Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-01-2020 Gestart door luc de vreese (Beheerder) op DESKTOP-TVS7SE8 (ASUSTeK COMPUTER INC. X751LA) (17-01-2020 14:24:08) Gestart vanaf C:\Users\luc de vreese\Downloads Geladen Profielen: luc de vreese (Beschikbare Profielen: luc de vreese) Platform: Windows 10 Home Versie 1909 18363.592 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.People_10.1909.2812.0_x64__8wekyb3d8bbwe\PeopleApp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20410.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20410.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20410.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1908.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1908.7-0\NisSrv.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe (Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\SAgent4.exe (win.rar GmbH -> Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKU\S-1-5-21-1492113667-842105898-3889346494-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1492113667-842105898-3889346494-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1492113667-842105898-3889346494-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-1492113667-842105898-3889346494-1001\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (de data item heeft 59 meer tekens). HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-10] (Google LLC -> Google LLC) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {01E90596-09A7-400C-80AC-E82290763716} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-17] (Microsoft Corporation -> Microsoft Corporation) Task: {1355630F-8C6B-4EB2-A38B-0E96F4FC95A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {14CC1717-D6DA-40CD-B2A9-F41AFA0992D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4360000 2020-01-13] (Microsoft Corporation -> Microsoft Corporation) Task: {217D2D73-4C8A-45C1-BB3B-8E2DF0B22971} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) Task: {335D540E-C1DD-4439-97EA-55B0773A944D} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-30] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {3E646966-2228-4433-9736-3CB9DFD69550} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-24] (Google Inc -> Google Inc.) Task: {41D1CD07-C80D-4E69-94E5-88FE1D161448} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {565EBF90-F2E7-4851-8A02-B6B502AADF7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-24] (Google Inc -> Google Inc.) Task: {6947BF5B-7BC3-4FD5-B1AC-A929E93A448A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation) Task: {6B56C70A-BEB7-437A-A179-3387B5BD2B67} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe Task: {6EF2948F-B9A9-4959-A5C3-D0DF892481FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation) Task: {83DBC733-3D2A-4609-AE05-BA373815D268} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-17] (Microsoft Corporation -> Microsoft Corporation) Task: {97976BA5-8CFE-48E5-9822-7496B1B663D8} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-30] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {9C4CEF95-0828-4028-A068-1DD4CF585E8E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A0A0E228-D1C7-41B0-8DBA-B4FA25D450B0} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2020-01-08] (Microsoft Corporation -> Microsoft) Task: {B30E7EAF-A4CE-4CD9-8181-A55D32380992} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-17] (Microsoft Corporation -> Microsoft Corporation) Task: {C339D81E-FD3F-4011-B3DA-A6581919CFBD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E3BEC3D0-7011-464F-8FF5-9ACAA2E25C63} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4360000 2020-01-13] (Microsoft Corporation -> Microsoft Corporation) Task: {F1A9A006-CA35-4896-AE5E-BBC7993CAA48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MpCmdRun.exe [467880 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F69D13C7-2E50-4E75-919C-8808D509C961} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-30] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {FA77DBE1-ADCA-48BB-B67F-2B65E8618E6F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-17] (Microsoft Corporation -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Hosts: Er is meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 195.130.130.5 195.130.131.5 Tcpip\..\Interfaces\{6b57a8b7-3320-4bf4-a2d9-9515b252a090}: [DhcpNameServer] 195.130.130.5 195.130.131.5 Tcpip\..\Interfaces\{cffd6533-024b-4787-b9f0-3cc348983ea1}: [DhcpNameServer] 195.130.131.5 195.130.130.5 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-1492113667-842105898-3889346494-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-1492113667-842105898-3889346494-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-04-01] (pdfforge GmbH -> pdfforge GmbH) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - PDF Architect 7 Toolbar - {61E612A7-2382-4570-8D3F-42BC136DDAD7} - C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-04-01] (pdfforge GmbH -> pdfforge GmbH) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== DownloadDir: C:\Users\luc de vreese\Downloads FireFox: ======== FF DefaultProfile: ssohvx9c.default FF ProfilePath: C:\Users\luc de vreese\AppData\Roaming\Mozilla\Firefox\Profiles\ssohvx9c.default [2020-01-17] FF Homepage: Mozilla\Firefox\Profiles\ssohvx9c.default -> hxxp://www.Google.be FF Extension: (eID België) - C:\Users\luc de vreese\AppData\Roaming\Mozilla\Firefox\Profiles\ssohvx9c.default\Extensions\belgiumeid@eid.belgium.be.xpi [2019-03-15] FF Extension: (eID Chrome Extension) - C:\Users\luc de vreese\AppData\Roaming\Mozilla\Firefox\Profiles\ssohvx9c.default\Extensions\eid-chrome-extension@e-contract.be.xpi [2019-07-15] [UpdateUrl:hxxps://www.e-contract.be/eid-chrome/releases/eid-chrome-extension-updates.json] FF Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\luc de vreese\AppData\Roaming\Mozilla\Firefox\Profiles\ssohvx9c.default\Extensions\sp@avast.com.xpi [2019-02-16] FF Extension: (Avast Online Security) - C:\Users\luc de vreese\AppData\Roaming\Mozilla\Firefox\Profiles\ssohvx9c.default\Extensions\wrc@avast.com.xpi [2020-01-04] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json] FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-03-22] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-20] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) Chrome: ======= CHR DefaultProfile: Default CHR Notifications: Default -> hxxps://roboverify.club CHR Profile: C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default [2020-01-17] CHR Extension: (Presentaties) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-24] CHR Extension: (Documenten) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-24] CHR Extension: (Google Drive) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-24] CHR Extension: (eID Chrome Extension) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2019-07-15] CHR Extension: (YouTube) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-24] CHR Extension: (Spreadsheets) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-24] CHR Extension: (Offline Documenten) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-14] CHR Extension: (Avast Online Security) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-01-16] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06] CHR Extension: (Gmail) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-26] CHR Extension: (Chrome Media Router) - C:\Users\luc de vreese\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-18] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation) R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1394360 2015-08-12] (Intel(R) Software -> Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel(R) pGFX -> Intel Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2020-01-13] (Malwarebytes Inc -> Malwarebytes) R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579192 2019-04-01] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [836856 2019-04-01] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1825016 2019-04-01] (pdfforge GmbH -> pdfforge GmbH) R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [5268776 2019-12-16] (Protected Antivirus Limited -> TotalAV) R2 StatusAgent4; C:\WINDOWS\SysWOW64\SAgent4.exe [136576 2011-05-26] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-04-30] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe [3630832 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation) R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-12] (Intel(R) Software -> Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-12] (Intel(R) Software -> Intel Corporation) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-12] (Intel(R) Software -> Intel Corporation) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek ) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [346336 2019-09-26] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-26] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) =================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-01-17 14:21 - 2020-01-17 14:23 - 000036234 _____ C:\Users\luc de vreese\Downloads\Addition.txt 2020-01-17 14:17 - 2020-01-17 14:25 - 000025656 _____ C:\Users\luc de vreese\Downloads\FRST.txt 2020-01-17 14:16 - 2020-01-17 14:25 - 000000000 ____D C:\FRST 2020-01-17 14:15 - 2020-01-17 14:16 - 002573312 _____ (Farbar) C:\Users\luc de vreese\Downloads\FRST64.exe 2020-01-17 13:30 - 2020-01-17 13:30 - 000000000 ____D C:\Users\luc de vreese\Documents\TotalAV 2020-01-17 13:29 - 2020-01-17 13:29 - 000001087 _____ C:\Users\luc de vreese\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk 2020-01-17 13:29 - 2020-01-17 13:29 - 000000000 ____D C:\ProgramData\SecuritySuite 2020-01-17 13:28 - 2020-01-17 14:06 - 000000000 ____D C:\Program Files (x86)\TotalAV 2020-01-17 13:28 - 2020-01-17 13:29 - 000001062 _____ C:\Users\Public\Desktop\TotalAV.lnk 2020-01-17 13:28 - 2020-01-17 13:29 - 000000000 ____D C:\ProgramData\TotalAV 2020-01-17 13:28 - 2020-01-17 13:28 - 011789216 _____ C:\Users\luc de vreese\Downloads\TotalAV_Setup.exe 2020-01-16 13:49 - 2020-01-16 13:49 - 000000000 ____D C:\Users\luc de vreese\source 2020-01-16 10:08 - 2020-01-16 10:11 - 000000000 ____D C:\Program Files (x86)\SAP BusinessObjects 2020-01-16 10:08 - 2020-01-16 10:08 - 000000000 ____D C:\inetpub 2020-01-16 10:03 - 2020-01-16 10:06 - 381121600 _____ C:\Users\luc de vreese\Downloads\CRforVS13SP26_0-10010309 (1).EXE 2020-01-15 12:51 - 2020-01-15 12:51 - 001375111 _____ C:\Users\luc de vreese\Downloads\productattachments_files_g_s_gsmnld.pdf 2020-01-15 12:50 - 2020-01-15 12:50 - 000009678 _____ C:\Users\luc de vreese\Downloads\voorbeeldprint.ods 2020-01-15 10:31 - 2020-01-15 10:31 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2020-01-15 10:31 - 2020-01-15 10:31 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2020-01-15 10:31 - 2020-01-15 10:31 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2020-01-15 10:31 - 2020-01-15 10:31 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2020-01-15 10:31 - 2020-01-15 10:31 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2020-01-15 10:31 - 2020-01-15 10:31 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2020-01-15 10:31 - 2020-01-15 10:31 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2020-01-15 10:31 - 2020-01-15 10:31 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2020-01-15 10:31 - 2020-01-15 10:31 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2020-01-15 10:31 - 2020-01-15 10:31 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2020-01-15 10:30 - 2020-01-15 10:31 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-01-15 10:30 - 2020-01-15 10:30 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2020-01-15 10:30 - 2020-01-15 10:30 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2020-01-15 10:30 - 2020-01-15 10:30 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2020-01-15 10:30 - 2020-01-15 10:30 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-01-15 10:30 - 2020-01-15 10:30 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2020-01-15 10:30 - 2020-01-15 10:30 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2020-01-15 10:30 - 2020-01-15 10:30 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2020-01-15 10:30 - 2020-01-15 10:30 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2020-01-15 10:30 - 2020-01-15 10:30 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2020-01-15 10:30 - 2020-01-15 10:30 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WSDScan.sys 2020-01-14 20:19 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-01-14 20:19 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-01-09 13:19 - 2020-01-09 13:19 - 000000000 ____D C:\Users\luc de vreese\.businessobjects 2020-01-09 13:07 - 2020-01-09 13:07 - 000000000 ____D C:\Users\luc de vreese\AppData\Roaming\FLEXnet 2020-01-09 06:26 - 2020-01-09 06:26 - 000000000 ____D C:\ProgramData\Macrovision 2020-01-09 06:26 - 2020-01-09 06:26 - 000000000 ____D C:\ProgramData\FLEXnet 2020-01-09 06:19 - 2020-01-09 06:22 - 381121600 _____ C:\Users\luc de vreese\Downloads\CRforVS13SP26_0-10010309.EXE 2020-01-08 19:41 - 2020-01-08 19:41 - 000001798 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2019.lnk 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\3082 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\2052 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1055 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1049 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1046 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1045 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1042 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1041 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1040 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1036 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1033 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1031 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1029 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\SysWOW64\1028 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\3082 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\2052 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1055 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1049 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1046 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1045 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1042 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1041 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1040 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1036 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1033 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1031 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1029 2020-01-08 19:41 - 2020-01-08 19:41 - 000000000 ____D C:\WINDOWS\system32\1028 2020-01-08 19:37 - 2020-01-08 19:37 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2020-01-08 19:37 - 2020-01-08 19:37 - 000000000 ____D C:\Program Files (x86)\NuGet 2020-01-08 19:37 - 2020-01-08 19:37 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2020-01-08 19:34 - 2020-01-08 19:37 - 000000000 ____D C:\Program Files (x86)\Windows Kits 2020-01-08 19:32 - 2020-01-08 19:32 - 000000000 ____D C:\Program Files (x86)\dotnet 2020-01-08 19:30 - 2020-01-08 19:30 - 000001797 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2019.lnk 2020-01-08 19:28 - 2020-01-08 19:28 - 000001357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk 2020-01-07 15:15 - 2020-01-07 15:15 - 000000720 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brackets.lnk 2020-01-07 15:12 - 2020-01-07 15:14 - 000000000 ____D C:\Program Files (x86)\Brackets 2020-01-04 16:16 - 2020-01-13 14:14 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\cache 2020-01-02 18:56 - 2020-01-02 18:56 - 000000375 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2020-01-02 18:09 - 2020-01-02 18:09 - 008000936 _____ (Tim Kosse) C:\Users\luc de vreese\Downloads\FileZilla_3.46.3_win64-setup.exe 2020-01-02 15:37 - 2020-01-02 15:37 - 000230080 _____ (AVAST Software) C:\Users\luc de vreese\Downloads\avast_free_antivirus_setup_online.exe 2019-12-24 11:05 - 2019-12-24 11:05 - 000572725 _____ C:\Users\luc de vreese\Documents\pag1a.pdf 2019-12-24 11:05 - 2019-12-24 11:05 - 000572725 _____ C:\Users\luc de vreese\Documents\pag1.pdf 2019-12-24 10:41 - 2019-12-24 10:41 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\pdfforge ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-01-17 14:18 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-17 13:22 - 2019-01-24 13:03 - 000000000 ____D C:\ProgramData\AVAST Software 2020-01-17 13:10 - 2019-01-24 11:20 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2020-01-17 13:10 - 2019-01-24 11:20 - 000000000 __SHD C:\Users\luc de vreese\IntelGraphicsProfiles 2020-01-17 13:08 - 2019-09-17 14:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-01-17 13:08 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2020-01-17 13:08 - 2019-01-24 13:13 - 000000000 ____D C:\Users\luc de vreese\AppData\Roaming\AVAST Software 2020-01-17 13:08 - 2019-01-24 13:13 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\AVAST Software 2020-01-17 13:07 - 2019-09-26 19:30 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-01-17 12:32 - 2019-01-24 12:59 - 000000000 ____D C:\Users\luc de vreese\AppData\LocalLow\Mozilla 2020-01-17 11:49 - 2019-09-17 14:27 - 000443248 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-01-17 11:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-01-17 11:32 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2020-01-17 11:31 - 2019-01-25 17:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-01-16 19:39 - 2019-01-26 11:45 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\CrashDumps 2020-01-16 19:09 - 2019-01-24 17:15 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\.IdentityService 2020-01-16 14:22 - 2019-09-17 14:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-01-16 13:49 - 2019-09-17 14:36 - 000000000 ____D C:\Users\luc de vreese 2020-01-16 09:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-01-16 07:16 - 2019-01-24 13:20 - 000000000 ____D C:\Users\luc de vreese\AppData\Roaming\ZHP 2020-01-16 07:02 - 2019-02-01 20:08 - 003329408 _____ (Nicolas Coolman) C:\Users\luc de vreese\ZHPCleaner.exe 2020-01-16 07:02 - 2019-01-24 13:20 - 000000744 _____ C:\Users\luc de vreese\Desktop\ZHPCleaner.lnk 2020-01-15 12:51 - 2019-01-24 11:18 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\Packages 2020-01-15 10:45 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP 2020-01-15 10:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-01-15 10:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-01-15 10:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-01-15 10:43 - 2019-01-24 16:31 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-01-15 10:38 - 2019-01-24 16:30 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-01-15 10:37 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-01-15 10:31 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-01-13 14:22 - 2019-09-17 14:47 - 001771832 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-01-13 14:22 - 2019-03-19 13:33 - 000788866 _____ C:\WINDOWS\system32\perfh013.dat 2020-01-13 14:22 - 2019-03-19 13:33 - 000154844 _____ C:\WINDOWS\system32\perfc013.dat 2020-01-13 14:18 - 2019-12-06 16:01 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-01-13 14:18 - 2019-01-24 12:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-01-13 14:14 - 2019-07-20 07:21 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-01-13 14:12 - 2019-07-20 07:21 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-01-13 14:12 - 2019-07-20 07:21 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-01-13 11:13 - 2019-01-24 12:50 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\Comms 2020-01-10 19:15 - 2019-01-24 12:59 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-01-10 12:59 - 2019-01-24 13:13 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-01-10 12:59 - 2019-01-24 13:13 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-01-09 18:00 - 2019-01-26 13:28 - 000000000 ____D C:\Users\luc de vreese\AppData\Roaming\FileZilla 2020-01-09 06:50 - 2019-01-24 16:27 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\D3DSCache 2020-01-08 19:46 - 2019-01-24 16:46 - 000000000 ____D C:\Users\luc de vreese\AppData\Roaming\Visual Studio Setup 2020-01-08 19:38 - 2019-09-23 16:42 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs 2020-01-08 19:33 - 2019-09-23 17:02 - 000000000 ____D C:\Program Files\dotnet 2020-01-08 19:32 - 2019-09-17 14:50 - 000000000 ____D C:\Program Files (x86)\MSBuild 2020-01-08 19:27 - 2019-01-24 16:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2020-01-08 16:58 - 2019-09-23 17:06 - 000000000 ____D C:\Users\luc de vreese\.dotnet 2020-01-07 15:04 - 2019-02-06 17:58 - 000000000 ____D C:\Users\luc de vreese\AppData\Roaming\Brackets 2020-01-06 16:57 - 2019-01-26 13:28 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\FileZilla 2020-01-06 16:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2020-01-03 18:44 - 2019-11-19 17:29 - 000000000 ____D C:\Program Files (x86)\AVAST Software 2020-01-02 18:10 - 2019-01-26 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2020-01-02 18:10 - 2019-01-26 13:28 - 000000000 ____D C:\Program Files\FileZilla FTP Client 2020-01-02 16:02 - 2019-10-21 14:07 - 000003108 _____ C:\WINDOWS\system32\Tasks\KMSAutoNet 2020-01-02 16:02 - 2019-09-17 14:57 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-01-02 16:02 - 2019-09-17 14:57 - 000003282 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-01-02 16:02 - 2019-09-17 14:57 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-01-02 16:02 - 2019-09-17 14:57 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1492113667-842105898-3889346494-1001 2020-01-02 16:02 - 2019-09-17 14:57 - 000002346 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice 2020-01-02 16:02 - 2019-09-17 14:57 - 000002288 _____ C:\WINDOWS\system32\Tasks\RtHDVBg 2020-01-02 16:02 - 2019-09-17 14:57 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL 2020-01-02 16:02 - 2019-09-17 14:57 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2020-01-02 15:40 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-12-29 14:49 - 2019-01-24 12:51 - 000000000 ____D C:\Users\luc de vreese\AppData\Local\PlaceholderTileLogoFolder ==================== Bestanden in de root van sommige mappen ======== 2019-02-01 20:08 - 2020-01-16 07:02 - 003329408 _____ (Nicolas Coolman) C:\Users\luc de vreese\ZHPCleaner.exe 2019-03-23 13:50 - 2019-09-05 14:57 - 000000123 _____ () C:\Users\luc de vreese\AppData\Roaming\jdm.conf 2019-01-28 13:56 - 2019-12-06 16:19 - 000007597 _____ () C:\Users\luc de vreese\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================