Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 05-04-2021 Gestart door Gebruiker (Beheerder) op TOSHIBA (TOSHIBA Satellite Pro R50-C) (10-04-2021 13:08:51) Gestart vanaf C:\Users\Gebruiker\Downloads Geladen Profielen: Gebruiker Platform: Windows 10 Home Versie 20H2 19042.867 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Edge Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) () [Bestand niet getekend] C:\Program Files (x86)\2G\GBS Digitaal\mysql\bin\mysqld-nt.exe (Apache Software Foundation) [Bestand niet getekend] C:\Program Files (x86)\2G\GBS Digitaal\apache\bin\apache.exe <2> (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\DSDFunctionKeyCtlService.exe <2> (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\dynabookSystemService.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> ) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.2.50\nsWscSvc.exe (NortonLifeLock Inc. -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.21.2.50\NortonSecurity.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TOSHIBA CORPORATION -> TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16690424 2016-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv.exe [246576 2015-06-23] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-4203840771-55088086-1378505996-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4203840771-55088086-1378505996-1001\...\Run: [UpjersPlayground] => C:\Users\Gebruiker\AppData\Local\UpjersPlayground\update.exe [1829120 2019-06-01] (upjers GmbH -> GitHub) [Bestand niet getekend] HKU\S-1-5-21-4203840771-55088086-1378505996-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MP190 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9I.DLL [27648 2008-02-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-03-31] (Google LLC -> Google LLC) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Snelle start.lnk [2020-03-17] ShortcutTarget: Adobe Reader Snelle start.lnk -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) [Bestand niet getekend] Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {10E757A2-5C7F-4337-ABB4-86E95F138420} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe Task: {12080C44-AEF6-49A0-94A1-7BDEC118399B} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2344608 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {12490192-B8CE-4A24-9345-F19A40F3DF9D} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe [115640 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {1541EA32-2682-4F02-8FED-1EF8FFE4FA24} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform) Task: {1DECCFB9-7D53-46FA-97F7-0E3A625D285B} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe [115640 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {1ED9CB16-16A2-4E23-BBF1-7174BD7E1479} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-07-19] (Google Inc -> Google Inc.) Task: {21549A90-49DA-4904-9245-2FDBC1EE72FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-07-19] (Google Inc -> Google Inc.) Task: {220BA14A-55A0-4F6A-96D3-4A63F6305610} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {457600E6-09D2-47D9-9FA8-EF705671CFF2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16690424 2016-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {5958D2BD-D1D7-4267-BB76-2A614D2F6FEA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {65236938-6358-49AD-B4A2-E7B47098621E} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [14320 2015-05-27] (DTS, Inc. -> ) Task: {85DD5A02-063C-462D-9EB7-37CE6A1EC139} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {86F06EDC-F106-4D4F-B3DB-0B4864115114} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [135504 2015-07-08] (TOSHIBA CORPORATION -> Toshiba Corporation) Task: {969BAF67-6DAC-4068-90BE-93F3E1638278} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.21.2.50\SymErr.exe [115640 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc) Task: {DD09DA91-CFD6-4BB4-8E08-7B2CEA31279D} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.2.50\WSCStub.exe [643584 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {EDEADC6E-CBCB-4FB4-8BC8-2BABBA88A666} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) ProxyServer: [S-1-5-21-4203840771-55088086-1378505996-1001] => http=127.0.0.1:49753;https=127.0.0.1:49753 Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{98d21b65-992e-4010-b143-823bb1346cc2}: [DhcpNameServer] 62.238.255.69 212.115.192.100 Tcpip\..\Interfaces\{fe30215c-6136-4637-8ac9-0ad5bcc2a151}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Gebruiker\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-09] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default [2021-04-10] CHR Notifications: Default -> hxxp://www.flvto.biz; hxxps://axa-fr-by.accengage.net; hxxps://bestdealfor35.life; hxxps://bucksmethodcom.foxpush.net; hxxps://mewe.com; hxxps://web.skype.com; hxxps://wordpress.com; hxxps://www-lingeriematterhorn-fr.pushpushgo.com; hxxps://www.laola1.at; hxxps://www.lecoindestesteurs.fr; hxxps://www.myswitzerland.com; hxxps://www.nu.nl; hxxps://www.onlinesoccermanager.nl CHR HomePage: Default -> hxxp://www.protopage.com/interjos CHR StartupUrls: Default -> "hxxps://www.protopage.com/interjos","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://app.mondly.com/home","hxxps://web.skype.com/","hxxps://www.facebook.com/messages/t/3763916863644976/","hxxps://www.facebook.com/Interjos-Transport-bemiddeling-351182568367649/inbox/2781568778839433/?source=diode¬if_m=alerts_page¬if_id=1615991629898167¬if_t=page_message&ref=notif","hxxps://www.qassa.nl/bingo/speel","hxxps://www.webtales.org/?menu=Home" CHR Extension: (Presentaties) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (YouTube) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-19] CHR Extension: (YouTube Music) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-01-03] CHR Extension: (Spreadsheets) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Offline Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-13] CHR Extension: (Protopage Start Page) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjgoljmnaepbdpeadpciimeapgjadenc [2020-10-08] CHR Extension: (Cycling the Alps) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh [2016-08-16] CHR Extension: (TikTok) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlalbmkafgmoifbeooblidblkmlhhpnc [2021-03-04] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-04] CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-16] CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-16] CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm] CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm] Opera: ======= OPR Profile: C:\Users\Gebruiker\AppData\Roaming\Opera Software\Opera Stable [2021-04-09] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.fr/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\DSDFunctionKeyCtlService.exe [615776 2021-02-22] (Dynabook Inc. -> Dynabook Inc.) R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] (DTS, Inc. -> ) R2 GBSApache; C:\Program Files (x86)\2G\GBS Digitaal\apache\bin\apache.exe [16896 2006-05-09] (Apache Software Foundation) [Bestand niet getekend] R2 GBSMySQL; C:\Program Files (x86)\2G\GBS Digitaal\mysql\bin\myGBS.cnf [3372 2020-03-17] () [Bestand niet getekend] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397256 2018-11-19] (Canon Inc. -> ) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.2.50\NortonSecurity.exe [343336 2021-03-27] (NortonLifeLock Inc. -> Symantec Corporation) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.2.50\nsWscSvc.exe [1054536 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.) R2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [326960 2015-06-24] (TOSHIBA CORPORATION -> TOSHIBA) R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\dynabookSystemService.exe [44767048 2021-02-22] (Dynabook Inc. -> Dynabook Inc.) S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\TOSTABSYSSVC.exe [296272 2021-02-22] (Dynabook Inc. -> Dynabook Inc.) S2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\RMService.exe [446248 2021-02-22] (Dynabook Inc. -> Dynabook Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-17] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-04-27] (Bitdefender SRL -> BitDefender) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.39\Definitions\BASHDefs\20210406.011\BHDrvx64.sys [1995864 2021-03-16] (Symantec Corporation -> Broadcom) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\ccSetx64.sys [192248 2021-03-27] (Symantec Corporation -> Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-02-02] (Symantec Corporation -> Broadcom) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-02-03] (Symantec Corporation -> Broadcom) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.39\Definitions\IPSDefs\20210409.061\IDSvia64.sys [1488976 2021-04-06] (Symantec Corporation -> Broadcom) S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\nsvst.sys [56912 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.) R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\SRTSP64.SYS [890464 2021-03-27] (Symantec Corporation -> Broadcom) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\SRTSPX64.SYS [50272 2021-03-27] (Symantec Corporation -> Broadcom) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\SYMEFASI64.SYS [2060656 2021-03-27] (Symantec Corporation -> Broadcom) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\SymELAM.sys [25080 2021-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99912 2020-12-17] (Symantec Corporation -> Symantec Corporation) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.39\SymPlatform\SymEvnt.sys [712424 2020-07-21] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\Ironx64.SYS [316488 2021-03-27] (Symantec Corporation -> Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\symnets.sys [575328 2021-03-27] (Symantec Corporation -> Symantec Corporation) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-21] (Dynabook Inc. -> Dynabook Inc.) R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.) R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\TosSrvCtlDrv.sys [25816 2021-02-22] (Dynabook Inc. -> Dynabook Inc.) R0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-17] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-17] (Microsoft Windows -> Microsoft Corporation) R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\wpCtrlDrv.sys [1013792 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.) S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-04-10 13:08 - 2021-04-10 13:09 - 000022512 _____ C:\Users\Gebruiker\Downloads\FRST.txt 2021-04-10 13:06 - 2021-04-10 13:06 - 002298368 _____ (Farbar) C:\Users\Gebruiker\Downloads\FRST64.exe 2021-04-09 21:13 - 2021-04-09 21:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation 2021-04-08 18:54 - 2021-04-10 09:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360 2021-04-08 18:54 - 2021-04-08 19:12 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2021-04-08 18:54 - 2021-04-08 18:54 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration 2021-04-07 14:46 - 2021-04-07 14:46 - 000264102 _____ C:\Users\Gebruiker\Downloads\ll.pdf 2021-04-07 14:45 - 2021-04-07 14:45 - 000264077 _____ C:\Users\Gebruiker\Downloads\LLLLLLL.pdf 2021-04-03 16:45 - 2021-04-03 16:45 - 000391089 _____ C:\Users\Gebruiker\Downloads\Pardeilhan CGPASS-37492489A459.zip 2021-04-03 14:57 - 2021-04-03 14:57 - 001616194 _____ C:\Users\Gebruiker\Downloads\Fiche_maison_vente.pdf 2021-04-03 10:40 - 2021-04-03 11:53 - 000026824 _____ C:\Users\Gebruiker\Downloads\Webtales.odt 2021-04-02 11:14 - 2021-04-02 11:14 - 000149965 _____ C:\Users\Gebruiker\Downloads\PERSBERICHT 29 maart 2021 Gereformeerde Gemeente Urk def.pdf 2021-04-01 19:49 - 2021-04-01 19:57 - 000000000 ____D C:\Users\Gebruiker\Downloads\Programma´s 2021-03-19 17:01 - 2021-03-19 17:01 - 000560314 _____ C:\Users\Gebruiker\Downloads\Pouyol 19 03 2021 simulation 97 000€.pdf 2021-03-17 13:44 - 2021-03-17 13:44 - 000000000 ____D C:\Users\Gebruiker\Downloads\Koerskompas 2021-03-16 16:35 - 2021-03-16 16:35 - 000319171 _____ C:\Users\Gebruiker\Downloads\Poujol Simulation.pdf 2021-03-15 19:13 - 2021-03-15 19:13 - 014731235 _____ C:\Users\Gebruiker\Downloads\Norton.mcf 2021-03-12 15:26 - 2021-03-12 15:26 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-12 15:25 - 2021-03-12 15:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-12 15:25 - 2021-03-12 15:25 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-03-12 15:25 - 2021-03-12 15:25 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-12 15:25 - 2021-03-12 15:25 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-12 15:25 - 2021-03-12 15:25 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-12 15:25 - 2021-03-12 15:25 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-03-12 15:25 - 2021-03-12 15:25 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-12 15:25 - 2021-03-12 15:25 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-03-12 15:25 - 2021-03-12 15:25 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-03-12 15:25 - 2021-03-12 15:25 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-04-10 13:09 - 2018-07-11 11:00 - 000000000 ____D C:\FRST 2021-04-10 12:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-10 08:57 - 2020-08-01 23:57 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-10 08:57 - 2020-08-01 23:57 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-04-10 08:57 - 2020-08-01 23:57 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-04-10 08:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-10 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-10 08:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-10 08:56 - 2018-03-24 11:12 - 000000000 ____D C:\Program Files\CCleaner 2021-04-10 08:56 - 2017-08-06 10:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-04-10 08:56 - 2016-07-08 14:35 - 000000000 __SHD C:\Users\Gebruiker\IntelGraphicsProfiles 2021-04-09 11:14 - 2016-08-18 10:11 - 000000000 ____D C:\Users\Gebruiker\Documents\Jacqueline 2021-04-08 20:02 - 2020-12-17 22:52 - 000000000 ____D C:\Program Files\Common Files\AV 2021-04-08 19:12 - 2020-12-17 21:37 - 000002431 _____ C:\Users\Public\Desktop\Norton Security.lnk 2021-04-08 19:12 - 2020-12-17 21:37 - 000002431 _____ C:\ProgramData\Desktop\Norton Security.lnk 2021-04-08 12:35 - 2020-12-17 21:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64 2021-04-08 11:13 - 2020-09-08 23:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-08 08:56 - 2020-09-08 23:45 - 001783884 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-08 08:56 - 2019-12-07 17:12 - 000776782 _____ C:\WINDOWS\system32\perfh013.dat 2021-04-08 08:56 - 2019-12-07 17:12 - 000154134 _____ C:\WINDOWS\system32\perfc013.dat 2021-04-08 08:51 - 2020-09-08 23:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-08 08:51 - 2020-09-08 23:34 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-08 08:51 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-04-07 09:58 - 2021-03-05 22:05 - 000000000 ____D C:\Users\Gebruiker\AppData\LocalLow\Norton 2021-04-06 11:09 - 2016-08-18 10:11 - 000000000 ____D C:\Users\Gebruiker\Documents\Prive 2021-04-05 07:56 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-04-04 22:57 - 2020-09-08 21:45 - 000000000 ____D C:\Users\Gebruiker 2021-04-04 22:33 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-04-03 22:31 - 2019-02-04 15:34 - 000000000 ____D C:\ProgramData\CanonIJPLM 2021-04-01 20:51 - 2019-08-04 22:59 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\D3DSCache 2021-03-31 23:20 - 2016-07-19 08:12 - 000002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-03-31 23:20 - 2016-07-19 08:12 - 000002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2021-03-31 23:20 - 2016-07-19 08:12 - 000002251 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2021-03-26 08:40 - 2020-09-08 23:48 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-03-23 23:20 - 2020-08-03 11:27 - 000000000 ____D C:\Users\Gebruiker\Downloads\Jos 2021-03-17 08:12 - 2016-12-12 10:16 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\CrashDumps 2021-03-15 21:26 - 2020-09-08 23:48 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4203840771-55088086-1378505996-1001 2021-03-15 21:26 - 2020-09-08 21:45 - 000002388 _____ C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-03-15 21:26 - 2016-07-08 14:41 - 000000000 ___RD C:\Users\Gebruiker\OneDrive 2021-03-13 00:24 - 2020-09-08 23:34 - 000294704 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-03-13 00:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-03-11 20:28 - 2016-07-11 11:24 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-03-11 20:25 - 2016-07-11 11:24 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Bestanden in de root van sommige mappen ======== 2020-03-17 00:24 - 2020-03-17 00:24 - 000000097 _____ () C:\Users\Gebruiker\AppData\Local\fusioncache.dat 2019-06-27 08:53 - 2020-06-15 19:43 - 000007605 _____ () C:\Users\Gebruiker\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================