Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 16-09-2024
Gestart door Michael (Beheerder) op BUREAU-PC (MEDION MS-7800) (07-10-2024 02:29:25)
Gestart vanaf D:\Desktop\FRST64.exe
Geladen Profielen: Michael & Administrator
Platform: Microsoft Windows 10 Home Versie 22H2 19045.4894 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: FF
Boot Modus: Normal

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (VIA Technologies, Inc.) [Bestand niet getekend] C:\VIA_XHCI\usb3Monitor.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [Bestand niet getekend] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend] C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(services.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(services.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(services.exe ->) (devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe

==================== Register (gefilterd) ===================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.) [Bestand niet getekend]
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111080 2012-04-14] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2020-05-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Geen bestand)
HKU\S-1-5-19\...\RunOnce: [HKCU] => C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] () [Bestand niet getekend]
HKU\S-1-5-19\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs (Geen bestand)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Geen bestand)
HKU\S-1-5-20\...\RunOnce: [HKCU] => C:\Windows\System32\oobe\info\HKCU.vbs [126 2009-11-12] () [Bestand niet getekend]
HKU\S-1-5-20\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs (Geen bestand)
HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [Connective-SignID API] => C:\Users\Michael\AppData\Local\Connective-SignID\t1c-launch.exe [4669680 2022-02-09] (Trust1Team bvba -> )
HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [MicrosoftEdgeAutoLaunch_F449D40E833C6F137FB991D0BAA64AC0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3795008 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [EPSON SX410 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [223232 2008-10-01] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) <==== AANDACHT
HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\Run: [com.deezer.deezer-desktop] => C:\Users\Michael\AppData\Local\Programs\deezer-desktop\Deezer.exe [114088840 2024-08-12] (DEEZER SA -> Deezer)
HKU\S-1-5-21-3281580978-1972669021-3677266868-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3795008 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281580978-1972669021-3677266868-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Geen bestand)
HKU\S-1-5-21-3281580978-1972669021-3677266868-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Geen bestand)
HKU\S-1-5-21-3281580978-1972669021-3677266868-500\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" (Geen bestand)
HKLM\...\Print\Monitors\EPSON SX410 Series 64MonitorBE: C:\Windows\system32\E_ILMFCE.DLL [108032 2008-08-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
GroupPolicy: Restrictie ? <==== AANDACHT
Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT

==================== Geplande Taken (gefilterd) =================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {ADF34770-7E88-4D0A-B58E-8A2CADB4C2EF} - \Mozilla\Firefox Background Update 308046B0AF4A39CB -> Geen bestand <==== AANDACHT
Task: {C5FC8A79-1D61-4D0D-8268-A673D3BACF2D} - System32\Tasks\{502F8B20-5232-42FC-985F-6A476AE33100} => C:\Windows\System32\pcalua.exe [88064 2024-08-13] (Microsoft Windows -> Microsoft Corporation) -> -a "K:\DATA (D)\installatie\Mp3 TagTools\mtt-v1.2.exe" -d "K:\DATA (D)\installatie\Mp3 TagTools"
Task: {98A91A42-E2C2-486D-B1A9-D7E8861C3381} - System32\Tasks\{551325D6-1319-4635-9083-43060C7566FC} => C:\Windows\System32\pcalua.exe [88064 2024-08-13] (Microsoft Windows -> Microsoft Corporation) -> -a "K:\DATA (D)\installatie\CoolEditPro\setupcep.EXE" -d "K:\DATA (D)\installatie\CoolEditPro"
Task: {A745C218-E76D-4AF4-A8F3-5E7BBC5185EA} - System32\Tasks\{7499E67B-276F-4194-A5BD-E170D09B9BE5} => C:\Windows\System32\pcalua.exe [88064 2024-08-13] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\CoolPro\coolpro.exe"
Task: {57F6EA91-CC22-415A-9E6D-9D2581626AE4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {7B94742A-FF9E-4F20-B9C0-6C955032D1F0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {3EE2F2F6-8BDB-4B77-838D-4277DBD5F566} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ad5ddb2c-467f-44a1-9b0b-e7475d25bc00" --version "6.28.11297" --silent
Task: {9AC3595A-5717-4F7D-B11B-EB2B69437B2A} - System32\Tasks\CCleanerSkipUAC - Michael => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {66C86A81-90E1-4985-AB63-575BA9151237} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{0F6DAFEF-373E-4108-9BC0-DE64FCF3F6B6} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {4E32D224-CAA8-4CEE-91E2-DAFA3129E992} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2118144 2024-08-06] () [Bestand niet getekend]
Task: {DC28A354-01A9-4A17-A34C-10B23BA0FACC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {1740D211-9C36-4F31-80E4-3CE02FDFC3E7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B4B158C-8660-4D8F-BED1-D9D0F2D4A07C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223200 2024-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {12D522EA-BB24-4286-A0E6-533176B8D4E3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223200 2024-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {66700F3D-2ABE-4082-87B8-8D546CAE53C0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D24F4A6C-D68F-4228-A0D3-396DBF5E0385} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe  /DoActivateWindowsSearch (Geen bestand)
Task: {BD2B3A81-5556-404C-80F1-DD22E14AB662} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe  /DoConfigureInternetTimeService (Geen bestand)
Task: {CCD1963F-9C59-4686-AC1B-2DCDF36F512C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe  /DoRecoveryTasks $(Arg0) (Geen bestand)
Task: {EDCBC82A-6F80-4802-BADA-9E31595766CC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe  /DRMInit (Geen bestand)
Task: {B5F353CE-6293-49C1-8158-8E7C22EB387F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate  $(Arg0) (Geen bestand)
Task: {B74AAF90-FB0B-4517-B743-D7E852ACB11F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate  -crl -hms -pscn 15 (Geen bestand)
Task: {81C9863B-7FA7-4B5B-8724-6D0B80E88929} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -MediaCenterRecoveryTask (Geen bestand)
Task: {AF420AC6-CA29-4854-8452-097F3807D77A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -ObjectStoreRecoveryTask (Geen bestand)
Task: {582CE772-BC1A-4AAE-95A9-612E3F71F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe  /OCURActivate (Geen bestand)
Task: {8B06F82D-A2F9-4620-B1CD-9FE4061DC117} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe  /OCURDiscovery $(Arg0) (Geen bestand)
Task: {D6BDD73A-E61D-4BC5-A3B1-DDEA50ADEDA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe  /PBDADiscovery (Geen bestand)
Task: {E6127866-8945-4453-B377-341872E47C62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe  /wait:7 /PBDADiscovery (Geen bestand)
Task: {803D698F-2E53-48EF-875C-2278DF667F47} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe  -pscn 0 (Geen bestand)
Task: {F0BD0592-FDCA-4385-84FC-E0BD7AFC8AA7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe  -PvrRecoveryTask (Geen bestand)
Task: {C563629E-5497-4215-BC3B-DD04C07296C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe  -PvrSchedule (Geen bestand)
Task: {E0A2C520-6FE9-4E4E-95C8-33B4BE9805D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec  /RestartRecording (Geen bestand)
Task: {45B409AD-034D-4F23-A99B-072DEF830C85} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe  /DoRegisterSearch $(Arg0) (Geen bestand)
Task: {72BBEF92-3230-482B-BB2E-2D66919CAE87} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe  /DoReindexSearchRoot (Geen bestand)
Task: {AD7FAB58-15DC-4E7D-A4E1-60EE5974B9B7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe  /DoUpdateRecordPath $(Arg0) (Geen bestand)
Task: {D4B320E1-B644-466F-ADA3-BC4625A3B84E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {28618A1C-5546-4FE4-B9DA-C80871EF2E7D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3D870BCC-694E-4BB6-9CE9-C6C049D112F4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {1852A9CC-413B-4B64-A75D-C720357ED0E4} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2F0CCBAC-2012-49BA-B597-FFE2097225B5} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {D582BDAC-1A55-40D1-8F74-95C3D0337BB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FD62D49-C918-4650-A0AE-DF6F26BD2340} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42CD91B8-C26D-4E0E-8830-CDF013223EA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C882B83-0CB5-4166-8C84-1D57734066B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80F4E4E9-E1F8-4889-B37D-4849DF0D83A6} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {41CBC3AA-8CEC-4E40-9210-A33FCD45DD10} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3281580978-1972669021-3677266868-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-10-02] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (de data item heeft 6 meer tekens).
Task: {528B9ECB-8185-488F-93CA-F1A60CBACC82} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-10-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {3C8F9C28-B11D-4108-A511-CE9FA497079B} - System32\Tasks\PDRStyleAgent => C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe [99512 2018-11-23] (CyberLink Corp. -> CyberLink Corp.)

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Tcpip\..\Interfaces\{6491D85E-5C53-4B8A-A763-B33FC43E2128}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{88246C3E-2A13-4974-83C9-CA57F3D4EDA5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88246C3E-2A13-4974-83C9-CA57F3D4EDA5}: [DhcpDomain] lan

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-06]
Edge StartupUrls: Default -> "hxxps://www.msn.com/nl-be/financien/markten?ocid=spartandhp","hxxps://www.pc-helpforum.be/"
Edge Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkkdbpgldnmkhcliffjpajcfdjkcaddf [2023-11-19]
Edge Extension: (Ghostery Tracker & Ad Blocker - Privacy AdBlock) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2024-10-02]
Edge Extension: (Offline Documenten) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-10]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-24]
Edge Extension: (Edge relevant text changes) - C:\Users\Michael\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
Edge HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <niet gevonden>

FireFox:
========
FF DefaultProfile: rirla01q.default-1594651925668
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668 [2024-10-07]
FF Notifications: Mozilla\Firefox\Profiles\rirla01q.default-1594651925668 -> hxxps://www.pc-helpforum.be
FF Extension: (Facebook Container) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\@contain-facebook.xpi [2023-07-21]
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\@windscribeff.xpi [2023-11-10]
FF Extension: (Download with Ant Download Manager) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\antffw@antdownloadmanager.com.xpi [2024-05-29]
FF Extension: (eID België) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\belgiumeid@eid.belgium.be.xpi [2021-03-04]
FF Extension: (Privacy Badger) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2024-07-20]
FF Extension: (uBlock Origin) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\uBlock0@raymondhill.net.xpi [2024-10-02]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-06-30]
FF Extension: (Connective signing extension) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\{4f643bc8-78f5-49c6-8efd-78ee30289f0b}.xpi [2023-07-05]
FF Extension: (Video DownloadHelper) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\rirla01q.default-1594651925668\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-09-11]
FF HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Michael\AppData\Roaming\IDM\idmmzcc5 => niet gevonden
FF HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => niet gevonden
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-09] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-10-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [Bestand niet getekend]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-03-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3281580978-1972669021-3677266868-1001: connective.be/BrowserPlugin -> C:\Users\Michael\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Bestand niet getekend]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default [2024-10-07]
CHR StartupUrls: Default -> "hxxps://www.facebook.com/"
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-10-07]
CHR Extension: (Offline Documenten) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-30]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-08-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-09-21]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <niet gevonden>
CHR HKU\S-1-5-21-3281580978-1972669021-3677266868-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.27.5.9039\BVDChromeExt.crx [2024-10-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <niet gevonden>

==================== Services (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Bestand niet getekend]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861048 2024-09-25] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink -> CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink -> CyberLink)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [5751024 2022-03-30] (devolo AG -> devolo AG)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-04] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-10] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 PURE Flow Server; C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe [153176 2010-12-20] (PacketVideo Corporation -> )
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-08-27] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-05-29] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 A38CCID; C:\Windows\system32\DRIVERS\a38ccid.sys [86880 2018-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 CLMirrorDriver; C:\Windows\System32\drivers\CLMirrorDriver.sys [21264 2017-11-13] (CyberLink Corp. -> CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [66040 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [53240 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [23544 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [197624 2016-12-06] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Bestand niet getekend]
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [231504 2024-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-11-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [36496 2022-01-17] (devolo AG -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2021-03-26] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2021-03-26] (MiniTool Solution Ltd -> )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [23200 2016-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [129008 2010-09-23] (CyberLink -> CyberLink)
U3 Sense; geen ImagePath

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een maand (aangemaakt) (gefilterd) =========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2024-10-06 21:02 - 2024-10-07 02:30 - 000000000 ____D C:\FRST
2024-10-02 19:39 - 2024-10-02 20:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-09-28 19:31 - 2024-09-28 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winxvideo AI
2024-09-22 14:06 - 2024-10-06 18:30 - 000004096 ___SH C:\{958D731E-E499-4573-A2D1-99BF52538F43}.CBM
2024-09-11 08:36 - 2024-09-11 08:36 - 000000000 ___HD C:\$WinREAgent

==================== Een maand (gewijzigd) ==================

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2024-10-07 01:36 - 2022-02-27 18:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-07 00:56 - 2024-01-20 22:03 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-07 00:56 - 2020-09-12 16:12 - 000000000 ____D C:\Windows\system32\AMD
2024-10-06 21:18 - 2024-01-20 22:05 - 001977824 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-06 21:18 - 2019-12-07 17:12 - 000861674 _____ C:\Windows\system32\perfh013.dat
2024-10-06 21:18 - 2019-12-07 17:12 - 000188586 _____ C:\Windows\system32\perfc013.dat
2024-10-06 21:18 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-10-06 21:13 - 2024-01-20 22:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-06 21:13 - 2020-09-12 16:46 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-06 21:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-06 21:12 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-10-06 21:12 - 2018-12-18 19:41 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2024-10-06 21:11 - 2014-04-05 00:08 - 000000000 ____D C:\Program Files\CCleaner
2024-10-06 19:03 - 2024-08-31 19:47 - 000000000 ____D C:\Users\Michael\AppData\Roaming\deezer-desktop
2024-10-06 18:56 - 2023-02-01 02:21 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Mp3tag
2024-10-06 18:55 - 2014-04-04 16:22 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Word
2024-10-06 18:52 - 2019-12-08 23:58 - 000000000 ____D C:\Users\Michael\AppData\Local\D3DSCache
2024-10-06 18:48 - 2024-01-20 22:12 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-06 18:48 - 2022-10-11 14:30 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-10-06 18:45 - 2019-05-13 23:05 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Allavsoft
2024-10-06 18:44 - 2023-11-09 21:37 - 000000000 ____D C:\Users\Michael\AppData\Roaming\vlc
2024-10-06 18:39 - 2023-12-04 04:55 - 000000000 ____D C:\Windows\SystemTemp
2024-10-06 18:37 - 2024-01-20 21:41 - 000000000 ____D C:\Users\Michael
2024-10-06 18:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-06 18:25 - 2024-02-14 03:16 - 000000000 ____D C:\Temp
2024-10-06 18:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-06 18:18 - 2020-06-16 20:31 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-06 18:15 - 2024-01-21 13:26 - 000000000 ____D C:\Windows\system32\config\regsave
2024-10-06 18:15 - 2022-04-16 19:42 - 000513024 ___SH C:\EUMONBMP.SYS
2024-10-02 21:48 - 2014-04-04 18:07 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Excel
2024-10-02 20:11 - 2018-10-08 12:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-10-02 19:50 - 2018-03-30 16:28 - 000000000 ____D C:\Users\Michael\AppData\Local\Spotify
2024-10-02 19:49 - 2018-03-30 16:27 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Spotify
2024-10-02 19:42 - 2014-04-03 18:27 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-02 19:39 - 2024-01-20 22:12 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-10-02 19:39 - 2020-07-13 16:52 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-10-02 19:31 - 2016-01-22 22:10 - 000000000 ____D C:\Users\Michael\AppData\Local\ElevatedDiagnostics
2024-09-29 13:47 - 2023-04-21 01:18 - 000000000 ____D C:\Users\Michael\AppData\Local\Malwarebytes
2024-09-29 02:40 - 2019-05-29 16:14 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Digiarty
2024-09-28 20:13 - 2018-05-29 17:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-09-28 19:30 - 2019-05-29 16:14 - 000000000 ____D C:\Program Files (x86)\Digiarty
2024-09-28 19:22 - 2019-05-29 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2024-09-23 22:00 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-09-23 21:35 - 2018-02-20 23:19 - 000000000 ____D C:\Users\Michael\AppData\Roaming\ZHP
2024-09-22 00:40 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2024-09-22 00:39 - 2024-01-20 22:12 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-09-20 17:32 - 2022-09-22 02:01 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-09-20 00:37 - 2024-01-20 22:12 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-09-18 13:24 - 2014-04-22 11:30 - 000000000 ____D C:\Program Files (x86)\Paint Shop Pro 6
2024-09-17 11:53 - 2019-02-20 01:42 - 000000000 ____D C:\Users\Michael\AppData\Roaming\JAM Software
2024-09-17 09:57 - 2019-12-08 17:00 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-09-16 02:45 - 2011-07-18 23:22 - 000000000 ____D C:\ProgramData\Temp
2024-09-14 11:29 - 2024-07-09 17:51 - 000000000 ____D C:\Users\Michael\dwhelper
2024-09-13 02:57 - 2024-01-20 22:12 - 000003268 _____ C:\Windows\system32\Tasks\MiniToolPartitionWizard
2024-09-12 02:50 - 2020-01-20 22:16 - 000021232 _____ (Thesycon GmbH) C:\Windows\system32\Drivers\dpclat_driver.sys
2024-09-12 02:40 - 2020-01-10 19:29 - 000000000 ____D C:\Users\Michael\AppData\Roaming\QtProject
2024-09-11 19:23 - 2022-09-11 11:25 - 000000000 ____D C:\Users\Michael\AppData\Roaming\com.adobe.dunamis
2024-09-11 19:23 - 2014-04-03 19:55 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Adobe
2024-09-11 19:23 - 2014-04-03 19:55 - 000000000 ____D C:\Users\Michael\AppData\Local\Adobe
2024-09-11 11:09 - 2024-01-20 22:03 - 000459984 _____ C:\Windows\system32\FNTCACHE.DAT
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-09-11 11:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2024-09-11 08:47 - 2024-02-14 03:21 - 000419054 __RSH C:\bootmgr
2024-09-11 08:46 - 2024-01-20 22:06 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-09-11 08:36 - 2014-04-03 22:45 - 000000000 ____D C:\Windows\system32\MRT
2024-09-11 08:28 - 2011-07-18 22:31 - 199688632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-09-09 17:48 - 2019-12-08 17:00 - 000000000 ____D C:\Users\Michael\AppData\Local\Packages
2024-09-09 17:11 - 2024-01-20 22:12 - 000003730 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 17:11 - 2024-01-20 22:12 - 000003606 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-08 19:52 - 2024-08-31 19:46 - 000000000 ____D C:\Users\Michael\AppData\Local\deezer-desktop-updater

==================== Bestanden in de root van sommige mappen ========

2021-09-04 20:19 - 2023-08-01 10:26 - 000004922 _____ () C:\Users\Michael\AppData\Roaming\.BEID_0.log
2016-10-18 15:18 - 2016-10-18 15:18 - 000038453 _____ () C:\Users\Michael\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (DOS).ADR
2020-04-30 19:21 - 2024-05-10 18:12 - 000010240 _____ () C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2024-06-03 03:59 - 2024-06-03 03:59 - 001065984 _____ () C:\Users\Michael\AppData\Local\file__0.localstorage
2015-11-05 03:23 - 2015-11-05 03:23 - 000000001 _____ () C:\Users\Michael\AppData\Local\llftool.4.40.agreement
2015-04-08 14:49 - 2023-11-16 01:32 - 000007611 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

==================== Einde van FRST.txt ========================