Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 04-10-2022 Gestart door D'Angelo (Beheerder) op LAPTOP-F0NKQ71R (Acer Aspire A717-71G) (06-10-2022 15:03:55) Gestart vanaf D:\ Geladen Profielen: D'Angelo Platform: Microsoft Windows 10 Home Versie 1703 15063.1387 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Bandicam Company -> Bandicam Company) D:\SOFTWARE DATA\Bandicam\bdcam.exe (C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2> (D:\SOFTWARE DATA\Bandicam\bdcam.exe ->) (Bandicam Company -> Bandicam Company) D:\SOFTWARE DATA\Bandicam\bdcam64.bin (explorer.exe ->) (F. Melgert Beheer B.V. -> eFMer) D:\SOFTWARE DATA\TThrottle\TThrottle64.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <35> (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] D:\SOFTWARE DATA\Classic Shell\ClassicStartMenu.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (explorer.exe ->) (VideoLAN -> VideoLAN) D:\SOFTWARE DATA\VLC\vlc.exe (Heidi Computers Ltd -> The Eraser Project) C:\Windows\SysWOW64\er4ser\Eraser.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Windows\SysWOW64\ccp\CCleaner64.exe (services.exe ->) (AnchorFree Inc -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\9.8.7\bin\cmw_srv.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxCUIService.exe (services.exe ->) (Intel(R) Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Windows\SysWOW64\OpenVPN\bin\openvpnserv.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) D:\SOFTWARE DATA\SUPERAntiSpyware\SASCore64.exe (services.exe ->) (WinAbility Software Corp. -> WinAbility® Software Corporation) C:\Program Files\Folder Guard\FG64.exe <2> (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.12493.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (Pc Utility Inc. -> PC Utility, Inc.) D:\SOFTWARE DATA\Registry Tool\RegistryTool.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Classic Start Menu] => D:\SOFTWARE DATA\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] HKLM\...\Run: [FG_Monitor] => C:\Program Files\Folder Guard\FG64.exe [187976 2013-08-26] (WinAbility Software Corp. -> WinAbility® Software Corporation) HKLM\...\Run: [Eraser] => C:\Windows\SysWOW64\er4ser\Eraser.exe [1067024 2018-01-03] (Heidi Computers Ltd -> The Eraser Project) HKLM\...\Run: [EFMER_TThrottle] => D:\SOFTWARE DATA\TThrottle\TThrottle64.exe [3573912 2017-08-15] (F. Melgert Beheer B.V. -> eFMer) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18370560 2017-04-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [189320 2021-09-07] (MIXBYTE, INC. -> ) HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Windows\SysWOW64\ccp\ccleaner_update_helper.exe [695808 2022-09-29] (Piriform Software Ltd -> Piriform) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, <==== AANDACHT HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1 HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrictie <==== AANDACHT HKU\S-1-5-21-1537985491-808888407-4021727109-1001\...\Run: [Discord] => C:\Users\D'Angelo\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub) HKU\S-1-5-21-1537985491-808888407-4021727109-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952552 2020-11-12] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1537985491-808888407-4021727109-1001\...\Run: [CCleaner Smart Cleaning] => C:\Windows\SysWOW64\ccp\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1537985491-808888407-4021727109-1001\...\Run: [Windscribe] => D:\SOFTWARE DATA\Windscribe\Windscribe.exe [5461888 2021-12-18] (Windscribe Limited -> Windscribe Limited) HKU\S-1-5-21-1537985491-808888407-4021727109-1001\...\Run: [NoxMultiPlayer] => D:\SOFTWARE DATA\NoxPlayer\Nox\bin\MultiPlayerManager.exe [3251032 2022-07-29] (Nox Limited -> ) HKU\S-1-5-21-1537985491-808888407-4021727109-1001\...\Run: [SUPERAntiSpyware] => D:\SOFTWARE DATA\SUPERAntiSpyware\SUPERAntiSpyware.exe [10994528 2022-04-20] (Support.com, Inc. -> SUPERAntiSpyware) HKLM\...\Print\Monitors\IppMon: C:\Windows\system32\IPPMon.dll [225792 2017-03-18] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Windows\SysWOW64\OpenVPN\bin\openvpn-gui.exe" /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.101\Installer\chrmstp.exe [2022-08-19] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\106.1.44.105\Installer\chrmstp.exe [2022-10-01] (Brave Software, Inc. -> Brave Software, Inc.) IFEO\dismHost.exe: [Debugger] nul IFEO\EOSNOTIFY.EXE: [Debugger] nul IFEO\InstallAgent.exe: [Debugger] nul IFEO\MusNotification.exe: [Debugger] nul IFEO\remsh.exe: [Debugger] nul IFEO\SIHClient.exe: [Debugger] nul IFEO\taskmgr.exe: [Debugger] D:\SOFTWARE DATA\ClassicTaskmgr\tm.exe IFEO\UpdateAssistant.exe: [Debugger] nul IFEO\UsoClient.exe: [Debugger] nul IFEO\WaaSMedic.exe: [Debugger] nul IFEO\Windows10Upgrade.exe: [Debugger] nul IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] nul Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Zabaware Reader Startup.lnk [2022-03-09] ShortcutTarget: Zabaware Reader Startup.lnk -> D:\SOFTWARE DATA\Zabaware Reader 2\ZabaReader.exe (Zabaware, Inc.) [Bestand niet getekend] Startup: C:\Users\D'Angelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2022-10-04] ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited -> eVenture Limited) GroupPolicyScripts: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {080173F7-8A26-4C93-912C-FF512BAF4E6D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {0FB4598D-532B-45F9-A013-6F86D3DB4C0D} - System32\Tasks\bandicam_start => D:\SOFTWARE DATA\Bandicam\bdcam.exe [6377376 2019-04-09] (Bandicam Company -> Bandicam Company) Task: {16099526-E052-4CA9-B64A-65FEB7BB4220} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-04] (Google Inc -> Google LLC) Task: {177A5A75-73CA-42E8-A3D6-6B0FD4F3F9CD} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {947247B5-026A-4437-9371-770782BE839D} (Geen bestand) Task: {1A121B21-A82D-41E3-8D4D-B4BA3A84734D} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [7436344 2020-06-11] (NCH Software, Inc. -> NCH Software) Task: {1F820B54-67DC-4C50-AFD7-1A6EDD18C9B9} - System32\Tasks\RegistryTool Startup => D:\SOFTWARE DATA\Registry Tool\RegistryTool.exe [38413640 2011-01-27] (Pc Utility Inc. -> PC Utility, Inc.) Task: {20941459-27F7-4B4C-9CFA-7523C6174CAA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} (Geen bestand) Task: {219E2697-18A0-40B8-9713-9FAAB5375E35} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {2AFC2990-0DA8-4737-8025-1152FB116DAB} - System32\Tasks\CCleanerCrashReporting => C:\Windows\SysWOW64\ccp\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Windows\SysWOW64\ccp\LOG" --programpath "C:\Windows\SysWOW64\ccp" --configpath "C:\Windows\SysWOW64\ccp\Setup" --guid "f8f62c4a-9627-4bd3-a3e5-979eb31d0675" --version "6.04.10044" --silent Task: {44905A43-FC90-493E-BA34-A0F10BAB849B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {464E65F7-8267-4458-BC61-6EE2DEBAFA6E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {51EC74A0-7E4A-423F-A402-FD28091C1BFE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {5E8D9046-0787-44EE-8737-A17E114A7503} - geen bestandpad Task: {691F078B-AE64-4A7D-8F12-195C92001EC4} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {6A9F49CC-D3E6-4922-8693-5FB7F2822405} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {75270836-243E-4AC8-A611-875C8ACC6D89} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cistray.exe (Geen bestand) Task: {7A1DB1F6-F6AA-4260-A0A2-DF040A040DB0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {7AA31FD4-F2F0-41D7-9BC9-A01E4FD36AF4} - System32\Tasks\PicstreamAgent => C:\Program [Argument = Files (x86)\Acer\AOP Framework\uwplauncher.exe AcerIncorporated.6245439DEEE9E_48frkmn4z8aw4!abPhoto] Task: {887BDE32-1787-4DEF-966D-3D8B9D598F49} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} (Geen bestand) Task: {94234EEC-53D6-4600-B3D8-6A7B23A74C5D} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{E26D9BD4-8613-4204-AADC-D1E2C857B176} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2022-08-08] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {9B01194A-2202-48B4-A15C-CB89FBC98B6E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {9B81E1E2-25D0-4587-A37E-1C90D50503FA} - System32\Tasks\CCleaner Update => C:\Windows\SysWOW64\ccp\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform) Task: {9FC79163-BC33-4931-B17B-DB54F7B7D5DC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation) Task: {AA83ECEB-976C-4D18-9BC9-65D7B56CC592} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-06-06] (Acer Incorporated -> Acer Incorporated) Task: {B516521F-E10B-49F5-A1E1-8C652848BAF2} - System32\Tasks\CCleanerSkipUAC - D'Angelo => C:\Windows\SysWOW64\ccp\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {B754DF8E-7CE8-4E19-A737-6972CE89F328} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{E021873A-10E9-4703-AE60-7A9424D87E38} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2022-08-08] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {B7682EB3-D521-43C9-9C11-976B951962E2} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cis.exe --telemetry (Geen bestand) Task: {DE9080CE-AA53-4034-905A-0F1D9FD22AD6} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => D:\SOFTWARE DATA\Comodo Firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627} (Geen bestand) Task: {E3183C3B-43B8-4373-9C5E-C4E5BC66E874} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-04] (Google Inc -> Google LLC) Task: {EA4D90E9-6403-42EF-8773-D19C0E0313BA} - geen bestandpad Task: {F4FA62AE-524C-4559-8A55-F0B51B22C253} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Windows\SysWOW64\ccp\CCleanerBugReport.exe Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\Windows\Tasks\RegistryTool Startup.job => D:\SOFTWARE DATA\Registry Tool\RegistryTool.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 Tcpip\..\Interfaces\{0e6b7633-8936-491b-8bfb-73b742f4a296}: [DhcpNameServer] 62.179.104.196 213.46.228.196 Tcpip\..\Interfaces\{20b7b108-dfe1-47cc-b905-3b122a46f75c}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{20b7b108-dfe1-47cc-b905-3b122a46f75c}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{3d4caff4-32d3-40c8-8db2-4cd210c759ed}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{71c30e5f-1b14-47da-a8a7-87a8293f65c8}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{7aae165a-e7f8-4eb4-910c-a1d194687b2c}: [NameServer] 10.255.255.2 Tcpip\..\Interfaces\{CC483185-0830-4A70-AFEF-DD82E5ED0A3C}: [DhcpNameServer] 109.201.137.48 109.201.137.49 Tcpip\..\Interfaces\{ded0a61a-95f0-42f6-8092-4807c9aa90dc}: [DhcpNameServer] 192.168.178.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT FireFox: ======== FF DefaultProfile: 4f2gb5cb.default FF ProfilePath: C:\Users\D'Angelo\AppData\Roaming\Mozilla\Firefox\Profiles\4f2gb5cb.default [2022-10-05] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => niet gevonden FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => niet gevonden FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> D:\SOFTWARE DATA\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\SOFTWARE DATA\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> D:\SOFTWARE DATA\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> D:\SOFTWARE DATA\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default [2022-10-06] CHR DownloadDir: D:\ CHR HomePage: Default -> hxxp://startpage.com/ CHR Extension: (Change Colors) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ageghplgcapnfpdhapeemolbmfccclke [2019-05-12] CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30] CHR Extension: (uBlock Origin) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-20] CHR Extension: (Dark Mode) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2022-06-15] CHR Extension: (Easy Video Downloader) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eaicplkoeceoelookkiaeekhodehdhde [2021-06-13] CHR Extension: (Startpage - English) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmjlmbojbkmdpofahffgcpkhkngfpef [2021-05-05] CHR Extension: (Care your Eyes) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fidmpnedniahpnkeomejhnepmbdamlhl [2021-09-09] CHR Extension: (Return YouTube Dislike) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-09-23] CHR Extension: (Offline Documenten) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-29] CHR Extension: (Screenshot YouTube) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjoijpfmdhbjkkgnmahganhoinjjpohk [2021-12-22] CHR Extension: (Nebula) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlmflgnnmmojlnbmaokpfcjdkhkjbnok [2020-01-08] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\D'Angelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04] CHR Extension: (Video Downloader by Video Octopus 🐙) - D:\Video Octopus [2021-12-14] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp] Brave: ======= BRA Profile: C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-10-05] BRA DownloadDir: D:\ BRA HomePage: Default -> hxxp://startpage.com/ BRA DefaultSearchURL: Default -> hxxps://www.startpage.com/do/dsearch?query={searchTerms}&cat=web&pl=ext-chrome&language=english&extVersion=1.1.2 BRA DefaultSearchKeyword: Default -> startpage.com BRA Extension: (Change Colors) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ageghplgcapnfpdhapeemolbmfccclke [2022-08-08] BRA Extension: (Adblock Plus - gratis adblocker) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30] BRA Extension: (uBlock Origin) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-20] BRA Extension: (Dark Mode) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2022-08-08] BRA Extension: (Easy Video Downloader) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eaicplkoeceoelookkiaeekhodehdhde [2022-08-08] BRA Extension: (Startpage - English) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fgmjlmbojbkmdpofahffgcpkhkngfpef [2022-08-08] BRA Extension: (Care your Eyes) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fidmpnedniahpnkeomejhnepmbdamlhl [2022-08-08] BRA Extension: (Return YouTube Dislike) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-09-23] BRA Extension: (Screenshot YouTube) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gjoijpfmdhbjkkgnmahganhoinjjpohk [2022-08-08] BRA Extension: (Web Safety) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-08-08] BRA Extension: (Brave Local Data Files Updater) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-10-05] BRA Extension: (Brave NTP background images) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-11] BRA Extension: (Wallet Data Files Updater) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-09-17] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-10-05] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-08-30] BRA Extension: (Brave Ad Block Updater (EasyList Dutch)) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\fbmjnabmpmfnfknjmbegjmjigmelggmf [2022-10-05] BRA Extension: (Brave NTP sponsored images) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\hgokbmpjajigbckbjhklcifehhbkepnf [2022-10-05] BRA Extension: (Brave SpeedReader Updater) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-08-08] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\D'Angelo\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-10-05] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 !SASCORE; D:\SOFTWARE DATA\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [347024 2017-06-02] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2021-07-02] (Kaspersky Lab JSC -> AO Kaspersky Lab) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2022-08-08] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2022-08-08] (Brave Software, Inc. -> BraveSoftware Inc.) S3 CCleanerPerformanceOptimizerService; C:\Windows\SysWOW64\ccp\CCleanerPerformanceOptimizerService.exe [1082896 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-10-05] (EasyAntiCheat Oy -> Epic Games, Inc) R2 Folder Guard; C:\Program Files\Folder Guard\FG64.exe [187976 2013-08-26] (WinAbility Software Corp. -> WinAbility® Software Corporation) S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [87432 2021-09-07] (MIXBYTE, INC. -> Freemake) R2 hshld_9.8.7; C:\Program Files (x86)\Hotspot Shield\9.8.7\bin\cmw_srv.exe [212096 2020-04-23] (AnchorFree Inc -> Pango Inc.) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2020-05-12] () [Bestand niet getekend] S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [368360 2021-08-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) S2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-23] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 OpenVPNService; C:\Windows\SysWOW64\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> ) R2 OpenVPNServiceInteractive; C:\Windows\SysWOW64\OpenVPN\bin\openvpnserv.exe [74712 2019-04-25] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 OpenVPNServiceLegacy; C:\Windows\SysWOW64\OpenVPN\bin\openvpnserv.exe [74712 2019-04-25] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation -> TechSmith Corporation) S3 WindscribeService; D:\SOFTWARE DATA\Windscribe\WindscribeService.exe [1300352 2021-12-18] (Windscribe Limited -> Windscribe Limited) S2 SU10Guard; D:\stopupdates10portable\SU10Guard.exe [X] ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 aftap0901; C:\Windows\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 cputemperature; C:\Windows\System32\Drivers\cputemperature.sys [31568 2013-06-21] (F. Melgert Beheer B.V. -> eFMer) [Bestand niet getekend] R2 FGUARD64; C:\Program Files\Folder Guard\FGUARD64.SYS [74552 2013-08-26] (WinAbility Software Corp. -> WinAbility® Software Corporation) R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [711056 2022-09-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1642376 2022-09-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [189032 2022-09-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [382304 2022-09-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [360000 2022-09-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [189520 2022-09-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [270672 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 KrispSimple; C:\Windows\system32\DRIVERS\KrispVad.sys [56008 2020-10-15] (Krisp Technologies, Inc -> ) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [22320 2017-06-06] (Acer Incorporated -> Acer Incorporated) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [81600 2020-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Pango Inc) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15664 2017-06-06] (Acer Incorporated -> Acer Incorporated) R1 SASDIFSV; D:\SOFTWARE DATA\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; D:\SOFTWARE DATA\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2018-05-16] (TunnelBear, Inc. -> The OpenVPN Project) R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 tap0901cn; C:\Windows\System32\drivers\tap0901cn.sys [47448 2020-07-09] (Connectify (Connectify, Inc.) -> The OpenVPN Project) S3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-06-13] (TEFINCOM S.A. -> The OpenVPN Project) S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [44976 2018-06-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [57768 2021-12-18] (Windscribe Limited -> The OpenVPN Project) R4 veracrypt; C:\Windows\SysWOW64\vc\veracrypt-x64.sys [828688 2018-06-29] (IDRIX -> IDRIX) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-24] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-24] (Microsoft Windows -> Microsoft Corporation) S3 WindscribeSplitTunnel; C:\Windows\system32\DRIVERS\WindscribeSplitTunnel.sys [35752 2021-12-18] (Windscribe Limited -> ) R3 windtun420; C:\Windows\System32\drivers\windtun420.sys [47544 2021-12-18] (Windscribe Limited -> WireGuard LLC) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2022-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation) U4 CmdAgent; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-10-06 11:56 - 2022-10-06 15:04 - 000000000 ____D C:\FRST 2022-10-04 20:09 - 2022-10-04 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN 2022-10-04 20:09 - 2022-10-04 20:09 - 000000000 ____D C:\Program Files (x86)\hide.me VPN 2022-10-03 21:08 - 2022-10-03 21:08 - 000000755 ____C C:\Users\D'Angelo\Desktop\- [Best Free Unlimited Band] - Snelkoppeling.lnk 2022-10-03 19:11 - 2022-10-03 19:11 - 000000000 ____D C:\Program Files\Google 2022-10-03 19:04 - 2022-10-03 19:07 - 000000000 ____D C:\bb258340a9f6482cf91bce9d 2022-10-02 19:25 - 2022-10-06 07:25 - 000003400 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2022-10-02 19:25 - 2022-10-06 07:25 - 000000744 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2022-09-30 04:27 - 2022-09-30 04:27 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20220930_042706.txt 2022-09-29 21:18 - 2022-10-01 22:57 - 000000000 ____D C:\ProgramData\Hotspot Shield 2022-09-29 21:18 - 2022-09-29 21:18 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield 2022-09-29 21:18 - 2020-04-03 12:28 - 000081600 _____ (Pango Inc) C:\Windows\system32\Drivers\pango_netfilter2.sys 2022-09-29 00:29 - 2022-09-29 00:29 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20220929_002927.txt 2022-09-28 22:02 - 2022-09-28 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode 64bit 2022-09-27 19:52 - 2022-09-27 19:52 - 000001883 ____C C:\Users\D'Angelo\Desktop\- - SBEY [K-Ramen.EU] SamYang - Snelkoppeling.lnk 2022-09-27 12:32 - 2022-09-27 12:32 - 000360000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys 2022-09-27 12:31 - 2022-09-28 23:11 - 000270672 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys 2022-09-27 12:31 - 2022-09-27 12:31 - 000382304 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys 2022-09-27 12:31 - 2022-09-27 12:31 - 000189520 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys 2022-09-20 00:11 - 2022-09-20 00:11 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20220920_001149.txt 2022-09-18 20:31 - 2022-09-18 20:31 - 000000000 ___DC C:\Users\D'Angelo\AppData\Roaming\Cyotek 2022-09-18 20:17 - 2022-09-18 20:17 - 000000716 ___HC C:\Users\D'Angelo\AppData\Roaming\{DEFF2822-D82B-3A15-E33D-4B2EF4C3566F} 2022-09-18 20:17 - 2022-09-18 20:17 - 000000000 ___DC C:\Users\D'Angelo\AppData\Local\Icecream 2022-09-17 01:30 - 2022-09-20 00:12 - 000000000 ___DC C:\Users\D'Angelo\AppData\Roaming\MPC-HC 2022-09-12 16:06 - 2022-09-12 16:06 - 000000000 ____T C:\Windows\system32\Elan_FP_Image_20220912_160631.txt ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-10-06 15:02 - 2022-08-11 03:40 - 000000000 ___DC C:\Users\D'Angelo\AppData\Roaming\vlc 2022-10-06 14:42 - 2018-01-24 16:29 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-10-06 12:25 - 2018-01-24 16:49 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-06 12:01 - 2018-06-29 21:57 - 000000000 ___DC C:\Users\D'Angelo\AppData\Local\ClassicShell 2022-10-06 07:25 - 2018-06-30 18:21 - 000000000 ____D C:\Windows\SysWOW64\ccp 2022-10-05 22:59 - 2020-08-28 21:56 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software 2022-10-04 20:20 - 2018-01-24 16:37 - 000000000 ____D C:\ProgramData\Package Cache 2022-10-03 22:24 - 2021-08-15 23:40 - 000308917 ____C C:\Users\D'Angelo\AppData\Roaming\VideoPad.dmp 2022-10-03 19:04 - 2018-07-02 04:55 - 000000000 ___DC C:\Users\D'Angelo\AppData\Local\CrashDumps 2022-10-02 19:25 - 2018-07-01 22:03 - 000003932 _____ C:\Windows\system32\Tasks\CCleaner Update 2022-10-01 09:41 - 2022-08-08 19:08 - 000002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-09-29 21:18 - 2020-03-06 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2022-09-29 00:36 - 2018-01-24 16:35 - 006699848 _____ C:\Windows\system32\PerfStringBackup.INI 2022-09-29 00:36 - 2018-01-24 16:22 - 003286032 _____ C:\Windows\system32\perfh013.dat 2022-09-29 00:36 - 2018-01-24 16:22 - 000894424 _____ C:\Windows\system32\perfc013.dat 2022-09-29 00:29 - 2018-07-02 02:33 - 000000436 _____ C:\Windows\Tasks\RegistryTool Startup.job 2022-09-29 00:29 - 2018-01-24 16:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-09-25 23:52 - 2020-11-14 19:08 - 000000000 ___DC C:\Users\D'Angelo\AppData\Roaming\discord 2022-09-25 14:24 - 2022-03-29 17:30 - 000000000 ___DC C:\Users\D'Angelo\AppData\Local\Discord 2022-09-24 02:38 - 2017-03-18 13:40 - 000032768 _____ C:\Windows\system32\config\ELAM 2022-09-18 20:18 - 2018-06-29 21:02 - 000000000 ___DC C:\Users\D'Angelo 2022-09-17 21:09 - 2020-11-08 19:08 - 000000000 ___DC C:\Users\D'Angelo\AppData\Roaming\qBittorrent 2022-09-11 21:59 - 2019-01-13 14:30 - 000000000 ____D C:\!!!!!. RECORDS ==================== Bestanden in de root van sommige mappen ======== 2018-10-14 23:47 - 2018-06-18 23:35 - 005513920 _____ (COMODO) C:\ProgramData\cisBA08.exe 2018-10-14 23:47 - 2018-06-18 23:44 - 000440000 _____ (COMODO) C:\ProgramData\cmdres.dll 2022-06-25 21:11 - 2022-06-25 21:11 - 000000068 ____C () C:\Users\D'Angelo\AppData\Roaming\changzhi_leidian.data 2022-06-25 21:11 - 2022-06-25 21:11 - 000000180 ____C () C:\Users\D'Angelo\AppData\Roaming\changzhi_leidianmac.data 2021-06-04 20:59 - 2021-06-04 20:59 - 000000076 ___HC () C:\Users\D'Angelo\AppData\Roaming\d9135c394decbfc1cfce595848be5701eeb798e2 2021-06-04 20:59 - 2022-04-27 22:43 - 000000140 ___HC () C:\Users\D'Angelo\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6 2021-08-15 23:40 - 2022-10-03 22:24 - 000308917 ____C () C:\Users\D'Angelo\AppData\Roaming\VideoPad.dmp 2022-09-18 20:17 - 2022-09-18 20:17 - 000000716 ___HC () C:\Users\D'Angelo\AppData\Roaming\{DEFF2822-D82B-3A15-E33D-4B2EF4C3566F} 2022-07-25 23:34 - 2022-07-25 23:35 - 000000021 ____C () C:\Users\D'Angelo\AppData\Local\Autosofted License.txt 2018-08-10 22:55 - 2021-07-12 00:47 - 000011776 ____C () C:\Users\D'Angelo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-10-30 22:16 - 2021-06-26 16:46 - 000002562 ____C () C:\Users\D'Angelo\AppData\Local\krita-sysinfo.log 2020-10-30 22:16 - 2021-06-26 16:49 - 000002437 ____C () C:\Users\D'Angelo\AppData\Local\krita.log 2021-06-26 16:49 - 2021-06-26 16:49 - 000000039 ____C () C:\Users\D'Angelo\AppData\Local\kritadisplayrc 2020-10-30 22:17 - 2021-06-26 16:49 - 000016143 ____C () C:\Users\D'Angelo\AppData\Local\kritarc 2022-08-31 23:27 - 2022-08-31 23:27 - 000008684 ____C () C:\Users\D'Angelo\AppData\Local\recently-used.xbel 2018-09-18 23:50 - 2022-07-14 21:34 - 000007620 ____C () C:\Users\D'Angelo\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) LastRegBack: 2022-09-28 18:23 ==================== Einde van FRST.txt ========================