Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 28-04-2021 Gestart door theos (Beheerder) op DESKTOP-CDE5RUK (Dell Inc. OptiPlex 390) (08-05-2021 09:38:53) Gestart vanaf C:\Users\theos\OneDrive\Bureaublad Geladen Profielen: theos Platform: Windows 10 Pro Versie 20H2 19042.964 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\121.4.4267\QtWebEngineProcess.exe <3> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4142.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4142.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9> (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes Corporation -> Malwarebytes) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-28] (Google LLC -> Google LLC) ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {10BD7F65-2A31-4627-91EE-5BD417FEF4DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {23AC3B1F-7B68-4492-8877-C4FCBA815209} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {26484DF6-EE41-4D9B-B9F6-B80C29718529} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-07] (Mozilla Corporation -> Mozilla Foundation) Task: {2DB7A8AB-B910-4CA7-984A-4EAC6E50B391} - System32\Tasks\NCH Software\DebutDowngrade => C:\Program Files (x86)\NCH Software\Debut\debut.exe [3624520 2020-12-23] (NCH Software, Inc. -> NCH Software) Task: {463A8305-5B78-4BEC-A13F-FAEF795DE05B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {6F511D5E-F580-4C0D-B946-6B6CBF4969F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-10] (Google LLC -> Google LLC) Task: {73B09430-B07D-4C47-B702-3AA82E53B156} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1308386178-264101679-3570317249-500 => C:\Users\theos\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {83602EB6-CE7B-4AEC-996F-66193DC15E1B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {8734C930-CBEF-4DAB-9640-04E453F81645} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-01-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {A73C7D96-F2C5-4DDD-91F7-17204C4BF07C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C0010B91-4898-4E59-AE64-17938C788DDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CD960CCC-5BD2-472A-A2CB-6D146879310D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-10] (Google LLC -> Google LLC) Task: {D9A7F6FF-FF86-4163-A493-CB8CF12EE3E2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {D9D8D895-A5CA-41FE-B7F1-5764ABBBF2A1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-01-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {DA97066C-084A-4005-8DD1-F0EF8166AA81} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{01d52ce3-f654-4807-919b-fc7379500629}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge Profile: C:\Users\theos\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-06] FireFox: ======== FF DefaultProfile: t61l4l6g.default FF ProfilePath: C:\Users\theos\AppData\Roaming\Mozilla\Firefox\Profiles\t61l4l6g.default [2021-01-05] FF ProfilePath: C:\Users\theos\AppData\Roaming\Mozilla\Firefox\Profiles\xw9oo79h.default-release [2021-05-08] FF Homepage: Mozilla\Firefox\Profiles\xw9oo79h.default-release -> hxxps://www.facebook.com/ FF Notifications: Mozilla\Firefox\Profiles\xw9oo79h.default-release -> hxxps://www.instagram.com FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [Bestand niet getekend] FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [Bestand niet getekend] FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [Bestand niet getekend] FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Bestand niet getekend] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\theos\AppData\Local\Google\Chrome\User Data\Default [2021-05-07] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\theos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31] CHR Extension: (Chrome Media Router) - C:\Users\theos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24] Opera: ======= OPR Profile: C:\Users\theos\AppData\Roaming\Opera Software\Opera Stable [2021-01-10] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (Canon Inc. -> CANON INC.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-01-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-01-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44272 2021-04-24] (Dropbox, Inc -> Dropbox, Inc.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes Corporation -> Malwarebytes) S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] (CyberLink -> ) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] R3 MarvinBus; C:\Windows\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251840 2021-05-02] (Malwarebytes Corporation -> Malwarebytes) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [174968 2021-01-07] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation) S3 WLRAWMp50x64; C:\Windows\System32\Drivers\WLRAWMp50x64.sys [35352 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWMp50x64; C:\Windows\SysWOW64\Drivers\WLRAWMp50x64.sys [35352 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWSp50x64; C:\Windows\System32\Drivers\WLRAWSp50x64.sys [34328 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWSp50x64; C:\Windows\SysWOW64\Drivers\WLRAWSp50x64.sys [34328 2013-10-31] (Logitech Inc -> Logitech, Inc.) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-05-08 09:38 - 2021-05-08 09:39 - 000000000 ____D C:\FRST 2021-05-07 13:40 - 2021-05-07 13:45 - 000000000 ____D C:\AdwCleaner 2021-05-07 10:03 - 2021-05-07 10:03 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-05-07 07:47 - 2021-05-07 10:03 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-05-06 08:01 - 2021-05-06 08:01 - 000000000 ____D C:\Users\theos\OneDrive\Documenten\Mijn Garmin 2021-05-02 08:28 - 2021-05-02 08:28 - 000001149 _____ C:\ProgramData\Bureaublad\Oracle VM VirtualBox.lnk 2021-05-02 08:28 - 2021-05-02 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2021-05-01 11:17 - 2021-05-01 11:17 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2021-05-01 11:17 - 2021-05-01 11:17 - 001687040 _____ C:\Windows\system32\libcrypto.dll 2021-05-01 11:17 - 2021-05-01 11:17 - 000700928 _____ C:\Windows\system32\FsNVSDeviceSource.dll 2021-05-01 11:17 - 2021-05-01 11:17 - 000157184 _____ C:\Windows\system32\uwfcsp.dll 2021-05-01 11:17 - 2021-05-01 11:17 - 000153600 _____ C:\Windows\system32\uwfcfgmgmt.dll 2021-05-01 11:16 - 2021-05-01 11:16 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2021-05-01 11:16 - 2021-05-01 11:16 - 001823816 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2021-05-01 11:16 - 2021-05-01 11:16 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2021-05-01 11:16 - 2021-05-01 11:16 - 001314120 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2021-05-01 11:16 - 2021-05-01 11:16 - 001163776 _____ C:\Windows\system32\MBR2GPT.EXE 2021-05-01 11:16 - 2021-05-01 11:16 - 000165888 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2021-05-01 11:16 - 2021-05-01 11:16 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2021-05-01 11:16 - 2021-05-01 11:16 - 000013312 _____ C:\Windows\system32\agentactivationruntimestarter.exe 2021-05-01 11:16 - 2021-05-01 11:16 - 000011351 _____ C:\Windows\system32\DrtmAuthTxt.wim 2021-04-29 14:00 - 2021-04-29 14:00 - 000186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2021-04-29 14:00 - 2021-04-29 14:00 - 000111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2021-04-29 14:00 - 2021-04-29 14:00 - 000092088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2021-04-29 14:00 - 2021-04-29 14:00 - 000043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2021-04-29 13:59 - 2021-05-02 08:25 - 000251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2021-04-29 13:59 - 2021-04-29 13:59 - 000001912 _____ C:\ProgramData\Bureaublad\Malwarebytes.lnk 2021-04-29 13:59 - 2021-04-29 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2021-04-29 13:59 - 2017-02-24 06:23 - 000077408 _____ C:\Windows\system32\Drivers\mbae64.sys 2021-04-29 10:18 - 2021-04-29 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-04-28 14:26 - 2021-04-28 14:26 - 000249536 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys 2021-04-28 14:26 - 2021-04-28 14:26 - 000239616 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2021-04-24 12:55 - 2021-04-24 12:55 - 000044272 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2021-04-15 08:53 - 2021-04-15 08:53 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-05-08 09:32 - 2021-04-03 11:04 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-08 09:32 - 2021-01-05 10:37 - 000000000 ____D C:\ProgramData\Mozilla 2021-05-08 09:32 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-08 09:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2021-05-08 09:31 - 2021-01-05 10:37 - 000000000 ____D C:\Users\theos\AppData\LocalLow\Mozilla 2021-05-07 14:24 - 2021-02-02 10:08 - 000000000 ____D C:\Users\theos\.VirtualBox 2021-05-07 14:24 - 2021-02-02 10:08 - 000000000 ____D C:\ProgramData\VirtualBox 2021-05-07 14:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-05-07 10:11 - 2021-01-16 14:25 - 000000000 ____D C:\Users\theos\AppData\Local\Deployment 2021-05-07 10:10 - 2021-01-16 14:14 - 000000000 ____D C:\Users\theos\AppData\Roaming\Garmin 2021-05-07 10:03 - 2021-01-05 10:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-07 10:03 - 2021-01-05 10:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-05-06 13:56 - 2021-01-13 09:49 - 000000000 ___RD C:\Users\theos\Dropbox 2021-05-06 09:21 - 2020-11-19 00:45 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-05-06 08:36 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2021-05-05 16:04 - 2021-01-16 14:30 - 000000000 ____D C:\Users\theos\AppData\Roaming\vlc 2021-05-05 07:29 - 2021-01-13 16:54 - 000000000 ____D C:\ProgramData\CanonIJPLM 2021-05-05 07:17 - 2021-01-12 15:27 - 000004104 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA 2021-05-05 07:17 - 2021-01-12 15:27 - 000003872 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore 2021-05-05 07:17 - 2021-01-12 15:27 - 000001044 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2021-05-05 07:17 - 2021-01-12 15:27 - 000001040 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2021-05-02 14:17 - 2021-01-05 10:38 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2021-05-02 14:17 - 2021-01-05 10:38 - 000001108 _____ C:\ProgramData\Bureaublad\paint.net.lnk 2021-05-02 14:17 - 2021-01-05 10:38 - 000000000 ____D C:\Program Files\paint.net 2021-05-02 08:29 - 2021-01-05 10:31 - 001771768 _____ C:\Windows\system32\PerfStringBackup.INI 2021-05-02 08:29 - 2019-12-07 17:14 - 000786070 _____ C:\Windows\system32\perfh013.dat 2021-05-02 08:29 - 2019-12-07 17:14 - 000154198 _____ C:\Windows\system32\perfc013.dat 2021-05-02 08:25 - 2021-01-10 11:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-05-02 08:25 - 2021-01-05 10:24 - 000008192 ___SH C:\DumpStack.log.tmp 2021-05-02 08:25 - 2020-11-19 01:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-05-02 08:24 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2021-05-01 11:23 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2021-05-01 11:20 - 2019-12-07 17:17 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-05-01 11:20 - 2019-12-07 17:15 - 000000000 ____D C:\Windows\system32\OpenSSH 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\DiagTrack 2021-05-01 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2021-05-01 11:19 - 2019-12-07 17:17 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll 2021-05-01 11:19 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2021-05-01 11:02 - 2021-02-23 10:16 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-05-01 10:15 - 2021-01-05 10:32 - 000000000 ____D C:\Users\theos\AppData\Local\Packages 2021-04-29 11:09 - 2021-01-16 10:56 - 000072704 _____ C:\Users\theos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2021-04-29 10:18 - 2021-01-12 15:27 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-04-28 14:27 - 2021-02-02 10:08 - 000187648 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2021-04-28 14:26 - 2021-02-02 10:08 - 001038080 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2021-04-28 09:56 - 2020-11-19 00:45 - 000542920 _____ C:\Windows\system32\FNTCACHE.DAT 2021-04-28 08:20 - 2021-01-16 14:49 - 000002226 _____ C:\ProgramData\Bureaublad\Google Chrome.lnk 2021-04-28 08:20 - 2021-01-10 12:08 - 000002267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-04-26 08:06 - 2021-04-03 11:04 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-26 08:06 - 2021-04-03 11:04 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-23 09:02 - 2021-01-18 10:43 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-04-22 10:38 - 2021-01-10 12:08 - 000003576 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-22 10:38 - 2021-01-10 12:08 - 000003452 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-15 08:57 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2021-04-15 08:48 - 2021-01-11 10:36 - 000000000 ____D C:\Windows\system32\MRT 2021-04-15 08:46 - 2021-01-11 10:36 - 131963968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-04-11 08:50 - 2020-11-19 01:45 - 000000000 ____D C:\Windows\system32\Drivers\wd ==================== Bestanden in de root van sommige mappen ======== 2021-01-16 10:56 - 2021-04-29 11:09 - 000072704 _____ () C:\Users\theos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================