Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 11-12-2022 Gestart door HZ1RU (13-12-2022 10:07:24) Gestart vanaf C:\Users\HZ1RU\Downloads Microsoft Windows 10 Pro Versie 22H2 19045.2251 (X64) (2020-12-11 17:47:19) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) Administrator (S-1-5-21-346357692-1366640249-2590671835-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-346357692-1366640249-2590671835-503 - Limited - Disabled) Gast (S-1-5-21-346357692-1366640249-2590671835-501 - Limited - Disabled) HZ1RU (S-1-5-21-346357692-1366640249-2590671835-1001 - Administrator - Enabled) => C:\Users\HZ1RU WDAGUtilityAccount (S-1-5-21-346357692-1366640249-2590671835-504 - Limited - Disabled) ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{2B2310B1-FBC0-4933-8C73-1CBAD0D7CA28}) (Version: 1.6 - Eyeo GmbH) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1043-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Advanced IP Scanner 2.5.1 (HKLM-x32\...\{C8511AEB-814C-4D6F-AA45-44035EAD563B}) (Version: 2.5.4594.1 - Famatech) Belgium e-ID middleware 5.0.17 (build 5498) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A75498}) (Version: 5.0.5498 - Belgian Government) Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft) D-Link DWA-582 - V1.05b03 (HKLM-x32\...\{321C85DB-F528-4B49-B6AB-82547D03DAF6}) (Version: 1.05 - D-Link Corporation) Dynamic Application Loader Host Interface Service (HKLM\...\{ECFC785A-9107-4259-9288-0ABC86C0F6AB}) (Version: 1.0.0.0 - Intel Corporation) Hidden Google Analytics Opt-out Browser Add-on (HKLM\...\{ECD05518-9475-4507-BD3E-8BB011F856CC}) (Version: 0.9.7.0 - Google Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.99 - Google LLC) HP OfficeJet Pro 8710 Basissoftware van het apparaat (HKLM\...\{351BFE54-03B9-4399-9E47-8B52DFF91C29}) (Version: 40.15.1230.21319 - HP Inc.) HP OfficeJet Pro 8710 Basissoftware van het apparaat (HKLM\...\{FB832B62-6A4C-4383-B381-07B56AF44960}) (Version: 40.12.1161.1896 - HP Inc.) IIS 10.0 Express (HKLM\...\{63E2B575-D6F7-4572-8EA9-3DAC4208AA2A}) (Version: 10.0.1741 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC) Intel(R) Computing Improvement Program (HKLM\...\{0798FE0D-0E50-488A-B0DC-07E65B2758AE}) (Version: 2.4.05982 - Intel Corporation) Intel(R) Graphics Driver Software (HKLM-x32\...\{3772486f-d832-4cf7-b6f6-ba5d4d746da6}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{8a13c1a0-15ca-4939-92ea-9a745169ba28}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Icls (HKLM\...\{27946170-623E-45A2-9D7F-BEC95A5B78E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) LMS (HKLM\...\{364EE9BC-EB74-4436-B502-FA8FF2F7153F}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{DCC7FC90-C9BC-445B-A12B-ACC4278102BA}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{FEAA68D6-DA1D-4440-91B6-43906444FA49}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{E34D6B17-6F86-49F8-AECB-DE7B543A5960}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00002090-0210-1043-84C8-B8D95FA3C8C3}) (Version: 21.90.2.1 - Intel Corporation) IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan) IsoBuster 4.6 (HKLM-x32\...\IsoBuster_is1) (Version: 4.6 - Smart Projects) iThmb Converter version 1.106.0.720 (HKLM-x32\...\{AC7FF208-CE56-455E-96CB-1D96A0AF33EF}_is1) (Version: 1.106.0.720 - Dec Software) iVMS-4200 (HKLM-x32\...\{CE2F96D0-63D2-4B9C-A8D6-0D1A60840BD8}) (Version: 3.7.1.5 - Hangzhou Hikvision Digital Technology Co., Ltd.) Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation) Lazesoft Recovery Suite version 4.5 Home Edition (HKLM-x32\...\LS-32CB12D5-CC47-4BC8-BC97-0613CDCB0406_is1) (Version: 4.5 - Lazesoft) LocalServiceComponents (HKLM-x32\...\{80DDB8B4-9C6F-44A2-81AD-155EE6917A9A}_is1) (Version: 1.0.0.36 - ) Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.154 - Logitech) Macrium Reflect Free Edition (HKLM\...\{E00F3578-4849-40C8-91DE-58F02AF087A8}) (Version: 8.0.6392 - Paramount Software (UK) Ltd.) Hidden Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 8.0 - Paramount Software (UK) Ltd.) Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - ) Mazda Update Toolbox (HKLM-x32\...\Mazda Update Toolbox) (Version: - ) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation) Microsoft Office Excel MUI (Dutch) 2007 (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2007 (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Dutch) 2007 (HKLM-x32\...\{90120000-00A1-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Dutch) 2007 (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft Office Proof (Dutch) 2007 (HKLM-x32\...\{90120000-001F-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing (Dutch) 2007 (HKLM-x32\...\{90120000-002C-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Dutch) 2007 (HKLM\...\{90120000-002A-0413-1000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Dutch) 2007 (HKLM-x32\...\{90120000-006E-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Dutch) 2007 (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-346357692-1366640249-2590671835-500\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{BACA8ED0-DB44-468A-9D76-7D4588B90D60}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{3FED85F2-4004-4F8A-B65B-DDC1F6013FAA}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.74.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 Finalizer (HKLM-x32\...\{20D2A362-23EB-3BDB-BAD3-F4510B2B32A5}) (Version: 14.0.23217 - Microsoft Corporation) Hidden Microsoft Visual Studio Tools for Applications 2015 x64 Hosting Support (HKLM\...\{6D0ED930-AE5C-3289-ADA3-E6C3B13050DE}) (Version: 14.0.23217 - Microsoft Corporation) Hidden Microsoft Visual Studio Tools for Applications 2015 x86 Hosting Support (HKLM-x32\...\{84DD3A17-A979-39BC-8816-8226CB7DF8A7}) (Version: 14.0.23217 - Microsoft Corporation) Hidden Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{10AB056B-1B8C-3E9E-95CC-43C33EB88513}) (Version: 15.0.26717 - Microsoft Corporation) Hidden Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{AB46A6EF-12D2-3146-A38D-1D6FF1AFFF69}) (Version: 15.0.26717 - Microsoft Corporation) Hidden MiniTool Partition Wizard Free 12.7 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.7 - MiniTool Software Limited) Mozilla Thunderbird (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 102.5.1 (x86 nl)) (Version: 102.5.1 - Mozilla) NAPS2 6.1.2 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan) Network Monitor 1.4.00268 (HKLM\...\{51AC3A57-8A93-4584-B673-F421DE5DC813}) (Version: 1.4.00268 - Spiceworks) Hidden Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project) Npcap (HKLM-x32\...\NpcapInst) (Version: 1.71 - Nmap Project) PassFab 4WinKey (HKLM-x32\...\{4WinKey}_is1) (Version: 7.3.2.1 - PassFab, Inc.) Passware Kit 2018 v2 (64-bit) (HKLM\...\{18D342B5-826B-48F9-8288-68569A476E42}) (Version: 2018.2.1.359 - Passware) RAPID Mode (HKLM\...\{7B2F4116-7C42-4EB6-9B11-220F0FAA3567}) (Version: 1.0.1.105 - Samsung Electronics Co., Ltd.) Hidden recALL version 19.05 (HKLM-x32\...\recALL_is1) (Version: 19.05 - ) ReclaiMe File Recovery (HKLM\...\{D4F0B500-A8F8-4D00-BC68-7B03D2C0E019}_is1) (Version: - www.reclaime.com) ReclaiMe Free RAID Recovery (HKLM\...\{9AB87B8B-7DD0-4EF1-AFDE-AAD20CE53CB4}_is1) (Version: - www.reclaime.com) R-Studio 9.0 (HKLM-x32\...\R-Studio 9.0NSIS) (Version: 9.0.190312 - R-Tools Technology Inc.) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.2.0.930 - Samsung Electronics) Samsung Portable SSD Software (HKLM-x32\...\SamsungPortableSSD_is1) (Version: 1.6.7.50 - Samsung Electronics) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.) ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com) Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22054.3 - Samsung Electronics Co., Ltd.) Hidden Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22054.3 - Samsung Electronics Co., Ltd.) Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict) Sunny Explorer (HKLM-x32\...\{74766227-74CF-48D9-8884-A90955FBF3A5}) (Version: 2.01.21.4 - SMA Solar Technology AG) Unknown Device Identifier 9.01 (HKLM\...\Unknown Device Identifier_is1) (Version: 9.01 - Huntersoft) UnlockGo (Windows) version 5.1.0 (HKLM-x32\...\{385EE0DB-D717-4927-A619-9A04BB87EB5F}_is1) (Version: 5.1.0 - LuckyDog Software, Inc.) USBPcap 1.5.4.0 (HKLM\...\USBPcap) (Version: 1.5.4.0 - Tomasz Mon) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) WakeOnLAN versie 2.12.4.0 (HKLM\...\{05DF342B-3E1A-4862-9E67-8E7E9839D3EC}_is1) (Version: 2.12.4.0 - Aquila Technology) Windows 11-installatieassistent (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1610 - Microsoft Corporation) Windows Pc-statuscontrole (HKLM\...\{4C95130F-4638-4B19-B1B4-DA7CB78A2911}) (Version: 3.6.2204.08001 - Microsoft Corporation) Windows-stuurprogrammapakket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.) Windows-stuurprogrammapakket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.) Windows-stuurprogrammapakket - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. ) Windows-stuurprogrammapakket - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. ) Windows-stuurprogrammapakket - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. ) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Wireshark 4.0.1 64-bit (HKLM-x32\...\Wireshark) (Version: 4.0.1 - The Wireshark developer community, hxxps://www.wireshark.org) XnView 2.44 (HKLM-x32\...\XnView_is1) (Version: 2.44 - Gougelet Pierre-e) ZAR X (HKLM\...\{85DA9B81-D7F9-4165-8E62-F776B57213F8}_is1) (Version: - www.z-a-recovery.com) Packages: ========= Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2022-10-30] (eyeo GmbH) Audio Controls -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.AudioControls_1.3.99.0_x64__qt57b6kdvhcfw [2022-12-12] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) HP Desktop Support Utilities -> C:\Program Files\WindowsApps\AD2F1837.HPDesktopSupportUtilities_7.0.7.0_x64__v10z8vjag6ke6 [2022-10-30] (HP Inc.) Media-engine-invoegtoepassing voor Foto's -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-30] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-10-30] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-10-30] (Microsoft Corporation) [MS Ad] Microsoft Wireless Display Adapter -> C:\Program Files\WindowsApps\Microsoft.SurfaceWirelessDisplayAdapter_4.232.137.0_x64__8wekyb3d8bbwe [2022-10-30] (Microsoft Corporation) [Startup Task] Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.32791.0_x64__8wekyb3d8bbwe [2022-11-11] (Microsoft Corporation) Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-10-30] (Adobe Systems Incorporated) Uitbreiding voor MPEG-2-video -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-10-30] (Microsoft Corporation) ==================== Aangepaste CLSID (gefilterd): ============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) CustomCLSID: HKU\S-1-5-21-346357692-1366640249-2590671835-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> c:\program files\macrium\common\reflectmonitor.exe (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) CustomCLSID: HKU\S-1-5-21-346357692-1366640249-2590671835-1001_Classes\CLSID\{32696747-d167-38ad-6e20-2fec78940514}\localserver32 -> "C:\Program Files\Microsoft PC Manager\MSPCManager.exe" -ToastActivated => Geen bestand CustomCLSID: HKU\S-1-5-21-346357692-1366640249-2590671835-1001_Classes\CLSID\{81843de1-cd70-4c5e-bdb6-316862e1d82f}\localserver32 -> hp-sure-sense: => Geen bestand ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2022-11-24] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2022-11-24] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Geen bestand ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Geen bestand ContextMenuHandlers6-x32: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\SysWow64\STARTM~1.DLL [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (gefilterd) ==================== ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) Shortcut: C:\Users\HZ1RU\Desktop\Innova2.0.lnk -> C:\Users\HZ1RU\Desktop\SystemTools\twopointzero(blank06112022)\twopointzero\run.bat () ==================== Geladen Modules (gefilterd) ============= 2020-08-03 15:02 - 2020-08-03 15:02 - 000016896 ____R (Intel Corporation) [Bestand niet getekend] C:\Program Files\Intel\SUR\QUEENCREEK\esrv_lib_security.dll 2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] C:\Program Files\Classic Shell\ClassicExplorer64.dll 2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll 2020-08-03 15:02 - 2020-08-03 15:02 - 001688576 ____R (Robert Simpson, et al.) [Bestand niet getekend] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll ==================== Alternate Data Streams (gefilterd) ======== ==================== Veilige Modus (gefilterd) ================== ==================== Bestandskoppeling (gefilterd) ================= ==================== Internet Explorer (gefilterd) ========== BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] BHO: Google Analytics Opt-out Browser Add-on -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll [2019-04-04] (Google LLC -> Google, Inc.) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] BHO-x32: Google Analytics Opt-out Browser Add-on -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll [2019-04-04] (Google LLC -> Google, Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-10-22] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-10-22] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] ==================== Hosts inhoud: ========================= (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2019-03-19 05:49 - 2022-09-28 14:41 - 000000027 ____C C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2022-03-16 13:41 - 2022-03-21 09:38 - 000000580 ____C C:\WINDOWS\system32\drivers\etc\hosts.ics 2.168.137.160 Galaxy-A52s-5G.mshome.net # 2022 3 6 26 16 47 31 309 8.137.0.19 HP00F981.mshome.net # 2022 3 3 23 14 34 19 419 419 ==================== Andere gebieden =========================== (Momenteel is er geen automatische fix voor dit onderdeel.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> ;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\gs\gs10.00.0\bin HKU\S-1-5-21-346357692-1366640249-2590671835-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\D0DEC371BB6A5CEC2D5F0A028BBDD2C6\img2.jpg HKU\S-1-5-21-346357692-1366640249-2590671835-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 8.8.8.8 - 1.1.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is ingeschakeld. Network Binding: ============= Bluetooth-netwerkverbinding: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Wi-Fi 3: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) Wi-Fi 3: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled) Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled) ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "LogiOptions" HKLM\...\StartupApproved\Run: => "SamsungRapidApp" HKLM\...\StartupApproved\Run: => "Reflect UI" HKLM\...\StartupApproved\Run32: => "iVMS-4200.Framework.S" HKLM\...\StartupApproved\Run32: => "ISUSPM Startup" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "TrayProcess" HKLM\...\StartupApproved\Run32: => "LocalServiceControl" HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer" HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\StartupApproved\Run: => "HDDtemp4" HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate" HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_76D24832E639CBCC024845F344CF2ABE" HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\StartupApproved\Run: => "electron.app.Fing" HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\StartupApproved\Run: => "HP OfficeJet Pro 8710 (NET)" ==================== Firewall regels (gefilterd) ================ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [UDP Query User{6E988776-6DD5-47D9-8582-D4F0FEE0C4E7}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [TCP Query User{89E2848A-3BFC-4757-90F3-065A225F5B1C}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [{3D6F48C1-E168-487D-80DC-FD0F5047EC75}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{8A541851-8514-479A-8137-6FD2A45585FC}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{2CB5EBA2-AB1A-4364-A8E4-1322D570C80A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [{6AAB1B3F-B8CA-49E6-9AAE-DE156811A304}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> ) FirewallRules: [UDP Query User{EE38F67E-D3F7-4E3C-8EA5-118EE251AB95}C:\program files (x86)\sma\sunny explorer\sunnyexplorer.exe] => (Allow) C:\program files (x86)\sma\sunny explorer\sunnyexplorer.exe (SMA Solar Technology AG -> SMA Solar Technology AG) FirewallRules: [TCP Query User{5366DC3B-7A43-4B52-A953-E904C928A793}C:\program files (x86)\sma\sunny explorer\sunnyexplorer.exe] => (Allow) C:\program files (x86)\sma\sunny explorer\sunnyexplorer.exe (SMA Solar Technology AG -> SMA Solar Technology AG) FirewallRules: [UDP Query User{00786356-4744-484F-9828-A8774E6E6FAB}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe] => (Block) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [TCP Query User{57CB9B00-30DC-49FE-89DA-2FBC9A5EE2B9}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe] => (Block) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [UDP Query User{CDBFB64D-9CCE-4481-8CCA-E2F30BD73990}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [TCP Query User{1E104EBC-646C-47EA-A3B3-93B4FDDDAB13}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [UDP Query User{488B8015-8A96-46B7-B39D-C8D855469F00}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{D8A5DF80-04BD-4B3C-89CA-174518908AEA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{408547E1-E4F3-4016-AADF-8D8F5119761F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{B88E1FEB-2BE8-42E9-92C6-4BC361D4A67F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{96C97A24-14F5-46D6-9E50-3BB8E33C66ED}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [TCP Query User{83DD0244-173F-4295-96A8-8E52C590A807}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.video.c\ivms-4200.video.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [UDP Query User{8F19AE74-E3AC-4C4E-AB4A-82596BE7E31C}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [TCP Query User{DA7DF8BC-24B8-4295-B56D-EBDE3E5970A9}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.devicemanagement.s\ivms-4200.devicemanagement.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [UDP Query User{D861F210-8543-4089-927E-CB97DD7BCD1C}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{0FB0E38B-2E78-4CC2-989E-951154232F73}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E247A0CE-8072-4641-9C9F-4B52C0EA1398}] => (Allow) C:\Program Files (x86)\SMA\Sunny Explorer\SMA.Multicasting.IGMP.QuerierService.exe (SMA Solar Technology AG -> Microsoft) FirewallRules: [{A0E69E26-CFC0-4886-A0C8-0B90B90CB7F8}] => (Allow) C:\Program Files (x86)\SMA\Sunny Explorer\SunnyExplorer.exe (SMA Solar Technology AG -> SMA Solar Technology AG) FirewallRules: [TCP Query User{95276F78-E654-4A09-A356-61C5CBE80666}C:\program files (x86)\common files\oracle\java\javapath_target_250663593\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_250663593\java.exe FirewallRules: [UDP Query User{358EDAEA-5BCD-4AEF-B024-F1010DA09E43}C:\program files (x86)\common files\oracle\java\javapath_target_250663593\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_250663593\java.exe FirewallRules: [TCP Query User{31625019-436A-4134-9C9E-3DF2AD0007FB}C:\program files (x86)\java\jre1.8.0_311\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_311\bin\java.exe FirewallRules: [UDP Query User{473DB630-1810-4D7D-8B5B-26A547241374}C:\program files (x86)\java\jre1.8.0_311\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_311\bin\java.exe FirewallRules: [TCP Query User{2892D10F-1B7C-4236-B978-FBADB6752D6F}C:\program files (x86)\common files\oracle\java\javapath_target_250663593\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_250663593\java.exe FirewallRules: [UDP Query User{F1A53F47-B8C7-460E-942D-0DD94064FBAC}C:\program files (x86)\common files\oracle\java\javapath_target_250663593\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_250663593\java.exe FirewallRules: [{3216B465-7515-451B-B7B6-71DBC79721CE}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe (HP Inc. -> HP Inc.) FirewallRules: [{27A0D668-72BD-4580-B87D-0A03AAF7EB7B}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe (HP Inc. -> HP Inc.) FirewallRules: [{EE655C39-703E-482F-8312-58BEEFC59D38}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe (HP Inc. -> HP Inc.) FirewallRules: [{3A94FFA4-0D0D-4672-B7A4-77021A596CCD}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe (HP Inc. -> HP Inc.) FirewallRules: [{76044DB4-F268-4FDD-8FC8-B6C958F2A724}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.) FirewallRules: [{3F59B30B-AC08-4D74-8183-E6775D738322}] => (Allow) LPort=5357 FirewallRules: [{A5923AC2-A5A4-4523-B91F-B3B26B0141F9}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.) FirewallRules: [TCP Query User{B66705A0-9307-4229-A999-C6E32C82D55F}C:\program files (x86)\ivms-4200 site\nginx\nginx.exe] => (Allow) C:\program files (x86)\ivms-4200 site\nginx\nginx.exe () [Bestand niet getekend] FirewallRules: [UDP Query User{6DA2E00F-66E1-4A13-A8F7-A1B85D2E0EB7}C:\program files (x86)\ivms-4200 site\nginx\nginx.exe] => (Allow) C:\program files (x86)\ivms-4200 site\nginx\nginx.exe () [Bestand niet getekend] FirewallRules: [TCP Query User{9776DD26-A0D0-4C11-B66D-C94F2A706A69}C:\program files (x86)\localservicecomponents\localservicecontrol.exe] => (Allow) C:\program files (x86)\localservicecomponents\localservicecontrol.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [UDP Query User{EC30E8A7-FAFE-4205-B835-6F0E4A3BA563}C:\program files (x86)\localservicecomponents\localservicecontrol.exe] => (Allow) C:\program files (x86)\localservicecomponents\localservicecontrol.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) FirewallRules: [TCP Query User{2C732731-67AA-4513-942D-F0250C3150FA}C:\program files (x86)\java\jre1.8.0_311\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_311\bin\javaw.exe FirewallRules: [UDP Query User{12F6C748-EDD1-4B90-8A2E-097476DFC4D0}C:\program files (x86)\java\jre1.8.0_311\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_311\bin\javaw.exe FirewallRules: [{991B286F-0470-475D-A814-7AD55CEAF852}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Geen bestand FirewallRules: [{C2035106-054C-4B24-8269-4D5111227F80}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Geen bestand FirewallRules: [{3A218E39-A353-4297-8429-ECC605457248}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{5988CC02-B539-4C0E-80B4-74C6DD1FAD70}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{396EED80-FA84-4B1D-9636-3408D8DB02EF}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Geen bestand FirewallRules: [{F5C16B79-A769-4A92-9072-C3F9EDAFFF6A}] => (Allow) C:\Program Files\MiniTool ShadowMaker\AgentService.exe => Geen bestand FirewallRules: [{F9877C28-09E9-4E33-9AC3-3CE5114ED178}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{CB36ED58-B315-4E99-9F15-602BE9C6BE2D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{60A75EE6-BB5B-4D14-8429-A3421CD3E58F}] => (Allow) LPort=53015 ==================== Herstelpunten ========================= 29-11-2022 19:03:16 Gepland controlepunt 06-12-2022 09:04:03 BRU 06-12-2022 09:04:51 BeforeBloatwareRemoval ==================== Defecte Apparaatbeheer Apparaten ============ ==================== Eventlog fouten: ======================== Applicatiefouten: ================== Error: (12/12/2022 10:35:34 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma Wireshark.exe, versie 4.0.1.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 3e5c Starttijd: 01d90d417bb81245 Eindtijd: 21 Toepassingspad: C:\Program Files\Wireshark\Wireshark.exe Rapport-id: bf2e0e6a-6c7c-46f7-ac23-092acd3c5eeb Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Unknown Error: (12/12/2022 09:59:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: NetworkMiner.exe, versie: 2.6.0.0, tijdstempel: 0x5f567b78 Naam van module met fout: KERNELBASE.dll, versie: 10.0.19041.2193, tijdstempel: 0x7f7062e1 Uitzonderingscode: 0xe0434352 Foutmarge: 0x000000000002cd29 Id van proces met fout: 0x4ebc Starttijd van toepassing met fout: 0x01d90e06e97f203a Pad naar toepassing met fout: C:\Users\HZ1RU\Desktop\SystemTools\NetworkMiner_2-6\NetworkMiner.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 677743ec-e355-4c12-b082-82ca3b4e47e2 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (12/12/2022 09:59:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: NetworkMiner.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.IO.IOException bij PacketParser.PacketHandler.ParseFramesInFrameQueue() bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bij System.Threading.ThreadHelper.ThreadStart() Error: (12/12/2022 09:50:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: NetworkMiner.exe, versie: 2.6.0.0, tijdstempel: 0x5f567b78 Naam van module met fout: KERNELBASE.dll, versie: 10.0.19041.2193, tijdstempel: 0x7f7062e1 Uitzonderingscode: 0xe0434352 Foutmarge: 0x000000000002cd29 Id van proces met fout: 0x41e4 Starttijd van toepassing met fout: 0x01d90e03c5d605df Pad naar toepassing met fout: C:\Users\HZ1RU\Desktop\SystemTools\NetworkMiner_2-6\NetworkMiner.exe Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll Rapport-id: 9ea19f64-bdd8-4457-bc5b-8ae5a0c3f0ad Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (12/12/2022 09:50:09 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Toepassing: NetworkMiner.exe Framework-versie: v4.0.30319 Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering. Uitzonderingsinformatie: System.IO.IOException bij PacketParser.PacketHandler.ParseFramesInFrameQueue() bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bij System.Threading.ThreadHelper.ThreadStart() Error: (12/11/2022 07:00:04 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: De back-up is niet voltooid vanwege een fout bij schrijven naar de back-uplocatie \\KIMAX\sda1\. De fout is: De back-uplocatie is niet gevonden of is niet geldig. Controleer de back-upinstellingen en de back-uplocatie. (0x81000006). Error: (12/11/2022 09:23:13 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Het programma Wireshark.exe, versie 4.0.1.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm. Proces-id: 1e20 Starttijd: 01d90aeb354a4091 Eindtijd: 22 Toepassingspad: C:\Program Files\Wireshark\Wireshark.exe Rapport-id: 2d0148c5-9935-4dc0-a097-c7cb7580174d Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Type vastlopen: Unknown Error: (12/05/2022 10:10:56 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x80070006, De ingang is ongeldig. . Bewerking: Asynchrone bewerking uitvoeren Context: Huidige status: DoSnapshotSet Systeemfouten: ============= Error: (12/12/2022 11:58:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: Het laden van het stuurprogramma wordt geblokkeerd Error: (12/12/2022 11:58:43 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\HZ1RU\AppData\Local\Temp\ehdrv.sys Error: (12/12/2022 11:58:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: Het laden van het stuurprogramma wordt geblokkeerd Error: (12/12/2022 11:58:42 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\HZ1RU\AppData\Local\Temp\ehdrv.sys Error: (12/12/2022 11:58:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: Het laden van het stuurprogramma wordt geblokkeerd Error: (12/12/2022 11:58:42 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\HZ1RU\AppData\Local\Temp\ehdrv.sys Error: (12/12/2022 11:58:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: Het laden van het stuurprogramma wordt geblokkeerd Error: (12/12/2022 11:58:42 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\HZ1RU\AppData\Local\Temp\ehdrv.sys Windows Defender: ================ Date: 2022-12-12 17:33:20 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {7B1FFEA9-8FC2-48E6-A721-9BB8CC80F8F1} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2022-12-11 18:03:37 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {5381C65A-7C53-433D-9BDF-900C489AC125} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2022-12-10 19:07:35 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {09B9A7CA-BF30-466A-9500-3757943B20CB} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2022-12-09 09:04:18 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {15B5883E-FA73-4F27-8701-B3423901A000} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Date: 2022-12-08 09:13:03 Description: Scan van Microsoft Defender Antivirus is gestopt voordat deze was voltooid. Scan-id: {F2B01635-BD9E-4C97-A1AE-8BF58C65C43D} Type scan: Antimalware Scanparameters: Snelle scan Gebruiker: NT AUTHORITY\SYSTEM Event[0]: Date: 2022-12-02 07:20:00 Description: Engine van Microsoft Defender Antivirus is beëindigd als gevolg van een onverwachte fout. Type fout: Crash Uitzonderingscode: 0xc0000005 Bron: CodeIntegrity: =============== Date: 2022-12-13 08:52:33 Description: Code Integrity determined that a process (\Device\HarddiskVolume9\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume9\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f37f66cf59feb38a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Geheugen info =========================== BIOS: HP R08 Ver. 02.13.00 03/24/2022 Moederbord: HP 859B Processor: Intel(R) Core(TM) i7-9700 CPU @ 3.00GHz Percentage geheugen in gebruik: 79% Totaal fysiek RAM-geheugen: 16222.29 MB Beschikbaar fysiek RAM-geheugen: 3332.1 MB Totaal Virtueel geheugen: 24796.3 MB Beschikbaar Virtueel geheugen: 5269.79 MB ==================== Schijven ================================ Drive c: (Windows ) (Fixed) (Total:464.28 GB) (Free:28.77 GB) (Model: Samsung SSD 850 EVO 500GB) NTFS Drive e: (Windows ) (Fixed) (Total:464.28 GB) (Free:107.55 GB) (Model: SAMSUNG MZVLB512HBJQ-000H1) NTFS Drive f: (Windows ) (Fixed) (Total:464.28 GB) (Free:55.14 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS Drive h: (Windows RE Tools) (Fixed) (Total:0.7 GB) (Free:0.68 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS \\?\Volume{9b651c50-9675-4776-a711-fa2f82c5cfb4}\ (Windows RE Tools) (Fixed) (Total:0.7 GB) (Free:0.11 GB) NTFS \\?\Volume{73397c4a-591c-46ee-adb8-e18d688663cf}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{c8f358ff-e4f8-48ae-8382-c9244ddbc47f}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{d8e28aa4-bcee-11ea-8d48-c0562761919a}\ (Windows RE Tools) (Fixed) (Total:0.7 GB) (Free:0.11 GB) NTFS \\?\Volume{8ebf9c78-52cb-4bdf-8a31-1ef4805241f3}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{d9a05f27-8d74-4911-b88a-56542b46bc81}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32 \\?\Volume{bd4a1470-db3f-4b68-8b60-953b9f6dd2d8}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32 \\?\Volume{9cbcde00-1eab-433a-8826-ef29377c3517}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32 ==================== MBR & Partitietabel ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 5FE4929E) Partition: GPT. ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 5FE9E1B0) Partition: GPT. ========================================================== Disk: 2 (Size: 465.8 GB) (Disk ID: 9B4AF078) Partition: GPT. ==================== Einde van Addition.txt =======================