Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-09-2021 Gestart door Leo (Beheerder) op DESKTOP-H2G7JK4 (Hewlett-Packard 700-509nb) (17-09-2021 15:46:23) Gestart vanaf C:\Users\Leo\Desktop Geladen Profielen: Leo Platform: Windows 10 Home Versie 20H2 19042.1237 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359160.inf_amd64_2abe2598d9a3141f\B358802\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359160.inf_amd64_2abe2598d9a3141f\B358802\atiesrxx.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.15.0\crashpad_handler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) [Bestand niet getekend] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RtHDVBg_SOUNDEDGE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8849152 2016-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2017-10-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\RunOnce: [UnKIS] => wscript.exe //b C:\Users\Leo\AppData\Local\Temp\UnKIS.vbs <==== AANDACHT HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109961080 2021-05-25] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Leo\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-09-09] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\...\MountPoints2: {2fab507e-8fdb-11e5-9184-2c337a5e1b68} - "E:\LaunchU3.exe" -a HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\...\MountPoints2: {b5523ca3-c087-11e5-9191-2c337a5e1b68} - "K:\LaunchU3.exe" -a HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\WINDOWS\system32\hpinkstsC211LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\WINDOWS\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-11-14] ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab -> AO Kaspersky Lab) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk [2020-02-16] ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG) [Bestand niet getekend] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk [2020-02-16] ShortcutTarget: ProfileReminder.lnk -> C:\Program Files (x86)\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG) [Bestand niet getekend] Startup: C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ExploitedCollegeGirls - #Episode 90923 Raw Sex\Luminar AI.lnk [2021-08-13] ShortcutTarget: Luminar AI.lnk -> C:\Program Files\Skylum\Luminar AI\Luminar AI.exe (Skylum Software USA, Inc. -> Skylum) ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {042CAD27-E45A-48DD-9BC3-9A5BE51D65C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563200 2021-07-27] (Microsoft Corporation -> Microsoft Corporation) Task: {07A3AA8B-90AB-44E1-A04B-B009AE477374} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {0E10005C-93DB-4F7E-8BE2-E9BECE45584F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-28] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1EEE00DF-2A65-4D81-8D55-7A2477F6E9EE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {26E89039-0CCE-4717-AD1D-FE44BEDBFA50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe Task: {31D16ED8-D538-4A27-8B11-55B8B0C6EFDA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {36DEC89E-6097-42CF-859E-2EB4AAEEE6E3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2021-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {3E2CC60C-2202-4256-B3CF-78967C394B15} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3F51AAF9-A9D9-4B56-B013-718C026A280D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {503BF21A-ACCE-41F9-A963-356CC0CB9D24} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform) Task: {527F4FCE-CA45-4121-951D-C3D6066EFFA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.) Task: {60E2558F-A57C-4D16-97A4-2200B0A65205} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {686B4256-AE0D-4BCC-A4D6-4366B598F348} - System32\Tasks\CCleanerSkipUAC - Leo => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6B6AF0C3-9AED-4925-99CC-C2579DECFCC3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563200 2021-07-27] (Microsoft Corporation -> Microsoft Corporation) Task: {6CBCEF28-47B1-494F-BC22-A23E34B49A23} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {71DB3ACB-3A39-436D-B0E6-0ACBB09BB7F2} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7F58A35E-001E-4945-ABB6-5B9AA624EC8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {7FD65191-2391-44DA-8F50-08EB9329ACD5} - System32\Tasks\Durée de vie => C:\Mireille\Statique.exe Task: {848B5799-9E41-48BD-9170-2D351F15191F} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => J:\Windows Driver Kit\Common7\IDE\VSIXAutoUpdate.exe Task: {88723A85-D0F1-4C39-A4D7-876453A91926} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe Task: {8C6B9913-9977-42F4-9245-606E0CABA9FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe Task: {8CF7DCE6-34D5-45C1-BE48-2E79A813EC67} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.) Task: {8D19593C-1E8F-4A91-9902-D51E8BBE581E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {93577469-5C11-48A9-9170-BBBD82713F6A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {957E246E-F451-4BA5-8E53-FD54F321C953} - System32\Tasks\Office 2019 Re-Activation => C:\Users\Leo\Downloads\ActO19-v2.cmd -renewalonly Task: {97F27DDF-F0BA-4FB0-980C-D421FF3A2509} - System32\Tasks\HPCeeScheduleForLeo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2017-10-20] (Hewlett-Packard Company -> Hewlett-Packard) Task: {985523DC-7559-4E16-8EF0-B29C3B23A10E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-28] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {994F35F8-DAF8-4C34-BE4E-0AA8A2D4BF1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe Task: {99B260A6-F522-4A7B-B7ED-C8D5AA949FB5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe Task: {A3CD459C-9ACD-4CF9-BB05-58F6B57F1BB0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512720 2021-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {B866E375-B623-4E18-8AB2-4A3BD6B96F59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.) Task: {B93BAC7C-DABF-470D-8BF5-19C55F5E25AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-28] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C12FF522-ADF6-474B-BFFB-5685383777C2} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {D1C6192A-61F7-4F16-8902-1D5C662F09BF} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-09] (Mozilla Corporation -> Mozilla Foundation) Task: {D30F2C12-F46D-4D73-86AC-A9FF7F52652A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-28] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D7D1765B-B170-4F2C-A790-A8F93BA1DC5C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2021-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {D8B2F95E-249A-4380-B511-12A494F467E8} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {E4CC2024-7359-4885-B62C-C79C33758DE3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512720 2021-08-13] (Microsoft Corporation -> Microsoft Corporation) Task: {F6A61FCD-18F9-4197-9291-AC97C6CD529A} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [20085864 2021-09-07] (Goversoft LLC -> Goversoft LLC) Task: {FB319DDA-83AA-4ACB-BD2E-D22DF416974D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.4 Tcpip\..\Interfaces\{12cfad31-46c1-422f-bbc9-9385e9262228}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{6e7498c5-e31e-46ad-ba34-0e38fb70c6d0}: [DhcpNameServer] 195.130.131.133 195.130.130.5 Tcpip\..\Interfaces\{f820e062-eedd-4fe9-9e03-c0f309b2820e}: [DhcpNameServer] 195.130.131.4 195.130.130.4 Edge: ======= Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge DefaultProfile: Default Edge Profile: C:\Users\Leo\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-17] Edge Extension: (Kaspersky Protection) - C:\Users\Leo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-07] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Leo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-06] Edge HKU\S-1-5-21-3412851300-2870964825-4123225172-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: 9x54um78.default-1476091533538-1631823801386 FF ProfilePath: C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386 [2021-09-17] FF Homepage: Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386 -> hxxps://www.standaard.be/ FF Extension: (Facebook Container) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\@contain-facebook.xpi [2021-09-17] FF Extension: (AdBlocker Ultimate) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\adblockultimate@adblockultimate.net.xpi [2021-09-17] FF Extension: (eID België) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\belgiumeid@eid.belgium.be.xpi [2021-09-17] FF Extension: (Exif Viewer) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\exif_viewer@mozilla.doslash.org.xpi [2021-09-17] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-09-17] FF Extension: (Malwarebytes Browser Guard) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-09-17] FF Extension: (Bitwarden - Gratis wachtwoordbeheer) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-09-17] FF Extension: (Beste Prijs - Test Aankoop) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\{cd9c77fb-d9ac-4ca6-826e-fdc913cab733}.xpi [2021-09-17] FF Extension: (Adblock Plus - gratis adblocker) - C:\Users\Leo\AppData\Roaming\Mozilla\Firefox\Profiles\9x54um78.default-1476091533538-1631823801386\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-16] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-11-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-11-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-11-18] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3412851300-2870964825-4123225172-1002: connective.be/BrowserPlugin -> C:\Users\Leo\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2020-12-17] (Connective n.v.) [Bestand niet getekend] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-09-17] <==== AANDACHT (Gericht op * .cfg bestand) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-09-17] <==== AANDACHT Chrome: ======= CHR Profile: C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default [2021-09-17] CHR HomePage: Default -> hxxp://www.destandaard.be/ CHR StartupUrls: Default -> "hxxp://www.standaard.be/","hxxp://www.google.com" CHR Extension: (Presentaties) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-22] CHR Extension: (Safe Torrent Scanner) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-08-04] CHR Extension: (Kaspersky Protection) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-09-15] CHR Extension: (Google Drive) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-22] CHR Extension: (Kaspersky Password Manager) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2021-08-04] CHR Extension: (Spreadsheets) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-22] CHR Extension: (Offline Documenten) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-22] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-15] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-22] CHR Extension: (Gmail) - C:\Users\Leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-22] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482696 2021-07-27] (Microsoft Corporation -> Microsoft Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2017-10-20] (Intel Corporation) [Bestand niet getekend] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Bestand niet getekend] R3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [368360 2021-08-11] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2020-10-15] (Microsoft Windows -> Microsoft Corporation) S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2020-10-15] (Microsoft Windows -> Microsoft Corporation) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2016-01-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-28] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-28] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-08-09] (Google LLC -> Google, Inc.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-05-20] (Martin Malik - REALiX -> REALiX(tm)) R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation) S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-28] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-28] (Microsoft Windows -> Microsoft Corporation) S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-09-17 14:08 - 2021-09-17 14:16 - 000000000 ___HD C:\kleaner.tmp 2021-09-17 13:18 - 2021-09-17 13:18 - 013960560 _____ (Kaspersky Lab ZAO) C:\Users\Leo\Downloads\kavremvr.exe 2021-09-17 11:51 - 2021-09-17 11:53 - 000002404 _____ C:\Users\Leo\Desktop\Fixlog.txt 2021-09-16 22:14 - 2021-09-16 22:22 - 000057667 _____ C:\Users\Leo\Desktop\Addition.txt 2021-09-16 22:11 - 2021-09-17 15:48 - 000034771 _____ C:\Users\Leo\Desktop\FRST.txt 2021-09-16 22:08 - 2021-09-16 22:09 - 002304000 _____ (Farbar) C:\Users\Leo\Desktop\FRST64.exe 2021-09-15 14:44 - 2021-09-15 14:44 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2021-09-15 14:44 - 2021-09-15 14:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2021-09-15 14:44 - 2021-09-15 14:44 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-09-15 14:44 - 2021-09-15 14:44 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-09-15 14:44 - 2021-09-15 14:44 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-09-15 14:44 - 2021-09-15 14:44 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-09-15 14:44 - 2021-09-15 14:44 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-09-15 14:44 - 2021-09-15 14:44 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-09-15 14:44 - 2021-09-15 14:44 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2021-09-15 14:44 - 2021-09-15 14:44 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-09-15 14:43 - 2021-09-15 14:43 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2021-09-15 14:43 - 2021-09-15 14:43 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-09-15 14:43 - 2021-09-15 14:43 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-09-15 14:43 - 2021-09-15 14:43 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-09-15 14:43 - 2021-09-15 14:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2021-09-15 14:43 - 2021-09-15 14:43 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-09-15 14:42 - 2021-09-15 14:42 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-09-15 14:42 - 2021-09-15 14:42 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-09-15 14:42 - 2021-09-15 14:42 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-09-15 14:42 - 2021-09-15 14:42 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-09-15 14:10 - 2021-09-15 14:10 - 000000000 ___HD C:\$WinREAgent 2021-09-14 15:45 - 2021-09-14 15:57 - 071768686 _____ C:\Users\Leo\Downloads\Amateur_Photographer_-_18_September_2021.pdf 2021-09-14 15:43 - 2021-09-14 15:43 - 034425698 _____ C:\Users\Leo\Downloads\photoplus-the-canon-magazine-october-2021.pdf 2021-09-14 15:41 - 2021-09-14 15:42 - 030817171 _____ C:\Users\Leo\Downloads\Digital_Photographer_Issue_244_2021.pdf 2021-09-12 21:38 - 2021-09-17 13:31 - 000003108 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2021-09-10 10:35 - 2021-09-16 22:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-09-10 10:32 - 2021-09-15 22:38 - 000452520 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-09-09 23:02 - 2021-09-17 11:56 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-09-08 10:19 - 2021-09-08 10:19 - 000049472 _____ C:\WINDOWS\SysWOW64\traffic_stats.db-wal 2021-09-08 10:19 - 2021-09-08 10:19 - 000032768 _____ C:\WINDOWS\SysWOW64\traffic_stats.db-shm 2021-09-08 10:19 - 2021-09-08 10:19 - 000004096 _____ C:\WINDOWS\SysWOW64\traffic_stats.db 2021-09-08 10:18 - 2021-09-08 10:18 - 000000000 ____D C:\WINDOWS\Panther 2021-09-03 22:53 - 2021-09-03 23:00 - 344418923 _____ C:\Users\Leo\Downloads\samsung tv handleiding.pdf 2021-09-02 14:41 - 2021-09-02 14:42 - 000000000 ____D C:\Users\Leo\AppData\Local\WhatsApp 2021-09-02 13:25 - 2021-09-02 14:42 - 000002200 _____ C:\Users\Leo\Desktop\WhatsApp.lnk 2021-09-02 13:25 - 2021-09-02 14:42 - 000000000 ____D C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2021-08-31 17:14 - 2021-09-13 21:14 - 000002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-08-31 17:14 - 2021-09-13 21:14 - 000001866 _____ C:\Users\Default\Desktop\Google Slides.lnk 2021-08-31 17:14 - 2021-09-13 21:14 - 000001866 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2021-08-31 17:14 - 2021-09-13 21:14 - 000001854 _____ C:\Users\Default\Desktop\Google Docs.lnk 2021-08-31 17:14 - 2021-08-09 14:57 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys 2021-08-20 17:54 - 2021-08-23 14:14 - 000000000 ____D C:\Users\Leo\Downloads\CM papieren papa hospitaal 2021-08-20 13:46 - 2021-08-20 13:47 - 000000000 ____D C:\Users\Leo\Downloads\Bridge legaal setup dd 19_08_2021 2021-08-20 00:20 - 2021-08-20 00:20 - 000002896 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Leo ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-09-17 15:47 - 2020-11-17 19:10 - 000000000 ____D C:\FRST 2021-09-17 15:45 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-09-17 15:13 - 2020-09-26 18:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-09-17 15:12 - 2015-11-18 20:50 - 000000000 ____D C:\Program Files (x86)\Google 2021-09-17 14:58 - 2015-11-21 18:47 - 000000000 ____D C:\Users\Leo\Documents\Wachtwoorden 2021-09-17 14:42 - 2020-09-26 18:54 - 000003240 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForLeo 2021-09-17 14:42 - 2018-04-07 11:44 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeo.job 2021-09-17 14:24 - 2020-08-13 22:14 - 000000000 ____D C:\Users\Leo\AppData\Roaming\vlc 2021-09-17 14:22 - 2018-05-02 16:44 - 000000000 ____D C:\Users\Leo\AppData\Local\D3DSCache 2021-09-17 14:15 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-09-17 14:15 - 2015-11-16 22:48 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2021-09-17 14:15 - 2015-11-16 22:48 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2021-09-17 14:06 - 2019-01-31 10:17 - 000000000 ____D C:\ProgramData\Mozilla 2021-09-17 14:05 - 2016-11-18 15:09 - 000000000 ____D C:\Users\Leo\AppData\LocalLow\Mozilla 2021-09-17 13:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-09-17 13:34 - 2020-09-26 18:36 - 001925588 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-09-17 13:34 - 2019-12-07 17:12 - 000826710 _____ C:\WINDOWS\system32\perfh013.dat 2021-09-17 13:34 - 2019-12-07 17:12 - 000172306 _____ C:\WINDOWS\system32\perfc013.dat 2021-09-17 13:34 - 2015-11-16 21:49 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-09-17 13:32 - 2020-06-26 19:53 - 000000000 ____D C:\Program Files\CCleaner 2021-09-17 13:31 - 2021-05-21 11:35 - 000003122 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2021-09-17 13:30 - 2020-09-26 18:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-09-17 13:30 - 2020-09-26 18:17 - 000008192 ___SH C:\DumpStack.log.tmp 2021-09-17 13:30 - 2015-11-21 00:54 - 000000000 ____D C:\Users\Leo\AppData\Roaming\WTablet 2021-09-17 13:29 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-09-17 13:29 - 2017-05-15 13:21 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2021-09-17 13:20 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-09-17 13:20 - 2016-10-28 17:59 - 000000000 ____D C:\Program Files\Common Files\AV 2021-09-17 11:52 - 2020-06-29 17:44 - 000000000 ____D C:\Users\Leo\AppData\LocalLow\Temp 2021-09-17 00:04 - 2020-08-08 15:42 - 000000000 ____D C:\Users\Leo\AppData\Local\CrashDumps 2021-09-16 22:56 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-09-16 22:09 - 2018-08-05 16:07 - 000000000 ____D C:\ProgramData\ON1 2021-09-16 22:09 - 2018-06-07 22:23 - 000000000 ____D C:\Users\Leo\AppData\Roaming\ON1 2021-09-16 22:05 - 2018-08-05 16:08 - 000000000 ____D C:\Program Files\ON1 2021-09-16 19:42 - 2020-07-24 22:55 - 000001456 _____ C:\Users\Leo\AppData\Local\Adobe Save for Web 13.0 Prefs 2021-09-16 14:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-09-16 14:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-09-16 14:35 - 2021-07-13 18:34 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-09-16 14:34 - 2021-07-13 18:34 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-09-15 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-09-15 22:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2021-09-15 22:30 - 2020-09-26 18:54 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-09-15 14:08 - 2015-11-16 21:46 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-09-15 14:05 - 2015-11-16 21:46 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-09-15 10:21 - 2021-06-26 13:36 - 000000000 ____D C:\Users\Leo\Downloads\Interieur Carruet 2021-09-15 10:21 - 2019-07-08 22:41 - 000000000 ____D C:\Users\Leo\Downloads\Nieuw Zuid_parkzicht 2 2021-09-14 22:12 - 2016-12-27 19:01 - 000000000 ___RD C:\Users\Leo\Downloads\Fotomagazines 2021-09-14 08:12 - 2021-06-22 14:59 - 000002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-09-14 08:12 - 2021-06-22 14:59 - 000002193 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-09-13 21:14 - 2021-07-02 05:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2021-09-13 20:50 - 2021-05-14 10:53 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-09-13 12:54 - 2020-08-12 00:44 - 000000000 ____D C:\Users\Leo\Downloads\Mama 2021-09-12 21:47 - 2021-07-31 16:34 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3412851300-2870964825-4123225172-1002 2021-09-12 21:47 - 2020-09-26 18:23 - 000002386 _____ C:\Users\Leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-09-12 21:37 - 2015-11-16 21:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-09-10 12:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-09-10 12:16 - 2016-01-06 13:26 - 000000000 ____D C:\Users\Leo\AppData\Local\ElevatedDiagnostics 2021-09-10 10:54 - 2019-04-20 22:30 - 000000000 ____D C:\Users\Leo\AppData\Local\PlaceholderTileLogoFolder 2021-09-10 10:35 - 2019-04-12 17:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-09-09 15:26 - 2020-06-18 14:40 - 000000000 ____D C:\Users\Leo\AppData\Local\PrivaZer 2021-09-09 11:17 - 2021-05-01 10:27 - 000000000 ____D C:\Users\Leo\AppData\LocalLow\IGDump 2021-09-09 10:57 - 2020-09-20 12:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-09-07 12:13 - 2020-06-18 14:40 - 000000000 ____D C:\Program Files (x86)\PrivaZer 2021-09-06 21:58 - 2021-08-12 15:00 - 000001077 _____ C:\Users\Public\Desktop\Photo Supreme 6.lnk 2021-09-06 15:11 - 2017-12-02 19:37 - 000000000 ____D C:\Users\Leo\AppData\Local\Packages 2021-09-05 12:20 - 2021-04-19 00:04 - 000000000 ____D C:\Users\Leo\AppData\Roaming\qBittorrent 2021-09-04 21:35 - 2016-07-27 11:52 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2021-09-03 10:20 - 2015-11-16 21:34 - 000000000 ___RD C:\Users\Leo\OneDrive 2021-09-02 19:16 - 2020-02-08 13:45 - 000000000 ____D C:\Users\Leo\AppData\Roaming\WhatsApp 2021-09-02 14:42 - 2016-08-27 23:30 - 000000000 ____D C:\Users\Leo\AppData\Local\SquirrelTemp 2021-09-01 19:57 - 2019-04-04 11:56 - 000000000 ____D C:\Users\Leo\Downloads\Papa 2021-09-01 11:52 - 2015-11-18 20:50 - 000000000 ____D C:\Users\Leo\AppData\Local\Google 2021-08-31 17:14 - 2021-06-22 14:59 - 000000000 ____D C:\Program Files\Google 2021-08-31 00:35 - 2015-11-18 17:43 - 000000000 ____D C:\Users\Leo\Downloads\MUZIEK 2021-08-23 22:57 - 2019-02-25 22:21 - 000000010 _____ C:\Users\Leo\AppData\Roaming\channelChoice.ini 2021-08-18 10:44 - 2021-05-14 10:52 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-18 10:44 - 2021-05-14 10:52 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== Bestanden in de root van sommige mappen ======== 2015-11-16 22:34 - 2015-11-16 22:34 - 000000000 _____ () C:\Program Files (x86)\Common Files\AMD 2021-02-19 20:58 - 2021-07-04 21:52 - 000100060 _____ () C:\Users\Leo\AppData\Roaming\.BEID_0.log 2021-02-26 10:04 - 2021-09-17 14:05 - 000039150 _____ () C:\Users\Leo\AppData\Roaming\.BEID_1.log 2019-02-25 22:21 - 2021-08-23 22:57 - 000000010 _____ () C:\Users\Leo\AppData\Roaming\channelChoice.ini 2016-05-18 14:18 - 2016-05-19 15:55 - 000040843 _____ () C:\Users\Leo\AppData\Roaming\ConEmu.xml 2017-07-05 00:03 - 2020-09-12 18:12 - 000000028 _____ () C:\Users\Leo\AppData\Roaming\kulerdata.json 2020-07-24 22:55 - 2021-09-16 19:42 - 000001456 _____ () C:\Users\Leo\AppData\Local\Adobe Save for Web 13.0 Prefs 2016-04-29 12:00 - 2020-10-26 13:34 - 000004608 _____ () C:\Users\Leo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-10-09 14:25 - 2020-10-09 14:56 - 000021768 _____ () C:\Users\Leo\AppData\Local\digikamrc 2019-08-20 22:48 - 2019-08-20 22:48 - 000000036 _____ () C:\Users\Leo\AppData\Local\housecall.guid.cache 2019-02-20 17:43 - 2020-01-01 23:58 - 000003280 _____ () C:\Users\Leo\AppData\Local\oobelibMkey.log 2019-06-08 20:17 - 2019-06-08 20:17 - 000000218 _____ () C:\Users\Leo\AppData\Local\recently-used.xbel 2016-05-03 10:39 - 2016-05-03 10:39 - 000000017 _____ () C:\Users\Leo\AppData\Local\resmon.resmoncfg 2019-08-20 22:52 - 2019-08-20 22:52 - 000000010 _____ () C:\Users\Leo\AppData\Local\sponge.last.runtime.cache ==================== FCheck ================================ (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) FCheck: C:\WINDOWS\system32\SECOPatcher.dll [2020-11-13] <==== AANDACHT (nul byte bestand/map) ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================