Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 02-12-2020 Gestart door dolphix64 (Beheerder) op DOLPHIX-64 (MSI MS-7721) (03-12-2020 21:45:01) Gestart vanaf F:\downloadmap Geladen Profielen: dolphix64 Platform: Windows 10 Pro Versie 1909 18363.1198 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <26> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2> (Wisdom Software Inc.) [Bestand niet getekend] C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\ScreenHunter.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Acronis Ransomware Protection] => C:\Program Files (x86)\Acronis\Ransomware Protection\ARPTray.exe [670736 2018-12-14] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [M-Audio Taskbar Icon] => C:\Windows\SysWOW64\DeltaIITray.exe [237872 2012-01-25] (Avid Technology, Inc. -> ) HKLM-x32\...\Run: [SeePassword] => F:\onderhoudcd\SeePassword v2.05\SeePassword.ex HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0 HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== AANDACHT HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINDE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation) HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [NoPreviewPane] 0 HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [HideSCANetwork] 0 HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [HideSCAVolume] 0 HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [NoWinkeys] 0 HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-426564685-3164718464-572237810-1001\...\Policies\Explorer: [NoViewContextMenu] 0 HKLM\...\Print\Monitors\EPSON XP-422 423 425 Series 64MonitorBE: C:\Windows\system32\E_YLMBNDE.DLL [179712 2013-12-06] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\SysWOW64\advpack.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation) GroupPolicy: Restrictie ? <==== AANDACHT Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {09AF4E6E-022E-4A0A-88C7-05950FBE29C0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {11F6FDC5-1412-4A34-9216-6164F9DE8A7E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {183BDC6A-C024-4B31-A993-CDA1AEF43220} - System32\Tasks\EPSON XP-422 423 425 Series Update {6CB31C30-EDBD-4230-8B29-ADCAB7126C21} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {1DB4011A-6E7D-41A0-89CD-C70830A92761} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-03] (Google Inc -> Google LLC) Task: {334165A9-9578-4559-AEDF-F8A92527DDFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3692CE6D-614A-4677-9083-3DF23DD0C788} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5C967DA1-31A4-4950-9E16-2DF84CD4763C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6760FE54-9CBC-4D1B-9011-12B0A7CB313D} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [170784 2019-10-24] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) Task: {95F865A2-D2C5-49A0-B678-4BFC16C8F941} - System32\Tasks\EPSON XP-422 423 425 Series Update {52B9B2D1-59D3-420E-B4C5-8BF090E6C737} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNDE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {A0CAEB95-B082-450A-ABA4-0F4F8A9918F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B094EC13-78F4-4546-AB81-1BEE1B8E4AA5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B48E27BF-04C5-4009-97ED-F8C94AC2ED1B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_pepper.exe [1497656 2020-10-18] (Adobe Inc. -> Adobe) Task: {C07FDADE-D5A6-4ED5-82BB-968708B0DB28} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation) Task: {D6C1011F-3239-4E11-BBBB-F4A3E9F1A5E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-03] (Google Inc -> Google LLC) Task: {E6BF2AE7-8C6B-4A4A-AB9D-C064B8AA080B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-18] (Mozilla Corporation -> Mozilla Foundation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{033742f4-c5ec-4090-b5b3-560f87ce58d7}: [DhcpNameServer] 192.168.3.1 Tcpip\..\Interfaces\{26818489-a2bd-46b2-9809-29db9deee78d}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{26818489-a2bd-46b2-9809-29db9deee78d}: [DhcpNameServer] 192.168.3.1 FireFox: ======== FF DefaultProfile: w6pfpgea.default FF ProfilePath: C:\Users\dolphix64\AppData\Roaming\Mozilla\Firefox\Profiles\w6pfpgea.default [2019-07-06] FF ProfilePath: C:\Users\dolphix64\AppData\Roaming\Mozilla\Firefox\Profiles\w8n0vtsd.default-release [2020-12-03] FF Homepage: Mozilla\Firefox\Profiles\w8n0vtsd.default-release -> hxxps://www.google.nl/ FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Software Incorporated -> Foxit Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default [2020-12-03] CHR Notifications: Default -> hxxps://www.volkskrant.nl CHR HomePage: Default -> hxxp://google.nl/ CHR Extension: (Presentaties) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-03] CHR Extension: (Documenten) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-03] CHR Extension: (Google Drive) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25] CHR Extension: (YouTube) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-03] CHR Extension: (Spreadsheets) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-03] CHR Extension: (Offline Documenten) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25] CHR Extension: (Chrome Media Router) - C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-24] CHR Profile: C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-09-16] CHR Profile: C:\Users\dolphix64\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-16] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-12-04] (Acronis International GmbH -> Acronis International GmbH) S3 ARPApplicationService; C:\Program Files (x86)\Acronis\Ransomware Protection\Service\arp-cloudusage.exe [25104 2018-12-14] (Acronis International GmbH -> ) S3 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper 5.7.0\ABService.exe [889384 2020-04-18] (AOMEI International Network Limited -> AOMEI Tech Co., Ltd.) S3 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (SEIKO EPSON Corporation -> Seiko Epson Corporation) S3 Everything; C:\Program Files\Everything\Everything.exe [2254152 2020-08-05] (voidtools -> voidtools) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-27] (Malwarebytes Inc -> Malwarebytes) S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [178976 2019-10-24] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2020-11-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-01-21] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation) R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [667144 2019-07-09] (Acronis International GmbH -> Acronis International GmbH) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MpKsl7064ef58; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CBD6444-CAC3-45FA-8DF8-6AE5698DDD71}\MpKslDrv.sys [47336 2020-12-03] (Microsoft Windows -> Microsoft Corporation) R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [180368 2017-06-14] (RH Software -> Ray Hinchliffe) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2020-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [429288 2020-11-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-06] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-12-03 16:55 - 2020-12-03 17:04 - 000170282 _____ C:\Windows\ntbtlog.txt 2020-12-03 12:20 - 2020-12-03 12:20 - 000000000 ___HD C:\$Windows.~WS 2020-12-02 18:23 - 2020-12-03 13:41 - 000000000 ____D C:\ESD 2020-11-24 14:41 - 2020-11-24 14:42 - 000000000 ____D C:\Windows\LastGood.Tmp 2020-11-24 11:46 - 2020-11-24 11:46 - 000000000 ____D C:\Users\dolphix64\AppData\Local\ESET 2020-11-18 17:46 - 2020-11-18 17:46 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2020-11-15 19:14 - 2020-11-15 19:14 - 001021483 _____ C:\Users\dolphix64\AppData\Local\census.cache 2020-11-15 19:13 - 2020-11-15 19:13 - 000440360 _____ C:\Users\dolphix64\AppData\Local\ars.cache 2020-11-15 18:26 - 2020-11-15 18:26 - 000000010 _____ C:\Users\dolphix64\AppData\Local\sponge.last.runtime.cache 2020-11-15 18:22 - 2020-11-15 18:22 - 000000000 ____D C:\Windows\Trend Micro 2020-11-15 18:19 - 2020-11-15 18:19 - 000000036 _____ C:\Users\dolphix64\AppData\Local\housecall.guid.cache 2020-11-15 18:11 - 2020-11-15 18:11 - 000000000 ____D C:\Users\dolphix64\AppData\Local\cache 2020-11-11 18:44 - 2020-11-11 18:44 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2020-11-11 18:44 - 2020-11-11 18:44 - 001101312 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin 2020-11-11 18:44 - 2020-11-11 18:44 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2020-11-11 18:43 - 2020-11-11 18:43 - 000200704 _____ C:\Windows\system32\IHDS.dll 2020-11-11 18:43 - 2020-11-11 18:43 - 000164864 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe 2020-11-08 16:37 - 2020-11-08 16:37 - 000000000 ____D C:\Users\dolphix64\AppData\Roaming\4kdownload.com 2020-11-06 20:09 - 2020-11-06 20:09 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder 2020-11-06 20:03 - 2020-11-06 20:03 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms 2020-11-06 18:33 - 2020-11-06 18:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\PeerDistRepub 2020-11-05 12:48 - 2020-11-05 12:48 - 000000000 ____D C:\Users\Public\Foxit Software ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-12-03 21:45 - 2020-05-17 14:20 - 000000000 ____D C:\FRST 2020-12-03 21:32 - 2019-07-03 22:11 - 000000000 ____D C:\Users\dolphix64\AppData\Roaming\vlc 2020-12-03 20:36 - 2019-07-03 15:25 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-12-03 18:16 - 2019-07-04 16:39 - 000000000 ____D C:\Users\dolphix64\AppData\LocalLow\Mozilla 2020-12-03 18:05 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-03 17:59 - 2019-07-03 15:37 - 001771852 _____ C:\Windows\system32\PerfStringBackup.INI 2020-12-03 17:59 - 2019-03-19 13:34 - 000786144 _____ C:\Windows\system32\perfh013.dat 2020-12-03 17:59 - 2019-03-19 13:34 - 000154174 _____ C:\Windows\system32\perfc013.dat 2020-12-03 17:59 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF 2020-12-03 17:57 - 2019-07-03 16:20 - 000000000 ____D C:\Program Files\CCleaner 2020-12-03 17:55 - 2019-07-03 15:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-12-03 17:50 - 2019-03-19 05:37 - 000524288 _____ C:\Windows\system32\config\BBI 2020-12-03 17:38 - 2020-02-21 16:46 - 000000000 ____D C:\Users\dolphix64\AppData\Roaming\RegistryFinder 2020-12-03 17:04 - 2020-09-24 13:48 - 000000000 ____D C:\Users\dolphix64\AppData\Roaming\Everything 2020-12-03 17:04 - 2020-09-24 13:48 - 000000000 ____D C:\Users\dolphix64\AppData\Local\Everything 2020-12-03 16:55 - 2019-07-06 17:30 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2020-12-03 16:33 - 2019-07-03 16:20 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-12-03 13:38 - 2019-07-03 16:24 - 000000000 ____D C:\Windows\Panther 2020-12-03 11:50 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-03 11:50 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\AppReadiness 2020-12-03 09:39 - 2019-07-03 15:44 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-03 09:39 - 2019-07-03 15:44 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-12-03 09:35 - 2020-09-29 16:52 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-03 09:35 - 2020-04-07 10:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-11-28 18:07 - 2019-09-30 16:18 - 000000809 _____ C:\Users\Public\Desktop\Sigil.lnk 2020-11-28 18:07 - 2019-09-30 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigil 2020-11-28 18:07 - 2019-09-30 16:17 - 000000000 ____D C:\Program Files\Sigil 2020-11-24 17:01 - 2019-07-08 10:14 - 000000000 ____D C:\Users\dolphix64\AppData\Local\CrashDumps 2020-11-24 14:44 - 2019-08-17 20:49 - 000000000 ____D C:\Temp 2020-11-24 14:41 - 2020-04-21 10:16 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2020-11-24 14:41 - 2019-07-03 15:40 - 000000000 ____D C:\Users\dolphix64 2020-11-24 14:39 - 2020-10-01 13:54 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2020-11-24 14:39 - 2020-09-29 16:50 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-11-24 14:39 - 2020-07-11 11:55 - 000000000 ____D C:\Users\Administrator 2020-11-24 14:39 - 2020-04-21 10:16 - 000000000 ____D C:\Windows\system32\DAX3 2020-11-24 14:39 - 2020-04-21 10:16 - 000000000 ____D C:\Windows\system32\DAX2 2020-11-24 14:39 - 2020-04-21 10:16 - 000000000 ____D C:\ProgramData\Audyssey Labs 2020-11-24 14:39 - 2019-07-05 16:35 - 000000000 ____D C:\Users\dolphix64\Notepad2 2020-11-24 14:39 - 2019-07-03 22:15 - 000000000 ____D C:\Users\dolphix64\AppData\Local\Spotify 2020-11-24 14:39 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\Help 2020-11-24 14:36 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\registration 2020-11-24 14:35 - 2020-10-03 15:11 - 000000000 ____D C:\ProgramData\Anicesoft 2020-11-24 10:29 - 2019-10-06 11:54 - 000000000 ____D C:\Users\dolphix64\AppData\Local\PlaceholderTileLogoFolder 2020-11-23 12:15 - 2019-07-03 15:40 - 000000000 ____D C:\Users\dolphix64\AppData\Local\Packages 2020-11-21 14:59 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\NDF 2020-11-19 09:15 - 2019-07-04 16:39 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-11-19 09:15 - 2019-07-04 16:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-11-18 17:46 - 2019-07-04 16:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-11-13 15:42 - 2020-11-02 11:08 - 000000000 ____D C:\Users\dolphix64\AppData\Roaming\calibre 2020-11-13 12:41 - 2020-10-06 12:03 - 000000128 _____ C:\Users\dolphix64\AppData\Roaming\winscp.rnd 2020-11-12 14:13 - 2019-07-03 22:13 - 000000000 ____D C:\Users\dolphix64\AppData\Roaming\Spotify 2020-11-12 11:06 - 2019-09-20 16:59 - 000000000 ____D C:\Users\dolphix64\AppData\Roaming\dvdcss 2020-11-11 22:03 - 2020-10-14 20:43 - 000000000 ___RD C:\Users\dolphix64\3D Objects 2020-11-11 22:03 - 2019-07-03 15:41 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-11-11 22:01 - 2019-07-03 15:25 - 000466152 _____ C:\Windows\system32\FNTCACHE.DAT 2020-11-11 22:00 - 2019-03-19 13:36 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\TextInput 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SysWOW64\setup 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\SystemResources 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\setup 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\oobe 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\migwiz 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\ShellExperiences 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\PolicyDefinitions 2020-11-11 22:00 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\bcastdvr 2020-11-11 18:53 - 2019-07-03 19:36 - 000000000 ____D C:\Windows\system32\MRT 2020-11-11 18:49 - 2019-07-03 19:36 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2020-11-11 18:49 - 2019-03-19 05:37 - 000000000 ____D C:\Windows\CbsTemp 2020-11-11 18:43 - 2019-07-03 15:28 - 002876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2020-11-10 16:22 - 2019-07-03 16:20 - 000002234 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-11-10 16:22 - 2019-07-03 16:20 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-11-08 16:43 - 2020-05-02 17:21 - 000003512 _____ C:\Windows\system32\Tasks\EPSON XP-422 423 425 Series Update {52B9B2D1-59D3-420E-B4C5-8BF090E6C737} 2020-11-08 16:43 - 2019-10-24 15:26 - 000002766 _____ C:\Windows\system32\Tasks\Maxthon5 Update 2020-11-08 16:43 - 2019-10-24 13:33 - 000003888 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-11-08 16:43 - 2019-07-03 19:35 - 000003518 _____ C:\Windows\system32\Tasks\EPSON XP-422 423 425 Series Update {6CB31C30-EDBD-4230-8B29-ADCAB7126C21} 2020-11-08 16:43 - 2019-07-03 15:43 - 000003564 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-11-08 16:43 - 2019-07-03 15:43 - 000003340 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-11-08 10:19 - 2020-05-07 10:51 - 000000416 _____ C:\Windows\SysWOW64\AbBakConfig.dat 2020-11-08 10:19 - 2020-05-07 10:51 - 000000150 _____ C:\Windows\SysWOW64\winsevr.dat 2020-11-07 12:25 - 2020-04-20 21:28 - 000000000 ____D C:\Users\dolphix64\AppData\Roaming\audacity 2020-11-06 20:05 - 2020-07-11 11:59 - 000000000 ___RD C:\Users\Administrator\OneDrive 2020-11-06 20:05 - 2020-07-11 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages 2020-11-06 20:05 - 2020-07-11 11:55 - 000002425 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-11-06 18:29 - 2020-07-11 11:56 - 000000000 ___RD C:\Users\Administrator\3D Objects 2020-11-06 09:36 - 2019-07-03 15:26 - 000000000 ____D C:\Windows\system32\Drivers\wd 2020-11-05 15:36 - 2020-11-02 11:09 - 000000000 ____D C:\Users\dolphix64\AppData\Local\calibre-cache ==================== Bestanden in de root van sommige mappen ======== 2003-11-11 01:27 - 2003-11-11 01:26 - 000376884 _____ () C:\Program Files\image001.bmp 2019-11-22 17:49 - 2019-11-22 17:49 - 000054233 _____ () C:\Program Files\setuplog.txt 2019-07-03 16:27 - 2002-06-03 18:49 - 000135168 _____ (Alex Fauland) C:\Program Files (x86)\af5.exe 2020-04-27 20:26 - 2020-04-27 20:26 - 000001000 _____ () C:\Program Files (x86)\Common Files\Konvertor.lnk 2020-05-16 17:16 - 2020-05-18 11:34 - 000099384 _____ () C:\Users\dolphix64\AppData\Roaming\ezpinst.exe 2020-05-16 17:12 - 2020-05-16 17:14 - 000099384 _____ () C:\Users\dolphix64\AppData\Roaming\inst.exe 2020-05-16 17:12 - 2020-05-18 11:34 - 000007796 _____ () C:\Users\dolphix64\AppData\Roaming\pcouffin.cat 2020-05-16 17:12 - 2020-05-18 11:34 - 000001167 _____ () C:\Users\dolphix64\AppData\Roaming\pcouffin.inf 2020-05-16 17:12 - 2020-05-18 11:34 - 000000033 _____ () C:\Users\dolphix64\AppData\Roaming\pcouffin.log 2020-05-16 17:12 - 2020-05-18 11:34 - 000082816 _____ (VSO Software) C:\Users\dolphix64\AppData\Roaming\pcouffin.sys 2020-05-16 17:13 - 2020-05-16 17:14 - 000000671 _____ () C:\Users\dolphix64\AppData\Roaming\vso_ts_preview.xml 2020-10-06 12:03 - 2020-11-13 12:41 - 000000128 _____ () C:\Users\dolphix64\AppData\Roaming\winscp.rnd 2020-11-15 19:13 - 2020-11-15 19:13 - 000440360 _____ () C:\Users\dolphix64\AppData\Local\ars.cache 2020-11-15 19:14 - 2020-11-15 19:14 - 001021483 _____ () C:\Users\dolphix64\AppData\Local\census.cache 2019-10-05 14:58 - 2019-10-05 14:58 - 000000072 _____ () C:\Users\dolphix64\AppData\Local\color converter.prefs.ini 2019-10-06 15:21 - 2019-10-06 15:21 - 000004608 _____ () C:\Users\dolphix64\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-11-15 18:19 - 2020-11-15 18:19 - 000000036 _____ () C:\Users\dolphix64\AppData\Local\housecall.guid.cache 2020-05-16 14:06 - 2020-05-16 14:06 - 000001591 _____ () C:\Users\dolphix64\AppData\Local\recently-used.xbel 2020-07-15 14:06 - 2020-07-15 14:06 - 000007605 _____ () C:\Users\dolphix64\AppData\Local\Resmon.ResmonCfg 2020-11-15 18:26 - 2020-11-15 18:26 - 000000010 _____ () C:\Users\dolphix64\AppData\Local\sponge.last.runtime.cache ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================