Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17-04-2021 Gestart door rienv (Beheerder) op DESKTOP-PRACD1P (MEDION S6445 MD61271) (27-04-2021 19:17:19) Gestart vanaf C:\Users\rienv\OneDrive\Bureaublad Geladen Profielen: rienv Platform: Windows 10 Home Versie 20H2 19042.928 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7874bf440f0db82f\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7874bf440f0db82f\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9> (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (TomTom) [Bestand niet getekend] C:\Program Files\TomTom HOME\TTHOMEService.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-07-30] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1110816 2020-07-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKU\S-1-5-21-1745599379-2395707021-3466574334-1010\...\Run: [BitTorrent] => C:\Users\rienv\AppData\Roaming\BitTorrent\BitTorrent.exe [2135080 2021-04-03] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-1745599379-2395707021-3466574334-1010\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2224096 2020-11-10] (TomTom International B.V. -> TomTom) HKU\S-1-5-21-1745599379-2395707021-3466574334-1010\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [45488 2020-12-04] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-1745599379-2395707021-3466574334-1011\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sjann\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-1745599379-2395707021-3466574334-1011\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\sjann\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-1745599379-2395707021-3466574334-1011\...\RunOnce: [Uninstall 20.201.1005.0009\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sjann\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\amd64" HKU\S-1-5-21-1745599379-2395707021-3466574334-1011\...\RunOnce: [Uninstall 20.201.1005.0009] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sjann\AppData\Local\Microsoft\OneDrive\20.201.1005.0009" HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Windows x64\Print Processors\HPZPP4wm: C:\Windows\System32\spool\prtprocs\x64\hpzpp4wm.DLL [231424 2007-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC) Startup: C:\Users\rienv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk [2019-03-28] ShortcutTarget: Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) Startup: C:\Users\rienv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KeePass 2.lnk [2019-03-28] ShortcutTarget: KeePass 2.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Open Source Developer, Dominik Reichl -> Dominik Reichl) Startup: C:\Users\sjann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk [2019-03-28] ShortcutTarget: Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) BootExecute: autocheck autochk * Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {00C6A157-CEBE-4290-BD8D-AE0E6DDDB63B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC) Task: {07EA27AE-17E7-4322-B263-42082D29BD03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation) Task: {1416A88E-BBF4-475E-A47E-1696F1A5927B} - System32\Tasks\Opera scheduled Autoupdate 1598770723 => C:\Users\rienv\AppData\Local\Programs\Opera\launcher.exe Task: {2938AB00-C093-497D-BF4F-6197AA1EEC1D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-16] (Mozilla Corporation -> Mozilla Foundation) Task: {347F5D53-2923-4907-9CB9-A64D50886F7E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {5131BE94-839B-4251-814B-D465BBC81BC0} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [918960 2020-12-04] (Glarysoft LTD -> Glarysoft Ltd) Task: {52851047-6322-4B83-8348-49F9EB4421F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC) Task: {701256B8-7699-4F12-AE24-C74349F828BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation) Task: {A85A1619-2E5F-4D60-9A5B-079DF111F824} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [131963968 2021-04-14] (Microsoft Windows -> Microsoft Corporation) Task: {AEA05B41-AC65-4263-8377-BBDB4C495A2C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {B211D99F-06F6-41BF-AEB1-D2FE0050CCE1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {F81288E2-763E-4B45-9D7D-C8FC7AB2CA92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.7.1 Tcpip\..\Interfaces\{642749ce-94f4-4f9f-b07d-308300d03972}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b883fc97-2292-4b55-993e-e30ac8dddfdd}: [DhcpNameServer] 192.168.7.1 Tcpip\..\Interfaces\{c17b0960-7c7f-4e52-ae5a-5bb69f012b15}: [DhcpNameServer] 10.66.144.1 Edge: ======= DownloadDir: C:\Users\rienv\Downloads Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge DefaultProfile: Profile 1 Edge Profile: C:\Users\rienv\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2020-06-23] Edge Profile: C:\Users\rienv\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-04-27] Edge Extension: (Kaspersky Protection) - C:\Users\rienv\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-03-14] Edge HKU\S-1-5-21-1745599379-2395707021-3466574334-1010\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-1745599379-2395707021-3466574334-1011\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF DefaultProfile: s2byztmi.default FF ProfilePath: C:\Users\rienv\AppData\Roaming\Mozilla\Firefox\Profiles\s2byztmi.default [2021-04-27] FF ProfilePath: C:\Users\rienv\AppData\Roaming\Mozilla\Firefox\Profiles\cado8zn9.default-release [2021-04-27] FF Homepage: Mozilla\Firefox\Profiles\cado8zn9.default-release -> hxxps://duckduckgo.com/ FF Extension: (Adblock Plus - gratis adblocker) - C:\Users\rienv\AppData\Roaming\Mozilla\Firefox\Profiles\cado8zn9.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-04-27] FF Extension: (Picture-In-Picture) - C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-16] [niet getekend] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\FFExt\light_plugin_firefox\addon.xpi => niet gevonden FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2018-08-15] [Verouderd] FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2018-08-15] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\FFExt\light_plugin_firefox\addon.xpi => niet gevonden FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Bestand niet getekend] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2019-03-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2017-01-20] (Verimatrix -> Verimatrix, Inc.) [Bestand niet getekend] FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1745599379-2395707021-3466574334-1010: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2017-01-20] (Verimatrix -> Verimatrix, Inc.) [Bestand niet getekend] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-04-27] <==== AANDACHT (Gericht op * .cfg bestand) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-04-27] <==== AANDACHT Chrome: ======= CHR Profile: C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default [2021-04-27] CHR Extension: (Presentaties) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-27] CHR Extension: (Kaspersky Protection) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-04-16] CHR Extension: (Documenten) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-29] CHR Extension: (Google Drive) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-27] CHR Extension: (YouTube) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-27] CHR Extension: (Avira Password Manager) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-04-27] CHR Extension: (Avira Safe Shopping) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-04-10] CHR Extension: (Foxit PDF Creator) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2021-04-16] CHR Extension: (Spreadsheets) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-27] CHR Extension: (Offline Documenten) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-27] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Extension: (Gmail) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-27] CHR Extension: (Chrome Media Router) - C:\Users\rienv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2018-08-15] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2018-08-15] Opera: ======= OPR Profile: C:\Users\rienv\AppData\Roaming\Opera Software\Opera Stable [2021-04-25] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.) S2 AVP21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\avp.exe [381928 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1633440 2019-07-01] (Dolby Laboratories, Inc. -> ) S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2593848 2018-02-12] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [398784 2019-04-22] (Canon Inc. -> ) S3 klvssbridge64_21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.2\x64\vssbridge64.exe [467352 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [98624 2020-07-22] (ProtonVPN AG -> ) S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-07-22] (ProtonVPN AG -> ) R2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Bestand niet getekend] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-27] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 ANXUcmCxCD; C:\WINDOWS\System32\drivers\ANXUcmCxCD.sys [94096 2019-06-19] (Analogix semiconductor, Inc. -> ) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [251608 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider) S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [43944 2013-06-04] (BoiseTest -> Microsoft Corporation) S1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2020-12-14] (Glarysoft LTD -> Glarysoft Ltd) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110392 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [212280 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [127288 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37496 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [523576 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1400600 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.2\Bases\klids.sys [245304 2021-04-13] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1025336 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [95544 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [113464 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [113464 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85288 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [97080 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2021-02-27] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309104 2021-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115744 2021-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [224880 2021-04-25] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [153400 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [250168 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300856 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 OEM-Geneic-RadioSwitch; C:\WINDOWS\System32\drivers\OEM-Geneic-RadioSwitch.sys [34576 2018-05-17] (WDKTestCert VannesTest,131563930621649159 -> Windows (R) Win 7 DDK provider) S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [68544 2020-11-17] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-27] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-27] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Drie maanden (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-04-27 18:37 - 2021-04-27 19:11 - 000000000 ____D C:\Users\rienv\AppData\Roaming\ZHP 2021-04-27 18:37 - 2021-04-27 18:37 - 000000000 ____D C:\Users\rienv\AppData\Local\ZHP 2021-04-27 17:30 - 2021-04-27 19:09 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-27 17:30 - 2021-04-27 17:30 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-04-27 17:30 - 2021-04-27 17:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-04-27 17:30 - 2021-04-27 17:30 - 000000000 ____D C:\Users\rienv\AppData\Roaming\Mozilla 2021-04-27 17:30 - 2021-04-27 17:30 - 000000000 ____D C:\Users\rienv\AppData\Local\Mozilla 2021-04-27 17:30 - 2021-04-27 17:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-04-27 17:30 - 2021-04-27 17:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-04-27 17:24 - 2021-04-27 17:24 - 000333192 _____ (Mozilla) C:\Users\rienv\Downloads\Firefox Installer.exe 2021-04-25 18:31 - 2021-04-25 18:31 - 000001545 _____ C:\Users\rienv\Downloads\Detectiehistorie.txt 2021-04-25 18:22 - 2021-04-25 18:22 - 000000000 ____D C:\Users\rienv\AppData\Local\mbam 2021-04-25 18:21 - 2021-04-25 18:21 - 002078632 _____ (Malwarebytes) C:\Users\rienv\Downloads\MBSetup.exe 2021-04-25 18:16 - 2021-04-25 18:16 - 000000727 _____ C:\Users\rienv\Downloads\fixlist.txt 2021-04-25 14:13 - 2021-04-25 14:14 - 000000000 ____D C:\AdwCleaner 2021-04-25 14:13 - 2021-04-25 14:13 - 008534696 _____ (Malwarebytes) C:\Users\rienv\Downloads\adwcleaner_8.2.exe 2021-04-25 14:10 - 2021-04-25 14:10 - 000000008 __RSH C:\ProgramData\ntuser.pol 2021-04-25 12:18 - 2021-04-27 19:17 - 000000000 ____D C:\FRST 2021-04-20 19:38 - 2021-04-20 19:38 - 000133335 _____ C:\Users\rienv\Downloads\Inkomensverklaring_2020_20_04_2021_19.38u.pdf 2021-04-20 19:36 - 2021-04-20 19:36 - 000133528 _____ C:\Users\rienv\Downloads\Inkomensverklaring_2020_20_04_2021_19.36u.pdf 2021-04-19 18:32 - 2021-04-19 18:32 - 000001167 _____ C:\ProgramData\Bureaublad\Kaspersky VPN.lnk 2021-04-19 18:32 - 2021-04-19 18:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN 2021-04-17 07:34 - 2021-04-17 07:34 - 000575605 _____ C:\Users\rienv\Downloads\Melding_gebreken_aan_woning_.pdf 2021-04-17 00:26 - 2021-04-25 09:59 - 000224880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys 2021-04-17 00:26 - 2021-04-17 00:26 - 000309104 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys 2021-04-17 00:26 - 2021-04-17 00:26 - 000263888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys 2021-04-17 00:26 - 2021-04-17 00:26 - 000115744 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys 2021-04-16 10:54 - 2021-04-16 10:55 - 000000000 ____D C:\Sneeuwwatje 2021-04-16 07:50 - 2021-04-16 07:50 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-04-16 07:50 - 2021-04-16 07:50 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-04-16 07:50 - 2021-04-16 07:50 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-04-15 19:19 - 2021-04-15 19:19 - 001012375 _____ C:\Users\rienv\Downloads\Plattegrond bouwgrond.pdf 2021-04-15 19:17 - 2021-04-15 19:17 - 001022503 _____ C:\Users\rienv\OneDrive\Documenten\IMG_20210415_0001.pdf 2021-04-14 20:40 - 2021-04-14 20:40 - 000000000 ____D C:\ProgramData\Foxit Software 2021-04-14 20:39 - 2021-04-15 19:24 - 000000000 ____D C:\Users\rienv\AppData\Roaming\Foxit Software 2021-04-14 20:39 - 2021-04-14 20:39 - 000001166 _____ C:\ProgramData\Bureaublad\Foxit PhantomPDF.lnk 2021-04-14 20:39 - 2021-04-14 20:39 - 000000000 ____D C:\Users\Public\Foxit Software 2021-04-14 20:39 - 2021-04-14 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF 2021-04-14 20:38 - 2021-04-14 20:38 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2021-04-14 20:37 - 2021-04-14 20:37 - 000000000 ____D C:\Users\rienv\Downloads\Foxit Phantompdf Business 93010826 Multilingual 2021-04-14 20:34 - 2021-04-14 20:36 - 535139677 _____ C:\Users\rienv\Downloads\Foxit Phantompdf Business 93010826 Multilingual.zip 2021-04-13 14:56 - 2021-04-13 14:56 - 000172461 _____ C:\Users\rienv\Downloads\Orderbon_20210413_145558.PDF 2021-04-12 19:03 - 2021-04-12 19:03 - 000484182 _____ C:\Users\rienv\Downloads\HOk woning.pdf 2021-04-12 18:53 - 2021-04-12 18:53 - 000564224 _____ C:\Users\rienv\Downloads\Vraag betreffende erfafscheiding.msg 2021-04-03 08:30 - 2021-04-03 08:34 - 1100442545 _____ C:\Users\rienv\Downloads\BBC.Once.Upon.a.Time.in.Iraq.1of5.1080p.HDTV.x265.AAC.MVGroup.org.mkv 2021-04-03 08:30 - 2021-04-03 08:34 - 1079556279 _____ C:\Users\rienv\Downloads\BBC.Once.Upon.a.Time.in.Iraq.2of5.1080p.HDTV.x265.AAC.MVGroup.org.mkv 2021-04-03 07:54 - 2021-04-03 07:54 - 000132443 _____ C:\Users\rienv\Downloads\Inkomensverklaring_2020_02_04_2021_09.48u.pdf 2021-03-14 08:56 - 2021-03-14 08:56 - 000001147 _____ C:\ProgramData\Bureaublad\VLC media player.lnk 2021-03-13 00:48 - 2021-03-13 00:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-13 00:48 - 2021-03-13 00:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-13 00:47 - 2021-03-13 00:47 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-13 00:47 - 2021-03-13 00:47 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-03-13 00:47 - 2021-03-13 00:47 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-05 09:04 - 2021-03-05 09:04 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-05 09:04 - 2021-03-05 09:04 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-05 09:04 - 2021-03-05 09:04 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-02-27 20:52 - 2021-02-27 20:52 - 000000000 ____D C:\WINDOWS\Panther 2021-02-27 20:51 - 2021-02-27 20:51 - 000099152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys 2021-02-27 20:51 - 2021-02-27 20:51 - 000002182 _____ C:\ProgramData\Bureaublad\Kaspersky Security Cloud.lnk 2021-02-27 20:51 - 2021-02-27 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud 2021-02-27 20:51 - 2021-02-27 20:51 - 000000000 ____D C:\Program Files\Common Files\AV 2021-02-27 20:51 - 2020-10-22 00:12 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2021-02-27 20:50 - 2021-04-25 12:20 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2021-02-27 20:50 - 2021-04-19 18:32 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2021-02-27 20:50 - 2020-10-22 00:11 - 001025336 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2021-02-27 20:50 - 2020-10-22 00:11 - 000523576 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2021-02-27 20:47 - 2021-02-27 20:47 - 002937688 _____ (Kaspersky) C:\Users\rienv\Downloads\ks4.021.2.16.590abde_fr_nl_24977.exe 2021-02-27 20:46 - 2021-02-27 20:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira 2021-02-22 17:26 - 2021-02-22 17:26 - 000000000 ____D C:\Users\rienv\Downloads\Seduced.Inside.The.NXIVM.Cult.S01.1080p.AMZN.WEBRip.DDP5.1.x264-NTb[rartv] 2021-02-22 16:55 - 2021-02-22 16:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-02-14 11:50 - 2021-02-14 11:50 - 000000000 ____D C:\CPO project Rien-Sjannie 2021-02-13 10:48 - 2021-02-13 10:48 - 000133479 _____ C:\Users\rienv\Downloads\voucher-5fa695dcebbef37834f411c4.pdf 2021-02-06 13:14 - 2021-02-06 13:14 - 000171921 _____ C:\Users\rienv\Downloads\voucher-601e79d1905b843720aa1d8b.pdf 2021-02-06 13:05 - 2021-02-06 13:05 - 000172226 _____ C:\Users\rienv\Downloads\voucher-601e76e8905b843720aa1d4e.pdf 2021-02-01 20:11 - 2021-02-01 20:11 - 000470939 _____ C:\Users\sjann\Downloads\retouretiket (2).pdf 2021-02-01 20:09 - 2021-02-01 20:09 - 000471682 _____ C:\Users\sjann\Downloads\retouretiket (1).pdf 2021-02-01 20:08 - 2021-02-01 20:08 - 000519966 _____ C:\Users\sjann\Downloads\retouretiket.pdf 2021-01-30 21:28 - 2021-01-30 21:28 - 006011805 _____ C:\Users\rienv\Downloads\FoxitPhantomPDFExpress60_HPconsumer_Manual.pdf 2021-01-30 13:11 - 2021-01-30 13:13 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-01-30 13:10 - 2021-01-30 13:10 - 000000000 ____D C:\WINDOWS\pss 2021-01-28 13:08 - 2021-01-28 13:08 - 000131451 _____ C:\Users\rienv\Downloads\20210126_BU_Verklaring_op_eer_Finaal_NL_Goedgekeurd_Blanco_in_te_vullen.pdf 2021-01-28 09:15 - 2021-04-03 08:30 - 000000000 ____D C:\Users\rienv\AppData\Local\BitTorrentHelper ==================== Drie maanden (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-04-27 19:14 - 2019-03-29 18:48 - 000000000 ____D C:\Users\rienv\OneDrive\Documenten\Outlook-bestanden 2021-04-27 19:09 - 2019-03-28 16:57 - 000000000 ____D C:\Users\rienv\AppData\LocalLow\Mozilla 2021-04-27 19:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-27 18:19 - 2020-09-27 07:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-27 18:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-27 17:37 - 2020-10-23 17:49 - 001781490 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-27 17:37 - 2019-12-07 17:12 - 000791414 _____ C:\WINDOWS\system32\perfh013.dat 2021-04-27 17:37 - 2019-12-07 17:12 - 000156016 _____ C:\WINDOWS\system32\perfc013.dat 2021-04-27 17:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-27 17:29 - 2020-11-07 21:29 - 000000000 ____D C:\ProgramData\VMware 2021-04-27 17:29 - 2020-09-27 09:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-27 17:29 - 2020-06-17 21:56 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-27 17:29 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-04-27 17:29 - 2019-03-28 18:04 - 000000000 ____D C:\Users\rienv\AppData\Roaming\KeePass 2021-04-27 17:29 - 2019-03-28 16:53 - 000000000 __SHD C:\Users\rienv\IntelGraphicsProfiles 2021-04-27 17:29 - 2018-10-11 15:10 - 000000000 ____D C:\Intel 2021-04-27 17:28 - 2019-10-02 18:59 - 000000000 ____D C:\Users\rienv\AppData\Roaming\WhatsApp 2021-04-27 06:27 - 2019-10-14 20:55 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-27 06:27 - 2019-10-14 20:55 - 000002284 _____ C:\ProgramData\Bureaublad\Google Chrome.lnk 2021-04-26 19:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-26 19:21 - 2019-03-29 09:07 - 000000000 ____D C:\Users\rienv\AppData\Local\D3DSCache 2021-04-26 06:48 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-04-26 06:31 - 2020-09-27 09:54 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-26 06:31 - 2020-09-27 09:54 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-25 19:51 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-25 19:32 - 2019-03-28 16:53 - 000000000 ____D C:\Users\rienv\AppData\Local\Packages 2021-04-25 18:18 - 2019-03-29 14:21 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-04-25 14:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2021-04-25 14:09 - 2020-05-08 21:37 - 000000000 ____D C:\Users\rienv\AppData\LocalLow\Temp 2021-04-25 14:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-04-25 14:09 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-04-25 12:48 - 2020-10-23 17:03 - 000000000 ____D C:\Users\rienv 2021-04-25 12:48 - 2019-03-28 18:05 - 000017438 _____ C:\Users\rienv\Keepass Database.kdbx 2021-04-25 12:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-24 07:28 - 2020-09-27 09:54 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-23 16:04 - 2019-03-29 18:38 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-04-23 07:47 - 2019-10-02 18:59 - 000000000 ____D C:\Users\rienv\AppData\Local\WhatsApp 2021-04-23 07:47 - 2019-10-02 18:58 - 000000000 ____D C:\Users\rienv\AppData\Local\SquirrelTemp 2021-04-21 14:14 - 2020-10-23 17:52 - 000003576 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-21 14:14 - 2020-10-23 17:52 - 000003452 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-21 09:42 - 2020-08-11 09:13 - 000000000 ____D C:\Hannah bouw 2021-04-20 17:45 - 2019-03-28 20:15 - 000000000 ____D C:\Mijn documenten 2021-04-19 18:27 - 2019-03-28 16:54 - 000000000 ____D C:\Users\rienv\AppData\Local\PlaceholderTileLogoFolder 2021-04-17 00:10 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-04-17 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-04-17 00:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-04-16 07:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-15 19:19 - 2019-09-27 15:56 - 000000000 ____D C:\ProgramData\CanonIJPLM 2021-04-14 20:38 - 2018-10-11 14:58 - 000000000 ____D C:\ProgramData\Package Cache 2021-04-14 17:50 - 2019-03-28 17:03 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-04-14 17:48 - 2018-06-14 16:04 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-04-12 16:22 - 2020-10-23 17:52 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1745599379-2395707021-3466574334-1010 2021-04-12 16:22 - 2020-10-23 17:03 - 000002373 _____ C:\Users\rienv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-12 16:22 - 2019-03-28 16:55 - 000000000 ___RD C:\Users\rienv\OneDrive 2021-04-11 15:57 - 2019-04-07 19:09 - 000000000 ____D C:\Users\rienv\AppData\Roaming\BitTorrent 2021-04-05 19:17 - 2020-09-27 07:51 - 000496848 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-04-05 19:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-04-05 17:38 - 2020-09-27 09:54 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2021-04-05 17:21 - 2020-06-17 20:40 - 000000000 ___HD C:\$WinREAgent 2021-04-03 19:27 - 2019-04-06 15:29 - 000000000 ____D C:\Users\rienv\AppData\Roaming\vlc ==================== Bestanden in de root van sommige mappen ======== 2020-12-20 15:56 - 2020-12-20 15:56 - 000004294 _____ () C:\Users\rienv\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== BCD ================================ Firmware Boot Manager --------------------- identifier {fwbootmgr} displayorder {bootmgr} {3b85736d-11e7-11e9-b375-806e6f6e6963} {4bb50155-5167-11e9-8b3f-806e6f6e6963} {3b85736e-11e7-11e9-b375-806e6f6e6963} {4bb50156-5167-11e9-8b3f-806e6f6e6963} timeout 1 Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale nl-NL inherit {globalsettings} default {current} resumeobject {26a368c4-8ebc-11e9-82a2-ac00c2d3364b} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Firmware Application (101fffff) ------------------------------- identifier {3b85736d-11e7-11e9-b375-806e6f6e6963} device partition=\Device\HarddiskVolume6 path \EFI\BOOT\BOOTX64.EFI description UEFI OS Firmware Application (101fffff) ------------------------------- identifier {3b85736e-11e7-11e9-b375-806e6f6e6963} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description UEFI:Removable Device Firmware Application (101fffff) ------------------------------- identifier {4bb50155-5167-11e9-8b3f-806e6f6e6963} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description UEFI:CD/DVD Drive Firmware Application (101fffff) ------------------------------- identifier {4bb50156-5167-11e9-8b3f-806e6f6e6963} description UEFI:Network Device Windows Boot Loader ------------------- identifier {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale nl-NL inherit {bootloadersettings} recoverysequence {26a368c7-8ebc-11e9-82a2-ac00c2d3364b} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {26a368c4-8ebc-11e9-82a2-ac00c2d3364b} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {26a368c7-8ebc-11e9-82a2-ac00c2d3364b} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{26a368c8-8ebc-11e9-82a2-ac00c2d3364b} path \windows\system32\winload.efi description Windows Recovery Environment locale nl-NL inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{26a368c8-8ebc-11e9-82a2-ac00c2d3364b} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Windows Boot Loader ------------------- identifier {8d7f0cc6-879e-47f6-a767-0ed8fd3b0659} device ramdisk=[\Device\HarddiskVolume6]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d} path \windows\system32\winload.efi description Recovery Environment osdevice ramdisk=[\Device\HarddiskVolume6]\Sources\boot.wim,{572bcd56-ffa7-11d9-aae0-0007e994107d} systemroot \windows nx OptIn winpe Yes Resume from Hibernate --------------------- identifier {26a368c4-8ebc-11e9-82a2-ac00c2d3364b} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale nl-NL inherit {resumeloadersettings} recoverysequence {26a368c7-8ebc-11e9-82a2-ac00c2d3364b} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Windows Geheugencontrole locale nl-NL inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Local RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} integrityservices Enable Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {26a368c8-8ebc-11e9-82a2-ac00c2d3364b} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi Device options -------------- identifier {572bcd56-ffa7-11d9-aae0-0007e994107d} description Ramdisk Options ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \boot\boot.sdi ==================== Einde van FRST.txt ========================