Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-08-2022 Gestart door peter (Beheerder) op KENNY-PC (Acer Aspire 7250) (17-08-2022 19:11:20) Gestart vanaf C:\Users\peter\Downloads Geladen Profielen: peter Platform: Microsoft Windows 10 Home Versie 21H1 19043.1826 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\Launch Manager\dsiwmis.exe ->) (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (C:\Program Files (x86)\Launch Manager\dsiwmis.exe ->) (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (C:\Program Files (x86)\Launch Manager\LManager.exe ->) (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe (CyberLink -> CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink -> CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (explorer.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (explorer.exe ->) (Facebook, Inc. -> Facebook Inc.) C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe (explorer.exe ->) (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\peter\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <17> (NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices, Inc.) [Bestand niet getekend] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (AZTEC MEDIA INC. -> Aztec Media Inc) C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe (services.exe ->) (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe (services.exe ->) (NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated -> Acer Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation -> NTI Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc. -> Dritek System Inc.) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-09] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2020-08-29] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [Bestand niet getekend] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\...\Run: [Facebook Update] => C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-24] (Facebook, Inc. -> Facebook Inc.) HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\...\Run: [BingSvc] => C:\Users\peter\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (Microsoft Corporation -> © 2015 Microsoft Corporation) HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\peter\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Geen bestand) HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\peter\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Geen bestand) HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\peter\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" (Geen bestand) HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\peter\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" (Geen bestand) HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\Software\Policies\...\system: [disablecmd] 0 HKU\S-1-5-21-3434216092-4095225521-1875918659-1006\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3434216092-4095225521-1875918659-1006\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3434216092-4095225521-1875918659-1006\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3434216092-4095225521-1875918659-1006\...\Run: [Plays] => C:\Users\krist\AppData\Local\Plays\update.exe [1945736 2018-09-27] (Plays.tv, Inc -> ) HKLM\...\Windows x64\Print Processors\BJ Print Processor3: C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL [83968 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\BJ Language Monitor3_2: C:\WINDOWS\system32\CNBLM3_2.DLL [211456 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\PJL Language Monitor: C:\WINDOWS\system32\PJLMON.DLL [24064 2022-08-15] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {03A254E5-ABD3-449C-A9F1-B1358340C22D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Geen bestand) Task: {0D5C5A97-8910-4ADD-8ED9-CF683DE79882} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT Task: {147340D4-61C9-4503-88D0-89157CDA8088} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352 2011-05-20] (CyberLink -> CyberLink) Task: {155AD0CE-7996-4967-AA8C-9FBC4C425041} - \DealPly -> Geen bestand <==== AANDACHT Task: {1E04FE6D-7FAB-4710-9CC5-440367D462D3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3434216092-4095225521-1875918659-1001Core => C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-24] (Facebook, Inc. -> Facebook Inc.) Task: {256BAAD4-198A-43BC-B16D-0E92769742C1} - System32\Tasks\{4DF351B6-DFB4-49D0-9924-0BC43B8C9512} => C:\Windows\system32\pcalua.exe -a "C:\Users\peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VUB5C6T4\Install_CopyTransControlCenter.exe" -d C:\Users\peter\Desktop Task: {2576F1E5-936F-48F2-9181-94A360082FC1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {27405FD2-DAA0-43B9-A578-88E972BF1A2F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT Task: {2A2B0C4E-BA84-451F-8141-75B48803E8CA} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {32C0BD5B-743B-419B-B05C-3C8D9A82318C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Geen bestand) Task: {32F4D4BB-318D-484E-B930-EA98F20DD729} - \Hoolapp Init -> Geen bestand <==== AANDACHT Task: {3395BB72-57A7-4EEA-B2F7-38057BC0A775} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT Task: {379F7202-604E-48CB-8663-DE76FA06257D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Geen bestand) Task: {37ACDDA6-0D0E-4468-8FEB-87579832725A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT Task: {3A6A9E77-8610-426F-A4DC-6E70B1924969} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Geen bestand) Task: {420078DA-267D-491F-8250-297C882F4157} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {43BB5B95-8750-4444-8EF5-030F3EEA3D15} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Geen bestand) Task: {44F07AC7-5E61-4FDB-A957-991490FAF7FF} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104 2011-05-20] (CyberLink -> CyberLink Corp.) Task: {450E50DA-2149-46A6-8D4A-5B6B5BC040B8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {4FE4520A-3C47-4A20-BC01-D69F2CFFF913} - \DealPlyUpdate -> Geen bestand <==== AANDACHT Task: {53886F49-2F8D-47DF-9D39-947C77C2BB0D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT Task: {54ED1889-D635-450D-AC54-B1BDDF59A1DF} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {604DEC40-9F28-4A1C-9BD9-387919793BFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {6358E9C0-E921-41FB-A91A-8D0D33EB25B0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Geen bestand) Task: {654418EF-FC5B-48AA-8F2B-BC2C5DAEF570} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT Task: {66B0B6C0-2BBD-4215-899D-6D160CDABE0F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT Task: {67927324-8EE0-4D86-ACC0-4AD73A7087C8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Geen bestand) Task: {7568B2F8-D0A3-4912-AF7E-875885432448} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Geen bestand) Task: {7CE213B3-4F36-4889-BD11-AB34C4B03E8A} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {80FFEA63-853D-4F48-A764-C7681480BC2B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.) Task: {8142349D-BDD7-4B2A-BE9E-5A17E25F4122} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Geen bestand) Task: {841CF34E-D0EE-4463-8792-7F8EF56358D4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Geen bestand) Task: {8F217ECC-F960-4C24-BE76-D638319B031F} - \EPUpdater -> Geen bestand <==== AANDACHT Task: {904CC612-9B6A-4009-8609-90096F311B92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT Task: {96FD0B82-F97C-4FEB-8E8F-FEE2704713B4} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Geen bestand) Task: {9EB84B48-5049-4C9F-8697-0741CE1C4CF6} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Geen bestand) Task: {A3A216E3-4CD3-4C45-B9D1-A4E6FE5378D8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Geen bestand) Task: {A6094217-CF6A-4583-A997-89FAFDC28651} - \Microsoft\Windows\Setup\gwx\rundetector -> Geen bestand <==== AANDACHT Task: {A71F8520-0C7F-4616-B1B9-485466E175F8} - System32\Tasks\{C7531E60-0578-4368-B111-2C6D09CE475F} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe (Geen bestand) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B3C33C36-1FFF-4FB1-A9CD-BC7A56E787F9} - \CCleanerSkipUAC -> Geen bestand <==== AANDACHT Task: {B41D835E-3050-4043-B822-64E6D46A078F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BB43BCD9-8B7B-4187-B44D-46B98CE454F7} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [10334408 2016-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {BBC15AA6-38BA-4643-A544-2D017B11BF4E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Geen bestand) Task: {BBC38537-D423-4423-9052-379464A5AEA1} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Geen bestand <==== AANDACHT Task: {BE08E4D2-24F2-4CB8-8448-9B6843B01835} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BE0A8B47-02DE-4FFA-BB65-46BE1C22C980} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {BFFF981E-EE58-4189-87D4-0E5D6EB0A657} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {C2266299-A424-48AA-A2FA-B0BB3AAA546B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Geen bestand) Task: {C452BC1E-03AB-49B8-9CC2-FB4EB6376775} - System32\Tasks\{65ED407A-173A-4AB2-8CA2-B7E0D3AB8167} => C:\Windows\system32\pcalua.exe -a F:\DataCard_Setup.exe -d F:\ Task: {C46B0096-E32B-4B77-A8EE-9E816C65D5DE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Geen bestand) Task: {C7A8C961-42A0-4B15-BE0A-02DF52426D11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CB0C1FD9-C20E-4642-9BF1-85A2BD1554BB} - \Hoolapp For Android -> Geen bestand <==== AANDACHT Task: {CD2DBB05-8C23-4FB1-AC98-F1A2A5122C4F} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [264760 2011-05-20] (CyberLink -> Acer Incorporated) Task: {CE24111C-F325-4CD2-8327-F157F5E4123C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT Task: {D26970EC-9A4B-476C-9E58-63431BBF46A0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {DB3E02DD-25D0-442E-8950-F11ED7524E65} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Geen bestand) Task: {DB796F96-0DA6-4B92-B56F-2FB11197107E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3434216092-4095225521-1875918659-1001UA => C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-24] (Facebook, Inc. -> Facebook Inc.) Task: {DB8C8F25-72C2-4CCB-B711-978BDA53F3D1} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Geen bestand) Task: {DB99AB1F-6748-4570-9532-5F7691C3D1F4} - System32\Tasks\{E4720FB2-7EA3-4FB6-90D5-AE17432BC8CC} => C:\Windows\system32\pcalua.exe -a "C:\Users\peter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YX7PU1Y9\JavaSetup8u31.exe" -d C:\Users\peter\Desktop Task: {DC73A599-A942-4AB7-9422-B564B2003FDD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Geen bestand) Task: {DCCD77AE-54D3-4D44-A1BB-BFEAB48CD3D8} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {DD0DB5FA-6CDC-4C0C-8562-BCA1F3BF16AA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Geen bestand) Task: {E088496C-5438-416E-8D07-B60BE945B5C0} - \QtraxPlayer -> Geen bestand <==== AANDACHT Task: {E0B6E42A-6609-4BE0-AE82-CBA570407E6E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT Task: {E34F66DA-3BEC-4A77-A0D0-9E8CEEF7F159} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT Task: {E6FA2D69-C65D-4833-8184-C8979BA83EC5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT Task: {EAE0374F-FE13-4260-A8EC-44436AAE940F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Geen bestand) Task: {EDB21458-2BA0-4262-B672-E15F52DA7FC0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Geen bestand) Task: {EF5AB064-E344-492C-8D43-D1B98F002250} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Geen bestand) Task: {F4396319-96D3-4839-BE27-74139C1850BB} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {F526A01C-FD55-46DC-92ED-2C6152C1A516} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {FC31341E-C9F3-490B-84E1-161E20785726} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Geen bestand) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3434216092-4095225521-1875918659-1001Core.job => C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3434216092-4095225521-1875918659-1001UA.job => C:\Users\peter\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) ProxyServer: [S-1-5-21-3434216092-4095225521-1875918659-1001] => :0 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6bf95de7-2055-4e32-b624-382054b6d05a}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7772ad34-2978-44fe-a97d-ac86739b0544}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{976f2f50-2af3-477a-8e28-247aa0e5bc9c}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{abbc6add-52d0-4493-97bf-9e31ab5e76a0}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{ae9c5eca-a97a-4ac6-8ccf-f960b5c23e67}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Profile: C:\Users\peter\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-16] FireFox: ======== FF DefaultProfile: 6h6yo8sf.default FF ProfilePath: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\6h6yo8sf.default [2022-08-17] FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2013-03-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Geen bestand] FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-11] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-11] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [Geen bestand] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) [Bestand niet getekend] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3434216092-4095225521-1875918659-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\peter\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default [2016-06-01] CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=nl-nl CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR Extension: (Google Documenten) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-03] CHR Extension: (Google Drive) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-29] CHR Extension: (YouTube) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-29] CHR Extension: (Google Search) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-29] CHR Extension: (Offline Documenten) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-02] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-02] CHR Extension: (Gmail) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-03] CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-08-03] CHR HomePage: Profile 1 -> hxxp://www.google.be/ CHR StartupUrls: Profile 1 -> "hxxp://www.google.be/" CHR Extension: (Google Presentaties) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-03] CHR Extension: (Google Documenten) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-08] CHR Extension: (Google Drive) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-02] CHR Extension: (MEGA) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-08-02] CHR Extension: (YouTube) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-08] CHR Extension: (Adblock Plus) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-08-02] CHR Extension: (Google Search) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-08] CHR Extension: (Google Spreadsheets) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-03] CHR Extension: (Hola Beter Internet) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-08-02] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-02] CHR Extension: (Gmail) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-08] CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile [2015-08-02] CHR Extension: (Google Presentaties) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-03] CHR Extension: (Google Documenten) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-03] CHR Extension: (Google Drive) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-03] CHR Extension: (YouTube) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-03] CHR Extension: (Google Search) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-03] CHR Extension: (Google Spreadsheets) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-03] CHR Extension: (Gmail) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-03] CHR HKU\S-1-5-21-3434216092-4095225521-1875918659-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] Opera: ======= StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Bestand niet getekend] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation -> NTI Corporation) R2 SmdmFService; C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe [3570704 2015-01-28] (AZTEC MEDIA INC. -> Aztec Media Inc) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-18] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] S3 EMVSCARD; C:\WINDOWS\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (Microsoft Windows Hardware Compatibility Publisher -> USB Smart Card Reader) R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Assets Manager\smdmf\x64\smdmfmgrc3.cfg [45968 2015-01-28] (AZTEC MEDIA INC. -> Aztec Media Inc) S3 MpKsl0c4e9ef9; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [141576 2022-08-16] (Microsoft Windows -> Microsoft Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-07-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-07-18] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-18] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-08-17 19:11 - 2022-08-17 19:25 - 000036662 _____ C:\Users\peter\Downloads\FRST.txt 2022-08-17 19:07 - 2022-08-17 19:20 - 000000000 ____D C:\FRST 2022-08-17 19:00 - 2022-08-17 19:01 - 002371072 _____ (Farbar) C:\Users\peter\Downloads\FRST64.exe 2022-08-17 10:26 - 2022-08-17 10:26 - 000000000 ___HD C:\$WinREAgent 2022-08-16 16:26 - 2022-08-16 16:26 - 000000000 ____D C:\Users\peter\AppData\Local\OneDrive 2022-08-16 16:15 - 2022-08-16 16:15 - 000009948 _____ C:\Users\peter\Downloads\AdwCleanerC1.txt 2022-08-16 15:39 - 2022-08-17 17:18 - 000000000 ____D C:\Users\peter\AppData\Local\PlaceholderTileLogoFolder 2022-08-16 15:35 - 2022-08-16 15:35 - 000000000 ____D C:\Users\peter\AppData\Local\CEF 2022-08-16 15:04 - 2022-08-16 15:04 - 000000000 ____D C:\Users\peter\.ms-ad 2022-08-16 14:56 - 2022-08-17 15:47 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3434216092-4095225521-1875918659-1001 2022-08-16 14:24 - 2022-08-16 14:24 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore 2022-08-16 14:11 - 2022-08-16 14:11 - 000000020 ___SH C:\Users\peter\ntuser.ini 2022-08-15 19:57 - 2022-08-15 19:57 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-08-15 19:57 - 2022-08-15 19:57 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-08-15 19:57 - 2022-08-15 19:57 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-08-15 19:57 - 2022-08-15 19:57 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-08-15 19:57 - 2022-08-15 19:57 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-08-15 19:56 - 2022-08-15 19:56 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-08-15 19:56 - 2022-08-15 19:56 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-08-15 19:56 - 2022-08-15 19:56 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-08-15 19:56 - 2022-08-15 19:56 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-08-15 19:56 - 2022-08-15 19:56 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-08-15 19:56 - 2022-08-15 19:56 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-08-15 19:56 - 2022-08-15 19:56 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-08-15 19:55 - 2022-08-15 19:55 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-08-15 19:54 - 2022-08-15 19:54 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-08-15 19:53 - 2022-08-15 19:53 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-08-15 19:51 - 2022-08-15 19:51 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-08-15 19:51 - 2022-08-15 19:51 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-08-15 19:49 - 2022-08-15 19:49 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-08-15 19:48 - 2022-08-15 19:48 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-07-28 22:03 - 2022-07-28 22:03 - 000273808 _____ C:\Users\krist\Downloads\17798677_0032106075.pdf 2022-07-28 21:34 - 2022-08-16 15:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-07-18 11:09 - 2022-07-18 11:09 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-07-18 11:05 - 2022-07-18 11:05 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-07-18 11:00 - 2022-07-18 11:00 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-07-18 10:15 - 2022-07-18 10:15 - 000000000 ____D C:\Users\krist\.ms-ad ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-08-17 19:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-08-17 18:59 - 2020-12-05 08:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-08-17 18:13 - 2013-02-11 19:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-08-17 18:12 - 2016-02-13 15:12 - 000000000 ____D C:\WINDOWS\ShellNew 2022-08-17 18:11 - 2020-12-05 05:45 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-08-17 17:54 - 2009-07-14 04:34 - 000000419 _____ C:\WINDOWS\win.ini 2022-08-17 17:39 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-08-17 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-08-17 17:25 - 2013-02-11 21:03 - 000000000 ____D C:\ProgramData\clear.fi 2022-08-17 17:22 - 2013-02-17 14:26 - 000000000 ____D C:\Users\peter\AppData\Roaming\PowerCinema 2022-08-17 17:18 - 2018-02-27 19:55 - 000000000 ____D C:\Users\peter\AppData\Local\Packages 2022-08-17 16:57 - 2022-02-22 15:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-08-17 16:56 - 2016-11-16 14:57 - 000000000 ____D C:\Users\peter\AppData\LocalLow\Mozilla 2022-08-17 16:54 - 2016-05-15 23:19 - 000000000 ____D C:\Users\peter\AppData\Local\Comms 2022-08-17 16:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-08-17 15:47 - 2020-12-05 10:10 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3434216092-4095225521-1875918659-1001 2022-08-17 15:47 - 2020-12-05 08:51 - 000002427 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-08-17 15:10 - 2017-06-19 13:46 - 000000000 ____D C:\Users\krist\AppData\LocalLow\Mozilla 2022-08-17 12:30 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-08-17 09:40 - 2020-12-05 10:10 - 000003730 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-08-17 09:40 - 2020-12-05 10:10 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-08-16 18:05 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-08-16 17:50 - 2016-05-22 20:54 - 000000000 ___RD C:\Users\krist\OneDrive 2022-08-16 17:49 - 2017-06-19 17:04 - 000000000 ___RD C:\Users\krist\iCloudDrive 2022-08-16 17:39 - 2015-02-08 12:55 - 000000000 ____D C:\ProgramData\smdmf 2022-08-16 17:38 - 2020-12-05 10:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-08-16 17:38 - 2020-12-05 08:34 - 000008192 ___SH C:\DumpStack.log.tmp 2022-08-16 17:37 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2022-08-16 16:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-08-16 16:47 - 2020-09-28 10:42 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-08-16 15:35 - 2013-02-12 12:51 - 000000000 ____D C:\Users\peter\AppData\Local\Adobe 2022-08-16 15:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-08-16 15:23 - 2015-09-12 13:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-08-16 15:04 - 2020-12-05 08:51 - 000000000 ____D C:\Users\peter 2022-08-16 14:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-08-16 14:19 - 2018-03-14 21:32 - 000000000 ___RD C:\Users\peter\3D Objects 2022-08-16 14:19 - 2016-02-13 15:33 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-08-16 14:13 - 2016-10-02 17:10 - 000000000 ____D C:\Users\peter\AppData\Local\ConnectedDevicesPlatform 2022-08-16 13:44 - 2013-07-13 01:03 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-08-16 13:36 - 2013-02-15 17:19 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-08-16 13:21 - 2021-10-19 17:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-08-16 13:21 - 2015-09-12 13:18 - 000001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-08-15 22:09 - 2020-12-05 09:15 - 002009690 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-08-15 22:09 - 2019-12-07 17:12 - 000863282 _____ C:\WINDOWS\system32\perfh013.dat 2022-08-15 22:09 - 2019-12-07 17:12 - 000183396 _____ C:\WINDOWS\system32\perfc013.dat 2022-08-15 22:03 - 2020-12-05 08:34 - 000454720 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-08-15 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-08-15 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-08-15 21:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-08-15 19:48 - 2020-12-05 08:42 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-08-15 16:27 - 2020-06-08 13:10 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-08-15 16:27 - 2020-06-08 13:10 - 000002290 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-08-15 15:02 - 2021-12-16 13:05 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3434216092-4095225521-1875918659-1006 2022-08-15 15:02 - 2020-12-05 10:10 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3434216092-4095225521-1875918659-1006 2022-08-15 15:02 - 2020-12-05 08:51 - 000002427 _____ C:\Users\krist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-07-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-07-18 12:54 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-07-18 10:28 - 2018-02-27 23:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-07-18 10:15 - 2020-12-05 08:51 - 000000000 ____D C:\Users\krist ==================== Bestanden in de root van sommige mappen ======== 2014-08-28 18:22 - 2014-08-28 18:22 - 000000037 ___SH () C:\Users\peter\AppData\Local\42747051538627b9063d49.45359236 2013-02-17 14:24 - 2013-02-17 14:24 - 000003584 _____ () C:\Users\peter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================