Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 30-08-2022 Gestart door HZ1RU (Beheerder) op DESKTOP-3G2NDPS (HP HP ProDesk 400 G6 SFF) (29-09-2022 12:51:34) Gestart vanaf C:\Users\HZ1RU\Downloads Geladen Profielen: HZ1RU Platform: Microsoft Windows 10 Pro Versie 21H2 19044.2006 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Edge Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (explorer.exe ->) () [Bestand niet getekend] C:\Program Files\revoSleep v0.4\revoSleep.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12> (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] C:\Program Files\Classic Shell\ClassicStartMenu.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12> (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <4> (explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Conexant Systems LLC.) [Bestand niet getekend] C:\Windows\CxSvc\CxUtilSvc.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_d501376b0829abda\x64\TouchpointAnalyticsClientService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4a3edf5f323687cd\x64\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4a3edf5f323687cd\x64\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4a3edf5f323687cd\x64\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4a3edf5f323687cd\x64\SysInfoCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpdsusoftwarecomponent.inf_amd64_6b6c15ad85118c76\HotkeyServiceDSU.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpdsusoftwarecomponent.inf_amd64_6b6c15ad85118c76\LanWlanWwanSwitchingServiceDSU.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_42257e45eaa17009\HotKeyServiceUWP.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f37f66cf59feb38a\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_f37f66cf59feb38a\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe (services.exe ->) (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe (services.exe ->) (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe (services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe (services.exe ->) (SMA Solar Technology AG -> Microsoft) C:\Program Files (x86)\SMA\Sunny Explorer\SMA.Multicasting.IGMP.QuerierService.exe (services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe (services.exe ->) (www.shadowexplorer.com) [Bestand niet getekend] C:\Program Files (x86)\ShadowExplorer\sesvc.exe (svchost.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (svchost.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2020-02-06] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [54176 2019-12-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [9923856 2022-09-07] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952104 2020-09-24] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-08-25] (Macrovision Corporation) [Bestand niet getekend] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [LocalServiceControl] => C:\Program Files (x86)\LocalServiceComponents\LocalServiceControl.exe [475136 2022-09-19] (Hangzhou Hikvision Digital Tech.Co.,Ltd -> ) HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Geen bestand) HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\Run: [electron.app.Fing] => C:\Program Files\Fing\Fing.exe --processStart "Fing.exe" --process-start-args "--hidden" (Geen bestand) HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\Run: [MicrosoftEdgeAutoLaunch_76D24832E639CBCC024845F344CF2ABE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795376 2022-09-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-346357692-1366640249-2590671835-1001\...\Run: [HP OfficeJet Pro 8710 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\ScanToPCActivationApp.exe [3770528 2021-11-15] (HP Inc. -> HP Inc.) HKU\S-1-5-21-346357692-1366640249-2590671835-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-21] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT HKU\S-1-5-21-346357692-1366640249-2590671835-1001\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0A96243A-8543-46E1-8C21-800E9ED6AF4F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI Task: {0BA3C1F3-7DD3-4C1B-B470-81BB5973CAA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {15C003D7-C26D-412B-92F1-DF84D32743E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-03] (Google LLC -> Google LLC) Task: {171DECCF-6BFF-4CF0-B986-BC97B799CEE9} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [497752 2020-04-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics) Task: {379FFAE7-8045-4F96-AE94-D14B09F9F0CB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError Task: {398AFD7A-49FD-414A-B769-95C3608BD1BC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO Task: {3B0947DB-0ADB-4A09-9031-970861290A48} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF Task: {446E4CF3-4618-45D5-805E-219393689D91} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4540F6F1-8D25-4B05-BB1D-A2B6BFEC402A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {45C33A12-7510-4969-A478-E8084366B487} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [121605552 2022-05-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) Task: {52AA032D-4AF0-43BD-925D-CC02DF486457} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1 Task: {5ED19E6A-BFE2-4E11-B19D-57C695B382DA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags: Task: {6CEE22A7-5587-4D2F-AF6D-F9B5B7CA2278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1555696 2022-08-03] (Adobe Inc. -> Adobe Inc.) Task: {866947C9-6923-4820-8ACB-239FC769EE25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9E6A7934-1870-4499-AA51-069D2B02C937} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [Bestand niet getekend] Task: {A0077304-1646-4508-8422-5BCC2A9E9FA0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-03] (Google LLC -> Google LLC) Task: {ABD79DFD-0EAA-402D-A1E4-1F4855F2C753} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {B162F80D-B7B5-4F4B-8D1D-2CDC65A07BF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {CF2FC78A-45DB-4912-9954-09CA33541667} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-346357692-1366640249-2590671835-500 => C:\Users\HZ1RU\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Geen bestand) Task: {D96E1F72-15F0-49D0-8519-D28A5DA34AFE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation) Task: {DC1EBB1A-5F86-4921-978D-79CF3774AA3B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {E675B879-1473-45C5-9459-023592BBC6D8} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2 Task: {EF9903E5-4E0A-44B6-B139-A44197B456AB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError Task: {FB6294FF-834F-4346-B582-D7C90BB0600E} - \IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 -> Geen bestand <==== AANDACHT (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{1f307480-32dc-439c-ae2a-66b5dd121733}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{2ca94e2e-3b22-4682-81bc-58f21622e17b}: [DhcpNameServer] 8.8.8.8 1.1.1.1 Tcpip\..\Interfaces\{8d9b8200-e773-4286-9406-248cd11b39c6}: [DhcpNameServer] 208.67.222.222 208.67.220.220 Tcpip\..\Interfaces\{aa56ba2d-d83d-4cdf-8e01-bc549a7399d3}: [DhcpNameServer] 1.1.1.1 1.0.0.1 Edge: ======= DownloadDir: Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2022-09-24] Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge DefaultProfile: Default Edge Profile: C:\Users\HZ1RU\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-29] Edge Notifications: Default -> hxxps://www.pc-helpforum.be Edge Extension: (Adblock Plus - gratis adblocker) - C:\Users\HZ1RU\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-08-29] Edge Profile: C:\Users\HZ1RU\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-30] FireFox: ======== FF DefaultProfile: imey1zli.default-1664279106683 FF ProfilePath: C:\Users\HZ1RU\AppData\Roaming\Mozilla\Firefox\Profiles\imey1zli.default-1664279106683 [2022-09-28] FF HKLM-x32\...\Firefox\Extensions: [brofox_host@bromium.com] - C:\Program Files\HP\Sure Click\4.1.8.2387\servers\FakeDir => niet gevonden FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-08] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-10-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-10-22] (Oracle America, Inc. -> Oracle Corporation) Chrome: ======= CHR Profile: C:\Users\HZ1RU\AppData\Local\Google\Chrome\User Data\Default [2022-09-29] CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://calendar.google.com; hxxps://mail.google.com CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\HZ1RU\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-09-02] CHR Extension: (Thumbs DB Viewer (Thumbs.db)) - C:\Users\HZ1RU\AppData\Local\Google\Chrome\User Data\Default\Extensions\eajmcfpkadefdaijoidobidhiignapmi [2020-07-10] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\HZ1RU\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.) R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [76088 2021-07-15] (Synaptics Incorporated -> Conexant Systems LLC.) S2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc64.exe [113464 2021-07-15] (Synaptics Incorporated -> Conexant Systems, Inc.) R2 CxUtilSvc; C:\Windows\CxSvc\CxUtilSvc.exe [166400 2019-12-07] (Conexant Systems LLC.) [Bestand niet getekend] R2 HotKeyServiceDSU; C:\WINDOWS\System32\DriverStore\FileRepository\hpdsusoftwarecomponent.inf_amd64_6b6c15ad85118c76\HotKeyServiceDSU.exe [698376 2022-06-17] (HP Inc. -> HP Inc.) R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_42257e45eaa17009\HotKeyServiceUWP.exe [1526184 2020-08-18] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4a3edf5f323687cd\x64\AppHelperCap.exe [771072 2022-07-31] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4a3edf5f323687cd\x64\DiagsCap.exe [769528 2022-07-31] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4a3edf5f323687cd\x64\NetworkCap.exe [766464 2022-07-31] (HP Inc. -> HP Inc.) S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-01-28] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_4a3edf5f323687cd\x64\SysInfoCap.exe [770032 2022-07-31] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_d501376b0829abda\x64\TouchpointAnalyticsClientService.exe [489712 2022-05-26] (HP Inc. -> HP Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Bestand niet getekend] R2 LanWlanWwanSwitchingServiceDSU; C:\WINDOWS\System32\DriverStore\FileRepository\hpdsusoftwarecomponent.inf_amd64_6b6c15ad85118c76\LanWlanWwanSwitchingServiceDSU.exe [587800 2022-06-17] (HP Inc. -> HP Inc.) S3 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_42257e45eaa17009\LanWlanWwanSwitchingServiceUWP.exe [782760 2020-08-18] (HP Inc. -> HP Inc.) R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [11072008 2022-09-07] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [783344 2021-01-28] (MiniTool Software Limited -> ) R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [226800 2021-01-28] (MiniTool Software Limited -> ) R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [360368 2022-05-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [30504 2019-12-02] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [Bestand niet getekend] R2 SMA.Multicasting.IGMP.QuerierService.exe; C:\Program Files (x86)\SMA\Sunny Explorer\SMA.Multicasting.IGMP.QuerierService.exe [27608 2020-07-02] (SMA Solar Technology AG -> Microsoft) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) S3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{8679F66E-6EC3-43EE-A65F-32D433F85EFD} [21312 2020-12-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation) S4 DFWSIDService; C:\Program Files (x86)\Wondershare\drfone\WsidService.exe [X] S4 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\ElevationService.exe [X] S2 Fing.Agent; C:\Program Files\Fing\resources\extraResources\fingagent.exe --servicemode Fing.Agent --agentroot "C:\Users\HZ1RU\AppData\Roaming" S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X] S4 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X] S4 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Addins\Repair\DriverInstall.exe [X] ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 airpcap; C:\WINDOWS\System32\drivers\airpcap.sys [504832 2014-03-04] (Riverbed Technology, Inc.) [Bestand niet getekend] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 DRTWlanE; C:\WINDOWS\System32\drivers\Drtwlane.sys [9634328 2019-01-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.) S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2021-01-02] (北京铠信神州科技有限责任公司 -> ) R3 MpKsld8f97616; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{848E19F1-5370-46D6-A685-438A4362EA5B}\MpKslDrv.sys [228600 2022-09-29] (Microsoft Windows -> Microsoft Corporation) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.) R2 NPF; C:\Program Files (x86)\iVMS-4200 Site\Drivers\npf64.sys [36600 2021-12-27] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> ) S3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation) R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [309752 2019-06-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [120280 2019-06-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [258544 2019-08-01] (WDKTestCert charles-yeh,131345514351795974 -> Prolific Technology Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2020-12-11] (Microsoft Corporation) [Bestand niet getekend] S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation) U4 npcap_wifi; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-09-29 12:51 - 2022-09-29 12:52 - 000027950 _____ C:\Users\HZ1RU\Downloads\FRST.txt 2022-09-29 12:50 - 2022-09-29 12:50 - 002371072 _____ (Farbar) C:\Users\HZ1RU\Downloads\Niet bevestigd 845681.crdownload 2022-09-29 12:48 - 2022-09-29 12:48 - 002371072 _____ (Farbar) C:\Users\HZ1RU\Downloads\FRST64.exe 2022-09-29 12:34 - 2022-09-29 12:34 - 008617546 _____ C:\Users\HZ1RU\Documents\Documenten.59.pdf 2022-09-28 15:44 - 2022-09-28 15:44 - 000000008 __RSH C:\ProgramData\ntuser.pol 2022-09-27 15:38 - 2022-09-27 15:38 - 000000000 ____D C:\Users\HZ1RU\.swt 2022-09-27 13:45 - 2022-09-27 18:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-09-26 14:33 - 2018-10-05 15:50 - 643925328 _____ C:\Users\HZ1RU\Desktop\CaroDump13012017.pcap 2022-09-26 13:51 - 2018-10-05 15:01 - 2034917183 _____ C:\Users\HZ1RU\Desktop\Caro31082017.pcap 2022-09-26 13:51 - 2018-10-05 15:00 - 2073031524 _____ C:\Users\HZ1RU\Desktop\Caro31082017.pcap.pcapng 2022-09-22 11:05 - 2022-09-22 14:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2022-09-18 10:26 - 2022-09-18 10:26 - 000459208 _____ C:\Users\HZ1RU\Documents\Documenten.58.pdf 2022-09-18 09:53 - 2022-09-18 09:53 - 000451742 _____ C:\Users\HZ1RU\Documents\Documenten.57.pdf 2022-09-17 15:31 - 2022-09-17 15:31 - 000668554 _____ C:\Users\HZ1RU\Documents\Documenten.56.pdf 2022-09-16 15:21 - 2022-09-16 15:21 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\Downloaded Installations 2022-09-15 08:16 - 2022-09-15 08:16 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\com.adobe.dunamis 2022-09-15 01:58 - 2022-09-15 01:58 - 000000048 ____H C:\Program Files (x86)\3bg2xkb8bu.dat 2022-09-14 14:56 - 2022-09-14 14:56 - 000471802 _____ C:\Users\HZ1RU\Documents\Documenten.55.pdf 2022-09-14 09:51 - 2022-09-14 09:51 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-09-14 09:50 - 2022-09-14 09:50 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll 2022-09-14 09:50 - 2022-09-14 09:50 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-09-14 09:50 - 2022-09-14 09:50 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-09-14 09:50 - 2022-09-14 09:50 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-09-14 09:47 - 2022-09-14 09:47 - 000000000 ___HD C:\$WinREAgent 2022-09-09 19:27 - 2022-09-09 19:27 - 001246449 _____ C:\Users\HZ1RU\Documents\Documenten.54.pdf 2022-09-09 16:36 - 2022-09-09 16:36 - 000691606 _____ C:\Users\HZ1RU\Documents\Documenten.53.pdf ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-09-29 12:51 - 2020-06-30 10:02 - 000000000 ____D C:\FRST 2022-09-29 12:43 - 2020-05-02 22:00 - 000000000 ____D C:\Program Files (x86)\Google 2022-09-29 12:33 - 2021-10-02 10:44 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\NAPS2 2022-09-28 19:44 - 2016-11-18 20:42 - 000000000 ____D C:\Users\HZ1RU\AppData\Local\ClassicShell 2022-09-28 19:38 - 2020-12-11 19:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-09-28 19:38 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-09-28 17:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-09-28 17:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-09-28 17:15 - 2022-05-06 18:29 - 000000594 _____ C:\Users\HZ1RU\ezpcopensdkconfig_9ffc4da769078eeb963f0897d728be4e.xml 2022-09-28 15:49 - 2020-12-11 19:47 - 001773148 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-09-28 15:49 - 2019-12-07 17:14 - 000785966 _____ C:\WINDOWS\system32\perfh013.dat 2022-09-28 15:49 - 2019-12-07 17:14 - 000154094 _____ C:\WINDOWS\system32\perfc013.dat 2022-09-28 15:49 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-09-28 15:46 - 2020-06-24 14:53 - 000000000 ____D C:\ProgramData\Mozilla 2022-09-28 15:45 - 2017-12-28 12:12 - 000000000 ____D C:\Users\HZ1RU\AppData\LocalLow\Mozilla 2022-09-28 15:44 - 2020-12-11 19:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-09-28 15:44 - 2020-06-24 10:56 - 000008192 ___SH C:\DumpStack.log.tmp 2022-09-28 15:44 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-09-28 15:44 - 2019-12-07 06:34 - 000000000 ___HD C:\Intel 2022-09-28 15:43 - 2016-11-15 14:34 - 000000000 ____D C:\Users\HZ1RU\AppData\LocalLow\Temp 2022-09-28 15:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2022-09-28 15:41 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-09-28 14:52 - 2021-12-04 10:46 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\Samsung Magician 2022-09-28 14:52 - 2017-05-04 16:42 - 000000000 ____D C:\Users\HZ1RU\AppData\Local\CrashDumps 2022-09-28 12:58 - 2018-01-18 23:19 - 000000000 ____D C:\Users\HZ1RU\AppData\Local\Packages 2022-09-28 12:49 - 2021-01-14 16:37 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-09-28 12:48 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-09-28 12:47 - 2019-07-29 15:48 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\Apple Computer 2022-09-28 12:45 - 2018-07-04 14:17 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\iMobie 2022-09-28 12:42 - 2020-05-03 09:35 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Passware 2022-09-28 12:42 - 2020-05-03 09:33 - 000000000 ____D C:\Program Files\Passware 2022-09-28 12:35 - 2018-10-06 16:03 - 000000000 ____D C:\Users\HZ1RU\Desktop\SystemTools 2022-09-28 08:08 - 2020-05-05 13:54 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-09-27 18:53 - 2020-06-24 14:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-09-27 15:38 - 2020-12-11 19:15 - 000000000 ____D C:\Users\HZ1RU 2022-09-27 12:56 - 2017-05-05 18:36 - 000000015 _____ C:\Users\HZ1RU\advanced_ip_scanner_Comments.bin 2022-09-27 12:56 - 2016-10-18 18:49 - 000000147 _____ C:\Users\HZ1RU\advanced_ip_scanner_Aliases.bin 2022-09-27 12:56 - 2016-10-18 18:47 - 000001704 _____ C:\Users\HZ1RU\advanced_ip_scanner_MAC.bin 2022-09-26 19:33 - 2020-12-11 19:47 - 000002592 _____ C:\WINDOWS\system32\Tasks\SamsungMagician 2022-09-26 08:47 - 2016-11-15 19:20 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\vlc 2022-09-24 18:56 - 2018-02-04 17:13 - 000000000 ____D C:\Users\HZ1RU\AppData\Local\PlaceholderTileLogoFolder 2022-09-24 15:18 - 2021-01-19 15:06 - 000000000 ____D C:\Users\Administrator 2022-09-24 15:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration 2022-09-21 08:14 - 2020-05-03 18:51 - 000002289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-09-20 10:53 - 2022-06-21 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LocalServiceComponents 2022-09-20 10:53 - 2022-06-21 09:19 - 000000000 ____D C:\Program Files (x86)\LocalServiceComponents 2022-09-18 10:25 - 2018-04-13 08:01 - 000000000 ____D C:\Users\HZ1RU\Desktop\STSRvB 2022-09-15 08:04 - 2020-12-11 19:41 - 000560264 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-09-14 18:24 - 2019-12-07 17:17 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-09-14 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-09-14 13:55 - 2020-05-03 00:24 - 000000000 ____D C:\Users\HZ1RU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio 2022-09-14 13:55 - 2020-05-03 00:23 - 000000000 ____D C:\Program Files (x86)\R-Studio 2022-09-14 09:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-09-14 09:50 - 2020-12-11 19:42 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-09-14 09:11 - 2020-05-02 12:27 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-09-14 09:09 - 2020-05-02 12:27 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-09-12 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-09-10 10:24 - 2022-01-06 17:06 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-09-10 10:24 - 2020-12-11 19:47 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-09-08 18:08 - 2022-02-09 09:57 - 000090860 _____ C:\WINDOWS\Macrium Reflect Patch Log.txt 2022-09-07 08:22 - 2019-04-19 20:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-09-02 17:21 - 2021-02-01 12:44 - 000001431 _____ C:\Users\HZ1RU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-08-30 18:38 - 2020-12-11 19:47 - 000003568 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-08-30 18:38 - 2020-12-11 19:47 - 000003444 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore ==================== Bestanden in de root van sommige mappen ======== 2022-09-15 01:58 - 2022-09-15 01:58 - 000000048 ____H () C:\Program Files (x86)\3bg2xkb8bu.dat 2017-09-01 16:39 - 2017-09-17 11:07 - 000000079 _____ () C:\Users\HZ1RU\AppData\Roaming\.ettercap_gtk 2017-08-14 12:54 - 2017-08-14 12:55 - 000000004 _____ () C:\Users\HZ1RU\AppData\Local\.dotcache 2016-04-26 19:48 - 2016-04-26 19:48 - 000178658 _____ () C:\Users\HZ1RU\AppData\Local\ars.cache 2016-04-26 19:48 - 2016-04-26 19:48 - 000563889 _____ () C:\Users\HZ1RU\AppData\Local\census.cache 2016-10-24 11:09 - 2021-08-04 10:49 - 000018944 _____ () C:\Users\HZ1RU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-04-26 19:38 - 2016-04-26 19:38 - 000000036 _____ () C:\Users\HZ1RU\AppData\Local\housecall.guid.cache 2017-01-29 17:53 - 2017-07-13 17:10 - 000000414 _____ () C:\Users\HZ1RU\AppData\Local\MZD-AIO-TI.log 2019-03-22 15:19 - 2019-11-09 15:06 - 000000128 _____ () C:\Users\HZ1RU\AppData\Local\PUTTY.RND 2017-01-05 17:56 - 2017-01-05 17:56 - 000000001 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.1.02.agreement 2018-07-25 12:51 - 2018-07-25 12:51 - 000000001 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.1.10.agreement 2017-01-05 17:58 - 2018-07-28 10:35 - 000000022 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.savedialog.dir 2017-01-05 17:58 - 2018-07-28 10:35 - 000000001 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.savedialog.filterindex 2017-01-05 17:56 - 2018-07-28 10:35 - 000000001 _____ () C:\Users\HZ1RU\AppData\Local\RawCopy.sourcedisk.index 2017-10-13 18:31 - 2017-10-13 18:31 - 000002331 _____ () C:\Users\HZ1RU\AppData\Local\recently-used.xbel 2017-05-01 12:10 - 2020-04-29 12:23 - 000000487 _____ () C:\Users\HZ1RU\AppData\Local\ReclaiMe.config 2019-07-06 15:48 - 2019-07-12 18:03 - 000000487 _____ () C:\Users\HZ1RU\AppData\Local\ReclaiMePro.config 2019-02-05 13:29 - 2019-02-05 13:29 - 000007605 _____ () C:\Users\HZ1RU\AppData\Local\Resmon.ResmonCfg 2016-04-26 19:43 - 2016-09-26 13:18 - 000000010 _____ () C:\Users\HZ1RU\AppData\Local\sponge.last.runtime.cache 2017-01-02 14:18 - 2021-12-26 10:53 - 000000286 _____ () C:\Users\HZ1RU\AppData\Local\zenmap.exe.log 2017-07-21 12:18 - 2020-11-22 15:28 - 000001933 _____ () C:\Users\HZ1RU\AppData\Local\_ExceptionTrace ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================