Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 19.02.2024 02 Gestart door erikb (Beheerder) op DESKTOP-PC-ERIK (Acer Aspire TC-895) (21-02-2024 17:10:35) Gestart vanaf C:\Users\erikb\Desktop\FRST64.exe Geladen Profielen: erikb Platform: Microsoft Windows 11 Home Versie 23H2 22631.3155 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.231.1205.0_x64__zpdnekdrzrea0\Spotify.exe <6> (Brother Industries, Ltd.) [Bestand niet getekend] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe (Brother Industries, Ltd.) [Bestand niet getekend] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3> (C:\Program Files (x86)\Safe Online\fshoster32.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Safe Online\ui_net6\fsmainui.exe (C:\Program Files (x86)\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe (C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe (C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\86.0.9.0\crashpad_handler.exe (C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe <6> (cmd.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Safe Online\FSNifWeb\1706786866\nif2_ols_ca.exe (cmd.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Safe Online\FSNifWeb\1708504873\nif2_ols_ca.exe (cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe (D32DFF0F-14F7-4381-A23F-5AC04E4CDB79 -> ) C:\Program Files\WindowsApps\51041SafeInCloud.PasswordManagerSafeInCloud_24.1.0.0_x86__wh7zearnzvtm6\SafeInCloud\SafeInCloud.exe (DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxEM.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9> (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Safe Online\ui_net6\fssettings.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Brother Industries, Ltd.) [Bestand niet getekend] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Safe Online\fshoster32.exe <3> (services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\Safe Online\FSNifWeb\1708504873\fshoster64.exe (services.exe ->) (GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe (services.exe ->) (GoTrustID Inc. -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_dc7a0fe3ada1cbf5\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_dc2a57d591329a30\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7a0ef28832a7e644\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\RstMwService.exe (services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_73592056cffa61ae\RtkAudUService64.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (WithSecure Oyj -> F-Secure Corporation) C:\Program Files (x86)\Safe Online\Ultralight\ulcore\1707739547\fsorsp64.exe (services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\Safe Online\Ultralight\ulcore\1707739547\fshoster64.exe <2> (services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\Safe Online\Ultralight\ulcore\1707739547\fsulprothoster.exe (sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5336.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.40.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe (svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\erikb\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-12-10] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_73592056cffa61ae\RtkAudUService64.exe [1231944 2021-01-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11552648 2024-02-06] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Bestand niet getekend] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.) [Bestand niet getekend] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-14] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-14] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2372608050-3912716850-3987843000-1001\...\Run: [stack] => C:\Program Files\STACK\stack.exe [2172368 2020-09-08] (TransIP BV -> TransIP) HKU\S-1-5-21-2372608050-3912716850-3987843000-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-2372608050-3912716850-3987843000-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-14] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2372608050-3912716850-3987843000-1001\...\Run: [MicrosoftEdgeAutoLaunch_AC16BC99F2621BCCCED6EACA4C956F66] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2372608050-3912716850-3987843000-1002\...\Run: [CCleanerBrowserAutoLaunch_5554C311D0E33E0E463FD999B3DA38B3] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) HKU\S-1-5-21-2372608050-3912716850-3987843000-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-14] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2372608050-3912716850-3987843000-1002\...\Run: [MicrosoftEdgeAutoLaunch_C3D823CB52CEA10955D5208F9F1054D1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2372608050-3912716850-3987843000-1002\...\Run: [SafeInCloud] => C:\Program Files (x86)\SafeInCloud\SafeInCloud.exe [5515264 2023-12-17] () [Bestand niet getekend] HKU\S-1-5-21-2372608050-3912716850-3987843000-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\madel\AppData\Local\Microsoft\Teams\Update.exe [2459304 2022-01-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2372608050-3912716850-3987843000-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-14] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-14] (Google LLC -> Google, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\121.0.23861.160\Installer\chrmstp.exe [2024-02-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-18] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Geplande Taken (gefilterd) ================= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0971CACE-172B-4203-BAC3-A85842DAF96B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) Task: {C4A2E741-461D-45E5-A489-240BE000DFA7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> ) Task: {7BD446FE-AAA7-4B89-8C3E-AE587494A4DA} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> ) Task: {FD7CAF7E-317D-4A02-99E5-DB7EFAFBEC93} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> ) Task: {5AF2D775-F896-4E94-AC5F-65BF1017A7B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {C3DFCA90-AC52-48B0-8618-23EAF1327CDB} - System32\Tasks\App Explorer => C:\Users\erikb\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== AANDACHT Task: {5E02D994-C23F-43B1-8849-16873B5CFBA1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Task: {48026F2B-B137-4AE9-960B-2A0281EC1FD8} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Task: {A2F07D72-4041-4000-82D6-029D10B20046} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {662B42FF-F7E9-4971-9F59-31F5CBAE2193} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-2372608050-3912716850-3987843000-1002 => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1685856 2023-04-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== AANDACHT Task: {2CB1D06A-B7AA-49BA-A3EC-971AE534BCC2} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c2488633-4901-478a-afb1-5576b5fd419a" --version "6.21.10918" --silent Task: {48B0631D-FEDF-40F8-9900-0AF9F59364AD} - System32\Tasks\CCleanerSkipUAC - erikb => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {E78DF300-7A55-49D7-ADA5-FC5CDB6D4AD2} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Task: {42A34650-1594-4A28-AECE-EE8067E59F2F} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Task: {AF133CC0-590B-49A2-B2F0-B0CECA7C5DFE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {20C22808-C2B2-48E5-96CC-C6DA1EC3F2AE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {C2E29197-3E6B-4FB9-8B79-53EE9D6AACE7} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\Safe Online\fs_hotfix.exe [467848 2023-10-31] (F-Secure Corporation -> F-Secure Corporation) Task: {1431A5A9-E7A1-4BE4-A01A-81374097EB8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-17] (Google LLC -> Google LLC) Task: {76EF92A4-B214-45A3-848B-9DC85E935F94} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-17] (Google LLC -> Google LLC) Task: {050E9CC1-1034-4D7D-9534-5C0B69290E67} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [63488 2019-08-02] (GoTrustID Inc. -> ) Task: {CDE462A4-0E58-494F-B12C-4CCF5AA30CE9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {AF6F1838-BF95-47CB-9987-036DB8A3B77B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {7C4D49AA-5B84-4D69-9DD1-ADA631CE9EE0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation) Task: {B33EB713-01FB-4476-9C02-875892A2A8D2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation) Task: {58007C59-4BD5-4D19-9779-977A4CA2644B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-09] (Microsoft Corporation -> Microsoft Corporation) Task: {EAA0BE34-6F84-4DAD-AF52-49F3D08CB1F5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [555728 2024-02-18] (Microsoft Corporation -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Geen bestand) Task: {AA79AB3A-65F7-455A-8087-558C67D95E77} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (Geen bestand) Task: {CF220C6D-E8F7-42E0-9EE8-0838EBF607AC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (Geen bestand) Task: {A846A4F1-E93E-456E-B17D-789F1AD080E5} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (Geen bestand) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Geen bestand) Task: {B68C9B6A-41E7-4057-86BA-F97E53619D77} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> ) Task: {8BE79CC6-A297-4052-8A87-41320F0D2DFE} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> ) Task: {E0902A6D-F384-4BC7-91FA-0A464F0A56E3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {D8FB4CCD-52A7-44C1-ABDF-27ED1DF039FD} - System32\Tasks\S-1-5-21-2372608050-3912716850-3987843000-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (Geen bestand) Task: {380E1AF0-708A-4495-85DA-B6A6691EECB4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated) Task: {B2FFD37E-2F12-4C47-B1C3-4794BEC587D6} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-04-15] (Acer Incorporated -> Acer Incorporated) Task: {034960D0-C4CB-4BF2-8814-7FA549F97331} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-04-15] (Acer Incorporated -> Acer Incorporated) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 84.116.46.23 84.116.46.22 Tcpip\..\Interfaces\{33cc48f5-9a35-4346-9c06-fbf37680b728}: [DhcpNameServer] 84.116.46.23 84.116.46.22 Tcpip\..\Interfaces\{33cc48f5-9a35-4346-9c06-fbf37680b728}: [DhcpDomain] home Tcpip\..\Interfaces\{8315f483-12c8-4f0f-94d2-045c5df5c407}: [DhcpNameServer] 84.116.46.23 84.116.46.22 Tcpip\..\Interfaces\{8315f483-12c8-4f0f-94d2-045c5df5c407}: [DhcpDomain] home Tcpip\..\Interfaces\{8315f483-12c8-4f0f-94d2-045c5df5c407}\7416C616879702352323B202542796B6: [DhcpNameServer] 192.168.10.5 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-21] Edge HomePage: Default -> hxxp://google.nl/ Edge DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms} Edge DefaultSearchKeyword: Default -> nortonsafe Edge DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=nl&q={searchTerms} Edge Extension: (Password Manager SafeInCloud) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfilcmnckjfhldbbkaeofghnhpbehipd [2023-12-28] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-02-21] Edge Extension: (Houseparty) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjkkodhikogdenlfobgbhkggogejidim [2020-10-31] Edge Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2024-02-18] Edge Extension: (Browserbeveiliging door F-Secure) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpikpibllpjmpnchjajlibnmmomnnhnm [2024-01-28] Edge Extension: (Checkjelinkje voor je browser) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emhmcmaagaihdokaiccmmidnfndeilil [2022-07-04] Edge Extension: (Offline Documenten) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-28] Edge Extension: (Edge relevant text changes) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28] Edge Extension: (Norton Safe) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2023-12-28] Edge Extension: (Okta Browser Plugin) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ncoafaeidnkeafiehpkfoeklhajkpgij [2024-02-18] Edge Extension: (LinkedIn Extension) - C:\Users\erikb\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\omhcfmofjcdakjciciffgbdoojiclhbn [2020-10-31] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [cpikpibllpjmpnchjajlibnmmomnnhnm] FireFox: ======== FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2019-05-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (Nederlands (NL) Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-nl@firefox.mozilla.org.xpi [2019-09-16] FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2020-08-10] [Verouderd] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default [2024-02-21] CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://klikaanklikuit.nl; hxxps://www.facebook.com; hxxps://www.instagram.com CHR HomePage: Default -> hxxp://google.nl/ CHR StartupUrls: Default -> "hxxp://google.nl/" CHR Session Restore: Default -> is ingeschakeld. CHR Extension: (Checkjelinkje voor je browser) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhmcmaagaihdokaiccmmidnfndeilil [2022-02-21] CHR Extension: (Offline Documenten) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-01] CHR Extension: (Okta Browser Plugin) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\glnpjglilkicbckjpbgcfkogebgllemb [2024-02-18] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-21] CHR Extension: (Browserbeveiliging door F-Secure) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2024-02-01] CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-02-18] CHR Extension: (Password Manager SafeInCloud) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchdigjbcmdgcfeijpfkpadacbijihjl [2023-12-28] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-28] CHR Extension: (LinkedIn Extension) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\meajfmicibjppdgbjfkpdikfjcflabpk [2022-07-30] CHR Extension: (Norton Safe) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2023-12-28] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] CHR Profile: C:\Users\erikb\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-17] CHR Profile: C:\Users\erikb\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-17] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] CHR HKU\S-1-5-21-2372608050-3912716850-3987843000-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-2372608050-3912716850-3987843000-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Bestand niet getekend] S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\121.0.23861.160\elevation_service.exe [1832232 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-17] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-02-06] (Dropbox, Inc -> Dropbox, Inc.) R2 fshoster; C:\Program Files (x86)\Safe Online\fshoster32.exe [228232 2023-10-31] (F-Secure Corporation -> F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\Safe Online\fshoster32.exe [228232 2023-10-31] (F-Secure Corporation -> F-Secure Corporation) R2 fsnifwebhoster; C:\Program Files (x86)\Safe Online\FSNifWeb\1708504873\fshoster64.exe [400776 2024-02-21] (F-Secure Corporation -> F-Secure Corporation) R2 fsulhoster; C:\Program Files (x86)\Safe Online\Ultralight\ulcore\1707739547\fshoster64.exe [738256 2024-02-21] (WithSecure Oyj -> WithSecure Corporation) R2 fsulnethoster; C:\Program Files (x86)\Safe Online\Ultralight\ulcore\1707739547\fshoster64.exe [738256 2024-02-21] (WithSecure Oyj -> WithSecure Corporation) R2 fsulorsp; C:\Program Files (x86)\Safe Online\Ultralight\ulcore\1707739547\fsorsp64.exe [109432 2024-02-21] (WithSecure Oyj -> F-Secure Corporation) R2 fsulprothoster; C:\Program Files (x86)\Safe Online\Ultralight\ulcore\1707739547\fsulprothoster.exe [738256 2024-02-21] (WithSecure Oyj -> WithSecure Corporation) R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [17408 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.) R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [246272 2019-08-02] (GoTrustID Inc. -> GOTrustID Inc.) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-05-18] (Logitech Inc -> Logitech) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-18] (Malwarebytes Inc. -> Malwarebytes) R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18079544 2024-01-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [306728 2020-04-15] (Acer Incorporated -> Acer Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) S2 cphs; %SystemRoot%\System32\IntelCpHeciSvc.exe [X] ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 debutfilter; C:\WINDOWS\system32\DRIVERS\debutfilterx64.sys [55144 2020-10-18] (NCH Software Pty Ltd -> ) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Safe Online\Ultralight\ulcore\1707739547\fsulgk.sys [480848 2024-02-21] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation) S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [17400 2023-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> WithSecure Corporation) R2 fsnif2; C:\Program Files (x86)\Safe Online\Ultralight\nif2\1702285722\nif2s64.sys [193800 2023-12-25] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation) R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [140016 2021-04-12] (GENESYS LOGIC, INC. -> Genesys Logic) R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-04] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233704 2024-02-18] (Malwarebytes Inc. -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-02-18] (Malwarebytes Inc. -> Malwarebytes) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 X86BDA; C:\WINDOWS\System32\drivers\OEMDrv.sys [268416 2011-06-08] (Microsoft Windows Hardware Compatibility Publisher -> ) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2024-02-21 17:10 - 2024-02-21 17:11 - 000039449 _____ C:\Users\erikb\Desktop\FRST.txt 2024-02-21 17:10 - 2024-02-21 17:10 - 000000000 ____D C:\FRST 2024-02-21 07:13 - 2024-02-21 07:14 - 002386944 _____ (Farbar) C:\Users\erikb\Desktop\FRST64.exe 2024-02-18 13:05 - 2024-02-18 13:05 - 000802194 _____ C:\WINDOWS\system32\perfh013.dat 2024-02-18 13:05 - 2024-02-18 13:05 - 000159778 _____ C:\WINDOWS\system32\perfc013.dat 2024-02-18 12:59 - 2024-02-21 07:15 - 000000000 ____D C:\Users\erikb\AppData\Local\Malwarebytes 2024-02-18 12:56 - 2024-02-18 12:56 - 000233704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys 2024-02-18 12:56 - 2024-02-18 12:56 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-02-18 12:39 - 2024-02-21 07:15 - 000000000 ____D C:\Users\barba\AppData\Local\Malwarebytes 2024-02-18 12:39 - 2024-02-18 12:55 - 000000000 ____D C:\Users\barba\AppData\LocalLow\Mozilla 2024-02-18 12:39 - 2024-02-18 12:39 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-02-18 12:39 - 2024-02-18 12:39 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-02-18 12:39 - 2024-02-18 12:39 - 000000000 ____D C:\Users\barba\AppData\Local\Mozilla 2024-02-18 12:39 - 2024-02-18 12:39 - 000000000 ____D C:\Users\barba\AppData\Local\mbam 2024-02-18 12:39 - 2024-02-18 12:39 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-02-18 12:39 - 2024-02-18 12:39 - 000000000 ____D C:\Program Files\Malwarebytes 2024-02-18 12:37 - 2024-02-18 12:38 - 002582384 _____ (Malwarebytes) C:\Users\barba\Downloads\MBSetup (2).exe 2024-02-18 12:29 - 2024-02-18 12:29 - 079156784 _____ (Piriform Software Ltd) C:\Users\erikb\Downloads\ccsetup621.exe 2024-02-18 10:06 - 2024-02-18 10:06 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-02-14 18:19 - 2024-02-14 18:19 - 000062891 _____ C:\Users\barba\Downloads\1. Venus TXT 07-02-2024.pdf 2024-02-14 18:17 - 2024-02-14 18:17 - 000102645 _____ C:\Users\barba\Downloads\1. Why tell me why TXT AR 07-02-2023.pdf 2024-02-14 18:16 - 2024-02-14 18:16 - 000105308 _____ C:\Users\barba\Downloads\1. Banger hart TXT12-02-2024.pdf 2024-02-09 12:26 - 2024-02-09 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2024-02-06 13:00 - 2024-02-06 13:00 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2024-02-01 20:31 - 2024-02-01 20:31 - 000026070 _____ C:\Users\erikb\Downloads\0206_001.pdf 2024-02-01 20:31 - 2024-02-01 20:31 - 000024537 _____ C:\Users\erikb\Downloads\0205_001.pdf 2024-02-01 11:58 - 2024-02-01 11:58 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-02-01 11:58 - 2024-02-01 11:58 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-02-01 11:36 - 2024-02-01 11:36 - 000002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2024-02-01 11:36 - 2024-02-01 11:36 - 000002245 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2024-01-31 18:06 - 2024-01-31 18:06 - 000098148 _____ C:\Users\barba\Downloads\1. Stiekem TXT 27-01-2024.pdf 2024-01-31 18:05 - 2024-01-31 18:05 - 000100525 _____ C:\Users\barba\Downloads\1. Tonight TXT.pdf 2024-01-28 13:32 - 2024-01-28 13:32 - 000098730 _____ C:\Users\barba\Downloads\Voorwaarden Inkomensbeschermingsplan (WoonGarant) 200709.pdf 2024-01-28 10:07 - 2024-01-28 10:07 - 000003830 _____ C:\WINDOWS\system32\Tasks\CCleanerBrowserProtectS-1-5-21-2372608050-3912716850-3987843000-1002 2024-01-23 17:09 - 2024-02-18 14:06 - 000000000 ____D C:\Users\barba\AppData\Local\SafeInCloud 2024-01-23 17:08 - 2024-01-23 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeInCloud Password Manager 2024-01-23 17:08 - 2024-01-23 17:08 - 000000000 ____D C:\Program Files (x86)\SafeInCloud 2024-01-23 17:07 - 2024-01-23 17:08 - 012410880 _____ C:\Users\barba\Downloads\SafeInCloud_Setup (1).msi ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2024-02-21 17:08 - 2020-10-18 00:27 - 000000000 ____D C:\Users\erikb\AppData\Local\Host App Service 2024-02-21 17:06 - 2020-11-12 08:51 - 000000000 ___RD C:\Users\erikb\Google Drive 2024-02-21 17:06 - 2020-10-19 16:48 - 000000000 ____D C:\Users\erikb\AppData\Roaming\Dropbox 2024-02-21 17:06 - 2020-10-19 16:47 - 000000000 ____D C:\Users\erikb\AppData\Local\Dropbox 2024-02-21 17:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-02-21 17:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-02-21 17:05 - 2021-01-09 13:49 - 000000000 ____D C:\Program Files\CCleaner 2024-02-21 17:05 - 2020-10-18 00:37 - 000000000 ___HD C:\OneDriveTemp 2024-02-21 17:05 - 2020-10-18 00:36 - 000000000 ___RD C:\Users\erikb\OneDrive 2024-02-21 17:05 - 2020-10-18 00:35 - 000000000 __SHD C:\Users\erikb\IntelGraphicsProfiles 2024-02-21 17:05 - 2020-10-18 00:27 - 000000000 ___SD C:\Users\erikb\AppData\Roaming\Microsoft\Credentials 2024-02-21 17:05 - 2020-10-17 17:50 - 000000000 ____D C:\Program Files (x86)\Google 2024-02-21 07:21 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-21 07:08 - 2020-10-17 18:22 - 000000000 ____D C:\Users\barba\AppData\Local\Host App Service 2024-02-21 07:06 - 2023-06-04 12:43 - 000000000 ____D C:\Users\barba\AppData\Roaming\Dropbox 2024-02-21 07:06 - 2020-10-27 12:16 - 000000000 ____D C:\Users\barba\AppData\Local\Dropbox 2024-02-21 07:05 - 2020-10-17 18:24 - 000000000 ___RD C:\Users\barba\OneDrive 2024-02-21 07:05 - 2020-10-17 18:23 - 000000000 __SHD C:\Users\barba\IntelGraphicsProfiles 2024-02-21 06:40 - 2021-09-23 10:32 - 000000000 ____D C:\Users\barba\AppData\Local\D3DSCache 2024-02-21 06:38 - 2020-10-17 18:23 - 000000000 ____D C:\Users\barba\AppData\Local\Packages 2024-02-19 17:05 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-02-19 15:17 - 2023-02-28 18:07 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2372608050-3912716850-3987843000-1002 2024-02-19 15:17 - 2023-02-28 18:07 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2372608050-3912716850-3987843000-1002 2024-02-19 15:17 - 2021-03-30 15:42 - 000002389 _____ C:\Users\barba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-02-19 09:10 - 2020-08-10 22:36 - 000000000 ____D C:\ProgramData\Acer 2024-02-19 08:55 - 2023-02-28 18:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-02-18 13:10 - 2023-02-28 18:07 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2372608050-3912716850-3987843000-1001 2024-02-18 13:10 - 2023-02-28 18:07 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2372608050-3912716850-3987843000-1001 2024-02-18 13:10 - 2021-03-30 15:42 - 000002389 _____ C:\Users\erikb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-02-18 13:07 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2024-02-18 13:05 - 2023-03-01 09:25 - 001804922 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-02-18 13:00 - 2020-10-18 00:35 - 000000000 ____D C:\Users\erikb\AppData\Local\Packages 2024-02-18 12:58 - 2023-02-28 18:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-18 12:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-02-18 12:58 - 2021-03-30 15:41 - 000012288 ___SH C:\DumpStack.log.tmp 2024-02-18 12:58 - 2020-10-31 10:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-02-18 12:57 - 2022-05-07 06:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2024-02-18 12:56 - 2022-12-22 11:48 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-02-18 12:56 - 2021-01-09 13:50 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser 2024-02-18 12:55 - 2023-10-12 12:16 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-02-18 12:55 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-02-18 12:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-02-18 12:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-02-18 12:55 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-02-18 12:39 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-02-18 12:39 - 2021-05-04 10:34 - 000000000 ____D C:\Users\barba\AppData\Roaming\Mozilla 2024-02-18 12:39 - 2020-08-10 22:38 - 000000000 ____D C:\ProgramData\Mozilla 2024-02-18 12:39 - 2020-08-10 22:38 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-02-18 12:39 - 2020-08-10 22:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-02-18 12:30 - 2023-02-28 18:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-02-18 12:30 - 2023-02-28 18:07 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2024-02-18 12:30 - 2021-01-09 13:49 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk 2024-02-18 12:29 - 2020-10-18 12:03 - 000000000 ____D C:\Users\barba\AppData\Local\CrashDumps 2024-02-18 10:35 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-02-18 10:32 - 2023-02-28 18:04 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-02-18 10:31 - 2020-10-18 12:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-02-18 10:31 - 2020-10-18 00:36 - 000000000 ____D C:\Users\erikb\AppData\Local\PlaceholderTileLogoFolder 2024-02-18 10:28 - 2020-10-18 12:31 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-02-18 10:17 - 2023-02-17 11:46 - 000000000 ___DC C:\WINDOWS\Panther 2024-02-18 10:17 - 2020-10-19 20:09 - 000000000 ____D C:\Users\erikb\AppData\Local\CrashDumps 2024-02-18 10:13 - 2023-02-28 18:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-02-18 10:13 - 2022-10-13 15:39 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-02-18 10:13 - 2022-10-13 15:39 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2024-02-18 10:05 - 2020-08-10 22:42 - 000000000 ____D C:\Program Files\Microsoft Office 2024-02-18 10:02 - 2021-09-16 07:57 - 000000000 ____D C:\Users\erikb\AppData\Local\D3DSCache 2024-02-18 09:59 - 2020-10-24 23:28 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-02-18 09:59 - 2020-10-24 23:28 - 000002290 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-02-18 09:59 - 2020-10-17 17:50 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-02-14 18:16 - 2021-09-26 10:54 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2024-02-14 18:16 - 2021-09-26 10:54 - 000002012 _____ C:\Users\Default\Desktop\Google Slides.lnk 2024-02-14 18:16 - 2021-09-26 10:54 - 000002012 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2024-02-14 18:16 - 2021-09-26 10:54 - 000002000 _____ C:\Users\Default\Desktop\Google Docs.lnk 2024-02-14 18:16 - 2020-11-12 08:51 - 000001976 _____ C:\Users\erikb\Desktop\Google Drive.lnk 2024-02-09 12:26 - 2021-01-09 13:50 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk 2024-02-09 12:26 - 2020-10-19 16:47 - 000000000 ____D C:\Program Files (x86)\Dropbox 2024-02-09 12:25 - 2023-02-28 18:07 - 000003730 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-02-09 12:25 - 2023-02-28 18:07 - 000003606 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-01 20:21 - 2021-11-28 11:36 - 000002452 _____ C:\Users\erikb\Desktop\CCleaner Browser.lnk 2024-02-01 15:04 - 2023-02-28 18:01 - 000470832 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning 2024-02-01 15:03 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-02-01 12:11 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-02-01 12:11 - 2020-10-18 00:24 - 000000000 ____D C:\ProgramData\Packages 2024-02-01 11:36 - 2020-10-17 17:50 - 000000000 ____D C:\Program Files\Google 2024-02-01 11:30 - 2023-02-28 18:07 - 000003862 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2024-02-01 11:30 - 2023-02-28 18:07 - 000003738 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2024-01-28 14:33 - 2020-10-19 16:47 - 000001044 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2024-01-28 14:33 - 2020-10-19 16:47 - 000001040 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2024-01-28 14:25 - 2020-10-17 18:43 - 000000000 ____D C:\Users\barba\AppData\Roaming\Microsoft\Excel 2024-01-28 10:56 - 2022-04-14 13:30 - 000000000 ____D C:\Users\erikb\AppData\LocalLow\Adobe 2024-01-26 13:04 - 2020-10-18 13:12 - 000000000 ____D C:\Users\barba\AppData\Roaming\audacity 2024-01-26 12:53 - 2023-02-28 18:07 - 000004104 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2024-01-26 12:53 - 2023-02-28 18:07 - 000003872 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2024-01-23 17:10 - 2020-10-17 18:47 - 000000000 ____D C:\Users\barba\AppData\Local\PlaceholderTileLogoFolder ==================== Bestanden in de root van sommige mappen ======== 2020-10-21 14:07 - 2020-10-21 14:10 - 000124383 _____ () C:\Users\erikb\AppData\Roaming\Debut.dmp 2023-10-23 15:28 - 2023-10-23 17:02 - 001249792 _____ (hxxp://www.ruby-lang.org/) C:\Users\erikb\AppData\Roaming\msvcr90-ruby191.dll ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================