Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 10-06-2022 01 Gestart door zander13381 (Beheerder) op COMPUTER-Z (LENOVO 20NRS01P00) (12-06-2022 18:54:21) Gestart vanaf C:\Users\zander13381\Downloads Geladen Profielen: False <==== AANDACHT (Tijdelijke profiel?) Platform: Microsoft Windows 11 Education Versie 21H2 22000.675 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Edge Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoBoostAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoBoostSystemAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoServiceBridgeAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(SmartInteractAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(VantageCoreAddin).exe (C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.305.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe <7> (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2> (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe (DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe (DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe (ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31> (explorer.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\QSHelper.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (services.exe ->) () [Bestand niet getekend] C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1638964996365.exe (services.exe ->) () [Bestand niet getekend] C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2> (services.exe ->) (Eidgenössische Technische Hochschule Zürich -> ETH Zurich) C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe (services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d2ec57bb7e27bb06\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d2ec57bb7e27bb06\IntelCpHeciSvc.exe (services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\SocketHeciServer.exe (services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe (services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\ibmpmsvc.exe (services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.22.4.11\NortonSecurity.exe <2> (services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.22.4.11\nsWscSvc.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3> (services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe (svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxext.exe (svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.305.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114671912 2021-02-10] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] => C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe [265608 2013-11-21] (National Instruments Corporation -> ) HKLM-x32\...\Run: [TrayProcess] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayProcess.exe [883848 2021-12-20] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2022-05-09] (Intel Corporation -> Intel) HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632064 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\QSHelper.exe [96840 2021-09-09] (Lenovo -> Lenovo Group Ltd.) HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [org.openvpn.client] => C:\Program Files\OpenVPN Connect\OpenVPNConnect.exe [110833152 2021-12-08] (OpenVPN) [Bestand niet getekend] HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [Nextcloud] => C:\Program Files\Nextcloud\nextcloud.exe [3778328 2022-01-27] (Nextcloud GmbH -> Nextcloud GmbH) HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.) HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [MicrosoftEdgeAutoLaunch_E256169F44F936F97F6642427FB917DF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595192 2022-06-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\...\Run: [GoogleChromeAutoLaunch_B399D93F1CE225A162066E5A74F2A384] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2668432 2022-05-18] (Google LLC -> Google LLC) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.) HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632064 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632064 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\58.0.3.0\GoogleDriveFS.exe [55667088 2022-05-16] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\Canon MG2200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB6.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2200 series: C:\WINDOWS\system32\CNMLMB6.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-01] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-04-27] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\Users\zander13381\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Luminar AI.lnk [2022-06-07] ShortcutTarget: Luminar AI.lnk -> C:\Program Files\Skylum\Luminar AI\Luminar AI.exe (Skylum Software USA, Inc. -> Skylum) Startup: C:\Users\zander13381\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Opschonen.cmd [2022-04-01] () [Bestand niet getekend] Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0087658E-B43D-4C70-A6A2-9CE5372EAD24} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-29] (Microsoft Corporation -> Microsoft Corporation) Task: {013D424C-0674-42F3-8128-976237E41038} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.) Task: {06F8ABE8-86CA-479A-88B8-97BACFBF1946} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-05-29] (Microsoft Corporation -> Microsoft Corporation) Task: {091CBB30-55DD-4C87-A880-6C8E87076C93} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {11F05DED-751F-46C0-A2F9-E1007F4A8DA2} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {16647DB9-040A-4F16-9C5D-BC0EA2D0F475} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo) Task: {19B0EC06-2A6F-4ED9-BF3B-32AA11BA82DE} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {231B8C1C-2294-4E49-8B38-EB75B68E960E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> ) Task: {2DB7475B-77C0-4420-AF07-6FFCB2437408} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.) Task: {3BCFEDC5-D596-4329-8271-739EAAD2915F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-29] (Microsoft Corporation -> Microsoft Corporation) Task: {3D02FE24-BCD3-451D-A275-09031A37ED38} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {41A6F7FE-14C9-471B-B113-9706FD8D883E} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.) Task: {442EE3B7-1445-414F-8896-09868322CFDC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation) Task: {48BFB933-5DC2-4A94-B01A-2FACF6BC120B} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2022-05-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {4B36E20C-87CB-4C24-9814-25108E42B90A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304592 2022-05-29] (Microsoft Corporation -> Microsoft Corporation) Task: {517AB882-E4EE-4C5F-ABFC-A6996E3AAA15} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {5309D6AD-82F8-4CE1-92F9-CA624E2C49F1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23244744 2022-05-29] (Microsoft Corporation -> Microsoft Corporation) Task: {559385D6-5882-4CD8-90C4-4263D2B64FE5} - System32\Tasks\Microsoft\Intune\Intune Management Extension Health Evaluation => C:\Program Files (x86)\Microsoft Intune Management Extension\ClientHealthEval.exe [51088 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) Task: {567F5517-52F7-4497-A02B-218BA705C053} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-29] (Microsoft Corporation -> Microsoft Corporation) Task: {5AE734D0-B153-4A40-987E-D5DA66997956} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {5B2706DB-DC31-47C5-9E14-D04DB2AE182F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e0d94113-35bd-4ee0-ab30-1183f14aac1c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {67F7D4AE-7133-4831-9F03-72C0BE70B71D} - System32\Tasks\OneDrive Reporting Task-S-1-12-1-1045427199-1201164449-3859945119-2244745868 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) Task: {6D2E0DD2-A97A-4BB6-9ACF-E62E75027A3B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Login Schedule created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {6FE3C5B9-535F-4563-9C77-F36CD8B4ADBC} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {71F6497C-41FF-4557-B6EE-6CDA484B0AFA} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.) Task: {7B2EB7BA-1802-4963-BDE6-329E6CF77DCC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2390676961-1970208939-1502202127-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) Task: {80020E84-28E9-462D-AB11-36721FE0DAB1} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> ) Task: {85B7AE85-4C1D-437D-9046-B53AA0E58F12} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [450560 2022-05-11] (Microsoft Windows -> Microsoft Corporation) Task: {8B5173E1-04ED-4D2D-B719-989ABB48E0A2} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {92259B60-F6D7-479D-9310-5C4B5CD16429} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\RtkAudUService64.exe [962848 2019-07-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {94F74029-8444-45DB-A2ED-CA22A989DB54} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.) Task: {951B4475-CE5D-472E-A46B-29B42A92EDE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304592 2022-05-29] (Microsoft Corporation -> Microsoft Corporation) Task: {95A5ECAB-12F9-492E-8DA1-9C19C4F3CDA5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) Task: {979E4E33-C8FE-4D15-91B0-B4EF0F6CFC55} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {991FA540-427C-4B40-BD5A-F399BFE6947F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {9DCF85B2-6056-40DB-8ED3-35294E289863} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {9FCC655F-8E05-4E99-A1BD-3D8A49C0BBB6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\13ef84c2-66ff-4d1a-9c55-9e5e615acc77 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {A5B85F72-7DC8-425B-9654-E9ADA4B6CA6A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {B0DFE233-5624-4377-B0A5-496C228A5FBC} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {B5D6595F-B692-4340-B2FF-85B428489690} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [Bestand niet getekend] Task: {B60EADE3-2168-4535-ABF3-3085845AF10F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Wsc Startup event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {C08681C2-C517-4351-AD84-0FBAAB202D80} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.) Task: {C18C0906-CC7E-4EBE-80D4-FE71051C1B7E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2390676961-1970208939-1502202127-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) Task: {C8FDE085-386D-4619-94CE-AE3FF2020AD8} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.22.4.11\SymErr.exe [109312 2022-05-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {C8FFC58F-505B-4576-AD1F-A737FB2C0711} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-19] (Google LLC -> Google LLC) Task: {CE040513-6691-4D51-9CB9-9A4C7DDF142A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) Task: {D63510BB-D0D0-40BC-8B7E-60343557A48D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {DAD9D2C8-6EFE-4013-B814-5A530941F343} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [450560 2022-05-11] (Microsoft Windows -> Microsoft Corporation) Task: {E84CEF55-DD8A-43A5-B1E6-403101ABAF34} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.22.4.11\SymErr.exe [109312 2022-05-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {F48F6917-8B3E-4BB5-9DDD-78DEA9A7C8CE} - System32\Tasks\Lenovo\Lenovo MigrationAssistant start event task => C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe [291216 2020-11-11] (Lenovo -> ) Task: {F7CA0966-2332-4FD8-BFF1-33CD4A3BB9BB} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation) Task: {F81C882B-A6CB-45E5-9814-F0C482A78169} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.) Task: {F9303925-4518-4B1A-88BA-B74E5F4C6FDF} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.22.4.11\WSCStub.exe [646520 2022-05-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {FBAC07A7-5479-4936-A2E3-44E526AAC618} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-19] (Google LLC -> Google LLC) Task: {FC280074-972D-419B-9FBA-7ABC160D3803} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.22.4.11\SymErr.exe [109312 2022-05-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) Task: {FC3972B5-CEA3-4BC7-B4A0-4E5C3DADAFBD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\60a6f8e0-a5b6-481d-b5b8-c5e91886ae49 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {FC4F20E5-5F52-46A4-A071-B7E805EC23A7} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> ) Task: {FDB5FF88-37F5-4FBE-BBCC-39FEDBC1CEC3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1FD8E1BF-9856-41E5-BE09-0C59B41C0DED\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [487424 2022-02-09] (Microsoft Windows -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Hosts: 10.18.93.2 usb Tcpip\Parameters: [DhcpNameServer] 195.130.130.3 195.130.131.3 Tcpip\..\Interfaces\{5f3396f1-6b35-40da-97da-ae8871d24f65}: [DhcpNameServer] 195.130.130.3 195.130.131.3 Tcpip\..\Interfaces\{65df6ad1-1d7e-4a5e-ad39-9785f421b19d}: [DhcpNameServer] 172.17.2.2 195.130.130.139 Tcpip\..\Interfaces\{ec127686-6acd-4c65-864b-00431277a4a1}: [DhcpNameServer] 10.1.2.12 10.0.0.4 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\zander13381\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-12] FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2019-03-14] (Adobe Systems, Inc.) [Bestand niet getekend] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 2 CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default [2022-06-12] CHR StartupUrls: Default -> "file:///C:/Users/zander13381/OneDrive%20-%20Sint-Franciscuscollege/A%20project/index.html" CHR Session Restore: Default -> is ingeschakeld. CHR Extension: (Ruffle) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\donbcfbmhbcapadipfkeojnmajbakjdc [2022-06-12] CHR Extension: (Volume Booster) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejkiikneibegknkgimmihdpcbcedgmpo [2022-05-30] CHR Extension: (Norton Safe Web) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-06-02] CHR Extension: (Offline Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-22] CHR Extension: (Similarweb - Traffic Rank & Website Analysis) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2022-01-11] CHR Extension: (PixelBlock) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmpmfcjnflbcoidlgapblgpgbilinlem [2022-01-11] CHR Extension: (WebRTC Leak Prevent Toggle) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\kignegkkmknfpincglcjggfbgghpamim [2022-01-11] CHR Extension: (Smarter Smartschool) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbpdknjafmmnemenflppkofaakldbfom [2022-03-16] CHR Extension: (Coupert - Automatic Coupon Finder & Cashback) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2022-06-12] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-11] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-12] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-12] CHR Session Restore: Profile 1 -> is ingeschakeld. CHR Extension: (Offline Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-27] CHR Extension: (Web Safety) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-03-07] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-11] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10 [2022-06-12] CHR Extension: (Presentaties) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-01] CHR Extension: (Safe Torrent Scanner) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-04-01] CHR Extension: (Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-01] CHR Extension: (Google Drive) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-01] CHR Extension: (YouTube) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-01] CHR Extension: (Spreadsheets) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-01] CHR Extension: (Offline Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-01] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-01] CHR Extension: (Web Safety) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-04-01] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-01] CHR Extension: (Gmail) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-01] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-06-12] CHR DefaultSearchURL: Profile 2 -> hxxps://www.amazingossearch.com/search/?category=web&s=cvds&vert=music&q={searchTerms} CHR DefaultSearchKeyword: Profile 2 -> Music Search for Chrome™ CHR DefaultSuggestURL: Profile 2 -> hxxps://sug.amazingossearch.com/v1/sug/?yid=cvds&vert=music&q={searchTerms} CHR Session Restore: Profile 2 -> is ingeschakeld. CHR Extension: (Safe Torrent Scanner) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-03-19] CHR Extension: (Music Search for Chrome™) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eaabmejfmdeoaabmealmmbjdjaojakka [2022-04-22] CHR Extension: (Offline Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-23] CHR Extension: (Mailvelope) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kajibbejlbohfaggdiogboambcijhkke [2022-04-05] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-05] CHR Extension: (Progress Bar Timer) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmnlbapfmmoaehepmgbkgfcgpddlhbko [2022-01-11] CHR Extension: (Web Safety) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-03-04] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-11] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-06-12] CHR Extension: (Safe Torrent Scanner) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-04-23] CHR Extension: (Offline Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-23] CHR Extension: (Web Safety) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-03-07] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-16] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-06-12] CHR Extension: (Safe Torrent Scanner) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-03-15] CHR Extension: (Offline Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-23] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-08] CHR Extension: (Web Safety) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-03-10] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-24] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 8 [2022-06-12] CHR Session Restore: Profile 8 -> is ingeschakeld. CHR Extension: (Safe Torrent Scanner) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-03-16] CHR Extension: (Offline Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-27] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-05] CHR Extension: (Web Safety) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-03-16] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-16] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 9 [2022-06-12] CHR Session Restore: Profile 9 -> is ingeschakeld. CHR Extension: (Safe Torrent Scanner) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-03-19] CHR Extension: (Offline Documenten) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-23] CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-08] CHR Extension: (Web Safety) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\mfhcmdonhekjhfbjmeacdjbhlfgpjabp [2022-03-19] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-19] CHR Profile: C:\Users\zander13381\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-12] CHR HKU\S-1-12-1-1045427199-1201164449-3859945119-2244745868\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1638964996365.exe [3195904 2021-12-08] () [Bestand niet getekend] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988424 2022-05-29] (Microsoft Corporation -> Microsoft Corporation) R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1633440 2019-07-09] (Dolby Laboratories, Inc. -> ) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2022-05-09] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [184248 2022-05-09] (Intel Corporation -> Intel) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [44168 2021-12-20] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncHelper.exe [3373960 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [394176 2019-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) R2 IntuneManagementExtension; C:\Program Files (x86)\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe [197520 2022-05-28] (Microsoft Corporation -> Microsoft Corporation) R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2351304 2020-12-20] (Lenovo -> Lenovo Group Limited) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe [29968 2022-03-20] (Lenovo -> Lenovo Group Ltd.) R2 LITSSVC; C:\WINDOWS\System32\LITSSvc.exe [1217488 2022-04-12] (Lenovo -> Lenovo.) S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-08] (Malwarebytes Inc. -> Malwarebytes) R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.22.4.11\NortonSecurity.exe [344888 2022-05-05] (NortonLifeLock Inc. -> NortonLifelock Inc.) R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.22.4.11\nsWscSvc.exe [1059176 2022-05-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.111.0522.0002\OneDriveUpdaterService.exe [3812760 2022-06-10] (Microsoft Corporation -> Microsoft Corporation) R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [3020800 2021-12-08] () [Bestand niet getekend] R2 SebWindowsServiceWCF; C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe [408776 2020-04-08] (Eidgenössische Technische Hochschule Zürich -> ETH Zurich) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6207672 2022-05-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14865896 2022-04-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited) S3 VBoxSDS; C:\Users\zander13381\Desktop\tree\Virtual box\VBoxSDS.exe [746728 2021-11-22] (Oracle Corporation -> Oracle Corporation) R3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{31A809F0-B5FD-4612-9F02-2FEC20E327A1} [45368 2021-06-05] (Microsoft Windows -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.21.11.46\Definitions\BASHDefs\20220608.011\BHDrvx64.sys [1672160 2022-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\ccSetx64.sys [196864 2022-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2022-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [74296 2021-07-25] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [54328 2021-07-25] (Microsoft Windows Hardware Compatibility Publisher -> ) R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2021-07-25] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [555072 2021-08-26] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 fse; C:\WINDOWS\System32\drivers\fse.sys [193888 2022-05-30] (Microsoft Windows -> Microsoft Corporation) R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [111960 2022-05-11] (Microsoft Windows -> Microsoft Corporation) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.21.11.46\Definitions\IPSDefs\20220610.061\IDSvia64.sys [1515496 2022-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.) S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\nsvst.sys [56080 2022-05-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) R1 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo) S3 Schneider_Electric-USBLAN; C:\WINDOWS\System32\drivers\lkblan.sys [40320 2016-09-27] (Belcarra Technologies (2005) Corp. -> Belcarra Technologies) R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\SRTSP64.SYS [954144 2022-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\SRTSPX64.SYS [51456 2022-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\SYMEFASI64.SYS [2091256 2022-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\SymELAM.sys [34600 2022-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.21.11.46\SymPlatform\SymEvnt.sys [712432 2021-06-16] (Symantec Corporation -> Symantec Corporation) R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\Ironx64.SYS [304896 2022-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\symnets.sys [481248 2022-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom) R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2021-12-08] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 TPS65988; C:\WINDOWS\System32\drivers\TPS65988.sys [48208 2019-07-22] (FPT USA Corp. -> ) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239672 2021-11-22] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249584 2021-11-22] (Oracle Corporation -> Oracle Corporation) S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [90112 2022-05-30] (Microsoft Windows -> ) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-04-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [443664 2022-04-18] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-18] (Microsoft Windows -> Microsoft Corporation) R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_6eb0b77a25e99e6e\WiMan\WiMan.sys [165224 2020-12-29] (Intel Wireless Driver -> ) R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616040.00B\wpCtrlDrv.sys [1015760 2022-05-05] (NortonLifeLock Inc. -> NortonLifeLock Inc.) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-06-12 18:24 - 2022-06-12 18:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation 2022-06-12 14:25 - 2022-06-12 14:25 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-06-12 14:25 - 2022-06-12 14:25 - 000000008 __RSH C:\ProgramData\ntuser.pol 2022-06-12 13:47 - 2022-06-12 19:00 - 000053479 _____ C:\Users\zander13381\Downloads\FRST.txt 2022-06-12 13:45 - 2022-06-12 13:45 - 000001435 _____ C:\WINDOWS\system32\default_error_stack-000005-000000.txt 2022-06-11 10:23 - 2022-06-12 18:57 - 000000000 ____D C:\FRST 2022-06-11 10:22 - 2022-06-11 10:23 - 002368000 _____ (Farbar) C:\Users\zander13381\Downloads\FRST64.exe 2022-06-11 10:10 - 2022-06-11 10:10 - 000000000 ____N C:\Users\zander13381\Downloads\install_vp5_en_US-DZRFJN.exe 2022-06-10 21:29 - 2022-06-12 18:16 - 000100454 _____ C:\WINDOWS\ntbtlog.txt 2022-06-10 21:27 - 2022-06-10 21:27 - 000000000 ____D C:\ProgramData\SMR540 2022-06-10 21:22 - 2022-06-10 21:32 - 000000000 ____D C:\Users\zander13381\AppData\Local\NPE 2022-06-10 17:08 - 2022-06-10 17:08 - 000000000 ____D C:\Users\zander13381\Downloads\imageusb 2022-06-08 17:22 - 2022-06-08 17:22 - 000030630 _____ C:\Users\zander13381\Downloads\SFC-summer party.pdf 2022-06-08 16:22 - 2022-06-08 20:08 - 000000150 _____ C:\Users\zander13381\Desktop\frans.txt 2022-06-08 14:19 - 2022-06-08 14:19 - 000253144 _____ C:\Users\zander13381\Downloads\9789020299687_fragm.pdf 2022-06-07 17:06 - 2022-06-07 17:08 - 000536576 _____ C:\Users\zander13381\Documents\Database1.accdb 2022-06-07 09:56 - 2022-06-07 09:56 - 000000000 ____D C:\Users\zander13381\AppData\Local\Sentry 2022-06-07 09:54 - 2022-06-07 09:54 - 000001245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Luminar AI.lnk 2022-06-07 09:54 - 2022-06-07 09:54 - 000001239 _____ C:\Users\Public\Desktop\Luminar AI.lnk 2022-06-07 09:54 - 2022-06-07 09:54 - 000000000 ____D C:\Program Files\Skylum 2022-06-07 09:51 - 2022-06-07 09:56 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\Luminar AI 2022-06-07 09:51 - 2022-06-07 09:51 - 000000000 ____D C:\ProgramData\Luminar AI 2022-06-07 09:49 - 2022-06-07 09:49 - 019935016 _____ () C:\Users\zander13381\Downloads\LuminarAISetup.exe 2022-06-07 08:46 - 2022-06-07 08:46 - 000019001 _____ C:\Users\zander13381\Downloads\Enquête fuif 2A economie & organisatie(1-72).xlsx 2022-06-06 17:54 - 2022-06-06 17:54 - 000000000 ____D C:\WINDOWS\Panther 2022-06-06 12:43 - 2022-06-08 14:50 - 000000969 _____ C:\Users\zander13381\Downloads\time s-toets.py 2022-06-05 11:14 - 2022-06-05 11:14 - 000000000 ___HD C:\$WinREAgent 2022-06-04 20:57 - 2022-06-04 20:57 - 000179852 _____ C:\Users\zander13381\Downloads\key.pdf 2022-06-04 20:56 - 2022-06-04 20:56 - 000000000 ____D C:\WINDOWS\pss 2022-06-04 18:21 - 2022-06-04 18:21 - 000000203 _____ C:\Users\zander13381\.gitconfig 2022-06-04 18:21 - 2022-06-04 18:21 - 000000000 ____D C:\Users\zander13381\Documents\GitHub 2022-06-04 18:14 - 2022-06-04 18:21 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\GitHub Desktop 2022-06-04 18:13 - 2022-06-04 18:14 - 000000000 ____D C:\Users\zander13381\AppData\Local\GitHubDesktop 2022-06-04 18:12 - 2022-06-04 18:13 - 126258584 _____ (GitHub, Inc.) C:\Users\zander13381\Downloads\GitHubDesktopSetup-x64.exe 2022-06-04 16:40 - 2022-06-04 20:23 - 000009354 _____ C:\Users\zander13381\Downloads\DJ's.xlsx 2022-06-04 15:15 - 2022-06-04 15:15 - 006493020 _____ C:\Users\zander13381\Downloads\Bowlen.zip 2022-06-04 15:15 - 2022-06-04 15:15 - 000000000 ____D C:\Users\zander13381\Downloads\Bowlen 2022-06-03 14:04 - 2022-06-03 14:04 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kali-linux 2022-06-03 13:37 - 2022-06-12 13:45 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2022-06-03 13:37 - 2022-06-03 13:37 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000004-000000.txt 2022-06-03 13:37 - 2022-06-03 13:37 - 000000000 ____D C:\WINDOWS\system32\BestPractices 2022-06-03 13:37 - 2022-06-03 13:37 - 000000000 ____D C:\Users\Public\Documents\Hyper-V 2022-06-03 13:37 - 2022-06-03 13:37 - 000000000 ____D C:\Program Files\Hyper-V 2022-06-02 17:09 - 2022-06-02 17:09 - 000001723 _____ C:\Users\zander13381\Downloads\Hacken voor Dummies_9789045357188.acsm 2022-05-30 18:20 - 2022-05-30 18:21 - 017104896 _____ C:\Users\zander13381\Downloads\wsl_update_x64.msi 2022-05-30 13:52 - 2022-06-04 16:54 - 000118475 _____ C:\Users\zander13381\Downloads\Hoeveel minuten kijk jij tv per dag_(1-22).xlsx 2022-05-30 13:50 - 2022-05-30 13:50 - 000013386 _____ C:\Users\zander13381\Downloads\Hoeveel minuten kijk jij tv per dag_(1-20).xlsx 2022-05-30 10:58 - 2022-05-30 10:58 - 001058478 _____ C:\Users\zander13381\Downloads\city.wav 2022-05-30 10:55 - 2022-05-30 10:55 - 002662478 _____ C:\Users\zander13381\Downloads\monky.wav 2022-05-30 07:45 - 2022-05-31 15:36 - 001178743 _____ C:\Users\zander13381\Downloads\Boekenbeurs.pptx 2022-05-29 20:53 - 2022-06-12 14:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360 2022-05-29 20:48 - 2022-05-30 10:47 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2022-05-29 20:48 - 2022-05-29 20:48 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration 2022-05-29 20:47 - 2022-05-29 20:47 - 000000112 ___SH C:\bootTel.dat 2022-05-29 10:08 - 2022-05-29 10:08 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000003-000000.txt 2022-05-28 10:53 - 2022-05-29 21:22 - 000000000 ____D C:\Users\zander13381\Downloads\Fantasy 2022-05-26 12:18 - 2022-05-26 12:16 - 000000241 _____ C:\Users\zander13381\Desktop\boekbespreking.py.pyw 2022-05-26 12:04 - 2022-05-26 12:04 - 000000000 ____D C:\Users\zander13381\PycharmProjects 2022-05-26 12:04 - 2022-05-26 12:04 - 000000000 ____D C:\Users\zander13381\AppData\Local\pypa 2022-05-26 12:03 - 2022-06-06 17:38 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\JetBrains 2022-05-26 12:00 - 2022-06-06 17:39 - 000000000 ____D C:\Program Files\JetBrains 2022-05-26 11:51 - 2022-05-26 12:00 - 396634376 _____ C:\Users\zander13381\Downloads\pycharm-community-2022.1.1.exe 2022-05-26 11:32 - 2022-05-26 11:42 - 000000194 _____ C:\Users\zander13381\Downloads\back.pyw 2022-05-26 07:33 - 2022-05-26 07:33 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2022-05-26 07:33 - 2022-05-26 07:33 - 000002247 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk 2022-05-25 16:30 - 2022-05-25 16:30 - 000000652 _____ C:\Users\zander13381\Downloads\Trial.txt 2022-05-25 16:20 - 2022-05-25 16:20 - 000003460 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog 2022-05-25 16:20 - 2022-05-25 16:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Npcap 2022-05-25 16:20 - 2022-05-25 16:20 - 000000000 ____D C:\WINDOWS\system32\Npcap 2022-05-25 16:20 - 2022-05-25 16:20 - 000000000 ____D C:\Program Files\Npcap 2022-05-25 16:19 - 2022-05-25 16:19 - 210906944 _____ (Lansweeper.com ) C:\Users\zander13381\Downloads\LansweeperSetup.exe 2022-05-25 16:09 - 2022-05-25 16:09 - 000000000 ____D C:\Users\zander13381\Downloads\wifiguard_windows_portable 2022-05-25 16:05 - 2022-05-25 16:06 - 004946386 _____ C:\Users\zander13381\Downloads\wifiguard_windows_portable.zip 2022-05-24 17:03 - 2022-05-24 17:03 - 000108026 _____ C:\Users\zander13381\Downloads\auto-py-to-exe-master.zip 2022-05-24 17:03 - 2022-05-24 17:03 - 000000000 ____D C:\Users\zander13381\Downloads\auto-py-to-exe-master 2022-05-24 16:59 - 2022-05-24 16:59 - 000201234 _____ C:\Users\zander13381\Downloads\py2exe-0.6.9.win32-py2.7.exe 2022-05-23 18:17 - 2022-05-23 18:17 - 000000032 _____ C:\Users\zander13381\Downloads\21.txt 2022-05-23 18:17 - 2022-05-23 18:17 - 000000032 _____ C:\Users\zander13381\Downloads\21.html 2022-05-23 18:13 - 2022-05-23 18:13 - 018038784 _____ (Microsoft Corporation) C:\Users\zander13381\Downloads\Pixelog.exe 2022-05-23 15:09 - 2022-05-23 15:09 - 000000000 ____D C:\Users\zander13381\Downloads\editor-txt 2022-05-23 15:04 - 2022-05-23 15:09 - 000009570 _____ C:\Users\zander13381\Desktop\2.py 2022-05-23 13:57 - 2022-05-23 13:57 - 000012241 _____ C:\Users\zander13381\Downloads\Hoeveel minuten kijk jij tv per dag_(1-4).xlsx 2022-05-23 09:27 - 2022-05-23 09:28 - 000000000 ____D C:\Users\zander13381\.idlerc 2022-05-20 14:24 - 2022-05-20 14:24 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK 2022-05-17 17:08 - 2022-05-17 17:08 - 000134824 _____ C:\Users\zander13381\Documents\IT.pdf 2022-05-17 17:04 - 2022-06-03 17:27 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\Exodus 2022-05-17 17:04 - 2022-05-17 17:05 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IT 2022-05-17 17:04 - 2022-05-17 17:04 - 000002275 _____ C:\Users\zander13381\Desktop\Exodus.lnk 2022-05-17 17:04 - 2022-05-17 17:04 - 000000000 ____D C:\Users\zander13381\AppData\Local\exodus 2022-05-17 17:03 - 2022-05-17 17:03 - 165346272 _____ (Exodus Movement Inc) C:\Users\zander13381\Downloads\exodus-windows-x64-22.5.10.exe 2022-05-17 16:51 - 2022-05-17 16:58 - 1454374912 _____ C:\Users\zander13381\Downloads\antiX-21_x64-full.iso 2022-05-17 16:50 - 2022-05-29 20:57 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\uTorrent Web 2022-05-17 16:50 - 2022-05-17 16:50 - 000001915 _____ C:\Users\zander13381\Desktop\uTorrent Web.lnk 2022-05-17 16:49 - 2022-05-17 16:49 - 000111258 _____ C:\Users\zander13381\Downloads\antiX-21_x64-full.iso.torrent 2022-05-17 14:39 - 2022-05-17 14:39 - 000001516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2022-05-16 11:38 - 2022-05-16 11:40 - 000000000 ____D C:\Downloaded Web Sites 2022-05-15 14:59 - 2022-05-15 14:59 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-06-12 18:57 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Registration 2022-06-12 18:45 - 2022-01-11 10:11 - 000000000 ____D C:\Users\zander13381\AppData\Local\Packages 2022-06-12 18:36 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-06-12 18:15 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-06-12 18:13 - 2021-05-19 11:36 - 000000000 ____D C:\Program Files (x86)\Google 2022-06-12 18:07 - 2022-01-21 12:52 - 000000000 ___RD C:\Users\zander13381\Sint-Franciscuscollege 2022-06-12 18:07 - 2022-01-11 10:15 - 000000000 ___RD C:\Users\zander13381\OneDrive - Sint-Franciscuscollege 2022-06-12 18:06 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-06-12 18:05 - 2022-01-11 11:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-06-12 18:05 - 2022-01-11 10:11 - 000000000 __SHD C:\Users\zander13381\IntelGraphicsProfiles 2022-06-12 14:25 - 2022-04-23 19:31 - 000000000 ____D C:\Program Files\TeamViewer 2022-06-12 14:25 - 2022-02-09 12:42 - 000000786 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2022-06-12 14:25 - 2022-01-11 11:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-06-12 14:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState 2022-06-12 14:25 - 2021-05-19 13:50 - 000000134 _____ C:\WINDOWS\system32\regtest.txt 2022-06-12 14:25 - 2021-05-19 10:39 - 000000000 ____D C:\Intel 2022-06-12 14:25 - 2021-05-19 10:27 - 000012288 ___SH C:\DumpStack.log.tmp 2022-06-12 14:24 - 2022-01-17 14:57 - 000000000 ____D C:\Users\zander13381\AppData\LocalLow\Temp 2022-06-12 14:24 - 2021-06-05 14:01 - 001572864 _____ C:\WINDOWS\system32\config\BBI 2022-06-12 14:23 - 2022-01-17 14:14 - 000000000 ____D C:\Users\zander13381\AppData\Local\CrashDumps 2022-06-12 14:23 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2022-06-12 14:23 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-06-12 13:41 - 2022-02-24 18:27 - 000000000 ____D C:\ProgramData\Evorim 2022-06-12 13:41 - 2022-02-24 18:27 - 000000000 ____D C:\Program Files\Evorim 2022-06-11 10:06 - 2020-11-19 01:49 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-06-11 09:59 - 2022-01-18 10:09 - 000003636 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d806ce781db753 2022-06-11 09:59 - 2022-01-11 11:38 - 000003730 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-06-10 22:01 - 2022-01-11 10:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Intune Management Extension 2022-06-10 21:25 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-06-10 21:22 - 2022-01-15 11:54 - 000000000 ____D C:\ProgramData\Norton 2022-06-10 21:06 - 2021-05-19 11:55 - 000000000 ____D C:\WINDOWS\TempInst 2022-06-10 21:00 - 2022-01-11 11:35 - 001911572 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-06-10 21:00 - 2021-06-05 19:58 - 000844258 _____ C:\WINDOWS\system32\perfh013.dat 2022-06-10 21:00 - 2021-06-05 19:58 - 000178250 _____ C:\WINDOWS\system32\perfc013.dat 2022-06-10 21:00 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF 2022-06-10 20:54 - 2022-01-11 11:18 - 000000000 ____D C:\Users\zander13381 2022-06-10 20:17 - 2022-01-11 10:48 - 000000000 ____D C:\Users\zander13381\AppData\Local\D3DSCache 2022-06-10 20:16 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps 2022-06-10 20:16 - 2020-11-19 01:50 - 000000000 ____D C:\ProgramData\Packages 2022-06-10 10:28 - 2022-01-11 11:38 - 000003620 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-12-1-1045427199-1201164449-3859945119-2244745868 2022-06-10 10:28 - 2022-01-11 11:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-06-10 10:28 - 2022-01-11 10:13 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-06-10 10:28 - 2021-05-19 11:35 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-06-09 09:27 - 2022-01-20 09:34 - 000000000 ____D C:\Users\zander13381\AppData\LocalLow\Mozilla 2022-06-08 19:57 - 2022-03-19 21:01 - 000002488 _____ C:\Users\zander13381\Desktop\tennis mama - Chrome.lnk 2022-06-08 15:45 - 2022-04-08 15:22 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Burp Suite Community Edition 2022-06-08 15:45 - 2022-04-08 15:22 - 000000000 ____D C:\Users\zander13381\AppData\Roaming\BurpSuite 2022-06-06 17:56 - 2022-01-15 12:01 - 000000000 ____D C:\Users\zander13381\AppData\LocalLow\Norton 2022-06-06 17:54 - 2021-06-05 14:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-06-06 17:53 - 2022-01-14 19:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2022-06-05 11:30 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-06-05 11:05 - 2022-01-11 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Intune Management Extension 2022-06-04 18:14 - 2022-01-11 10:12 - 000000000 ____D C:\Users\zander13381\AppData\Local\SquirrelTemp 2022-06-04 17:09 - 2022-01-14 19:22 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2022-06-04 17:09 - 2022-01-14 19:19 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2022-06-04 17:09 - 2022-01-14 19:19 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs 2022-06-04 17:05 - 2022-04-06 15:03 - 000000000 ____D C:\Program Files\IIS Express 2022-06-04 17:05 - 2022-04-06 15:03 - 000000000 ____D C:\Program Files (x86)\IIS Express 2022-06-04 17:05 - 2022-03-15 12:36 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2022-06-04 17:05 - 2022-03-15 12:36 - 000000000 ____D C:\WINDOWS\system32\1033 2022-06-04 17:05 - 2022-01-14 19:21 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2022-06-04 17:00 - 2022-01-14 19:12 - 000001451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2022-06-03 13:37 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\schemas 2022-06-03 13:36 - 2022-05-11 15:16 - 014787944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmms.exe 2022-06-03 13:36 - 2022-05-11 15:16 - 001369440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmemulateddevices.dll 2022-06-03 13:36 - 2022-05-11 15:16 - 000701800 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmDataStore.dll 2022-06-03 13:36 - 2022-05-11 15:16 - 000398072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationVdev.dll 2022-06-03 13:36 - 2022-05-11 15:16 - 000360904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmEngUM.dll 2022-06-03 13:36 - 2022-05-11 15:16 - 000307184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmEngUM138.dll 2022-06-03 13:36 - 2022-05-11 15:16 - 000099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtpm.dll 2022-06-03 13:36 - 2022-05-11 15:16 - 000071000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ramparser.sys 2022-06-03 13:36 - 2022-05-11 15:16 - 000066912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lunparser.sys 2022-06-03 13:36 - 2022-01-12 11:44 - 000681328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmEmulatedStorage.dll 2022-06-03 13:36 - 2022-01-11 11:14 - 000622904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsconfig.dll 2022-06-03 13:36 - 2021-11-04 16:23 - 000186328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsp.exe 2022-06-03 13:36 - 2021-11-04 16:23 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmmsprox.dll 2022-06-03 13:36 - 2021-11-04 16:22 - 000106824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcip.sys 2022-06-03 13:36 - 2021-06-05 14:24 - 000048128 _____ C:\WINDOWS\SysWOW64\vmstaging.dll 2022-06-03 13:36 - 2021-06-05 14:23 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmconnect.exe 2022-06-03 13:36 - 2021-06-05 14:19 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\HgsClientWmi.dll 2022-06-03 13:36 - 2021-06-05 14:19 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\HostGuardianServiceClientResources.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 001583420 _____ C:\WINDOWS\system32\WindowsVirtualization.V2.mof 2022-06-03 13:36 - 2021-06-05 14:18 - 001152966 _____ C:\WINDOWS\system32\WindowsHyperVCluster.V2.mof 2022-06-03 13:36 - 2021-06-05 14:18 - 000716800 _____ C:\WINDOWS\system32\hgattest.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000414008 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmEmulatedNic.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000319816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicvdev.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmfirmwarepcat.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsynthfcvdev.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteFileBrowse.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000250184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmtpm.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000242000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmicrdv.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000237896 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpcievdev.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000205112 _____ (Microsoft Corporation) C:\WINDOWS\system32\HyperVSysprepProvider.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000196944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmdebug.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000192848 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvc.exe 2022-06-03 13:36 - 2021-06-05 14:18 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgclientservice.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000144967 _____ C:\WINDOWS\system32\virtmgmt.msc 2022-06-03 13:36 - 2021-06-05 14:18 - 000127288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmhgs.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000077824 _____ C:\WINDOWS\system32\hgsclientplugin.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000073728 _____ C:\WINDOWS\system32\vmstaging.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000066480 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmplatformca.exe 2022-06-03 13:36 - 2021-06-05 14:18 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AttestationWmiProvider.dll 2022-06-03 13:36 - 2021-06-05 14:18 - 000036864 _____ C:\WINDOWS\system32\hgclientserviceps.dll 2022-06-01 16:41 - 2022-02-05 18:51 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-06-01 10:25 - 2021-05-19 11:36 - 000002273 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-05-31 16:31 - 2022-01-16 11:26 - 000000000 ____D C:\Program Files\Common Files\AV 2022-05-31 16:31 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-05-31 10:44 - 2022-01-11 10:17 - 000008028 _____ C:\WINDOWS\system32\InstallUtil.InstallLog 2022-05-30 18:20 - 2022-05-11 15:16 - 004276224 _____ (Microsoft Corporation) C:\WINDOWS\system32\HostNetSvc.dll 2022-05-30 18:20 - 2022-05-11 15:16 - 004052328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.exe 2022-05-30 18:20 - 2022-05-11 15:16 - 002914496 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe 2022-05-30 18:20 - 2022-05-11 15:16 - 001049960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmchipset.dll 2022-05-30 18:20 - 2022-05-11 15:16 - 000800104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.dll 2022-05-30 18:20 - 2022-05-11 15:16 - 000623968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmuidevices.dll 2022-05-30 18:20 - 2022-05-11 15:16 - 000353640 _____ C:\WINDOWS\system32\vp9fs.dll 2022-05-30 18:20 - 2022-05-11 15:16 - 000312672 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmCrashDump.dll 2022-05-30 18:20 - 2022-05-11 15:16 - 000210280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmsvcext.sys 2022-05-30 18:20 - 2022-05-11 15:16 - 000193888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fse.sys 2022-05-30 18:20 - 2022-05-11 15:16 - 000144744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdp4vs.dll 2022-05-30 18:20 - 2022-05-11 15:16 - 000091472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pvhdparser.sys 2022-05-30 18:20 - 2022-05-11 15:16 - 000066912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NvAgent.dll 2022-05-30 18:20 - 2022-05-11 15:16 - 000046888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbresources.dll 2022-05-30 18:20 - 2022-04-18 16:26 - 000234832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsp.sys 2022-05-30 18:20 - 2022-01-12 11:43 - 000292200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbusr.sys 2022-05-30 18:20 - 2022-01-12 11:43 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspiper.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 005386576 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmfirmware.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000700744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmusrv.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000627024 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmserial.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000553296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmpmem.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000491824 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsynthstor.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000454984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmprox.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmvpci.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000430416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsmb.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000344400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmdynmem.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnsdiag.exe 2022-05-30 18:20 - 2021-11-04 16:23 - 000032768 _____ C:\WINDOWS\system32\hnsproxy.dll 2022-05-30 18:20 - 2021-11-04 16:23 - 000024912 _____ (Microsoft Corporation) C:\WINDOWS\system32\07409496-a423-4a3e-b620-2cfb01a9318d_HyperV-ComputeNetwork.dll 2022-05-30 18:20 - 2021-06-05 14:19 - 000082248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\l2bridge.sys 2022-05-30 18:20 - 2021-06-05 14:19 - 000049488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hnswfpdriver.sys 2022-05-30 18:20 - 2021-06-05 14:18 - 000401736 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmSynthNic.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000360784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmiccore.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000356680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hcsdiag.exe 2022-05-30 18:20 - 2021-06-05 14:18 - 000311616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmflexio.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000258384 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbusvdev.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000250184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpupvdev.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000233808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys 2022-05-30 18:20 - 2021-06-05 14:18 - 000164176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmvirtio.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000123208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwpevents.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000122880 _____ C:\WINDOWS\system32\vmhbmgmt.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000119104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwpctrl.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000090112 _____ C:\WINDOWS\system32\Drivers\vmbusproxy.sys 2022-05-30 18:20 - 2021-06-05 14:18 - 000078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdparser.sys 2022-05-30 18:20 - 2021-06-05 14:18 - 000069968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\passthruparser.sys 2022-05-30 18:20 - 2021-06-05 14:18 - 000061776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocketcontrol.sys 2022-05-30 18:20 - 2021-06-05 14:18 - 000049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VrdUmed.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000041288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcomputeeventlog.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000024904 _____ (Microsoft Corporation) C:\WINDOWS\system32\f989b52d-f928-44a3-9bf1-bf0c1da6a0d6_HyperV-DeviceVirtualization.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000024904 _____ (Microsoft Corporation) C:\WINDOWS\system32\f1db7d81-95be-4911-935a-8ab71629112a_HyperV-IsolatedVM.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000024904 _____ (Microsoft Corporation) C:\WINDOWS\system32\c4d66f00-b6f0-4439-ac9b-c5ea13fe54d7_HyperV-ComputeCore.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000024896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d4d78066-e6db-44b7-b5cd-2eb82dce620c_HyperV-ComputeLegacy.dll 2022-05-30 18:20 - 2021-06-05 14:18 - 000006658 _____ C:\WINDOWS\system32\VmFirmware Third-Party Notices.txt 2022-05-30 18:14 - 2022-05-11 15:16 - 002581848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys 2022-05-30 18:14 - 2022-05-11 15:16 - 001127776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys 2022-05-30 18:14 - 2022-05-11 15:16 - 000370008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nvspinfo.exe 2022-05-30 18:14 - 2022-05-11 15:16 - 000329048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll 2022-05-30 18:14 - 2022-05-11 15:16 - 000144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsifcore.dll 2022-05-30 18:14 - 2022-05-11 15:16 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslconfig.exe 2022-05-30 18:14 - 2022-05-11 15:16 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bash.exe 2022-05-30 18:14 - 2022-05-11 15:16 - 000071016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxyHNic.sys 2022-05-30 18:14 - 2022-05-11 15:16 - 000066904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxy.sys 2022-05-30 18:14 - 2022-04-18 16:27 - 000173424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2022-05-30 18:14 - 2021-06-05 14:19 - 000504144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetMgmtIF.dll 2022-05-30 18:14 - 2021-06-05 14:19 - 000139600 _____ C:\WINDOWS\system32\nmscrub.exe 2022-05-30 18:14 - 2021-06-05 14:19 - 000119120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nmbind.exe 2022-05-30 18:14 - 2021-06-05 14:19 - 000049464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxss.sys 2022-05-30 18:14 - 2021-06-05 14:18 - 000049464 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsifproxystub.dll 2022-05-30 18:14 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2022-05-30 18:14 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\lxss 2022-05-30 10:47 - 2022-02-11 14:28 - 000002426 _____ C:\Users\Public\Desktop\Norton Security.lnk 2022-05-29 20:48 - 2022-03-04 16:54 - 000000000 ____D C:\Users\zander13381\AppData\Local\BitTorrentHelper 2022-05-29 20:48 - 2022-01-15 11:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64 2022-05-29 09:34 - 2021-05-19 11:32 - 000000000 ____D C:\Program Files\Microsoft Office 2022-05-26 07:33 - 2021-05-19 11:36 - 000000000 ____D C:\Program Files\Google 2022-05-25 16:21 - 2022-01-11 11:17 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-05-23 18:22 - 2022-04-18 16:54 - 000000000 ____D C:\Users\zander13381\AppData\Local\ElevatedDiagnostics 2022-05-23 18:05 - 2022-04-01 12:38 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-05-23 18:05 - 2022-04-01 12:38 - 000001869 _____ C:\Users\zander13381\Desktop\Google Drive.lnk 2022-05-23 08:49 - 2022-01-15 11:58 - 000100320 _____ (Broadcom) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS 2022-05-23 08:49 - 2022-01-15 11:58 - 000011265 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT 2022-05-20 14:24 - 2022-04-18 17:26 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 2022-05-20 14:24 - 2022-04-18 17:26 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon 2022-05-17 17:03 - 2022-01-11 17:44 - 000000000 ____D C:\Users\zander13381\.VirtualBox 2022-05-17 16:57 - 2022-01-11 17:44 - 000000000 ____D C:\ProgramData\VirtualBox 2022-05-17 16:50 - 2022-03-04 16:50 - 000000000 ____D C:\Users\zander13381\AppData\Local\_ 2022-05-17 14:39 - 2021-05-19 12:25 - 000000000 ____D C:\Program Files (x86)\Intel 2022-05-17 14:39 - 2021-05-19 11:01 - 000000000 ____D C:\ProgramData\Package Cache 2022-05-17 01:37 - 2022-01-11 10:22 - 000048904 _____ (Lenovo Group Limited) C:\WINDOWS\system32\Drivers\TPPWR64V.SYS 2022-05-17 01:37 - 2021-05-19 12:25 - 005492184 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\PWMTR32V.dll 2022-05-15 16:02 - 2022-02-16 09:45 - 000002488 _____ C:\Users\zander13381\Desktop\ad (zc) - Chrome.lnk 2022-05-15 14:59 - 2022-01-11 11:18 - 000000000 ____D C:\WINDOWS\system32\icmsg ==================== Bestanden in de root van sommige mappen ======== 2022-04-27 15:03 - 2022-04-27 15:03 - 000000904 _____ () C:\Users\zander13381\AppData\Local\recently-used.xbel 2022-04-18 17:22 - 2022-04-18 17:32 - 000007680 _____ () C:\Users\zander13381\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================