Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 28-08-2021 Gestart door lodew (Beheerder) op LAPTOP-AENQ9G9L (HP HP ENVY Laptop 17-ce0xxx) (01-09-2021 11:22:05) Gestart vanaf D:\Mijn Data\Bureaublad Geladen Profielen: lodew Platform: Windows 10 Home Versie 21H1 19043.1165 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitPDFReaderUpdateService.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointGpuInfo.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\BridgeCommunication.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\DiagsCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\SysInfoCap.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.11.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.9.31.0_x64__v10z8vjag6ke6\HpSystemManagement.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.9.31.0_x64__v10z8vjag6ke6\Win32Process\HPCC.Bg.BackgroundApp.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\dptf_helper.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_167a1a0325242e3d\aesm_service.exe (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe (Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_dc7a0fe3ada1cbf5\OneApp.IGCC.WinService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87a05f372b04db63\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87a05f372b04db63\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_0c50c5dc47ed0efe\RstMwService.exe (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e3f9b958faa255f1\lib\SocketHeciServer.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (LogMeIn, Inc. -> LastPass) C:\Program Files (x86)\LastPass\nplastpass.exe (Luminati Networks Ltd -> Bright Data Ltd.) C:\Program Files\Viddly YouTube Downloader\net_updater32.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_6f7f22b0a5610d99\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated.) C:\Windows\System32\WBFResetService111.exe (Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1027360 2020-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [165928 2021-08-17] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\UniConverter\WSVCUUpdateHelper.exe HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-04] (HP Inc.) [Bestand niet getekend] HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-04] (HP Inc.) [Bestand niet getekend] HKU\S-1-5-21-2367610798-4097354111-2988090014-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-04] (HP Inc.) [Bestand niet getekend] HKU\S-1-5-21-2367610798-4097354111-2988090014-1001\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKU\S-1-5-21-2367610798-4097354111-2988090014-1001\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [2824176 2016-09-16] (Binary Fortress Software Ltd. -> Binary Fortress Software) HKU\S-1-5-21-2367610798-4097354111-2988090014-1001\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [116464 2019-11-29] (Lamantine Software a.s. -> ESET) HKU\S-1-5-21-2367610798-4097354111-2988090014-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2367610798-4097354111-2988090014-1001\...\Run: [Avanquest Message] => C:\Users\lodew\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [603504 2021-07-05] (Avanquest Software SAS -> Avanquest Software) HKU\S-1-5-21-2367610798-4097354111-2988090014-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\...\Print\Monitors\HP C311 Status Monitor: C:\windows\system32\hpinkstsC311LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 5530 series): C:\windows\system32\HPDiscoPMC311.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.63\Installer\chrmstp.exe [2021-09-01] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update UWP App.lnk [2021-08-31] ShortcutTarget: Update UWP App.lnk -> C:\Program Files (x86)\LastPass\lpwinmetro\AppxUpgradeUwp.exe (LogMeIn, Inc. -> ) Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {06970D08-284F-41DD-B469-9EEBCD853F84} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF Task: {1128C4ED-D9E2-451A-A3DB-473C1992D807} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {21985868-5560-4EEA-AEFB-E201D2FC46B3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI Task: {24523F97-FA38-4ECC-B003-DFDBB300FC47} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform) Task: {2A18046A-37BA-445D-B597-611902FD04FA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError Task: {3BEDD5FF-4F18-4586-82BB-7DA2D1B77C0E} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.) Task: {45C71603-F7D2-41DE-8E73-74C6D064F333} - System32\Tasks\LastPassUpdater => C:\Program Files (x86)\LastPass\Updater\Updater.exe [1317584 2021-08-23] (LogMeIn, Inc. -> LogMeIn Inc.) Task: {4E0EAC9F-E905-4938-B722-D93EB8FE2432} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-225298021-4275868104-3809698272-500 => C:\Users\lodew\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {5512314F-223C-4061-8816-7291940F6FED} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {560ACB78-D69C-4EEF-A68C-150DBF1FDDBA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2 Task: {5E37F5CF-2891-4AE1-B9D5-548F221A8A81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-21] (Google LLC -> Google LLC) Task: {61F46B30-4086-4014-BB5E-0BC4FDA7F8BB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9DED23DF4360B491 => C:\Program Files\mozilla firefox\default-browser-agent.exe [673720 2021-08-25] (Mozilla Corporation -> Mozilla Foundation) Task: {622E52C0-2219-45A0-B572-12F8A15192D4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {65EAB732-E1F4-4BF2-B686-B6C353145FFE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {666044B8-9BD7-47BF-98FA-13FA91EB3573} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [562544 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6ACA1AE1-F580-4519-91FD-388B04E62480} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError Task: {6CE59A07-2BF4-4AAE-8DD0-33C39C4D3A40} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-07-13] (HP Inc. -> HP Inc.) Task: {732C6986-1592-4E25-ACCE-FF34934C9D1C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO Task: {7492070B-6F67-4064-A999-3E6B6D80FFB2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {74A280CE-A72F-4C0C-AE70-39E8F85CB1CF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {79992B60-AE94-40A4-BDD5-A352BC581123} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [Bestand niet getekend] Task: {8CEFD8F0-DA3B-44B2-9C1A-C2AA4295C037} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3560304 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8E7500A2-6448-496C-AF7F-209C66A08F61} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {92760BE1-3EEF-429C-ADBB-BCF889686507} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1122992 2021-08-21] (HP Inc. -> HP Inc.) Task: {9641D53A-7A3B-4A34-83FC-315CEFA3973F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd) Task: {9873E75D-7252-4D9D-8B93-87E2C75B3111} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest Task: {9AD48A3E-BD92-4BA6-BD24-0E148EBD16B1} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9C0E7F67-A6DA-4EC1-829C-8617904EFFB5} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.111\DADUpdater.exe Task: {AAA423FE-55C9-4880-965C-17EBD5BF6037} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [1003888 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BCBDE291-26EE-4A3D-B3C3-E9BA379B68ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1122992 2021-08-21] (HP Inc. -> HP Inc.) Task: {CB992381-3718-4B37-A5F4-C11BB9684085} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1 Task: {D569EB95-D544-4FF1-9D62-9137D9BCD1DF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags: Task: {D884938E-0DEF-4998-B563-3F0F852A9EFB} - System32\Tasks\HPCustParticipation HP ENVY 5530 series => C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP) Task: {DA6672CE-2B75-4F87-87D5-CF6E8C482149} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887152 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DEB4A207-D657-4005-BE00-0DAC5FCB053D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-25] (Mozilla Corporation -> Mozilla Foundation) Task: {E429DBFE-FC07-47DE-A93A-AD51A1B87F4A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855408 2019-02-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ED6D0432-7C54-4E8E-A158-72E0AE6849A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-21] (Google LLC -> Google LLC) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{3e434d84-4b46-41ce-9761-a0b88d17a286}: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{ae79bdda-b862-48b4-a326-a29a95a7ea1e}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: D:\Mijn Data\Downloads Edge Notifications: HKU\S-1-5-21-2367610798-4097354111-2988090014-1001 -> hxxps://www.facebook.com Edge DefaultProfile: Default Edge Profile: C:\Users\lodew\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-01] Edge DownloadDir: Default -> D:\Mijn Data\Downloads Edge Notifications: Default -> hxxps://vtm.be; hxxps://www.facebook.com Edge StartupUrls: Default -> "hxxps://duckduckgo.com/" Edge DefaultSearchURL: Default -> {bing:baseURL}search?q={searchTerms}&{bing:cvid}{bing:msb}{google:assistedQueryStats} Edge Extension: (LastPass: Free Password Manager) - C:\Users\lodew\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2021-08-31] Edge Extension: (DuckDuckGo) - C:\Users\lodew\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-08-25] Edge Extension: (Adblock Plus - gratis adblocker) - C:\Users\lodew\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-08-12] Edge Extension: (eID Edge Extension) - C:\Users\lodew\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjiffldffjokfhokbjanjgjmeabmhflb [2021-07-09] Edge HKLM-x32\...\Edge\Extension: [bbcinlkgjjkejfdpemiealijmmooekmp] FireFox: ======== FF DefaultProfile: 4850mj2t.default FF ProfilePath: C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\4850mj2t.default [2021-09-01] FF user.js: detected! => C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\4850mj2t.default\user.js [2020-01-18] FF ProfilePath: C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238 [2021-09-01] FF Notifications: Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238 -> hxxps://mail.google.com FF Extension: (AdBlocker Ultimate) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\adblockultimate@adblockultimate.net.xpi [2021-04-11] FF Extension: (eID België) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\belgiumeid@eid.belgium.be.xpi [2021-06-06] FF Extension: (eID Chrome Extension) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\eid-chrome-extension@e-contract.be.xpi [2021-04-28] [UpdateUrl:hxxps://www.e-contract.be/eid-chrome/releases/eid-chrome-extension-updates.json] FF Extension: (YouTube™ Flash® Player) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2020-03-17] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-05-11] FF Extension: (ESET Password Manager) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\passwordmanager@eset.com.xpi [2021-06-06] [UpdateUrl:hxxps://download.eset.com/com/eset/extensions/firefox/pwm/g2/latest/update.json] FF Extension: (LastPass: Free Password Manager) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\support@lastpass.com.xpi [2021-06-06] FF Extension: (Maak Volledige Webpagina Schermafbeeldingen - FireShot) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2020-12-09] FF Extension: (Connective signing extension) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\{4f643bc8-78f5-49c6-8efd-78ee30289f0b}.xpi [2021-02-17] FF Extension: (Flash and Video Download) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2020-12-09] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-06-06] FF Extension: (Adblock Plus - gratis adblocker) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-06-06] FF Extension: (Dark Fox) - C:\Users\lodew\AppData\Roaming\Mozilla\Firefox\Profiles\vlf2cihr.default-release-1584440531238\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-06-05] FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google Inc -> Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-27] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-06-07] (Visan Industries -> RocketLife, LLP) FF Plugin HKU\S-1-5-21-2367610798-4097354111-2988090014-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\lodew\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife -> RocketLife, LLP) FF Plugin HKU\S-1-5-21-2367610798-4097354111-2988090014-1001: connective.be/BrowserPlugin -> C:\Users\lodew\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2020-12-17] (Connective n.v.) [Bestand niet getekend] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-09-01] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default [2021-09-01] CHR Notifications: Default -> hxxps://vtm.be; hxxps://www.tomtom.com CHR HomePage: Default -> hxxps://www.google.be/ CHR StartupUrls: Default -> "hxxp://www.google.be/" CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-08-02] CHR Extension: (Logitech Smooth Scrolling) - C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2020-07-11] CHR Extension: (LastPass: Free Password Manager) - C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-08-02] CHR Extension: (Connective signing extension) - C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2020-07-11] CHR Extension: (.MPD Detector) - C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoohbdbmggiknlpcmhhdkpaclfcdapk [2020-07-11] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-23] CHR Extension: (Chrome Media Router) - C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-02] CHR Extension: (ID Card reader extension) - C:\Users\lodew\AppData\Local\Google\Chrome\User Data\Default\Extensions\plokokmlmpnjobebmdophbogifcnlpec [2021-07-09] CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) "cpuz143" => service kan niet worden ontgrendeld. <==== AANDACHT HKLM\SYSTEM\ControlSet001\Services\cpuz143 => \??\C:\Users\lodew\AppData\Local\Temp\cpuz143\cpuz143_x64.sys <==== AANDACHT (Rootkit!/vergrendelde service) <==== AANDACHT R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-08-17] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-08-17] (ESET, spol. s r.o. -> ESET) R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitPDFReaderUpdateService.exe [2357880 2021-07-21] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [886136 2020-06-24] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\AppHelperCap.exe [738368 2021-06-27] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\DiagsCap.exe [735832 2021-06-27] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\NetworkCap.exe [735824 2021-06-27] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c95e7d335bd30097\x64\SysInfoCap.exe [737368 2021-06-27] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe [489584 2021-06-18] (HP Inc. -> HP Inc.) R2 luminati_net_updater_win_vidd_ly; C:\Program Files\Viddly YouTube Downloader\net_updater32.exe [7396184 2021-09-01] (Luminati Networks Ltd -> Bright Data Ltd.) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-19] (Malwarebytes Inc -> Malwarebytes) R2 SensRst; C:\WINDOWS\system32\WBFResetService111.exe [581384 2020-01-15] (Synaptics Incorporated -> Synaptics Incorporated.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> ) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_6f7f22b0a5610d99\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_6f7f22b0a5610d99\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem S3 WsDrvInst; C:\Program Files\Wondershare\UniConverter\Transfer\DriverInstall.exe [X] ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [208976 2020-02-18] (BayHub Technology Inc. -> BayHubTech/O2Micro) R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169424 2021-08-03] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123472 2021-08-03] (ESET, spol. s r.o. -> ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-10] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194776 2021-08-03] (ESET, spol. s r.o. -> ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43904 2021-08-03] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70232 2021-08-03] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-08-03] (ESET, spol. s r.o. -> ESET) S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R0 EUDCPEPM; C:\WINDOWS\system32\drivers\EUDCPEPM.sys [76344 2020-12-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) S3 EUDCPEPM0; C:\WINDOWS\system32\drivers\EUDCPEPM0.sys [76344 2020-12-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-09-01] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-19] (Malwarebytes Inc -> Malwarebytes) S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [83776 2019-05-11] (Insecure.Com LLC -> Insecure.Com LLC.) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [83776 2019-05-11] (Insecure.Com LLC -> Insecure.Com LLC.) R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> ) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-09-01 11:10 - 2021-09-01 11:10 - 000000008 __RSH C:\ProgramData\ntuser.pol 2021-09-01 09:23 - 2021-09-01 09:23 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-08-31 17:29 - 2021-08-31 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass 2021-08-31 17:28 - 2021-08-31 17:28 - 000003790 _____ C:\WINDOWS\system32\Tasks\LastPassUpdater 2021-08-31 14:04 - 2021-09-01 11:22 - 000000000 ____D C:\FRST 2021-08-30 10:51 - 2020-12-08 00:00 - 000076344 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EUDCPEPM0.sys 2021-08-30 10:50 - 2021-08-30 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 2021-08-30 10:50 - 2021-07-19 12:57 - 005990536 _____ C:\WINDOWS\system32\BootMan.exe 2021-08-30 10:50 - 2021-07-19 12:57 - 003981448 _____ C:\WINDOWS\SysWOW64\BootMan.exe 2021-08-30 10:50 - 2021-07-19 12:57 - 000024712 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll 2021-08-30 10:50 - 2021-07-19 12:57 - 000021128 _____ C:\WINDOWS\system32\EuEpmGdi.dll 2021-08-30 10:50 - 2021-07-09 15:52 - 000174216 _____ C:\WINDOWS\system32\setupepmdrvx64.exe 2021-08-30 10:50 - 2020-12-16 09:03 - 000000057 _____ C:\WINDOWS\system32\setupepmdrv.ini 2021-08-30 10:50 - 2020-02-23 14:49 - 000036280 _____ C:\WINDOWS\system32\epmdkdrv.sys 2021-08-30 10:50 - 2020-02-23 14:49 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\EPMVolFl.sys 2021-08-25 13:11 - 2021-08-25 13:11 - 000002346 _____ C:\Users\lodew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshots.lnk 2021-08-25 09:35 - 2021-08-31 11:09 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-08-19 17:03 - 2021-08-19 17:07 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-08-14 17:01 - 2021-08-14 17:01 - 000000000 ____D C:\Users\lodew\AppData\Roaming\TransferSupport 2021-08-14 17:01 - 2021-08-14 17:01 - 000000000 ____D C:\Program Files (x86)\Wondershare 2021-08-14 09:49 - 2021-08-14 10:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-08-13 18:45 - 2021-08-13 18:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-08-13 18:45 - 2021-08-13 18:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-08-13 18:45 - 2021-08-13 18:45 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-08-13 18:45 - 2021-08-13 18:45 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-08-13 18:45 - 2021-08-13 18:45 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-08-13 18:45 - 2021-08-13 18:45 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2021-08-13 18:45 - 2021-08-13 18:45 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-08-13 18:41 - 2021-08-13 18:41 - 000000000 ___HD C:\$WinREAgent 2021-08-11 12:53 - 2021-08-11 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader 2021-08-10 16:44 - 2021-08-10 16:44 - 000000000 ____D C:\Users\lodew\AppData\Local\AdvinstAnalytics 2021-08-09 17:41 - 2021-08-09 17:41 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate 2021-08-09 17:39 - 2021-08-14 16:52 - 000000000 ____D C:\Program Files\Wondershare 2021-08-09 11:49 - 2021-08-09 11:49 - 000000000 ____D C:\Users\lodew\.fontconfig 2021-08-09 11:48 - 2021-08-09 11:48 - 000000000 ____D C:\Users\lodew\AppData\Local\ConverterAgent 2021-08-09 11:48 - 2021-08-09 11:48 - 000000000 ____D C:\Users\lodew\AppData\Local\converter 2021-08-09 11:48 - 2021-08-09 11:48 - 000000000 ____D C:\ProgramData\movavi 2021-08-09 11:47 - 2021-08-09 11:47 - 000012779 _____ C:\ProgramData\merjmevq.cmt 2021-08-07 10:07 - 2021-08-07 10:07 - 000001874 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk 2021-08-07 10:07 - 2021-08-07 10:07 - 000000000 ____D C:\Program Files\Vuze 2021-08-02 17:20 - 2021-08-02 17:20 - 000001058 _____ C:\WINDOWS\Active Setup Log.txt ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-09-01 11:19 - 2020-01-16 11:36 - 000000000 ____D C:\Users\lodew\AppData\LocalLow\Mozilla 2021-09-01 11:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-09-01 11:16 - 2020-06-17 16:41 - 001839754 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-09-01 11:16 - 2019-12-07 17:12 - 000788692 _____ C:\WINDOWS\system32\perfh013.dat 2021-09-01 11:16 - 2019-12-07 17:12 - 000154768 _____ C:\WINDOWS\system32\perfc013.dat 2021-09-01 11:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-09-01 11:12 - 2020-02-14 18:36 - 000000000 ____D C:\Program Files\CCleaner 2021-09-01 11:12 - 2020-01-21 16:49 - 000000000 ____D C:\Program Files (x86)\Google 2021-09-01 11:12 - 2020-01-16 11:36 - 000000000 ____D C:\ProgramData\Mozilla 2021-09-01 11:12 - 2019-12-04 00:03 - 000000000 ____D C:\ProgramData\NVIDIA 2021-09-01 11:10 - 2021-06-28 17:36 - 000000000 ____D C:\Program Files\Viddly YouTube Downloader 2021-09-01 11:10 - 2020-09-16 09:55 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-09-01 11:10 - 2020-06-17 16:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-09-01 11:10 - 2020-06-17 16:37 - 000008192 ___SH C:\DumpStack.log.tmp 2021-09-01 11:10 - 2020-01-16 11:17 - 000000000 __SHD C:\Users\lodew\IntelGraphicsProfiles 2021-09-01 11:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-09-01 11:10 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-09-01 11:09 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2021-09-01 11:08 - 2020-02-10 14:06 - 000000000 ____D C:\Users\lodew\AppData\LocalLow\Temp 2021-09-01 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2021-09-01 11:08 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2021-09-01 09:30 - 2020-10-13 10:02 - 000000000 ____D C:\Users\lodew\AppData\LocalLow\LastPass 2021-09-01 09:22 - 2020-01-21 16:50 - 000002328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-08-31 21:30 - 2020-06-17 16:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-31 17:29 - 2020-10-13 10:02 - 000000000 ____D C:\Program Files (x86)\LastPass 2021-08-31 17:24 - 2020-06-17 16:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2021-08-31 14:28 - 2020-02-05 17:09 - 000000000 ____D C:\Users\lodew\AppData\Roaming\Azureus 2021-08-31 11:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-31 11:09 - 2020-01-16 11:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-08-31 10:18 - 2020-08-30 17:45 - 000001418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncBackFree.lnk 2021-08-28 09:33 - 2020-02-19 12:59 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-08-26 09:35 - 2020-10-14 14:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-08-26 09:35 - 2020-01-16 11:36 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-08-25 19:01 - 2021-07-06 16:34 - 000000000 ____D C:\Users\lodew\AppData\Roaming\Webshots 2021-08-19 17:08 - 2020-05-29 16:45 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-08-18 16:06 - 2020-05-11 11:03 - 000000000 ____D C:\ProgramData\Wondershare 2021-08-17 15:47 - 2020-06-17 16:37 - 000776000 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-08-16 10:07 - 2020-06-17 16:42 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-16 10:07 - 2020-06-17 16:42 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-14 17:04 - 2020-05-11 11:04 - 000000000 ____D C:\Users\lodew\AppData\Roaming\Wondershare 2021-08-14 17:04 - 2020-05-11 11:04 - 000000000 ____D C:\Users\lodew\AppData\Local\Wondershare 2021-08-14 17:02 - 2020-05-11 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2021-08-14 17:02 - 2020-02-03 17:32 - 000000000 ____D C:\Users\lodew\AppData\Local\D3DSCache 2021-08-14 16:09 - 2020-01-29 17:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2021-08-14 16:09 - 2020-01-29 17:39 - 000000000 ____D C:\Program Files (x86)\Calibre2 2021-08-14 15:50 - 2020-08-07 16:09 - 000000000 ____D C:\Users\lodew\AppData\Roaming\vlc 2021-08-14 10:05 - 2020-01-17 16:49 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-08-14 09:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-14 09:34 - 2020-06-17 16:04 - 000000000 ____D C:\WINDOWS\HoloShell 2021-08-14 09:34 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-08-14 09:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-08-14 09:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-08-14 09:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-08-14 09:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-08-14 09:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-08-14 09:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-08-14 09:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-08-14 09:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-08-13 15:58 - 2020-01-29 11:37 - 000000000 ____D C:\Users\lodew\AppData\Local\ElevatedDiagnostics 2021-08-12 09:47 - 2020-01-16 11:48 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-08-12 09:44 - 2020-01-16 11:48 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-08-10 17:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-08-10 16:19 - 2020-01-16 11:10 - 000000000 ____D C:\Users\lodew\AppData\Local\Packages 2021-08-10 11:08 - 2020-11-12 14:56 - 000001230 _____ C:\Users\lodew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GemistDownloader.lnk 2021-08-09 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-08-09 11:49 - 2020-06-17 16:12 - 000000000 ____D C:\Users\lodew 2021-08-09 11:48 - 2020-06-06 17:13 - 000000000 ____D C:\Users\lodew\AppData\Local\Movavi 2021-08-07 16:52 - 2021-06-28 17:37 - 000000000 ____D C:\Users\lodew\AppData\Local\Viddly YouTube Downloader 2021-08-05 09:39 - 2020-06-17 16:42 - 000003578 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-05 09:39 - 2020-06-17 16:42 - 000003454 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-04 16:53 - 2021-02-20 10:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-08-03 10:03 - 2019-11-29 09:30 - 000194776 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2021-08-03 10:03 - 2019-11-29 09:30 - 000169424 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2021-08-03 10:03 - 2019-11-29 09:30 - 000123472 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2021-08-03 10:03 - 2019-11-29 09:30 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2021-08-03 10:03 - 2019-11-29 09:30 - 000070232 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2021-08-03 10:03 - 2019-11-29 09:30 - 000043904 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys ==================== Bestanden in de root van sommige mappen ======== 2020-08-20 11:15 - 2021-06-27 09:51 - 000100014 _____ () C:\Users\lodew\AppData\Roaming\.BEID_0.log 2021-02-12 17:58 - 2021-09-01 11:11 - 000042776 _____ () C:\Users\lodew\AppData\Roaming\.BEID_1.log 2020-06-03 17:16 - 2020-06-03 17:16 - 000007680 _____ () C:\Users\lodew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-06-05 12:00 - 2021-04-29 17:36 - 000000615 _____ () C:\Users\lodew\AppData\Local\oobelibMkey.log 2021-02-16 15:00 - 2021-02-16 15:00 - 000000843 _____ () C:\Users\lodew\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================