Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-11-2022 Gestart door Michael (Beheerder) op BUREAU-PC (MEDION MS-7800) (18-11-2022 00:23:42) Gestart vanaf D:\Desktop Geladen Profielen: Michael Platform: Microsoft Windows 10 Home Versie 22H2 19045.2251 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe (CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe (explorer.exe ->) (AppEx Networks Corporation -> AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (explorer.exe ->) (VIA Technologies, Inc.) [Bestand niet getekend] C:\VIA_XHCI\usb3Monitor.exe (MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe (services.exe ->) (Advanced Micro Devices, Inc.) [Bestand niet getekend] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (services.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe (services.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe (services.exe ->) (devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.) [Bestand niet getekend] HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [5134400 2017-04-26] (O&O Software GmbH -> O&O Software GmbH) HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> ) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [637784 2022-02-08] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111080 2012-04-14] (CyberLink -> CyberLink) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2020-05-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5045992 2022-02-08] (Acronis International GmbH -> ) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2022-02-08] (Acronis International GmbH -> Acronis International GmbH) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrictie <==== AANDACHT HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Geen bestand) HKU\S-1-5-19\...\RunOnce: [HKCU] => C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] () [Bestand niet getekend] HKU\S-1-5-19\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs (Geen bestand) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Geen bestand) HKU\S-1-5-20\...\RunOnce: [HKCU] => C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] () [Bestand niet getekend] HKU\S-1-5-20\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs (Geen bestand) HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [EPSON SX410 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [223232 2008-10-02] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation) HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [Connective-SignID API] => C:\Users\Michael\AppData\Local\Connective-SignID\t1c-launch.exe [4669680 2022-02-09] (Trust1Team bvba -> ) HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [MicrosoftEdgeAutoLaunch_F449D40E833C6F137FB991D0BAA64AC0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892128 2022-11-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\MountPoints2: {145981f7-e6fe-11e5-90ab-8c89a5e46ee0} - "N:\WD Drive Unlock.exe" autoplay=true HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\MountPoints2: {aab072aa-c22a-11e3-b0f3-8c89a5e46ee0} - "F:\unlock.exe" autoplay=true HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\MountPoints2: {c73f0cb9-da64-11e7-87b7-8c89a5e46ee0} - "F:\unlock.exe" autoplay=true HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\MountPoints2: {d652ca1e-bd09-11e3-8318-94dbc9aa712d} - "M:\Unlock.exe" autoplay=true HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\MountPoints2: {ee4c63a5-981b-11e4-ba62-8c89a5e46ee0} - "L:\WD Drive Unlock.exe" autoplay=true HKLM\...\Print\Monitors\EPSON SX410 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMFCE.DLL [108032 2008-08-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-14] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2020-03-07] ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{1E7B316E-1456-477B-BA30-49A95C425496}\app_icon.exe () [Bestand niet getekend] GroupPolicy: Restrictie - Chrome <==== AANDACHT Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {005E2C8C-7E54-4B49-9AF5-3D2C5FEB8D5D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform) Task: {04E1EB35-86D9-4D68-8683-4FB110D046A0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.) Task: {097C36B8-81DC-4BEA-919A-FD1C4C233811} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Geen bestand) Task: {0F27DE3A-B857-460C-83CE-7E3E164B1B42} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {16D6C220-5A9C-4F57-B02A-84CDD08C0096} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {1852A9CC-413B-4B64-A75D-C720357ED0E4} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {28618A1C-5546-4FE4-B9DA-C80871EF2E7D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {2EF94FAB-C50A-46AD-8B66-8222F90C9CAC} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> ) Task: {2F0CCBAC-2012-49BA-B597-FFE2097225B5} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {3B6A2309-D4C0-4A87-B670-CF5B8479F344} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Geen bestand) Task: {3C8F9C28-B11D-4108-A511-CE9FA497079B} - System32\Tasks\PDRStyleAgent => C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe [99512 2018-11-23] (CyberLink Corp. -> CyberLink Corp.) Task: {3D870BCC-694E-4BB6-9CE9-C6C049D112F4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {45B409AD-034D-4F23-A99B-072DEF830C85} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Geen bestand) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {582CE772-BC1A-4AAE-95A9-612E3F71F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Geen bestand) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {66700F3D-2ABE-4082-87B8-8D546CAE53C0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {678AC63C-79A4-48E6-971F-0A5FEC123D85} - System32\Tasks\{683D24B5-3D25-4FA8-8BF2-45D4990F1D1D} => C:\Program Files (x86)\CoolPro\coolpro.exe (Geen bestand) Task: {6BE32705-50A2-482F-A7C2-CD8A7ABA1042} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe -LogonOrUnlock (Geen bestand) Task: {72BBEF92-3230-482B-BB2E-2D66919CAE87} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Geen bestand) Task: {7B1F9129-1A0E-4835-80A2-1CB5085E2DCB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {803D698F-2E53-48EF-875C-2278DF667F47} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Geen bestand) Task: {81C9863B-7FA7-4B5B-8724-6D0B80E88929} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Geen bestand) Task: {87DF1688-11F8-45FE-876A-BE6536B07725} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Geen bestand) Task: {8B06F82D-A2F9-4620-B1CD-9FE4061DC117} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Geen bestand) Task: {8D22BF76-3206-4B94-9F4B-6392A1957C7D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {977A8D3E-B7EF-4FCB-AC52-D5DD99A3B269} - \AVAST Software\Avast settings backup -> Geen bestand <==== AANDACHT Task: {98A91A42-E2C2-486D-B1A9-D7E8861C3381} - System32\Tasks\{551325D6-1319-4635-9083-43060C7566FC} => C:\Windows\system32\pcalua.exe -a "K:\DATA (D)\installatie\CoolEditPro\setupcep.EXE" -d "K:\DATA (D)\installatie\CoolEditPro" Task: {9AC3595A-5717-4F7D-B11B-EB2B69437B2A} - System32\Tasks\CCleanerSkipUAC - Michael => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {A745C218-E76D-4AF4-A8F3-5E7BBC5185EA} - System32\Tasks\{7499E67B-276F-4194-A5BD-E170D09B9BE5} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\CoolPro\coolpro.exe" Task: {AD7FAB58-15DC-4E7D-A4E1-60EE5974B9B7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Geen bestand) Task: {AF420AC6-CA29-4854-8452-097F3807D77A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Geen bestand) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B20F61CA-2D2C-4C68-8FF2-2CD136363465} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {B5F353CE-6293-49C1-8158-8E7C22EB387F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Geen bestand) Task: {B74AAF90-FB0B-4517-B743-D7E852ACB11F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Geen bestand) Task: {BD2B3A81-5556-404C-80F1-DD22E14AB662} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Geen bestand) Task: {BDBDC914-38F2-46FF-BD95-416907B1EE4B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Geen bestand) Task: {C142ABC8-6A36-4FAB-9A6F-E5A70A48EAB1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "ad5ddb2c-467f-44a1-9b0b-e7475d25bc00" --version "6.06.10144" --silent Task: {C3F41B84-3BAD-4834-9CD0-56B518726840} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {C563629E-5497-4215-BC3B-DD04C07296C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Geen bestand) Task: {C5FC8A79-1D61-4D0D-8268-A673D3BACF2D} - System32\Tasks\{502F8B20-5232-42FC-985F-6A476AE33100} => C:\Windows\system32\pcalua.exe -a "K:\DATA (D)\installatie\Mp3 TagTools\mtt-v1.2.exe" -d "K:\DATA (D)\installatie\Mp3 TagTools" Task: {CC2B812D-0BEE-437F-9F71-C3FBB40EC15B} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe -Daily (Geen bestand) Task: {CCD1963F-9C59-4686-AC1B-2DCDF36F512C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Geen bestand) Task: {CEA22C7E-C409-479F-9F4C-3505CC815C34} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {D24F4A6C-D68F-4228-A0D3-396DBF5E0385} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Geen bestand) Task: {D4B320E1-B644-466F-ADA3-BC4625A3B84E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {D6BDD73A-E61D-4BC5-A3B1-DDEA50ADEDA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Geen bestand) Task: {D832F3CF-FAAA-43E4-90B5-AE90FB00C881} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.) Task: {E0A2C520-6FE9-4E4E-95C8-33B4BE9805D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Geen bestand) Task: {E6127866-8945-4453-B377-341872E47C62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Geen bestand) Task: {ED5554B3-7A63-4C8F-B1E2-775F0DB5970D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {EDCBC82A-6F80-4802-BADA-9E31595766CC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Geen bestand) Task: {F0BD0592-FDCA-4385-84FC-E0BD7AFC8AA7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Geen bestand) Task: {F0C7BC5D-FC23-4F6C-B935-D06AAF6C059F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-14] (Microsoft Corporation -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\..\Interfaces\{6491D85E-5C53-4B8A-A763-B33FC43E2128}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{88246C3E-2A13-4974-83C9-CA57F3D4EDA5}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: D:\_Downloads Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Ghostery – Privacy Ad Blocker) -> EdgeExtension_GhosteryGhostery_kzkqe0pn505dg => C:\Program Files\WindowsApps\Ghostery.Ghostery_8.4.6.0_neutral__kzkqe0pn505dg [2020-12-13] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge DefaultProfile: Default Edge Profile: C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-17] Edge StartupUrls: Default -> "hxxps://www.msn.com/nl-be/financien/markten?ocid=spartandhp","hxxps://www.pc-helpforum.be/" Edge Extension: (Outlook) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-15] Edge Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkkdbpgldnmkhcliffjpajcfdjkcaddf [2022-10-01] Edge Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2022-11-14] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-11-17] Edge HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx FireFox: ======== FF DefaultProfile: rirla01q.default-1594651925668 FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668 [2022-11-18] FF Extension: (Facebook Container) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\@contain-facebook.xpi [2022-11-14] FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\@windscribeff.xpi [2022-10-26] FF Extension: (eID België) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\belgiumeid@eid.belgium.be.xpi [2021-03-04] FF Extension: (Privacy Badger) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2022-09-28] FF Extension: (uBlock Origin) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\uBlock0@raymondhill.net.xpi [2022-11-15] FF Extension: (Malwarebytes Browser Guard) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-11] FF Extension: (Video DownloadHelper) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01] FF HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Michael\AppData\Roaming\IDM\idmmzcc5 => niet gevonden FF HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => niet gevonden FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [Bestand niet getekend] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default [2022-11-17] CHR Notifications: Default -> hxxps://www.facebook.com CHR StartupUrls: Default -> "hxxps://www.facebook.com/" CHR Extension: (Adobe Acrobat: tools voor PDF's bewerken, converteren en ondertekenen) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-10-25] CHR Extension: (Offline Documenten) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-14] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-11-17] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.25.0.8302\BVDChromeExt.crx [2022-09-27] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2022-02-08] (Acronis International GmbH -> Acronis International GmbH) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1704216 2022-02-08] (Acronis International GmbH -> Acronis International GmbH) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Bestand niet getekend] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-14] (Microsoft Corporation -> Microsoft Corporation) R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink -> CyberLink) R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink -> CyberLink) S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-14] (Microsoft Windows -> Microsoft Corporation) R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [5751024 2022-03-30] (devolo AG -> devolo AG) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend] R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-14] (Malwarebytes Inc. -> Malwarebytes) S3 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4882992 2022-02-08] (Acronis International GmbH -> Acronis International GmbH) S3 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1740864 2017-04-26] (O&O Software GmbH -> O&O Software GmbH) S4 PURE Flow Server; C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe [153176 2010-12-20] (PacketVideo Corporation -> ) S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-08-27] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2022-02-08] (Acronis International GmbH -> Acronis International GmbH) S3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-05-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 A38CCID; C:\WINDOWS\system32\DRIVERS\a38ccid.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2022-02-08] (Bitdefender SRL -> Bitdefender) R1 CLMirrorDriver; C:\WINDOWS\System32\drivers\CLMirrorDriver.sys [21264 2017-11-13] (CyberLink Corp. -> CyberLink) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [66040 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend] R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53240 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend] R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [23544 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend] R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [197624 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend] R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2022-08-25] (Acronis International GmbH -> Acronis International GmbH) R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2022-08-25] (Acronis International GmbH -> Acronis International GmbH) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-11-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193992 2022-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-11-17] (Malwarebytes Inc. -> Malwarebytes) R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [179104 2022-02-08] (Acronis International GmbH -> Acronis International GmbH) R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2022-03-30] (devolo AG -> Riverbed Technology, Inc.) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2022-08-25] (Acronis International GmbH -> Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2022-08-25] (Acronis International GmbH -> Acronis International GmbH) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2022-08-25] (Acronis International GmbH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2022-08-25] (Acronis International GmbH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [23200 2016-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-16] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-16] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [129008 2010-09-23] (CyberLink -> CyberLink) U3 idsvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-11-18 00:23 - 2022-11-18 00:24 - 000000000 ____D C:\FRST 2022-11-17 21:38 - 2022-11-17 21:38 - 000000000 ____D C:\AdwCleaner 2022-11-17 21:10 - 2022-11-17 21:10 - 000193992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-11-17 21:10 - 2022-11-17 21:10 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-11-17 21:10 - 2022-11-17 21:10 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-11-17 20:37 - 2022-11-17 20:37 - 000004096 ___SH C:\{AE624966-A856-4CED-87C1-FD30E394CC5B}.CBM 2022-11-15 22:57 - 2022-11-15 23:41 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-11-15 11:42 - 2022-11-15 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoProc Converter 2022-11-15 01:26 - 2022-11-15 01:26 - 000000000 ___HD C:\$WinREAgent 2022-11-14 03:03 - 2022-11-14 03:03 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-11-14 03:03 - 2022-11-14 03:03 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll 2022-11-14 03:03 - 2022-11-14 03:03 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-11-14 03:02 - 2022-11-14 03:02 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-11-14 02:20 - 2022-11-14 02:20 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-10-20 00:15 - 2022-10-20 00:15 - 000002224 _____ C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox-privénavigatie.lnk ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-11-18 00:13 - 2022-02-27 17:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-11-18 00:12 - 2016-12-11 12:14 - 000000000 ____D C:\Users\Michael\AppData\LocalLow\Mozilla 2022-11-18 00:09 - 2014-04-03 17:27 - 000000000 ____D C:\Program Files (x86)\Google 2022-11-18 00:00 - 2020-09-12 15:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-11-17 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-11-17 21:44 - 2020-09-08 13:59 - 000001388 _____ C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-11-17 21:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-11-17 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-11-17 21:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-11-17 21:22 - 2022-09-11 10:25 - 000000000 ____D C:\Users\Michael\AppData\Roaming\com.adobe.dunamis 2022-11-17 21:14 - 2020-09-12 15:49 - 001609956 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-11-17 21:14 - 2019-12-07 16:12 - 000712094 _____ C:\WINDOWS\system32\perfh013.dat 2022-11-17 21:14 - 2019-12-07 16:12 - 000143978 _____ C:\WINDOWS\system32\perfc013.dat 2022-11-17 21:14 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2022-11-17 21:12 - 2014-04-04 23:08 - 000000000 ____D C:\Program Files\CCleaner 2022-11-17 21:10 - 2022-09-22 01:01 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2022-11-17 21:10 - 2020-09-12 15:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-11-17 21:10 - 2020-09-12 15:46 - 000008192 ___SH C:\DumpStack.log.tmp 2022-11-17 21:09 - 2020-09-12 15:13 - 000000000 ____D C:\Users\Michael 2022-11-17 21:09 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2022-11-17 21:09 - 2018-12-18 18:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2022-11-17 21:05 - 2022-09-22 01:01 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2022-11-17 21:05 - 2020-09-12 15:58 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-11-17 20:54 - 2019-05-13 22:05 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Allavsoft 2022-11-17 20:40 - 2014-04-21 09:44 - 000000000 ____D C:\Program Files (x86)\Samsung 2022-11-17 20:39 - 2022-10-11 13:30 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2022-11-17 20:39 - 2020-09-12 15:58 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-11-17 20:34 - 2019-12-09 00:54 - 000000000 ____D C:\Users\Michael\AppData\Roaming\vlc 2022-11-17 20:22 - 2022-04-16 18:42 - 000513024 ___SH C:\EUMONBMP.SYS 2022-11-17 20:22 - 2020-09-29 09:32 - 000000000 ____D C:\WINDOWS\system32\config\regsave 2022-11-16 01:34 - 2020-09-12 15:12 - 000000000 ____D C:\WINDOWS\system32\AMD 2022-11-15 23:41 - 2018-10-08 11:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-11-15 22:57 - 2021-10-05 20:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-11-15 22:57 - 2020-07-13 15:52 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-11-15 11:42 - 2019-05-29 15:14 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Digiarty 2022-11-15 11:42 - 2019-05-29 15:14 - 000000000 ____D C:\Program Files (x86)\Digiarty 2022-11-15 01:41 - 2018-03-30 15:28 - 000000000 ____D C:\Users\Michael\AppData\Local\Spotify 2022-11-15 01:40 - 2018-03-30 15:27 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Spotify 2022-11-15 01:38 - 2021-01-22 18:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-11-15 01:28 - 2020-06-16 19:31 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-11-15 01:28 - 2014-04-03 17:27 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-11-14 23:30 - 2020-09-12 15:58 - 000003730 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-11-14 23:30 - 2020-09-12 15:58 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-11-14 03:11 - 2020-09-12 15:46 - 000459112 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-11-14 03:09 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-11-14 03:09 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-11-14 03:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-11-14 03:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-11-14 03:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-11-14 03:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-11-14 03:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-11-14 03:08 - 2018-05-29 16:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-11-14 03:07 - 2019-01-28 01:02 - 000000000 ____D C:\Program Files\FlashIntegro 2022-11-14 03:02 - 2020-09-12 15:49 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-11-14 02:43 - 2014-04-03 21:45 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-11-14 02:28 - 2011-07-18 21:31 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-30 01:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-10-29 22:48 - 2019-08-05 00:22 - 001065984 _____ C:\Users\Michael\AppData\Local\file__0.localstorage 2022-10-25 16:36 - 2019-12-08 22:58 - 000000000 ____D C:\Users\Michael\AppData\Local\D3DSCache 2022-10-24 00:15 - 2019-12-08 16:00 - 000000000 ____D C:\Users\Michael\AppData\Local\Packages 2022-10-23 11:59 - 2020-08-25 08:54 - 000000000 ____D C:\Users\Michael\AppData\Local\CrashDumps ==================== Bestanden in de root van sommige mappen ======== 2021-09-04 19:19 - 2021-09-04 19:19 - 000000096 _____ () C:\Users\Michael\AppData\Roaming\.BEID_0.log 2016-10-18 14:18 - 2016-10-18 14:18 - 000038453 _____ () C:\Users\Michael\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (DOS).ADR 2020-04-30 18:21 - 2021-09-16 12:28 - 000009728 _____ () C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-08-05 00:22 - 2022-10-29 22:48 - 001065984 _____ () C:\Users\Michael\AppData\Local\file__0.localstorage 2015-11-05 02:23 - 2015-11-05 02:23 - 000000001 _____ () C:\Users\Michael\AppData\Local\llftool.4.40.agreement 2015-04-08 13:49 - 2022-09-15 21:07 - 000007607 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================