Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20-11-2025 Gestart door dell (Beheerder) op DESKTOP-FRU6767 (Dell Inc. OptiPlex 3070) (30-11-2025 11:08:56) Gestart vanaf E:\Colors\FRST64.exe Geladen Profielen: dell Platform: Microsoft Windows 11 Pro Versie 25H2 26200.7171 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\Mozilla Thunderbird\thunderbird.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Thunderbird\crashhelper.exe (DriverStore\FileRepository\cui_dch.inf_amd64_0bd497310795eeb4\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0bd497310795eeb4\igfxEM.exe (explorer.exe ->) (Gadwin, Ltd. -> Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12> (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <4> (explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\dell\AppData\Local\Microsoft\OneDrive\25.206.1021.0003\OneDrive.Sync.Service.exe (services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (services.exe ->) (Corel Corporation -> ) C:\Windows\SysWOW64\PSIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0bd497310795eeb4\igfxCUIService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_99f6bd58bfe82726\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4d06d7f3655985a2\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dab41b49c861231e\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_dab41b49c861231e\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_923747d9c137105b\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_2c17521ca0d3f79c\WMIRegistrationService.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe <3> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.27.350.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.151.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe [1345104 2021-09-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe [1774584 2021-02-18] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [Corel Photo Downloader] => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup (Geen bestand) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Geen bestand) HKU\S-1-5-21-3723417269-524966456-2744553021-1001\...\Run: [MicrosoftEdgeAutoLaunch_70097D053DE55DAC7494318E9E120B85] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4253736 2025-11-20] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3723417269-524966456-2744553021-1001\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [1842384 2012-05-30] (Gadwin, Ltd. -> Gadwin Systems, Inc) HKLM\...\Windows x64\Print Processors\Canon TS3400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDGF.DLL [525824 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3400 series: C:\WINDOWS\system32\CNMLMGF.DLL [962560 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\142.0.7444.176\Installer\chrmstp.exe [2025-11-22] (Google LLC -> Google LLC) ==================== Geplande Taken (gefilterd) ================= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {C60831D7-BB2F-45D7-845F-4641290738E9} - System32\Tasks\CorelUpdateHelperTask-6A3E63909DE9EB704F741A2A23F04B4F => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe -resume (Geen bestand) Task: {231E66F8-03D7-4A80-BB7F-B070A4A774D0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem143.0.7482.0{C3C6C97F-47B5-40CE-B8DD-846B1196DC44} => C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe [6933656 2025-10-19] (Google LLC -> Google LLC) Task: {D6A4F46E-CEAB-414E-8CE1-183038E1DE68} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2021-09-30] (Adobe Inc. -> Adobe Systems Incorporated) Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (Geen bestand) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Geen bestand) Task: {E84BBAC9-BD61-4AC2-A372-5226ADCF3FB7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5A66069A-BF99-4B4B-AF6B-3AA5C4904F41} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C7B3C0B3-E377-498F-845E-F42A2E6F38EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {98B090B4-C4DC-49FD-9EEA-55CFB5927A99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1A50180C-B2DE-45E0-9816-76CFFBBB0036} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3723417269-524966456-2744553021-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [693376 2025-10-11] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (de data item heeft 6 meer tekens). Task: {2299CC12-E7EB-4AA1-B7FA-D62D54E8F8FC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-10-11] (Mozilla Corporation -> Mozilla Foundation) Task: {36E6E625-CAD7-4159-9A3A-39D90988B45A} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3723417269-524966456-2744553021-1001 => C:\Users\dell\AppData\Local\Microsoft\OneDrive\25.206.1021.0003\OneDriveLauncher.exe [727440 2025-11-18] (Microsoft Corporation -> Microsoft Corporation) Task: {400484EA-D72C-4E06-8E43-976A5BF7D671} - System32\Tasks\Softtrack Adobe Block Firewall => C:\Program Files (x86)\Softtrack\Softtrack Adobe Blocker Firewall\AdobeBlockPopupFirewall.exe [1373184 2024-07-10] () [Bestand niet getekend] (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 84.116.46.22 84.116.46.23 Tcpip\..\Interfaces\{57c045e1-98f9-43dd-b71d-8bdfb89efb70}: [DhcpNameServer] 84.116.46.22 84.116.46.23 Tcpip\..\Interfaces\{57c045e1-98f9-43dd-b71d-8bdfb89efb70}: [DhcpDomain] dynamic.ziggo.nl Edge: ======= Edge DefaultProfile: Profile 3 Edge Profile: C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-02] Edge Extension: (Offline Documenten) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-02] Edge Extension: (Edge relevant text changes) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-02] Edge Profile: C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2025-11-29] Edge DownloadDir: Profile 3 -> F:\ZZZZUitpakken Edge StartupUrls: Profile 3 -> "hxxps://goldlady.jouwpagina.nl/" Edge Extension: (Offline Documenten) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-27] Edge Extension: (Adblock Plus - gratis adblocker) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2025-11-27] Edge Extension: (Edge relevant text changes) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-02] Edge Extension: (I don’t care about cookies) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2024-11-13] Edge Extension: (AdGuard Advertentieblokker) - C:\Users\dell\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2025-11-27] FireFox: ======== FF DefaultProfile: sugey4mi.default FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\sugey4mi.default [2025-04-25] FF ProfilePath: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\zgot490z.default-release [2025-11-28] FF Extension: (New Tab) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\zgot490z.default-release\Extensions\newtab@mozilla.org.xpi [2025-10-16] FF Extension: (Browserbeveiliging door F-Secure) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\zgot490z.default-release\Extensions\ols@f-secure.com.xpi [2025-09-23] FF Extension: (Data Leak Blocker) - C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\zgot490z.default-release\features\{18421973-3e48-4240-a680-d42caeb5eea3}\data-leak-blocker@mozilla.com.xpi [2025-10-11] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default [2025-11-30] CHR DownloadDir: E:\ CHR Notifications: Default -> hxxps://experimenten.actieforum.com; hxxps://expirimenten.actieforum.com; hxxps://imakeskins.actieforum.com; hxxps://janetstestforum.actieforum.com; hxxps://kerstskintest.actieforum.com; hxxps://l-designs.actieforum.com; hxxps://mijntest.actieforum.com; hxxps://mijntfk.actieforum.com; hxxps://ondersteun.actieforum.com; hxxps://place-of-dreams.actieforum.com; hxxps://psp-freubel.actieforum.com; hxxps://pspgezelligmetonsmee.actieforum.com; hxxps://pspismagic.actieforum.com; hxxps://pspourpassion.actieforum.com; hxxps://pspparadise.actieforum.com; hxxps://pspsensation.actieforum.com; hxxps://pspvraagbaak.actieforum.com; hxxps://queen-s.actieforum.com; hxxps://queenstestskin.actieforum.com; hxxps://queenswinterskin.actieforum.com; hxxps://screensshot.actieforum.com; hxxps://sensationsskins.actieforum.com; hxxps://testzolder.actieforum.com; hxxps://winterskin.actieforum.com; hxxps://www.easeus.com; hxxps://zomerskin.actieforum.com; hxxps://zomerskintest.actieforum.com CHR StartupUrls: Default -> "hxxps://goldlady.jouwpagina.nl/" CHR Extension: (Google Translate) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-10-31] CHR Extension: (Just Black) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2024-11-06] CHR Extension: (Insert and Send HTML with Gmail) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcflbfdlpegakpncdgmejelcolhmfkjh [2024-10-31] CHR Extension: (AdGuard Advertentieblokker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2025-11-28] CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-11-27] CHR Extension: (I don’t care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-10-31] CHR Extension: (Save image as Type) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabfmnliflodkdafenbcpjdlppllnemd [2025-11-22] CHR Extension: (Offline Documenten) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-19] CHR Extension: (Google Mail Checker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-10-31] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-31] CHR Extension: (AdBlocker Ultimate) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2025-11-29] CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-10-31] CHR DefaultSearchURL: Profile 1 -> hxxps://duckduckgo.com/?q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> duckduckgo.com CHR DefaultNewTabURL: Profile 1 -> hxxps://duckduckgo.com/chrome_newtab CHR DefaultSuggestURL: Profile 1 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list CHR Extension: (Offline Documenten) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-31] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-31] CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-11-29] CHR Notifications: Profile 2 -> hxxps://demagievanpsp.actieforum.com CHR HomePage: Profile 2 -> hxxps://goldlady.jouwpagina.nl/ CHR StartupUrls: Profile 2 -> "hxxps://goldlady.jouwpagina.nl/" CHR Extension: (AdGuard Advertentieblokker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2025-11-27] CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-11-27] CHR Extension: (I don’t care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-11-01] CHR Extension: (Offline Documenten) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-23] CHR Extension: (Google Mail Checker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-11-01] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-31] CHR Extension: (AdBlocker Ultimate) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2025-11-29] CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 4 [2025-11-29] CHR StartupUrls: Profile 4 -> "hxxps://goldlady.jouwpagina.nl/" CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-11-29] CHR Extension: (I don’t care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2025-03-29] CHR Extension: (Offline Documenten) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-11-24] CHR Extension: (Google Mail Checker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2025-03-29] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-31] CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 5 [2025-08-27] CHR StartupUrls: Profile 5 -> "hxxps://goldlady.jouwpagina.nl/" CHR DefaultSearchURL: Profile 5 -> hxxps://duckduckgo.com/?q={searchTerms} CHR DefaultSearchKeyword: Profile 5 -> duckduckgo.com CHR DefaultNewTabURL: Profile 5 -> hxxps://duckduckgo.com/chrome_newtab CHR DefaultSuggestURL: Profile 5 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list CHR Extension: (Just Black) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2024-11-07] CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-08-27] CHR Extension: (I don’t care about cookies) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2025-03-29] CHR Extension: (Offline Documenten) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-08-27] CHR Extension: (Google Mail Checker) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2025-03-29] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\dell\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-31] CHR Profile: C:\Users\dell\AppData\Local\Google\Chrome\User Data\System Profile [2024-10-31] Opera: ======= OPR DefaultProfile: Default ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-11-20] (The Document Foundation -> The Document Foundation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11172008 2025-11-28] (Malwarebytes Inc -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-11] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpDefenderCoreService.exe [2026184 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) U2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] (Corel Corporation -> ) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803088 2025-10-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [19575600 2024-11-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\NisSrv.exe [4414480 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MsMpEng.exe [282440 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [569344 2024-11-24] (Microsoft Corporation) [Bestand niet getekend] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [200704 2024-11-24] (Microsoft Corporation) [Bestand niet getekend] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2024-11-24] (Microsoft Corporation) [Bestand niet getekend] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-11-18] (Microsoft Windows -> Microsoft Corporation) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234088 2025-11-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245336 2025-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20904 2025-11-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [629168 2025-11-18] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-11-18] (Microsoft Windows -> Microsoft Corporation) S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2025-11-30 11:08 - 2025-11-30 11:09 - 000000000 ____D C:\FRST 2025-11-30 10:42 - 2025-11-30 10:42 - 000001304 _____ C:\Users\Public\Desktop\Corel PaintShop Pro 2019 (64-bit).lnk 2025-11-30 10:42 - 2025-11-30 10:42 - 000001173 _____ C:\Users\Public\Desktop\Corel PaintShop Pro 2019.lnk 2025-11-30 10:42 - 2025-11-30 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro 2019 2025-11-30 08:48 - 2025-11-30 09:45 - 000000000 ____D C:\WINDOWS\CbsTemp 2025-11-30 08:12 - 2025-11-30 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro 2021 2025-11-30 08:12 - 2025-11-30 08:12 - 000001173 _____ C:\Users\Public\Desktop\Corel PaintShop Pro 2021.lnk 2025-11-30 08:02 - 2025-11-30 10:43 - 000000000 ____D C:\Users\dell\AppData\Local\Corel PaintShop Pro 2025-11-30 08:01 - 2025-11-30 08:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro 2020 2025-11-30 08:01 - 2025-11-30 08:01 - 000001173 _____ C:\Users\Public\Desktop\Corel PaintShop Pro 2020.lnk 2025-11-30 07:51 - 2025-11-30 07:51 - 000747192 _____ C:\WINDOWS\system32\perfh013.dat 2025-11-30 07:51 - 2025-11-30 07:51 - 000153432 _____ C:\WINDOWS\system32\perfc013.dat 2025-11-29 20:05 - 2025-11-29 20:06 - 512853764 _____ C:\Users\dell\Downloads\Lies.reg 2025-11-29 13:38 - 2025-11-29 13:38 - 000000000 ____D C:\Users\dell\AppData\Local\VS Revo Group 2025-11-29 13:37 - 2025-11-29 13:37 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2025-11-29 13:37 - 2025-11-29 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2025-11-29 13:37 - 2025-11-29 13:37 - 000000000 ____D C:\Program Files\VS Revo Group 2025-11-29 10:51 - 2025-11-29 10:52 - 000000000 ___HD C:\$SysReset 2025-11-21 16:11 - 2025-11-21 16:11 - 000001283 _____ C:\Users\Public\Desktop\AI. Image Matting.lnk 2025-11-21 16:11 - 2025-11-21 16:11 - 000000000 ____D C:\Users\dell\MATTING 2025-11-21 16:11 - 2025-11-21 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiarty Image Matting 2025-11-21 16:11 - 2025-11-21 16:11 - 000000000 ____D C:\ProgramData\Aiarty 2025-11-21 16:11 - 2025-11-21 16:11 - 000000000 ____D C:\Program Files (x86)\Aiarty 2025-11-20 17:27 - 2025-11-30 09:53 - 000003456 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-6A3E63909DE9EB704F741A2A23F04B4F 2025-11-20 09:06 - 2025-11-20 09:06 - 000000000 ____D C:\Users\dell\AppData\Roaming\IsolatedStorage 2025-11-20 09:06 - 2025-11-20 09:06 - 000000000 ____D C:\Users\dell\AppData\Local\Solvusoft_Corporation 2025-11-20 09:06 - 2025-11-20 09:06 - 000000000 ____D C:\ProgramData\IsolatedStorage 2025-11-20 09:05 - 2025-11-20 09:05 - 000000000 ____D C:\Users\dell\AppData\Roaming\WinThruster 2025-11-13 19:25 - 2025-11-15 07:55 - 000000000 ____D C:\Program Files\Mozilla Thunderbird ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2025-11-30 11:10 - 2024-11-01 06:50 - 000000000 ____D C:\Users\dell\AppData\Local\Malwarebytes 2025-11-30 11:00 - 2024-10-31 16:41 - 000000000 ____D C:\Program Files (x86)\Corel 2025-11-30 10:49 - 2024-10-31 18:20 - 000000000 ____D C:\Users\dell\Documents\My PSP files 2025-11-30 10:43 - 2024-10-31 16:49 - 000000000 ____D C:\Users\dell\Documents\Corel PaintShop Pro 2025-11-30 10:43 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-11-30 10:42 - 2024-10-31 16:47 - 000000000 ____D C:\ProgramData\Corel 2025-11-30 10:42 - 2024-10-31 16:47 - 000000000 ____D C:\Program Files\Corel 2025-11-30 10:40 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-11-30 10:19 - 2024-10-31 18:20 - 000000000 ____D C:\Users\dell\Documents\PrintScreen Files 2025-11-30 08:37 - 2024-10-31 14:51 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2025-11-30 08:16 - 2024-11-24 07:42 - 000003728 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-11-30 08:16 - 2024-11-24 07:42 - 000003602 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-11-30 07:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-11-30 07:51 - 2024-11-24 07:45 - 001682204 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-11-30 07:51 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF 2025-11-30 07:45 - 2024-11-24 07:41 - 000035040 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2025-11-30 07:45 - 2024-06-19 13:55 - 000000000 ____D C:\Users\dell\AppData\Local\D3DSCache 2025-11-30 07:45 - 2024-06-19 13:53 - 000000000 __SHD C:\Users\dell\IntelGraphicsProfiles 2025-11-30 07:44 - 2024-11-24 07:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-11-30 07:44 - 2024-11-20 19:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2025-11-30 07:44 - 2024-11-20 18:16 - 000000000 ____D C:\Intel 2025-11-30 07:44 - 2024-06-19 13:45 - 000012288 ___SH C:\DumpStack.log.tmp 2025-11-29 20:15 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2025-11-29 11:12 - 2024-11-24 07:26 - 000000000 ____D C:\Users\dell 2025-11-29 11:01 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps 2025-11-29 11:00 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\registration 2025-11-28 20:22 - 2024-10-31 18:11 - 000000000 ____D C:\Users\dell\Documents\Filters 2025-11-28 08:09 - 2024-10-31 18:18 - 000000000 ___RD C:\Users\dell\Documents\Mamija 2025-11-28 08:09 - 2024-10-31 18:18 - 000000000 ____D C:\Users\dell\Documents\Mamija1 2025-11-27 12:23 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps.tmp 2025-11-26 16:17 - 2024-10-31 18:11 - 000000000 ____D C:\Users\dell\Documents\Geen=idee 2025-11-22 17:45 - 2024-06-19 13:45 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-11-22 12:26 - 2024-10-31 13:27 - 000002267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-11-21 16:11 - 2024-10-31 18:20 - 000000000 ____D C:\Users\dell\Documents\ZInfo 2025-11-21 16:11 - 2024-10-31 16:46 - 000000000 ____D C:\ProgramData\Package Cache 2025-11-21 16:01 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2025-11-20 16:52 - 2024-11-01 06:52 - 000000000 ____D C:\Program Files\LibreOffice 2025-11-19 07:26 - 2024-11-24 07:41 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2025-11-18 07:44 - 2024-06-19 13:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2025-11-18 07:40 - 2025-02-06 13:46 - 000003568 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3723417269-524966456-2744553021-1001 2025-11-18 07:40 - 2024-11-24 07:42 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3723417269-524966456-2744553021-1001 2025-11-18 07:40 - 2024-11-24 07:42 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723417269-524966456-2744553021-1001 2025-11-18 07:40 - 2024-06-19 13:53 - 000002376 _____ C:\Users\dell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-11-15 07:55 - 2024-10-31 14:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2025-11-14 19:16 - 2024-10-31 14:50 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2025-11-12 14:13 - 2024-11-24 07:41 - 000453136 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2025-11-12 14:12 - 2024-04-01 17:15 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2025-11-12 14:12 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2025-11-12 14:12 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2025-11-12 14:12 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources 2025-11-12 14:12 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup 2025-11-12 14:12 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2025-11-12 08:19 - 2024-10-31 15:49 - 000000000 ____D C:\WINDOWS\system32\MRT 2025-11-12 08:18 - 2024-10-31 15:49 - 215625816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2025-11-11 20:06 - 2024-11-24 07:41 - 003277824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2025-11-11 08:48 - 2024-10-31 18:21 - 000000000 ____D C:\Users\dell\Documents\ZZWekelijkseawards 2025-11-11 08:18 - 2025-09-30 08:50 - 000000000 ____D C:\ProgramData\Whesvc 2025-11-01 07:53 - 2024-11-01 06:49 - 000245336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys ==================== Bestanden in de root van sommige mappen ======== 2024-11-01 05:48 - 2024-12-02 18:51 - 000000205 _____ () C:\Users\dell\AppData\Local\oobelibMkey.log ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================