Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 30-01-2022 Gestart door User (Beheerder) op LAPTOP-ADJMS85M (TOSHIBA SATELLITE PRO R40-C) (01-02-2022 16:11:09) Gestart vanaf C:\Users\User\Desktop Geladen Profielen: User Platform: Microsoft Windows 10 Pro Education Versie 20H2 19042.1415 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Edge Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (Beijing Qihu Technology Co., Ltd. -> Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc. -> The CefSharp Authors) C:\Program Files (x86)\Citrix\ICA Client\Browser\CtxWebBrowser.exe <2> (Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-1.0.9003\Discord.exe <6> (DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) [Bestand niet getekend] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af48edaf7aa6feab\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_af48edaf7aa6feab\IntelCpHeciSvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Mozilla Corporation -> Mozilla Corporation) C:\Users\User\AppData\Local\Mozilla Firefox\firefox.exe <22> (Opera Software AS -> Opera Software) C:\Users\User\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files (x86)\TOSHIBA\BtPwrMon\BtPwrMon.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\Teco\TecoService.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [187184 2016-07-18] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) HKLM-x32\...\Run: [BtPwrMon] => C:\Program Files (x86)\Toshiba\BtPwrMon\BtPwrMon.exe [39184 2016-09-21] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [413000 2019-07-10] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [795744 2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460384 2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-2272913006-1536314420-1812636218-1001\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [19227064 2022-02-01] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-2272913006-1536314420-1812636218-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453696 2021-04-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2272913006-1536314420-1812636218-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33627104 2022-01-27] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2272913006-1536314420-1812636218-1001\...\Run: [Opera Browser Assistant] => C:\Users\User\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2272913006-1536314420-1812636218-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub) HKU\S-1-5-21-2272913006-1536314420-1812636218-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKU\S-1-5-21-2272913006-1536314420-1812636218-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2272913006-1536314420-1812636218-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-27] (Google LLC -> Google LLC) ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {02BF1295-18EB-4C3D-8292-D4F59562EC60} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [15288 2016-08-12] (DTS, Inc. -> ) Task: {0CAE48DE-99C1-48AF-A66B-07B05A1ABB21} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> Geen bestand <==== AANDACHT Task: {140B8EBF-8623-4809-90A8-CCADE089B394} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [248928 2016-08-31] (WinZip Computing LLC -> WinZip Computing, S.L.) Task: {1EEB9121-573D-49D8-BD67-97EA4A6D80F1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1133976 2022-01-25] (Microsoft Corporation -> Microsoft Corporation) Task: {26DC444B-4D1B-445F-8445-3060C5BBF3D7} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> Geen bestand <==== AANDACHT Task: {2DC18007-BC09-4238-A10C-4E9D5BB9603E} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {37495EF7-EDCC-4263-8993-E54BBFEA905F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21862256 2021-12-16] (Microsoft Corporation -> Microsoft Corporation) Task: {398927EC-BB61-40C4-AE1D-18C008AC91E6} - System32\Tasks\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [707856 2016-07-01] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) Task: {3B8DEBC9-8DAD-4B45-B1B7-22791B9B3060} - System32\Tasks\Opera scheduled assistant Autoupdate 1601590266 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe [1802960 2022-01-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {3C5765EB-0149-47E2-B819-5B23B569FBD8} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> Geen bestand <==== AANDACHT Task: {4F0B541F-15CC-4FF4-BDA4-39EAC7CB1574} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {4F52A0B7-88FD-4709-8701-7ADCF6FEBE10} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21862256 2021-12-16] (Microsoft Corporation -> Microsoft Corporation) Task: {5A9676B2-3397-438B-9751-8FF66BCA358F} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd) Task: {5DF45421-2B96-489F-B891-1EB6099D2A41} - System32\Tasks\ccleaner update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform) Task: {68EDF8B7-E6E3-4E34-84B0-A1A92313BFAC} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> Geen bestand <==== AANDACHT Task: {790027B1-5644-4896-99CE-4D8EAE5EADC4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21862256 2021-12-16] (Microsoft Corporation -> Microsoft Corporation) Task: {8254704A-AF1B-4A11-84EA-45213CF393E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-16] (Google Inc -> Google Inc.) Task: {840456F3-4DB7-44CE-8387-2454A2056F66} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004256 2022-01-25] (Microsoft Corporation -> Microsoft Corporation) Task: {957AB157-8DE6-45F1-AA8B-A04F8EA1FF80} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004256 2022-01-25] (Microsoft Corporation -> Microsoft Corporation) Task: {958FC836-1926-4625-9ED9-C833A69D348B} - System32\Tasks\360ZipUpdater => C:\Program Files (x86)\360\360zip\360zipUpdate.exe [359488 2021-01-05] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) Task: {99CB56DE-6A02-49D2-A461-47658B0A73CD} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> Geen bestand <==== AANDACHT Task: {A30CA8AF-BB5E-4E15-AB24-D9D77F3A3E7E} - System32\Tasks\Mozilla\Firefox Default Browser Agent CCD976FAAA8FA5AF => C:\Users\User\AppData\Local\Mozilla Firefox\default-browser-agent.exe do-task "CCD976FAAA8FA5AF" Task: {A4573114-679F-4D70-B39B-F902F20C0B04} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {BD2BEF4D-4EE1-4C75-94D1-D9584BC7144E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116144 2022-01-25] (Microsoft Corporation -> Microsoft Corporation) Task: {D5591503-1E01-4DA9-BC32-550E50047B8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-16] (Google Inc -> Google Inc.) Task: {DF9545F6-B29A-4F75-BE2B-280B995015BE} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> Geen bestand <==== AANDACHT Task: {E3F3A9D6-C373-4069-861C-D087C967EA94} - System32\Tasks\Opera scheduled Autoupdate 1601590187 => C:\Users\User\AppData\Local\Programs\Opera\launcher.exe [1802960 2022-01-26] (Opera Software AS -> Opera Software) Task: {EBC42869-5BEB-4C02-B73A-937BEFA58C19} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {F8E9ED28-19DD-499C-AF7A-987047FE9A69} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116144 2022-01-25] (Microsoft Corporation -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 Tcpip\..\Interfaces\{45d2f025-f5f9-4535-8d85-6e0524df7758}: [DhcpNameServer] 192.168.2.254 Tcpip\..\Interfaces\{d46005a1-da3c-4450-b065-88b67d5feda9}: [DhcpNameServer] 62.179.104.196 213.46.228.196 Edge: ======= Edge Notifications: HKU\S-1-5-21-2272913006-1536314420-1812636218-1001 -> hxxps://www.sporcle.com; hxxps://wellant.trajectplanner.nl Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-01] FireFox: ======== FF DefaultProfile: xlm7mj8m.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xlm7mj8m.default [2022-02-01] FF Homepage: Mozilla\Firefox\Profiles\xlm7mj8m.default -> www.google.nl FF Notifications: Mozilla\Firefox\Profiles\xlm7mj8m.default -> hxxps://www.youtube.com; hxxps://web.skype.com; hxxps://filehippo.com FF Extension: (360 Internet Protection) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\xlm7mj8m.default\Extensions\InternetProtection@360safe.com.xpi [2018-10-06] FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2019-12-02] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-01-25] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-25] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2272913006-1536314420-1812636218-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-08] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-02-01] CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com CHR HomePage: Default -> hxxp://www.google.nl/ CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png CHR Extension: (Presentaties) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-16] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-01-25] CHR Extension: (Documenten) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-16] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-16] CHR Extension: (Spreadsheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-16] CHR Extension: (Offline Documenten) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-02-01] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-01] CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] Opera: ======= OPR Profile: C:\Users\User\AppData\Roaming\Opera Software\Opera Stable [2022-02-01] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.nl/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (360 Internet Protection) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnpeghmjdfdmneiljeibjnemfdkojdhl [2022-01-28] OPR Extension: (Rich Hints Agent) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-01-28] OPR Extension: (Amazon Assistant Promotion) - C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-01-28] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-12-11] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9192328 2021-12-16] (Microsoft Corporation -> Microsoft Corporation) S2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_7e3f745486eb9793\DSDFunctionKeyCtlService.exe [688824 2022-01-10] (Dynabook Inc. -> Dynabook Inc.) R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [20928 2016-08-12] (DTS, Inc. -> ) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Bestand niet getekend] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Bestand niet getekend] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7972536 2022-02-01] (Malwarebytes Inc -> Malwarebytes) R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [1102080 2021-04-02] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) S3 QHProtected; C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe [3082096 2021-05-17] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [337112 2016-07-13] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_7e3f745486eb9793\dynabookSystemService.exe [44785296 2022-01-10] (Dynabook Inc. -> Dynabook Inc.) S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_7e3f745486eb9793\TOSTABSYSSVC.exe [297680 2022-01-10] (Dynabook Inc. -> Dynabook Inc.) S2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_7e3f745486eb9793\RMService.exe [447296 2022-01-10] (Dynabook Inc. -> Dynabook Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [199888 2021-08-23] (Beijing Qihu Technology Co., Ltd. -> 360.cn) R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2019-05-31] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2019-05-31] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [346864 2021-10-27] (Beijing Qihu Technology Co., Ltd. -> 360.cn) R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [58200 2020-12-14] (Beijing Qihu Technology Co., Ltd. -> 360.cn) R1 360CondrvFix; C:\WINDOWS\system32\DRIVERS\360CondrvFix.sys [39752 2021-01-19] (Beijing Qihu Technology Co., Ltd. -> 360.cn) S0 360elam64; C:\WINDOWS\System32\DRIVERS\360elam64.sys [17192 2019-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> 360.cn) R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [494080 2021-05-06] (Beijing Qihu Technology Co., Ltd. -> 360.cn) R1 360Hvm; C:\WINDOWS\System32\Drivers\360Hvm64.sys [334336 2021-05-06] (Beijing Qihu Technology Co., Ltd. -> 360安全中心) R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2017-12-15] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [232688 2021-06-28] (Beijing Qihu Technology Co., Ltd. -> 360.cn) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-02-01] (Malwarebytes Inc -> Malwarebytes) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.) R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.) R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_7e3f745486eb9793\TosSrvCtlDrv.sys [26832 2022-01-10] (Dynabook Inc. -> Dynabook Inc.) R0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.) R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2019-07-24] (Citrix Systems, Inc. -> Citrix Systems, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-02-01 16:11 - 2022-02-01 16:12 - 000027996 _____ C:\Users\User\Desktop\FRST.txt 2022-02-01 16:08 - 2022-02-01 16:11 - 000000000 ____D C:\FRST 2022-02-01 16:07 - 2022-02-01 16:07 - 002311680 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2022-02-01 16:00 - 2022-02-01 16:00 - 000001172 _____ C:\Users\User\Desktop\VLC media player.lnk 2022-02-01 15:57 - 2022-02-01 15:57 - 000000000 ____D C:\Users\User\AppData\Roaming\Sun 2022-02-01 15:56 - 2022-02-01 15:56 - 000165600 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2022-02-01 15:56 - 2022-02-01 15:56 - 000000000 ____D C:\ProgramData\Oracle 2022-02-01 15:56 - 2022-02-01 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2022-02-01 15:56 - 2022-02-01 15:56 - 000000000 ____D C:\Program Files (x86)\Java 2022-02-01 14:53 - 2022-02-01 14:53 - 000000000 ____D C:\ProgramData\360sd 2022-02-01 14:40 - 2022-02-01 14:40 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - User 2022-02-01 14:39 - 2022-02-01 14:39 - 036572432 _____ (Piriform Software Ltd) C:\Users\User\Downloads\ccsetup589.exe 2022-02-01 14:33 - 2022-02-01 14:33 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-02-01 14:33 - 2022-02-01 14:33 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-02-01 14:31 - 2022-02-01 14:31 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-02-01 14:28 - 2022-02-01 14:29 - 008540344 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner_8.3.1.exe 2022-02-01 14:26 - 2022-02-01 14:26 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-02-01 14:26 - 2022-02-01 14:24 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-02-01 14:23 - 2022-02-01 14:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-02-01 14:22 - 2022-02-01 16:08 - 000000000 ____D C:\Users\User\AppData\Local\Mozilla Firefox 2022-01-18 20:50 - 2022-01-18 20:51 - 015323472 _____ (Medtronic Diabetes) C:\Users\User\Downloads\Niet bevestigd 374862.crdownload 2022-01-18 20:50 - 2022-01-18 20:50 - 000000000 _____ C:\Users\User\Downloads\Niet bevestigd 732589.crdownload 2022-01-18 20:38 - 2022-01-18 20:39 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (17).exe 2022-01-18 20:32 - 2022-01-18 20:32 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (16).exe 2022-01-18 20:31 - 2022-01-18 20:32 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (15).exe 2022-01-18 14:51 - 2022-01-18 14:51 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (14).exe 2022-01-18 14:26 - 2022-01-18 14:26 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (13).exe 2022-01-18 14:21 - 2022-01-18 14:22 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (12).exe 2022-01-18 14:13 - 2022-01-18 14:13 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (11).exe 2022-01-18 14:12 - 2022-01-18 14:13 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (10).exe 2022-01-18 14:09 - 2022-01-18 14:10 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (9).exe 2022-01-18 14:09 - 2022-01-18 14:09 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (8).exe 2022-01-18 14:08 - 2022-01-18 14:09 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (7).exe 2022-01-18 14:08 - 2022-01-18 14:09 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (6).exe 2022-01-18 14:08 - 2022-01-18 14:08 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (5).exe 2022-01-18 13:27 - 2022-01-18 13:27 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (4).exe 2022-01-18 12:13 - 2022-01-28 14:29 - 000000464 _____ C:\Users\User\skb_cache_7940aa01aed16382f1582eb1bc7aaf6.kc 2022-01-18 12:07 - 2022-01-18 12:07 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (3).exe 2022-01-18 12:07 - 2022-01-18 12:07 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (2).exe 2022-01-18 11:58 - 2022-01-18 11:59 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer (1).exe 2022-01-18 11:18 - 2021-10-06 16:30 - 000647616 _____ (Future Technology Devices International Ltd.) C:\WINDOWS\system32\ftd2xx.dll 2022-01-18 11:18 - 2021-10-06 16:30 - 000392128 _____ (Future Technology Devices International Ltd.) C:\WINDOWS\SysWOW64\ftd2xx.dll 2022-01-18 11:18 - 2021-10-06 16:30 - 000274944 _____ (FTDI Ltd.) C:\WINDOWS\system32\FTLang.dll 2022-01-18 11:18 - 2021-10-06 16:30 - 000168456 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftbusui.dll 2022-01-18 11:18 - 2021-10-06 16:30 - 000145192 _____ (Future Technology Devices International Ltd.) C:\WINDOWS\system32\Drivers\ftdibus.sys 2022-01-18 11:18 - 2021-10-06 16:30 - 000099296 _____ (Future Technology Devices International Ltd.) C:\WINDOWS\system32\Drivers\ftser2k.sys 2022-01-18 11:18 - 2021-10-06 16:30 - 000075272 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftcserco.dll 2022-01-18 11:18 - 2021-10-06 16:30 - 000065544 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftserui2.dll 2022-01-18 11:16 - 2022-01-18 11:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2022-01-18 11:15 - 2022-01-18 11:15 - 000000000 ____D C:\Program Files\DIFX 2022-01-18 11:12 - 2022-01-18 11:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CareLink Uploader 2022-01-18 11:11 - 2022-01-18 11:11 - 000000000 ____D C:\Program Files\Medtronic 2022-01-18 11:10 - 2022-01-18 11:10 - 167687760 _____ (Medtronic Diabetes) C:\Users\User\Downloads\CareLinkUploader-ACC-7350-3-4-0-windows-installer.exe 2022-01-02 17:31 - 2022-01-02 17:31 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-01-02 17:31 - 2022-01-02 17:31 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2022-01-02 17:31 - 2022-01-02 17:31 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll 2022-01-02 17:31 - 2022-01-02 17:31 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll 2022-01-02 17:31 - 2022-01-02 17:31 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll 2022-01-02 17:30 - 2022-01-02 17:30 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll 2022-01-02 17:30 - 2022-01-02 17:30 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-01-02 17:30 - 2022-01-02 17:30 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2022-01-02 17:30 - 2022-01-02 17:30 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2022-01-02 17:30 - 2022-01-02 17:30 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-01-02 17:30 - 2022-01-02 17:30 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-01-02 17:30 - 2022-01-02 17:30 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-01-02 17:29 - 2022-01-02 17:29 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll 2022-01-02 17:29 - 2022-01-02 17:29 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-01-02 17:29 - 2022-01-02 17:29 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll 2022-01-02 17:29 - 2022-01-02 17:29 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2022-01-02 17:29 - 2022-01-02 17:29 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-01-02 17:29 - 2022-01-02 17:29 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-01-02 17:28 - 2022-01-02 17:28 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-01-02 17:07 - 2022-01-02 17:07 - 000000000 ___HD C:\$WinREAgent ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-02-01 16:09 - 2019-06-17 19:49 - 000000000 ____D C:\ProgramData\Mozilla 2022-02-01 16:09 - 2017-12-13 20:46 - 000000000 ____D C:\Users\User\AppData\LocalLow\360WD 2022-02-01 16:08 - 2017-12-17 19:26 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla 2022-02-01 16:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-01 16:06 - 2017-12-28 21:49 - 000000000 ____D C:\Program Files\CCleaner 2022-02-01 16:02 - 2017-12-29 15:35 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc 2022-02-01 15:58 - 2021-02-24 11:40 - 001771332 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-02-01 15:58 - 2019-12-07 16:14 - 000787220 _____ C:\WINDOWS\system32\perfh013.dat 2022-02-01 15:58 - 2019-12-07 16:14 - 000154312 _____ C:\WINDOWS\system32\perfc013.dat 2022-02-01 15:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-02-01 15:53 - 2021-12-08 16:32 - 000000000 ____D C:\Users\User\AppData\Roaming\discord 2022-02-01 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-02-01 15:53 - 2017-12-17 19:20 - 000000000 ____D C:\Users\User\AppData\Local\Spotify 2022-02-01 15:53 - 2017-12-16 22:42 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-01 15:52 - 2021-12-08 16:32 - 000000000 ____D C:\Users\User\AppData\Local\Discord 2022-02-01 15:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-02-01 15:52 - 2017-12-17 19:20 - 000000000 ____D C:\Users\User\AppData\Roaming\Spotify 2022-02-01 15:51 - 2021-02-25 08:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-02-01 15:51 - 2021-02-24 11:31 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-01 15:51 - 2020-07-13 22:50 - 000000001 _____ C:\WINDOWS\system32\Drivers\360Hvm64.dat 2022-02-01 15:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-02-01 15:50 - 2020-10-01 23:09 - 000001161 _____ C:\Users\User\Desktop\facebook.lnk 2022-02-01 15:50 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-02-01 15:50 - 2017-12-28 22:46 - 000000000 __SHD C:\ProgramData\360Quarant 2022-02-01 15:36 - 2021-02-25 08:52 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C97DC212-E68A-4F2A-B437-A7FEFEC5D184} 2022-02-01 14:41 - 2021-02-13 09:02 - 000000000 ___DC C:\WINDOWS\Panther 2022-02-01 14:40 - 2021-02-25 08:52 - 000003048 _____ C:\WINDOWS\system32\Tasks\ccleaner update 2022-02-01 14:40 - 2021-02-24 11:33 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-01 14:40 - 2021-02-24 11:33 - 000002297 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-02-01 14:40 - 2017-12-28 21:49 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk 2022-02-01 14:38 - 2017-08-18 17:36 - 000000000 ____D C:\Program Files\TOSHIBA 2022-02-01 14:38 - 2017-08-18 08:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA 2022-02-01 14:38 - 2017-08-18 08:03 - 000000000 ____D C:\Program Files (x86)\TOSHIBA 2022-02-01 14:38 - 2017-08-18 07:50 - 000000000 ____D C:\ProgramData\Toshiba 2022-02-01 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2022-02-01 14:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2022-02-01 14:32 - 2021-02-24 11:31 - 000436640 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-02-01 14:31 - 2019-12-07 16:17 - 000000000 ___SD C:\WINDOWS\system32\AppV 2022-02-01 14:31 - 2019-12-07 16:17 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2022-02-01 14:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-02-01 14:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2022-02-01 14:26 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-02-01 14:26 - 2018-08-29 20:08 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-02-01 14:24 - 2018-08-29 20:08 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-02-01 14:24 - 2018-08-29 20:08 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-02-01 14:24 - 2018-08-29 20:08 - 000000000 ____D C:\Program Files\Malwarebytes 2022-02-01 14:23 - 2021-02-25 08:52 - 000004202 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1601590187 2022-02-01 14:23 - 2020-10-01 23:09 - 000001401 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera-browser.lnk 2022-02-01 14:23 - 2017-12-17 19:24 - 000001285 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-01-28 15:04 - 2021-02-24 11:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-01-28 14:29 - 2021-03-23 17:21 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-28 14:29 - 2021-03-23 17:21 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d70a9920ae2aaa 2022-01-27 15:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-01-27 15:36 - 2017-08-18 08:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-01-27 15:34 - 2017-12-19 02:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-01-27 15:33 - 2021-12-24 00:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2272913006-1536314420-1812636218-1001 2022-01-27 15:33 - 2021-02-25 08:52 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2272913006-1536314420-1812636218-1001 2022-01-27 15:33 - 2021-02-24 11:33 - 000002393 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-27 15:32 - 2017-12-16 22:42 - 000002332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-01-27 15:32 - 2017-12-16 22:42 - 000002291 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-01-23 15:36 - 2021-02-25 08:52 - 000003578 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-01-23 15:36 - 2021-02-25 08:52 - 000003454 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-01-23 15:35 - 2017-12-19 02:31 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-01-19 13:44 - 2020-07-13 22:50 - 000001249 _____ C:\Users\Public\Desktop\360 Total Security.lnk 2022-01-19 13:44 - 2017-12-13 20:46 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center 2022-01-19 13:44 - 2017-12-13 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center 2022-01-18 11:50 - 2017-12-13 20:46 - 000000000 ____D C:\ProgramData\360safe 2022-01-18 11:17 - 2020-01-31 23:40 - 000000000 ____D C:\Users\User\Desktop\Ilie 2022-01-18 11:12 - 2017-08-18 07:50 - 000000000 ____D C:\ProgramData\Package Cache 2022-01-18 11:05 - 2020-05-20 16:21 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache 2022-01-06 13:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================