corporation) Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.49.166.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo) Java 8 Update 391 (HKLM-x32\...\{71324AE4-039E-4CA4-87B4-2F32180391F0}) (Version: 8.0.3910.13 - Oracle Corporation) Malwarebytes version 4.6.7.301 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.7.301 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.91 - Microsoft Corporation) Microsoft Office Home en Student 2021 - nl-nl (HKLM\...\HomeStudent2021Retail - nl-nl) (Version: 16.0.17029.20108 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{87E0D59E-35E0-4DB6-80C7-1EEB78187C82}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{04087575-33C4-4D06-9C0D-AD04FBB684B4}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden Mozilla Firefox (x64 nl) (HKLM\...\Mozilla Firefox 121.0 (x64 nl)) (Version: 121.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 119.0.1 - Mozilla) Mp3tag v3.23 (HKLM\...\Mp3tag) (Version: 3.23 - Florian Heidenreich) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden paint.net (HKLM\...\{4858C924-AFBF-4A35-AA64-27A6A56EE372}) (Version: 5.0.12 - dotPDN LLC) PDF24 Creator 11.14.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 11.14.0 - PDF24.org) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8425 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) Skype versie 8.110 (HKLM-x32\...\Skype_is1) (Version: 8.110 - Skype Technologies S.A.) SoulSeek 157 NS 13e (HKLM-x32\...\Soulseek2) (Version: - ) SoulseekQt versie 2019.7.22 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-11-17] () AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2023-12-14] (INTEL CORP) [Startup Task] Dev Home (Preview) -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.801.344.0_x64__8wekyb3d8bbwe [2023-12-14] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-12-08] (HP Inc.) Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-11-17] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-06] (Microsoft Corporation) PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.2.1.0_x64__f5eddttrpssna [2023-11-28] (Mooii Tech) Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2312.164.0_x64__8wekyb3d8bbwe [2023-12-19] (Microsoft Corporation) [Startup Task] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2023-11-10] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-10] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0 [2023-12-08] (Spotify AB) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm [2023-12-16] (WhatsApp Inc.) [Startup Task] WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1049.117.0_x64__8wekyb3d8bbwe [2023-11-18] (Microsoft Corp.) WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.1049.117.0_x64__8wekyb3d8bbwe [2023-11-18] (Microsoft Corp.) Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2023-11-18] (Microsoft Corporation) Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2023-11-18] (Microsoft Corporation) Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-06] (Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2343222833-1654671474-3426894111-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-2343222833-1654671474-3426894111-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-02] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-02] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) ==================== Codecs (gefilterd) ==================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= ==================== Alternate Data Streams (gefilterd) ======== (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\Users\hurkm\Desktop\FRST64.exe:MBAM.Zone.Identifier [193] AlternateDataStreams: C:\Users\hurkm\Downloads\advanced-systemcare-setup.exe:MBAM.Zone.Identifier [126] AlternateDataStreams: C:\Users\hurkm\Downloads\LibreOffice_7.5.2_Win_x86-64(1).msi:MBAM.Zone.Identifier [144] AlternateDataStreams: C:\Users\hurkm\Downloads\loaris.exe:MBAM.Zone.Identifier [99] AlternateDataStreams: C:\Users\hurkm\Downloads\RSITx64.exe:MBAM.Zone.Identifier [92] ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nl.yahoo.com/?fr=fp-comodo&type=19_33010001005_117.0.5938.150_u_hp HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ SearchScopes: HKU\S-1-5-21-2343222833-1654671474-3426894111-1001 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=19_33010001005_117.0.5938.150_u_ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-2343222833-1654671474-3426894111-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxps://nl.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=19_33010001005_117.0.5938.150_u_ds&p={searchTerms} BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\Control Panel\Desktop\\Wallpaper -> c:\users\hurkm\appdata\local\packages\microsoftwindows.client.cbs_cw5n1h2txyewy\localcache\microsoft\irisservice\15827392688935576504\133482608760344830.jpg DNS Servers: 192.168.2.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\Run: => "PDF24" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\...\StartupApproved\Run: => "Advanced SystemCare 12" HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\...\StartupApproved\Run: => "Grammarly" HKU\S-1-5-21-2343222833-1654671474-3426894111-1001\...\StartupApproved\Run: => "Skype for Desktop" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{103F51F3-D52A-4A67-9509-2F266DFABB4E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3D7D2A2C-737F-4FE7-9FD8-7FA2B7BB0948}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{3D138786-C01B-4231-857E-54B4A06DC542}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{494EF8C4-D8DE-4F97-857F-8EFDEFDA629F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C65AD4AA-2A73-4469-A1C5-164622EBF92A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C6484B67-204B-49FE-8A29-970E4727C989}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C9671855-38A2-4104-9EBC-AFB258185440}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{88F3D6A6-6699-48D2-BE39-631C2D974E82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{1071054D-2606-4ADF-ABBC-F6F05828ACED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{BB38DE65-8B8A-4B1B-90F8-3D1D77641DC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{291E0785-19AB-42FD-BDEA-6BFDFACEA73C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{592FAF19-23BD-4682-AE34-E1DCE515882B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C1816DBB-3250-49AE-9BC3-32E7E0DD8C07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6240997E-0A8A-4878-AC62-4091E82EDE41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3DBD5377-8D42-4071-9177-A42C3830680A}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{5C71C7BC-0C7B-4C3B-8AE9-30F1C6FE4C26}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{34CA9B14-770E-4207-BB64-BC4AC1964BBD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{974F962E-6816-41BB-B291-5BB198A2DE60}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{613E9F25-4AE6-4A35-BE38-C6DCD187F799}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C78E9B18-5315-4894-A0EB-77767F3E66AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{12E29D38-40E3-4AA5-9C30-417C2833DD00}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{83E774CC-C45C-4A83-88B1-6892FD0F4F28}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{92578C39-93E3-4B59-847C-0002A85861EF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.91\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Herstelpunten ========================= 03-01-2024 11:05:59 Windows Update 03-01-2024 11:05:59 Windows Update 03-01-2024 16:39:38 Revo Uninstaller's restore point - McAfee 05-01-2024 13:54:14 Revo Uninstaller's restore point - IObit Malware Fighter 11 05-01-2024 14:05:05 Revo Uninstaller's restore point - WebAdvisor van McAfee 05-01-2024 14:09:54 Revo Uninstaller's restore point - Advanced SystemCare 12 ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (01/05/2024 04:16:34 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: DESKTOP-KQ7HSB2) Description: C:\Users\hurkm\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894 Error: (01/05/2024 03:45:37 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY) Description: Naam van toepassing met fout: MainDaemon.exe, versie: 6.0.0.3, tijdstempel: 0x6540ba43 Naam van module met fout: MainDaemon.exe, versie: 6.0.0.3, tijdstempel: 0x6540ba43 Uitzonderingscode: 0xc0000005 Foutmarge: 0x000000000001e8ef Id van proces met fout: 0x0x3374 Starttijd van toepassing met fout: 0x0x1da3fe5cc905bd5 Pad naar toepassing met fout: C:\Program Files\Fortect\bin\MainDaemon.exe Pad naar module met fout: C:\Program Files\Fortect\bin\MainDaemon.exe Rapport-id: 24740d9d-6c3a-4269-9095-1cd9599ae429 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (01/05/2024 03:12:55 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (01/05/2024 02:18:19 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: DESKTOP-KQ7HSB2) Description: C:\Users\hurkm\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894 Error: (01/05/2024 02:09:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary ImfHpFileFilter. System Error: Het systeem kan het opgegeven bestand niet vinden.. Error: (01/05/2024 02:09:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary IMFEFSFileControl. System Error: Het systeem kan het opgegeven bestand niet vinden.. Error: (01/05/2024 02:09:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary IMFCameraProtect. System Error: Het systeem kan het opgegeven bestand niet vinden.. Error: (01/05/2024 02:09:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Imf8HpRegFilter. System Error: Het systeem kan het opgegeven bestand niet vinden.. Systeemfouten: ============= Error: (01/05/2024 04:18:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ7HSB2) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/05/2024 02:19:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ7HSB2) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/05/2024 02:07:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De McAfee WebAdvisor-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (01/05/2024 01:55:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De IMF Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (01/05/2024 01:12:56 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ7HSB2) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/04/2024 12:53:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KQ7HSB2) Description: De server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (01/03/2024 07:58:27 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: De service Windows-beveiligingsservice is niet juist afgesloten na de ontvangst van een besturingselement voor afsluiten. Error: (01/03/2024 04:47:36 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-KQ7HSB2) Description: Kan geen DCOM-server starten: {0358B920-0AC7-461F-98F4-58E32CD89148}. Foutmelding "2147942767" is opgetreden bij het uitvoeren van de opdracht C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683} CodeIntegrity: =============== Date: 2024-01-05 16:21:18 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. R02-A1 09/11/2019 Moederbord: Acer Aspire TC-886 Processor: Intel(R) Core(TM) i7-9700 CPU @ 3.00GHz Percentage geheugen in gebruik: 36% Totaal fysiek RAM-geheugen: 16281.79 MB Beschikbaar fysiek RAM-geheugen: 10300.77 MB Totaal Virtueel geheugen: 17305.79 MB Beschikbaar Virtueel geheugen: 10619 MB ==================== Schijven ================================ Drive c: (Windows) (Fixed) (Total:237.27 GB) (Free:169.17 GB) (Model: NVMe HFM256GDJTNG-831) NTFS Drive d: () (Fixed) (Total:931.5 GB) (Free:572.3 GB) (Model: WDC WD10EZEX-21WN4A0) NTFS Drive e: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:1728.7 GB) (Model: Seagate Expansion SCSI Disk Device) NTFS Drive g: (ESD-USB) (Removable) (Total:14.3 GB) (Free:8.18 GB) FAT32 \\?\Volume{8780143f-c304-4be7-ae9b-89d35695a32a}\ () (Fixed) (Total:0.59 GB) (Free:0.08 GB) NTFS \\?\Volume{6cd02b8f-cf0e-4500-8904-c380e3391440}\ () (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 5E7A51D7) Partition: GPT. ========================================================== Disk: 1 (Size: 238.5 GB) (Disk ID: F9A25248) Partition: GPT. ========================================================== Disk: 2 (MBR Code: Windows 7/8/10) (Size: 14.3 GB) (Disk ID: A5D48121) Partition 1: (Active) - (Size=14.3 GB) - (Type=FAT32) ========================================================== Disk: 3 (Size: 1863 GB) (Disk ID: D5CDE2E1) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Einde van Addition.txt =======================