Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 10-06-2022 01 Gestart door ronkr (Beheerder) op LAPTOP_RON2 (Acer Aspire ZC-602) (10-06-2022 12:25:16) Gestart vanaf C:\Users\ronkr\Desktop Geladen Profielen: ronkr & MSSQL$MSSQLSERVER02 & SQLTELEMETRY$MSSQLSERVER01 & SQLTELEMETRY$SQLEXPRESS & SQLTELEMETRY & SQLSERVERAGENT & MSSQL$SQLEXPRESS & MSSQLSERVER & MSSQL$MSSQLSERVER01 & SQLTELEMETRY$MSSQLSERVER02 & Platform: Microsoft Windows 10 Home Versie 21H2 19044.1741 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Edge Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (ABN AMRO Bank N.V. -> ABN AMRO Bank N.V.) C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe (C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ->) (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\150.4.5000\QtWebEngineProcess.exe <2> (C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Bestand niet getekend] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2> (C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (cmd.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe <3> (cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe (cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (explorer.exe ->) (Rainy -> ) C:\Program Files\Rainlendar2\Rainlendar2.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <5> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (ABN AMRO Bank N.V. -> ABN AMRO Bank N.V.) C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwssvr.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (GameHouse Europe B.V. -> RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Magic Control Technology Corp. -> ) C:\Windows\System32\GManager.exe (services.exe ->) (Magic Control Technology Corp. -> ) C:\Windows\System32\U2VSvr.exe (services.exe ->) (Magic Control Technology Corp. -> ) C:\Windows\System32\U2VT2Svr.exe (services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\McCSPServiceHost.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3> (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_22_2\mcapexe.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER02\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (McAfee, Inc. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe (svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (TeamViewer Germany GmbH -> TeamViewer) C:\Program Files (x86)\TeamViewer\Update-20210602T191009\update.exe (U2VSvr.exe ->) (Magic Control Technology Corp. -> Magic Control Technology Corporation) C:\Windows\System32\MTri1+64.exe (U2VT2Svr.exe ->) (Magic Control Technology Corp. -> Magic Control Technology Corporation) C:\Windows\System32\MTrigger2.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3125896 2018-05-18] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [Util] => C:\WINDOWS\system32\Util.exe [195200 2011-05-04] (Magic Control Technology Corp. -> ) HKLM\...\Run: [Util-MTrigger2] => C:\WINDOWS\system32\Util-MTrigger2.exe [261760 2011-05-04] (Magic Control Technology Corp. -> ) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM-x32\...\Run: [Becwsupa] => C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwsupa.exe [162952 2021-07-07] (ABN AMRO Bank N.V. -> ABN AMRO Bank N.V.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10586448 2022-06-07] (Dropbox, Inc -> Dropbox, Inc.) HKLM\...\RunOnce: [!BGAStartMSILauncher] => C:\Program Files (x86)\Microsoft\BingSvc\BGAStartMSILauncher.EXE [99760 2022-06-03] (Microsoft Corporation -> © 2022 Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrictie <==== AANDACHT HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrictie <==== AANDACHT HKU\S-1-5-21-2064019370-3674348682-745822664-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [3097640 2015-11-13] (Rainy -> ) HKU\S-1-5-21-2064019370-3674348682-745822664-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2064019370-3674348682-745822664-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Geen bestand) HKU\S-1-5-21-2064019370-3674348682-745822664-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\ronkr\AppData\Local\Microsoft\Teams\Update.exe [2459344 2021-12-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2064019370-3674348682-745822664-1001\...\Run: [MicrosoftEdgeAutoLaunch_A5962BA5D91312AB0AD00B3A8C04BDA3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-03] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2064019370-3674348682-745822664-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-02-15] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-03] (Google LLC -> Google LLC) ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {1E4CD31A-01BA-4506-8CA1-004CBA1636E3} - System32\Tasks\{0358ABCE-378B-F9FA-4858-01CFE7743816}\gudanabo => C:\Users\ronkr\AppData\Local\Bocil\gudanabo.exe /Check (Geen bestand) Task: {2B1A14BB-BF0A-4DDE-BC34-9D133F6917E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-03] (Google Inc -> Google LLC) Task: {300B6CA9-2DFD-459C-9D6D-08847C34E6FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-03] (Google Inc -> Google LLC) Task: {30B8EAC8-20F0-44B7-ADBA-84E5C8E3B455} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {3BA3847A-2170-4782-B850-71AAE332C536} - System32\Tasks\CCleanerSkipUAC - ronkr => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd) Task: {47D47476-30FA-4B65-AF1D-36189AF8BCF5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {4A4C2BEE-BF7B-469E-89F4-D3342C11355C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {57C86E00-51C9-4E70-BC8A-9844AE63EB32} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {66D94AA4-AF7C-47DE-80AB-873F062DD8C1} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4089168 2022-02-08] (McAfee, LLC -> McAfee, LLC) Task: {6D6186E6-053E-4ECB-A4CC-6407FF2A3C82} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {80A8AB4C-3DDB-49A8-9F18-76BAA9240A86} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {80B9658C-D2E0-4259-85DE-F64DBCE1E9CA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {AFA083BA-09F8-43BE-8787-7AE3C66D8F41} - System32\Tasks\TVInstallRestore => C:\Program [Argument = Files (x86)\TeamViewer\Update-20210602T191009\update.exe /RESTORE] Task: {B122FE29-23D3-4620-B2B3-136988A9D61D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-02-15] (Garmin International, Inc. -> ) "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" is ontgrendeld. <==== AANDACHT Task: {B41A8358-F844-4B6D-B216-AB74D1D21A62} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [926064 2022-02-18] (McAfee, LLC -> McAfee, LLC) Task: {CD9B1CB4-EDC6-43AA-B965-7B9592BDCF51} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-26] (McAfee, Inc. -> McAfee, LLC.) Task: {DF511F41-9E16-487C-9207-10C82C220441} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {E5FB5AEB-2056-4A7C-A07E-3EA72859DC35} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [768288 2022-03-24] (McAfee, LLC -> McAfee, LLC) Task: {EB5E56AD-4242-410E-B881-C7B65746AEF1} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [926064 2022-02-18] (McAfee, LLC -> McAfee, LLC) Task: {F50B141A-4674-43FD-9EA8-3878480F7971} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 213.46.228.196 62.179.104.196 Tcpip\..\Interfaces\{d370bb89-66fa-4245-be4e-680f8eebcd58}: [DhcpNameServer] 213.46.228.196 62.179.104.196 Tcpip\..\Interfaces\{de0468e7-d7b3-4e34-a609-e9272ecc7762}: [DhcpNameServer] 62.179.104.196 213.46.228.196 Edge: ======= DownloadDir: C:\Users\ronkr\Downloads Edge Session Restore: HKU\S-1-5-21-2064019370-3674348682-745822664-1001 -> is ingeschakeld. Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge DefaultProfile: Default Edge Profile: C:\Users\ronkr\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-10] Edge Notifications: Default -> hxxps://business.facebook.com; hxxps://spele.nl; hxxps://teams.microsoft.com; hxxps://www.facebook.com; hxxps://www.volkskrant.nl; hxxps://www.youtube.com Edge HomePage: Default -> hxxp://ziggo.nl/ Edge StartupUrls: Default -> "hxxp://www.ziggo.nl/" Edge Extension: (McAfee® WebAdvisor) - C:\Users\ronkr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2022-05-10] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ronkr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-09] Edge Profile: C:\Users\ronkr\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-05-13] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: nn6xkqde.default-1612172966055 FF ProfilePath: C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055 [2022-05-13] FF Homepage: Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055 -> hxxps://www.ziggo.nl/ FF Extension: (Grammarly for Firefox) - C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2021-02-01] FF Extension: (Facebook Container) - C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055\Extensions\@contain-facebook.xpi [2021-02-01] FF Extension: (Cookie AutoDelete) - C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055\Extensions\CookieAutoDelete@kennydo.com.xpi [2021-02-01] FF Extension: (Enhancer for YouTube™) - C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2021-02-01] FF Extension: (Soft Aqua) - C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055\Extensions\{17378f9c-a793-4700-aee6-40eb33485e70}.xpi [2021-02-01] FF Extension: (Logitech SetPoint) - C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2021-02-01] FF Extension: (A TROPICAL STATE OF MIND) - C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055\Extensions\{988112b9-e52e-40e9-88cf-69a7924185ea}.xpi [2021-02-01] FF Extension: (DownThemAll!) - C:\Users\ronkr\AppData\Roaming\Mozilla\Firefox\Profiles\nn6xkqde.default-1612172966055\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2021-02-01] FF HKLM\...\Firefox\Extensions: [{EF0645D5-78D6-4B33-BC45-95B1874977AF}] - C:\Program Files\McAfee\WebAdvisor\e10swbffplg.xpi FF Extension: (McAfee® Web Boost) - C:\Program Files\McAfee\WebAdvisor\e10swbffplg.xpi [2021-12-07] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-08-26] [niet getekend] FF HKLM-x32\...\Firefox\Extensions: [{EF0645D5-78D6-4B33-BC45-95B1874977AF}] - C:\Program Files\McAfee\WebAdvisor\e10swbffplg.xpi FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2022-04-26] (McAfee, LLC -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2022-04-26] (McAfee, LLC -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @vlcstreamer.com/VLCStreamer Update;version=3 -> C:\Program Files (x86)\VLCStreamer\Update\1.3.99.0\npVLCStreamerUpdate3.dll [Geen bestand] FF Plugin-x32: @vlcstreamer.com/VLCStreamer Update;version=9 -> C:\Program Files (x86)\VLCStreamer\Update\1.3.99.0\npVLCStreamerUpdate3.dll [Geen bestand] Chrome: ======= CHR Profile: C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default [2022-06-07] CHR DefaultSearchURL: Default -> hxxps://nl.search.yahoo.com/search?fr=mcafee&type=E211NL0G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSuggestURL: Default -> hxxps://nl.search.yahoo.com/sugg/gossip/gossip-nl-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Extension: (Presentaties) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-24] CHR Extension: (Documenten) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-24] CHR Extension: (Google Drive) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-24] CHR Extension: (Adobe Acrobat: tools voor PDF's bewerken, converteren en ondertekenen) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-05-13] CHR Extension: (Spreadsheets) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-24] CHR Extension: (McAfee® WebAdvisor) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-05-13] CHR Extension: (Offline Documenten) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-13] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-13] CHR Extension: (McAfee® Web Boost) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2022-01-24] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-24] CHR Extension: (Gmail) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-24] CHR Profile: C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default_Old [2022-05-13] <==== AANDACHT CHR StartupUrls: Default_Old -> "hxxps://www.google.com/" CHR DefaultSearchURL: Default_Old -> hxxps://nl.search.yahoo.com/search?fr=mcafee&type=E211NL0G0&p={searchTerms} CHR DefaultSearchKeyword: Default_Old -> McAfee CHR DefaultSuggestURL: Default_Old -> hxxps://nl.search.yahoo.com/sugg/gossip/gossip-nl-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Extension: (Adobe Acrobat) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-08-18] CHR Extension: (McAfee® WebAdvisor) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-08-18] CHR Extension: (McAfee® Web Boost) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\klekeajafkkpokaofllcadenjdckhinm [2021-08-18] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\ronkr\AppData\Local\Google\Chrome\User Data\Default_Old\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-18] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) R2 becwssvr; C:\Program Files (x86)\ABN AMRO e.dentifier2\wss\becwssvr.exe [1960072 2021-07-07] (ABN AMRO Bank N.V. -> ABN AMRO Bank N.V.) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [45408 2022-06-07] (Dropbox, Inc -> Dropbox, Inc.) R2 GManager; C:\WINDOWS\system32\GManager.exe [310648 2011-08-31] (Magic Control Technology Corp. -> ) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8347832 2022-04-26] (Malwarebytes Inc -> Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [805808 2022-06-10] (McAfee, LLC -> McAfee, LLC) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_22_2\McApExe.exe [812536 2022-04-26] (McAfee, LLC -> McAfee, LLC) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.1.104.0\\McCSPServiceHost.exe [3378048 2022-02-17] (McAfee, LLC -> McAfee, LLC) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1217800 2022-02-04] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1217800 2022-02-04] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1217800 2022-02-04] (McAfee, Inc. -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1548296 2022-04-04] (McAfee, LLC -> McAfee, LLC) S2 MSSQL$MSSQLSERVER01; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\sqlservr.exe [478096 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) S2 MSSQL$MSSQLSERVER02; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER02\MSSQL\Binn\sqlservr.exe [478096 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [386440 2021-08-07] (Microsoft Corporation -> Microsoft Corporation) S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [478096 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (GameHouse Europe B.V. -> RealNetworks, Inc.) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4235968 2022-02-19] (McAfee, LLC -> McAfee, LLC) S3 SQLAgent$MSSQLSERVER01; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\SQLAGENT.EXE [571792 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) S3 SQLAgent$MSSQLSERVER02; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER02\MSSQL\Binn\SQLAGENT.EXE [571792 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [559520 2021-08-07] (Microsoft Corporation -> Microsoft Corporation) S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [571792 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [245648 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY$MSSQLSERVER01; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER01\MSSQL\Binn\sqlceip.exe [245648 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY$MSSQLSERVER02; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER02\MSSQL\Binn\sqlceip.exe [245648 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL13.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [251288 2021-08-07] (Microsoft Corporation -> Microsoft Corporation) R2 U2VSvr; C:\WINDOWS\system32\U2VSvr.exe [272512 2011-05-04] (Magic Control Technology Corp. -> ) R2 U2VT2Svr; C:\WINDOWS\system32\U2VT2Svr.exe [272512 2011-06-27] (Magic Control Technology Corp. -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation) S2 vs; "C:\Program Files (x86)\VLCStreamer\Update\VLCStreamerUpdate.exe" /svc [X] S3 vsm; "C:\Program Files (x86)\VLCStreamer\Update\VLCStreamerUpdate.exe" /medsvc [X] ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [72224 2022-02-09] (McAfee, Inc. -> McAfee, LLC) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [469528 2022-02-09] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [344088 2022-02-09] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83400 2022-02-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [439320 2022-02-09] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [911904 2022-02-09] (McAfee, Inc. -> McAfee, LLC) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [645656 2022-02-10] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [111136 2022-02-10] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [107040 2022-02-09] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [228888 2022-02-09] (McAfee, Inc. -> McAfee, LLC) S4 RsFx0422; C:\WINDOWS\System32\DRIVERS\RsFx0422.sys [254792 2021-07-29] (Microsoft Corporation -> Microsoft Corporation) S4 RsFx0501; C:\WINDOWS\System32\DRIVERS\RsFx0501.sys [261784 2020-11-03] (Microsoft Corporation -> Microsoft Corporation) S3 T1PExGrp64; C:\WINDOWS\System32\drivers\T1PExGrp64.sys [33920 2011-08-04] (Magic Control Technology Corp. -> Magic Control Technology Corp.) S3 T1PMrGrp64; C:\WINDOWS\System32\drivers\T1PMrGrp64.sys [35968 2011-08-04] (Magic Control Technology Corp. -> Magic Control Technology Corp.) S3 t1pusb64; C:\WINDOWS\system32\drivers\t1pusb64.sys [172544 2011-08-04] (Magic Control Technology Corp. -> Magic Control Technology Corp.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation) S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X] S3 mfeaack01; \Device\mfeaack01.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-06-10 12:25 - 2022-06-10 12:27 - 000034112 _____ C:\Users\ronkr\Desktop\FRST.txt 2022-06-10 12:24 - 2022-06-10 12:24 - 000000000 ____D C:\Users\ronkr\Desktop\FRST-OlderVersion 2022-06-10 12:23 - 2022-06-10 12:23 - 000000000 ____D C:\Users\ronkr\Downloads\FRST-OlderVersion 2022-06-10 11:43 - 2022-06-10 12:23 - 002368000 _____ (Farbar) C:\Users\ronkr\Downloads\FRST64.exe 2022-06-10 08:56 - 2022-06-10 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2022-06-09 07:16 - 2022-06-09 07:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-06-08 07:58 - 2022-06-08 07:58 - 000000000 ___HD C:\$WINDOWS.~BT 2022-06-07 01:42 - 2022-06-07 01:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-06-07 01:42 - 2022-06-07 01:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-06-07 01:42 - 2022-06-07 01:42 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-06-07 01:42 - 2022-06-07 01:42 - 000045408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-06-04 11:05 - 2022-06-04 11:05 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-06-04 11:04 - 2022-06-04 11:04 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2022-06-03 17:32 - 2022-06-03 17:32 - 000000000 ___HD C:\$WinREAgent 2022-05-25 08:27 - 2022-05-25 08:28 - 000491426 _____ C:\Users\ronkr\Downloads\crop_2022-05-25_De_Gelderlander_-_Achterhoek_-_25-05-2022_54.pdf 2022-05-24 16:42 - 2022-05-24 16:42 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll 2022-05-24 16:40 - 2022-05-24 16:40 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-05-24 16:39 - 2022-05-24 16:39 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-05-18 21:26 - 2022-05-18 21:26 - 000115749 _____ C:\Users\ronkr\Downloads\kalender-2022.pdf 2022-05-13 09:18 - 2022-05-13 09:18 - 000000000 ____D C:\ProgramData\Piriform ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-06-10 12:26 - 2019-10-16 08:12 - 000000000 ____D C:\FRST 2022-06-10 12:24 - 2021-03-18 12:18 - 002368000 _____ (Farbar) C:\Users\ronkr\Desktop\FRST64.exe 2022-06-10 12:22 - 2020-07-12 21:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-06-10 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-10 12:16 - 2018-02-08 17:08 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-10 11:07 - 2019-09-06 10:55 - 000000000 ____D C:\Users\ronkr\AppData\Roaming\vlc 2022-06-10 10:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-06-10 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-06-10 08:23 - 2020-07-12 22:41 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E926694A-9679-4F3C-B05A-5F2B55333D2F} 2022-06-10 08:23 - 2020-02-02 11:38 - 000000000 ____D C:\Users\ronkr\AppData\Local\Dropbox 2022-06-10 08:22 - 2020-03-26 19:37 - 000000000 ____D C:\Program Files\CCleaner 2022-06-10 08:21 - 2018-08-26 13:29 - 000000000 ____D C:\Users\Public\Logi 2022-06-10 08:20 - 2018-02-06 13:06 - 000000000 ____D C:\Users\ronkr\.rainlendar2 2022-06-10 08:19 - 2018-02-05 12:36 - 000000000 __SHD C:\Users\ronkr\IntelGraphicsProfiles 2022-06-09 17:13 - 2021-01-26 16:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2022-06-09 07:17 - 2020-02-02 11:38 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-06-08 09:48 - 2018-03-06 10:04 - 000002712 _____ C:\WINDOWS\system32\GManager.ini 2022-06-08 09:47 - 2020-07-12 22:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-06-08 09:47 - 2020-07-12 21:45 - 000008192 ___SH C:\DumpStack.log.tmp 2022-06-08 09:33 - 2020-07-12 21:50 - 000000000 ____D C:\Users\SQLTELEMETRY$SQLEXPRESS 2022-06-08 09:33 - 2020-07-12 21:50 - 000000000 ____D C:\Users\SQLTELEMETRY$MSSQLSERVER02 2022-06-08 09:33 - 2020-07-12 21:50 - 000000000 ____D C:\Users\SQLTELEMETRY$MSSQLSERVER01 2022-06-08 09:33 - 2020-07-12 21:50 - 000000000 ____D C:\Users\SQLTELEMETRY 2022-06-08 09:33 - 2020-07-12 21:50 - 000000000 ____D C:\Users\MSSQLSERVER 2022-06-08 09:33 - 2020-07-12 21:50 - 000000000 ____D C:\Users\MSSQL$SQLEXPRESS 2022-06-08 09:33 - 2020-07-12 21:50 - 000000000 ____D C:\Users\MSSQL$MSSQLSERVER02 2022-06-08 09:33 - 2020-07-12 21:50 - 000000000 ____D C:\Users\MSSQL$MSSQLSERVER01 2022-06-08 09:33 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-06-08 08:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-06-08 08:00 - 2020-06-11 16:26 - 000000000 ___DC C:\WINDOWS\Panther 2022-06-07 11:30 - 2018-02-05 14:58 - 000000000 ____D C:\Users\Uitwisselbestanden 2022-06-07 11:29 - 2018-02-07 14:02 - 000000000 ____D C:\Users\ronkr\Documents\Outlook-bestanden 2022-06-07 11:28 - 2018-02-05 12:06 - 000000000 ____D C:\Users\ronkr\AppData\Local\Packages 2022-06-05 09:07 - 2020-05-22 10:33 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-06-05 09:07 - 2020-05-22 10:33 - 000002290 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-06-05 08:19 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-06-04 11:50 - 2020-07-12 22:03 - 003072902 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-06-04 11:50 - 2019-12-07 17:12 - 001237716 _____ C:\WINDOWS\system32\perfh013.dat 2022-06-04 11:50 - 2019-12-07 17:12 - 000338506 _____ C:\WINDOWS\system32\perfc013.dat 2022-06-04 11:43 - 2020-07-12 21:46 - 000446416 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-06-04 11:38 - 2019-12-07 17:15 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-06-04 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-06-04 11:38 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-06-04 11:02 - 2020-07-12 21:51 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-06-03 16:32 - 2021-07-03 15:29 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-06-03 16:32 - 2021-07-03 15:29 - 000002230 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-06-03 15:38 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-05-30 07:20 - 2021-06-04 10:18 - 000000000 ____D C:\Users\ronkr\AppData\Local\CrashDumps 2022-05-29 10:12 - 2018-07-18 15:57 - 000000000 ____D C:\ProgramData\Packages 2022-05-29 10:06 - 2019-12-10 15:00 - 000000000 ____D C:\Program Files\Microsoft Office 2022-05-19 13:15 - 2018-02-06 21:50 - 000000000 ____D C:\Program Files\Common Files\McAfee 2022-05-19 13:14 - 2021-01-26 16:50 - 000003350 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon 2022-05-17 18:01 - 2018-03-06 14:48 - 000000000 ____D C:\ProgramData\firebird 2022-05-14 14:18 - 2018-02-06 13:02 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-05-13 09:15 - 2021-07-03 15:28 - 000000000 ____D C:\Program Files\Google 2022-05-13 07:51 - 2020-07-12 22:41 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-05-11 13:59 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-05-11 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-05-11 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-05-11 13:18 - 2020-07-12 21:50 - 000000000 ____D C:\Users\ronkr 2022-05-11 11:57 - 2018-02-05 17:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-05-11 11:56 - 2020-07-12 21:50 - 000000000 ____D C:\Users\SQLTELEMETRY$IMUISSQL 2022-05-11 11:56 - 2020-07-12 21:50 - 000000000 ____D C:\Users\SQLSERVERAGENT 2022-05-11 11:56 - 2020-07-12 21:50 - 000000000 ____D C:\Users\MSSQL$IMUISSQL 2022-05-11 11:51 - 2018-02-05 17:12 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Bestanden in de root van sommige mappen ======== 2020-08-07 16:32 - 2018-04-09 16:54 - 013677800 _____ (Google) C:\Users\Uitwisselbestanden\picasa.exe 2019-10-01 12:34 - 2019-10-01 12:34 - 009256960 _____ () C:\Program Files (x86)\GUT3DEE.tmp 2019-03-30 15:10 - 2019-03-30 15:10 - 007505920 _____ () C:\Program Files (x86)\GUT8059.tmp 2019-05-21 19:22 - 2019-05-21 19:22 - 006922240 _____ () C:\Program Files (x86)\GUTCEAE.tmp 2022-01-24 16:27 - 2022-01-25 18:34 - 000052345 _____ () C:\Users\ronkr\AppData\Roaming\Door komma's gescheiden waarden.ADR 2018-03-08 11:52 - 2018-03-08 11:52 - 000000074 _____ () C:\Users\ronkr\AppData\Roaming\FotoGeoTag.dat 2018-03-07 11:27 - 2022-03-04 17:26 - 000000050 _____ () C:\Users\ronkr\AppData\Roaming\GMTK.conf 2018-03-07 11:46 - 2019-09-11 17:42 - 000000062 _____ () C:\Users\ronkr\AppData\Roaming\jdm.conf 2018-03-07 11:25 - 2019-10-14 17:06 - 000000434 _____ () C:\Users\ronkr\AppData\Roaming\RTWtool.dat ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================