Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 24-01-2023 Gestart door mizy (Beheerder) op DESKTOP-D4O8TH7 (MEDION MD34190/2589) (24-01-2023 11:24:02) Gestart vanaf D:\Bureaublad Geladen Profielen: mizy Platform: Microsoft Windows 11 Home Versie 22H2 22621.1105 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Edge Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2> (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (C:\Program Files\WindowsApps\MicrosoftTeams_22336.907.1742.9730_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.61\msedgewebview2.exe <6> (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe (cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe (explorer.exe ->) (FastStone Soft) [Bestand niet getekend] D:\Program Files\FastStone Capture\FSCapture.exe (explorer.exe ->) (voidtools -> voidtools) D:\Program Files\Everything-1.4.1.969.x64\Everything.exe <2> (explorer.exe ->) (XemiComputers ltd.) [Bestand niet getekend] D:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6> (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Bestand niet getekend] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.4.105.0\McCSPServiceHost.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3> (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_22_7\mcapexe.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe (services.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmo.inf_amd64_a75cbcea24883352\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe <2> (svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\Program Files (x86)\Samsung\Portable_SSD\SamsungPortableSSDMon_1.0.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe [3380320 2021-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Everything] => D:\Program Files\Everything-1.4.1.969.x64\Everything.exe [2237256 2020-04-29] (voidtools -> voidtools) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3989073426-3163902182-3966215124-1001\...\Run: [Active Desktop Calendar] => D:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [9131008 2011-05-09] (XemiComputers ltd.) [Bestand niet getekend] HKU\S-1-5-21-3989073426-3163902182-3966215124-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-3989073426-3163902182-3966215124-1001\...\Run: [MicrosoftEdgeAutoLaunch_BB6A6389AAAE634FE46764FB24318CAE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-19] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3989073426-3163902182-3966215124-1001\...\Run: [Wipe Updates] => "C:\Program Files (x86)\Wipe\Wipe.exe" uf_sub_winStartup (Geen bestand) HKU\S-1-5-21-3989073426-3163902182-3966215124-1001\...\Run: [EriQkVXMUhm] => C:\Users\Public\8EriQkVXMUhm.3fr [45 2023-01-21] () [Bestand niet getekend] HKU\S-1-5-21-3989073426-3163902182-3966215124-1001\...\MountPoints2: {fb0cea06-cdcf-11ec-b95d-94c691fd27c8} - "F:\HiSuiteDownLoader.exe" HKLM\...\Windows x64\Print Processors\Canon iP4600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9A.DLL [27648 2008-06-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MG6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCR.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor iP4600 series: C:\Windows\system32\CNMLM9A.DLL [279040 2008-06-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6800 series: C:\Windows\system32\CNMLMCR.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7500 series: C:\Windows\system32\CNMLMC7.DLL [406016 2014-03-18] (CANON INC.) [Bestand niet getekend] HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [Bestand niet getekend] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\mizy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MG6800 series Printer WS.lnk [2023-01-24] ShortcutAndArgument: Canon IJ Status Monitor Canon MG6800 series Printer WS.lnk -> C:\WINDOWS\system32\rundll32.exe => "C:\Users\mizy\cnmss Canon MG6800 series Printer WS (Local).dll",SMStarterEntryPoint WSD-fc07149e-5347-4673-8b59-ba63f7e5278f;Canon MG6800 series Printer WS;cnmss Canon MG6800 series Printer WS (Local).dll;Canon IJ Status Monitor Canon MG6800 series Printer W Startup: C:\Users\mizy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2020-05-04] ShortcutTarget: FastStone Capture.lnk -> D:\Program Files\FastStone Capture\FSCapture.exe (FastStone Soft) [Bestand niet getekend] ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc Task: {0733E5C4-F441-41AA-9689-F487B6F95556} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1808255728-3424939882-1748281522-500 => C:\Users\mizy\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Geen bestand) Task: {150C09EB-BAC1-436C-B90C-89DFD33BBBF5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {197E3768-91E0-410F-8AD1-D9D0433E6A92} - System32\Tasks\Samsung_PSSD_Registration_Plus => C:\Program Files (x86)\Samsung\Portable_SSD\SamsungPortableSSDMon_1.0.exe [869224 2021-08-05] (Samsung Electronics Co., Ltd. -> Samsung Electronics) Task: {2A652F43-CA16-4D55-B75A-4E8F1F13FFF0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (Geen bestand) Task: {3B5D0931-9D04-4A3B-9FBD-200E12265652} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4092968 2022-09-08] (McAfee, LLC -> McAfee, LLC) Task: {3F7F2585-FD51-4789-BBD5-C1277225C6B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-29] (Google LLC -> Google LLC) Task: {569325B7-982B-4B3A-AC8A-56E5D2F04C46} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (Geen bestand) Task: {5CFFA9FD-CCD3-42EE-9D6F-1A937BA47545} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation) Task: {61ACD722-0B4F-471A-BA8F-6806CE7E341A} - \TrafficMonitor\Autorun for mizy -> Geen bestand <==== AANDACHT Task: {A00A3394-CED5-4293-85BB-691F214E0C7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-29] (Google LLC -> Google LLC) Task: {AA84462B-CF0E-4903-AA6A-0FC36D283B7D} - \McAfee\McAfee Idle Detection Task -> Geen bestand <==== AANDACHT Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Geen bestand) Task: {D4A1A36C-5754-433E-A3B4-A012423EA1DE} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [768288 2022-03-24] (McAfee, LLC -> McAfee, LLC) Task: {D91FE196-B877-4568-ABB4-ED965D8E18C6} - \McAfee\McAfee Auto Maintenance Task Agent -> Geen bestand <==== AANDACHT Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Geen bestand) Task: {EA004756-4D29-4FBC-B55F-99A5E5281398} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Geen bestand) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.130.5 195.130.131.5 Tcpip\..\Interfaces\{dcad2f5b-4162-4d1e-9655-ddec6252c787}: [DhcpNameServer] 195.130.130.5 195.130.131.5 Edge: ======= DownloadDir: D:\Downloads Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge DefaultProfile: Default Edge Profile: C:\Users\mizy\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-24] Edge DownloadDir: Default -> D:\Downloads Edge HomePage: Default -> about:blank Edge StartupUrls: Default -> "hxxps://google.be/" Edge Extension: (McAfee® WebAdvisor) - C:\Users\mizy\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2023-01-23] Edge Profile: C:\Users\mizy\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-10-29] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2023-01-11] (McAfee, LLC -> ) FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Bestand niet getekend] FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2023-01-10] (McAfee, LLC -> ) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\mizy\AppData\Local\Google\Chrome\User Data\Default [2023-01-23] CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E211BE1580G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR Extension: (Safe Torrent Scanner) - C:\Users\mizy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-01-21] CHR Extension: (McAfee® WebAdvisor) - C:\Users\mizy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-01-21] CHR Extension: (Offline Documenten) - C:\Users\mizy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-29] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\mizy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-29] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-11-08] (Huawei Technologies Co., Ltd. -> ) [Bestand niet getekend] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> ) S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-15] (Microsoft Windows -> Microsoft Corporation) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [850256 2023-01-20] (McAfee, LLC -> McAfee, LLC) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_22_7\McApExe.exe [816696 2022-10-17] (McAfee, LLC -> McAfee, LLC) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.4.105.0\\McCSPServiceHost.exe [3379584 ] (McAfee, LLC -> McAfee, LLC) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1571608 2022-10-09] (McAfee, LLC -> McAfee, LLC) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4248712 2022-10-14] (McAfee, LLC -> McAfee, LLC) R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WsDrvInst; D:\Program Files (x86)\Wondershare\UniConverter\Transfer\DriverInstall.exe [111368 2020-03-09] (Wondershare Technology Co.,Ltd -> Wondershare) R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137552 2022-12-14] (Microsoft Windows -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmo.inf_amd64_a75cbcea24883352\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmo.inf_amd64_a75cbcea24883352\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [118088 2021-09-12] (Alcorlink Corp. -> ) R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-15] (Microsoft Windows -> Microsoft Corporation) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Bestand niet getekend] R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77888 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\hw_cdcacm.sys [127360 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476224 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349760 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84440 2022-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Trellix US LLC.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [445504 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [920128 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [665424 2022-07-07] (Musarubra US LLC -> Trellix US LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [119632 2022-07-07] (Musarubra US LLC -> Trellix US LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [112712 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [234584 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.) S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> ) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2022-01-08] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-14] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2023-01-24 10:45 - 2023-01-24 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2023-01-24 07:04 - 2023-01-24 07:04 - 000802194 _____ C:\WINDOWS\system32\perfh013.dat 2023-01-24 07:04 - 2023-01-24 07:04 - 000159778 _____ C:\WINDOWS\system32\perfc013.dat 2023-01-24 06:27 - 2023-01-24 11:24 - 000000000 ____D C:\FRST 2023-01-24 06:27 - 2023-01-24 06:32 - 000000000 ___HD C:\$MfeDeepRem 2023-01-23 16:20 - 2023-01-23 16:20 - 000003350 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon 2023-01-23 16:18 - 2023-01-23 16:19 - 000000000 ____D C:\ProgramData\McInstTemp0104271674487132 2023-01-22 18:53 - 2023-01-23 14:56 - 000000000 ____D C:\ProgramData\McInstTemp0207031674410004 2023-01-22 18:22 - 2023-01-22 18:22 - 000000000 ____D C:\Users\mizy\AppData\Roaming\SafeConnect 2023-01-22 18:09 - 2023-01-22 18:09 - 000000000 ____D C:\WINDOWS\system32\config\BFS 2023-01-22 13:25 - 2023-01-22 13:32 - 000003403 _____ C:\Users\Public\816mp8dopoo888po6yoco8dmqntbvu 2023-01-21 18:00 - 2023-01-21 18:00 - 1063256064 _____ C:\Users\Public\GCAVRDBJR 2023-01-21 17:57 - 2023-01-21 17:57 - 000026220 _____ C:\Users\Public\RRQUQXFLKSB.alsv 2023-01-21 17:56 - 2023-01-21 17:56 - 000000045 _____ C:\Users\Public\8EriQkVXMUhm.3fr 2023-01-15 19:14 - 2023-01-15 19:14 - 000000000 ____D C:\Users\mizy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bridge to Another World 9 - Christmas Flight Collector's Edition 2023-01-11 10:23 - 2023-01-11 10:23 - 000000000 ___HD C:\$WinREAgent ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2023-01-24 11:17 - 2021-04-29 18:18 - 000000000 ____D C:\Program Files (x86)\Google 2023-01-24 11:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-01-24 11:13 - 2022-10-15 08:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2023-01-24 11:13 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2023-01-24 11:12 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-01-24 07:10 - 2021-09-12 08:10 - 000000000 ____D C:\ProgramData\NVIDIA 2023-01-24 07:04 - 2022-10-15 08:16 - 001803066 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-01-24 07:04 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2023-01-24 07:01 - 2022-10-15 08:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-01-24 07:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-01-24 06:46 - 2022-10-15 08:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-01-24 06:46 - 2022-01-25 13:26 - 000012288 ___SH C:\DumpStack.log.tmp 2023-01-24 06:25 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-01-23 17:30 - 2022-10-15 06:46 - 000000000 ____D C:\Users\mizy 2023-01-23 17:30 - 2022-02-01 20:36 - 000000000 ____D C:\Program Files (x86)\McAfee 2023-01-23 17:30 - 2021-05-26 10:24 - 000000000 ____D C:\Users\mizy\AppData\Local\CrashDumps 2023-01-23 17:17 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-01-23 17:16 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\registration 2023-01-23 16:54 - 2020-06-08 05:57 - 000000000 ____D C:\Users\mizy\AppData\Local\ElevatedDiagnostics 2023-01-23 16:20 - 2022-02-01 20:35 - 000000000 ____D C:\Program Files\Common Files\McAfee 2023-01-23 16:12 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-01-23 16:12 - 2022-02-01 20:36 - 000000000 ____D C:\Program Files\Common Files\AV 2023-01-23 16:12 - 2022-01-23 10:49 - 000000000 ____D C:\Program Files\McAfee 2023-01-23 16:12 - 2022-01-23 10:48 - 000000000 ____D C:\ProgramData\McAfee 2023-01-23 16:12 - 2020-05-22 07:08 - 000000000 ____D C:\Users\mizy\AppData\Local\HCSShell 2023-01-23 15:57 - 2022-02-01 20:36 - 000000000 ____D C:\Program Files\McAfee.com 2023-01-23 15:57 - 2020-04-30 14:10 - 000000000 ____D C:\ProgramData\Package Cache 2023-01-23 14:34 - 2020-04-29 10:32 - 000000000 ____D C:\Users\mizy\AppData\Local\D3DSCache 2023-01-22 18:15 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-01-22 13:45 - 2022-02-22 11:04 - 000000000 ____D C:\Users\mizy\AppData\Roaming\qBittorrent 2023-01-22 12:32 - 2020-07-26 19:50 - 000000000 ____D C:\Users\mizy\AppData\Roaming\vlc 2023-01-22 10:37 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-01-21 17:57 - 2020-04-29 09:45 - 000000000 ___RD C:\Users\mizy\OneDrive 2023-01-21 06:57 - 2020-05-02 12:53 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-01-18 09:32 - 2021-04-29 18:18 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-01-16 12:46 - 2021-02-13 14:16 - 000000000 ____D C:\Users\mizy\AppData\Roaming\FriendlyFox.Studio 2023-01-11 11:10 - 2022-10-15 08:13 - 000712824 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-01-11 11:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-01-11 11:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-01-11 11:09 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-01-11 10:29 - 2020-05-02 23:15 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-01-11 10:27 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-01-11 10:27 - 2020-05-02 23:15 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-01-11 10:25 - 2022-10-15 08:15 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-01-06 09:07 - 2022-10-15 08:17 - 000003730 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-01-06 09:07 - 2022-10-15 08:17 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-01-05 12:28 - 2021-09-16 16:33 - 000000000 ____D C:\Users\mizy\AppData\Roaming\DominiGames 2023-01-02 12:18 - 2021-02-19 21:01 - 000000000 ____D C:\ProgramData\CanonIJPLM 2022-12-31 20:08 - 2022-10-22 13:55 - 000000000 ____D C:\ProgramData\Elephant Games 2022-12-31 20:08 - 2021-11-21 14:12 - 000000000 ____D C:\Users\mizy\AppData\Roaming\Elephant Games 2022-12-31 20:05 - 2019-07-08 16:48 - 000000000 ____D C:\ProgramData\Temp 2022-12-31 08:30 - 2022-10-15 06:32 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-12-30 12:20 - 2022-11-13 15:16 - 000000000 ____D C:\Users\mizy\AppData\Roaming\4 Friends Games 2022-12-28 18:30 - 2022-12-21 15:40 - 000000000 ____D C:\Users\mizy\AppData\Roaming\ERS Game Studios ==================== Bestanden in de root van sommige mappen ======== 2021-12-13 11:43 - 2015-03-15 05:00 - 000106496 _____ (CANON INC.) C:\Users\mizy\cnmss Canon MG6800 series Printer WS (Local).dll 2022-05-04 10:30 - 2022-05-04 10:30 - 000003584 _____ () C:\Users\mizy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2021-07-19 10:53 - 2022-06-21 07:32 - 000000205 _____ () C:\Users\mizy\AppData\Local\oobelibMkey.log ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================