Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 12-08.2024 Gestart door gerar (14-08-2024 19:59:05) Gestart vanaf C:\Users\gerar\Downloads Microsoft Windows 11 Home Versie 23H2 22631.4037 (X64) (2024-08-03 02:58:23) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-2958185026-3384660575-4099094234-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2958185026-3384660575-4099094234-503 - Limited - Disabled) Gast (S-1-5-21-2958185026-3384660575-4099094234-501 - Limited - Disabled) gerar (S-1-5-21-2958185026-3384660575-4099094234-1001 - Administrator - Enabled) => C:\Users\gerar WDAGUtilityAccount (S-1-5-21-2958185026-3384660575-4099094234-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411} FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer) Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 24.7.10323.12854 - Avast Software) AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 24.7.9311.1966 - Gen Digital Inc.) Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3046 - Acer Incorporated) Documentation Manager (HKLM\...\{83BEE7AB-6C53-4E1E-A05E-752EA73C0697}) (Version: 22.170.0.3 - Intel Corporation) Hidden DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated) Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000170-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.170.0.2 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{009023df-947b-4dbd-ac71-914752f78070}) (Version: 22.170.0.3 - Intel Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 127.0.2651.98 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 127.0.2651.98 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.5 - The qBittorrent project) Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3044 - Acer Incorporated) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9423.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.56.119.2022 - Realtek) Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 3.1.0.5 - IObit) User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3016 - Acer Incorporated) VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN) WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH) Packages: ========= Acer Product Registration -> C:\Program Files\WindowsApps\acerincorporated.acerregistration_2.0.3044.0_x64__48frkmn4z8aw4 [2024-08-03] (Acer Incorporated) AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5587.0_x64__8j3eq9eme6ctt [2024-08-06] (INTEL CORP) [Startup Task] Dev Home (Preview) -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1601.561.0_x64__8wekyb3d8bbwe [2024-08-03] (Microsoft Corporation) [Startup Task] Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.101.5.0_x64__q4d96b2w5wcc2 [2024-08-14] (Evernote) [Startup Task] Foto's -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-03] (Microsoft Corporation) [Startup Task] Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_20.0.1011.0_x64__8j3eq9eme6ctt [2024-08-03] (INTEL CORP) Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-08-03] (Microsoft Corporation) Microsoft.D3DMappingLayers -> C:\Program Files\WindowsApps\microsoft.d3dmappinglayers_1.2406.1.0_x64__8wekyb3d8bbwe [2024-08-03] (Microsoft Corporation) MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24072.45.0_x64__cw5n1h2txyewy [2024-08-13] (Microsoft Windows) [Startup Task] Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2407.242.0_x64__8wekyb3d8bbwe [2024-08-03] (Microsoft Corporation) [Startup Task] QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3044.0_x64__48frkmn4z8aw4 [2024-08-03] (Acer Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.40.287.0_x64__dt26b99r8h8gj [2024-08-03] (Realtek Semiconductor Corp) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-08-14] (Microsoft Windows) WinRAR -> C:\Program Files\WinRAR [2024-08-11] (win.rar GmbH) ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-2958185026-3384660575-4099094234-1001_Classes\CLSID\{dc1e80e5-9833-4dfc-a4dd-a0508202005d}\InprocServer32 -> D:\PortableApps\FirefoxPortable\App\Firefox64\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation) ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-08-06] (AVG Technologies USA, LLC -> Gen Digital Inc.) ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-08-06] (AVG Technologies USA, LLC -> Gen Digital Inc.) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-08-06] (AVG Technologies USA, LLC -> Gen Digital Inc.) ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit Information Technology -> IObit) ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-08-06] (AVG Technologies USA, LLC -> Gen Digital Inc.) ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit Information Technology -> IObit) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-08-06] (AVG Technologies USA, LLC -> Gen Digital Inc.) ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => C:\Program Files (x86)\IObit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit Information Technology -> IObit) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== ==================== Geladen Modules (gefilterd) ============= ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MB3Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MB3Service => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service" ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-2958185026-3384660575-4099094234-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gerar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. Network Binding: ============= Bluetooth-netwerkverbinding: Bluetooth Device (Personal Area Network) -> bthpan.sys Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys Wi-Fi: Intel(R) Wi-Fi 6E AX211 160MHz -> Netwtw12.sys vms_vsf: Hyper-V Virtual Switch Extension Filter ms_winvfp: Microsoft Azure VFP Switch Filter Extension vms_vsp: Hyper-V Virtual Switch Extension Protocol ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [TCP Query User{76CA977E-7A8C-4622-BBC9-E9DD6B4F4C57}D:\portableapps\transmissionportable\app\transmission\transmission-qt.exe] => (Allow) D:\portableapps\transmissionportable\app\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project) FirewallRules: [UDP Query User{5D482E1F-F177-413F-BE0B-5205624D52A6}D:\portableapps\transmissionportable\app\transmission\transmission-qt.exe] => (Allow) D:\portableapps\transmissionportable\app\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project) FirewallRules: [{95777162-99E3-43E4-84F7-453C6744FED5}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Bestand niet getekend] FirewallRules: [{23AD5F1D-5946-460A-A298-2F6A13164E96}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Bestand niet getekend] FirewallRules: [{4F609B03-E187-4C4C-8B63-8FCCCE8E4C19}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4F30D670-8CC4-4CB4-9C67-CB5423DA71E7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1904.3031.6050_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{779414BA-47E7-401B-8ACC-2A91F912D83E}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.) FirewallRules: [{F8946F33-851F-487F-8227-554F37EE97E3}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.) FirewallRules: [{814D09EE-D3D2-4B3F-845A-B7BFEAF7F96B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Herstelpunten ========================= 05-08-2024 14:23:53 Windows Update 06-08-2024 20:47:19 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 08-08-2024 15:41:14 Removed Acer Jumpstart 08-08-2024 15:43:37 Removed Microsoft Teams Meeting Add-in for Microsoft Office 10-08-2024 19:07:43 Installatieprogramma voor Windows-modules 14-08-2024 02:46:30 Windows Update ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (08/14/2024 03:32:08 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: 0x%08x (0x80070057 - De parameter is onjuist. (HRESULT : 0x80070057)) Error: (08/14/2024 03:10:52 AM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: 0x%08x (0x80070057 - De parameter is onjuist. (HRESULT : 0x80070057)) Error: (08/13/2024 07:13:10 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: 0x%08x (0x80070057 - De parameter is onjuist. (HRESULT : 0x80070057)) Error: (08/13/2024 12:14:07 AM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: 0x%08x (0x80070057 - De parameter is onjuist. (HRESULT : 0x80070057)) Error: (08/12/2024 01:41:01 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: 0x%08x (0x80070057 - De parameter is onjuist. (HRESULT : 0x80070057)) Error: (08/10/2024 11:54:41 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: 0x%08x (0x80070057 - De parameter is onjuist. (HRESULT : 0x80070057)) Error: (08/09/2024 10:21:11 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: 0x%08x (0x80070057 - De parameter is onjuist. (HRESULT : 0x80070057)) Error: (08/08/2024 03:34:18 PM) (Source: Windows Search Service) (EventID: 3079) (User: ) Description: Meldingen voor het volume C:\ zijn niet actief. Context: toepassing Windows Details: 0x%08x (0x80070057 - De parameter is onjuist. (HRESULT : 0x80070057)) Systeemfouten: ============= Error: (08/14/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (08/14/2024 01:34:14 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (08/14/2024 01:27:44 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (08/14/2024 03:10:57 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-5AJJQ6N) Description: De server Microsoft.LockApp_10.0.22621.3235_neutral__cw5n1h2txyewy!WindowsDefaultLockScreen heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (08/14/2024 02:38:04 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (08/13/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (08/13/2024 03:36:18 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (08/13/2024 06:00:01 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 CodeIntegrity: =============== Date: 2024-08-14 19:04:09 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Geheugen info =========================== BIOS: American Megatrends Inc. R01-A2 11/03/2023 Moederbord: Acer Aspire TC-1780 Processor: 13th Gen Intel(R) Core(TM) i7-13700 Percentage geheugen in gebruik: 42% Totaal fysiek RAM-geheugen: 16084.43 MB Beschikbaar fysiek RAM-geheugen: 9263.68 MB Totaal Virtueel geheugen: 17108.43 MB Beschikbaar Virtueel geheugen: 9568.77 MB ==================== Schijven ================================ Drive c: (Acer) (Fixed) (Total:237.83 GB) (Free:156.46 GB) (Model: NVMe WD PC SN740 SDDQNQD-512G-1014) NTFS Drive d: (Data) (Fixed) (Total:237.83 GB) (Free:164.13 GB) (Model: NVMe WD PC SN740 SDDQNQD-512G-1014) NTFS \\?\Volume{824d003a-d4b1-4ec1-b54c-fd4ad484abe6}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.4 GB) NTFS \\?\Volume{bc6dba08-9d03-40ed-8e84-7fe1740a76d4}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32 ==================== MBR & Partitietabel ==================== ==================== Einde van Addition.txt =======================