Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 22-08.2024 Gestart door theos (Beheerder) op DESKTOP-CDE5RUK (Dell Inc. OptiPlex 390) (26-08-2024 15:46:37) Gestart vanaf C:\Users\theos\OneDrive\Bureaublad\FRST64.exe Geladen Profielen: theos Platform: Microsoft Windows 10 Pro Versie 22H2 19045.4780 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Edge Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe (C:\Program Files (x86)\hicloud\update_server\startUp.exe ->) (EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\SPUpDateServer.exe (C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe ->) (Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.105\msedgewebview2.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <32> (C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2024.814.200_x64__8wekyb3d8bbwe\olk.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.105\msedgewebview2.exe <8> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2024.814.200_x64__8wekyb3d8bbwe\olk.exe (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5> (explorer.exe ->) (杭州萤石软件有限公司 -> EZVIZ Inc.) C:\Program Files (x86)\Ezviz Studio\EzvizStudio.exe (EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\startUp.exe (Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Reason Cybersecurity Inc. -> Reason Cybersecurity Ltd.) C:\Program Files\ReasonLabs\Common\Client\v1.4.2\rsAppUI.exe <9> (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (services.exe ->) (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe (services.exe ->) (Reason Cybersecurity Inc. -> Reason Software Company Inc.) C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9256840 2024-08-19] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.) HKLM-x32\...\Run: [SPUpDateServerrun] => C:\Program Files (x86)\hicloud\update_server\startUp.exe [14832 2015-09-10] (EZVIZ Inc. -> ) HKU\S-1-5-21-1308386178-264101679-3570317249-1001\...\Run: [MicrosoftEdgeAutoLaunch_52AFAC4A5418D174EAD92F9C07E4E7F1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741224 2024-08-22] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.84\Installer\chrmstp.exe [2024-08-23] (Google LLC -> Google LLC) ==================== Geplande Taken (gefilterd) ================= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {BDB37518-23DD-4493-97C3-5DAABB8682CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.) Task: {D9D8D895-A5CA-41FE-B7F1-5764ABBBF2A1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {8734C930-CBEF-4DAB-9640-04E453F81645} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {7319D583-AEBA-4352-AA76-C63DE14B9757} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{78EF0212-AD79-42E9-8113-5D203B81B655} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC) Task: {12FD40F1-D2B5-443D-ADE6-CA9CDFF47C2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-07-25] (HP Inc. -> HP Inc.) Task: {3AAB9FAC-4205-4C68-9295-3B96759D14C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-07-25] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show Task: {AD245D7D-84D0-4FAF-BAFA-15C912929556} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-07-25] (HP Inc. -> HP Inc.) Task: {90746F25-8AD3-4C8B-AE3F-4992D9DC1CCF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH2AE5P08V => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-07-25] (HP Inc. -> HP Inc.) Task: {6F06D29E-CE99-4271-8205-89332652EA0C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2022-03-16] () [Bestand niet getekend] Task: {463A8305-5B78-4BEC-A13F-FAEF795DE05B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {23AC3B1F-7B68-4492-8877-C4FCBA815209} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {83602EB6-CE7B-4AEC-996F-66193DC15E1B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Task: {64B3F870-4077-403A-B0F7-1DD9AE14D326} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {42E778BA-971E-498F-947D-ACD161A9A8FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {62EF8692-AB1B-4BE6-A20E-6BB4EE36A88C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {803C9F80-92FE-4183-B6AA-EF3F89ADD769} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {987D82C9-2FF3-4B46-B38F-867FF914982D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676936 2024-08-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (de data item heeft 6 meer tekens). Task: {3B438A9F-0EFE-43A7-81E0-D9639DBA531C} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1308386178-264101679-3570317249-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676936 2024-08-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (de data item heeft 6 meer tekens). Task: {DF77A657-C46A-4DDA-8281-883F8B69BE21} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-08-22] (Mozilla Corporation -> Mozilla Foundation) Task: {55D80446-A41B-421B-98C7-112A2C486EBF} - System32\Tasks\NCH Software\DebutDowngrade => C:\Program Files (x86)\NCH Software\Debut\debut.exe [5526720 2023-12-16] (NCH Software, Inc. -> NCH Software) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{01d52ce3-f654-4807-919b-fc7379500629}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{01d52ce3-f654-4807-919b-fc7379500629}: [DhcpDomain] lan Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\theos\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-26] Edge Notifications: Default -> hxxps://shop.samsung.com Edge Extension: (Offline Documenten) - C:\Users\theos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\theos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-08-13] Edge Extension: (Edge relevant text changes) - C:\Users\theos\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: t61l4l6g.default FF ProfilePath: C:\Users\theos\AppData\Roaming\Mozilla\Firefox\Profiles\t61l4l6g.default [2022-01-25] FF ProfilePath: C:\Users\theos\AppData\Roaming\Mozilla\Firefox\Profiles\azoj2efr.default-release-1620482901333 [2024-08-26] FF DownloadDir: C:\Users\theos\Downloads FF Homepage: Mozilla\Firefox\Profiles\azoj2efr.default-release-1620482901333 -> hxxps://www.facebook.com/ FF Notifications: Mozilla\Firefox\Profiles\azoj2efr.default-release-1620482901333 -> hxxps://www.instagram.com; hxxps://colourise.com; hxxps://nl.findhealthinfonow.com; hxxps://ua.check-tl-ver-198-d.buzz FF Extension: (Emsisoft Browser Security) - C:\Users\theos\AppData\Roaming\Mozilla\Firefox\Profiles\azoj2efr.default-release-1620482901333\Extensions\{b21882eb-3211-44dc-964b-e6f35b33061f}.xpi [2023-08-17] FF Extension: (Adblock Plus - gratis adblocker) - C:\Users\theos\AppData\Roaming\Mozilla\Firefox\Profiles\azoj2efr.default-release-1620482901333\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-08-19] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-08-03] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\theos\AppData\Local\Google\Chrome\User Data\Default [2024-08-26] CHR Notifications: Default -> hxxps://nl.shopping.net CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\theos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31] Opera: ======= OPR Profile: C:\Users\theos\AppData\Roaming\Opera Software\Opera Stable [2022-01-25] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.) R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (Canon Inc. -> CANON INC.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46824 2024-08-19] (Dropbox, Inc -> Dropbox, Inc.) S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\206.4.6506\DropboxElevationService.exe [1659288 2024-08-19] (Dropbox, Inc -> Dropbox, Inc.) R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [928192 2024-06-26] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [926760 2024-06-26] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [922560 2024-06-26] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-08] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [927680 2024-06-26] (HP Inc. -> HP Inc.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [460488 2024-04-03] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-09] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-31] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] (CyberLink -> ) R2 rsDNSClientSvc; C:\Program Files\ReasonLabs\DNS\rsDNSClientSvc.exe [672912 2024-03-20] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsDNSResolver; C:\Program Files\ReasonLabs\DNS\rsDNSResolver.exe [11372928 2024-03-20] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsDNSSvc; C:\Program Files\ReasonLabs\DNS\rsDNSSvc.exe [207744 2024-03-20] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsVPNClientSvc; C:\Program Files\ReasonLabs\VPN\rsVPNClientSvc.exe [672400 2024-08-16] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) R2 rsVPNSvc; C:\Program Files\ReasonLabs\VPN\rsVPNSvc.exe [231048 2024-08-16] (Reason Cybersecurity Inc. -> Reason Software Company Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522096 2024-08-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [805224 2023-01-11] (Oracle Corporation -> Oracle and/or its affiliates) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] R3 MarvinBus; C:\Windows\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH) R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [231504 2024-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 NPF; C:\Program Files (x86)\Ezviz Studio\npf64.sys [36600 2022-09-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 rsDwf; C:\Windows\system32\DRIVERS\rsDwf.sys [54144 2024-03-20] (Reason CyberSecurity Inc. -> Reason CyberSecurity Inc.) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [254616 2023-01-11] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [265488 2023-01-11] (Oracle Corporation -> Oracle and/or its affiliates) R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1061392 2023-01-11] (Oracle Corporation -> Oracle and/or its affiliates) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [189152 2023-01-11] (Oracle Corporation -> Oracle and/or its affiliates) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation) S3 WLRAWMp50x64; C:\Windows\System32\Drivers\WLRAWMp50x64.sys [35352 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWMp50x64; C:\Windows\SysWOW64\Drivers\WLRAWMp50x64.sys [35352 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWSp50x64; C:\Windows\System32\Drivers\WLRAWSp50x64.sys [34328 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 WLRAWSp50x64; C:\Windows\SysWOW64\Drivers\WLRAWSp50x64.sys [34328 2013-10-31] (Logitech Inc -> Logitech, Inc.) S3 cpuz149; \??\C:\Users\theos\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [X] <==== AANDACHT ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2024-08-26 15:46 - 2024-08-26 15:47 - 000024729 _____ C:\Users\theos\OneDrive\Bureaublad\FRST.txt 2024-08-26 15:45 - 2024-08-26 15:45 - 002397184 _____ (Farbar) C:\Users\theos\OneDrive\Bureaublad\FRST64.exe 2024-08-24 11:14 - 2024-08-24 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14 2024-08-24 11:13 - 2024-08-24 11:13 - 000000000 ____D C:\ProgramData\Studio 14 2024-08-24 11:13 - 2024-08-24 11:13 - 000000000 ____D C:\ProgramData\Pinnacle Studio Plus 2024-08-24 10:21 - 2024-08-24 10:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2024-08-21 07:57 - 2024-08-21 07:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2024-08-19 22:55 - 2024-08-19 22:55 - 000046824 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2024-08-14 10:39 - 2024-08-14 10:39 - 000000000 ___HD C:\$WinREAgent 2024-08-14 10:21 - 2024-08-24 11:10 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-08-02 14:19 - 2024-08-02 14:19 - 000000000 ____D C:\Users\theos\AppData\Roaming\Cycling '74 ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2024-08-26 15:47 - 2024-01-18 14:42 - 000000000 ____D C:\FRST 2024-08-26 15:44 - 2021-01-13 09:50 - 000000000 ____D C:\Users\theos\AppData\Roaming\Microsoft\Excel 2024-08-26 15:44 - 2021-01-12 12:53 - 000000000 ____D C:\Users\theos\AppData\Roaming\Microsoft\Word 2024-08-26 15:38 - 2022-02-11 10:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-08-26 15:38 - 2021-01-12 15:28 - 000000000 ____D C:\Users\theos\AppData\Roaming\Dropbox 2024-08-26 15:38 - 2021-01-12 15:27 - 000000000 ____D C:\Users\theos\AppData\Local\Dropbox 2024-08-26 15:37 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-08-26 15:37 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2024-08-26 10:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-08-26 10:06 - 2021-01-19 14:57 - 000000000 ____D C:\Users\theos\AppData\Local\CrashDumps 2024-08-25 15:04 - 2021-01-05 10:30 - 000000000 ___SD C:\Users\theos\AppData\Roaming\Microsoft\Credentials 2024-08-25 09:40 - 2024-03-20 16:58 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-08-25 09:38 - 2021-12-15 11:45 - 000000000 ____D C:\Windows\SystemTemp 2024-08-24 15:22 - 2020-11-19 00:45 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-08-24 14:41 - 2021-01-16 10:56 - 000073728 _____ C:\Users\theos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2024-08-24 11:25 - 2023-05-13 13:40 - 000000000 ____D C:\Users\theos\AppData\Local\Malwarebytes 2024-08-24 11:25 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2024-08-24 11:17 - 2023-08-08 11:02 - 000000000 ____D C:\Users\theos\OneDrive\Documenten\Pinnacle Studio 2024-08-24 11:17 - 2021-01-05 10:31 - 001771768 _____ C:\Windows\system32\PerfStringBackup.INI 2024-08-24 11:17 - 2019-12-07 17:14 - 000786070 _____ C:\Windows\system32\perfh013.dat 2024-08-24 11:17 - 2019-12-07 17:14 - 000154198 _____ C:\Windows\system32\perfc013.dat 2024-08-24 11:13 - 2021-01-05 11:43 - 000000000 ____D C:\ProgramData\Pinnacle 2024-08-24 11:13 - 2021-01-05 11:43 - 000000000 ____D C:\Program Files (x86)\Pinnacle 2024-08-24 11:11 - 2021-01-05 10:24 - 000008192 ___SH C:\DumpStack.log.tmp 2024-08-24 11:10 - 2021-01-10 11:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-08-24 11:10 - 2021-01-05 10:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-08-24 11:10 - 2020-11-19 01:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-08-24 11:09 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2024-08-24 10:21 - 2021-01-13 16:55 - 000000000 ____D C:\Users\theos\AppData\Roaming\Canon 2024-08-24 10:21 - 2021-01-13 16:41 - 000000000 ____D C:\Program Files (x86)\Canon 2024-08-24 10:21 - 2019-12-07 11:14 - 000000000 __RSD C:\Windows\Media 2024-08-24 10:09 - 2021-02-02 10:08 - 000000000 ____D C:\Users\theos\.VirtualBox 2024-08-24 10:09 - 2021-02-02 10:08 - 000000000 ____D C:\ProgramData\VirtualBox 2024-08-23 11:50 - 2024-07-24 15:05 - 000000000 ____D C:\ProgramData\CanonIJPLM 2024-08-23 09:51 - 2021-01-10 12:08 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-08-22 15:32 - 2021-10-09 14:38 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2024-08-22 15:32 - 2021-01-05 10:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-08-21 07:57 - 2021-01-12 15:27 - 000000000 ____D C:\Program Files (x86)\Dropbox 2024-08-20 15:11 - 2023-04-30 14:51 - 000002282 _____ C:\Users\theos\OneDrive\Bureaublad\BaseCamp.lnk 2024-08-20 15:11 - 2021-01-16 14:14 - 000000000 ____D C:\Users\theos\AppData\Roaming\Garmin 2024-08-18 10:53 - 2021-01-05 10:30 - 000000000 ____D C:\Users\theos 2024-08-14 11:17 - 2019-12-07 17:17 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-08-14 11:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources 2024-08-14 11:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-08-14 11:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr 2024-08-14 10:47 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2024-08-14 10:44 - 2020-11-19 01:47 - 003016192 ____N (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2024-08-14 10:37 - 2021-01-11 10:36 - 000000000 ____D C:\Windows\system32\MRT 2024-08-14 10:34 - 2021-01-11 10:36 - 197093640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-08-10 09:44 - 2023-08-17 10:25 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard 2024-08-09 09:23 - 2022-10-14 09:23 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-08-09 09:23 - 2021-01-18 10:43 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-08-08 13:52 - 2023-08-14 11:52 - 000000000 ____D C:\Windows\system32\Tasks\HP 2024-08-08 13:52 - 2023-08-14 11:52 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-08-08 09:41 - 2020-11-19 01:45 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-08-02 10:45 - 2021-01-06 12:05 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software 2024-08-01 14:34 - 2021-10-06 11:39 - 000001999 _____ C:\Users\theos\OneDrive\Bureaublad\PC Health Check.lnk 2024-08-01 14:24 - 2021-02-10 11:25 - 000000000 ____D C:\Users\theos\AppData\Local\WMTools Downloaded Files 2024-07-29 17:34 - 2021-01-13 09:49 - 000000000 ___RD C:\Users\theos\Dropbox 2024-07-29 08:50 - 2021-10-02 15:22 - 000003730 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-07-29 08:50 - 2021-10-02 15:22 - 000003606 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== Bestanden in de root van sommige mappen ======== 2021-01-16 10:56 - 2024-08-24 14:41 - 000073728 _____ () C:\Users\theos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================