Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 22-01-2020 01
Gestart door Rickske (Beheerder) op RICKSKE-MSI (Micro-Star International Co., Ltd. CR650) (23-01-2020 17:29:25)
Gestart vanaf C:\Users\Rickske\Desktop
Geladen Profielen: Rickske (Beschikbare Profielen: Rickske & Katinka & Joachim & Gast & DefaultAppPool)
Platform: Windows 10 Home Versie 1607 14393.576 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: Chrome
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [Bestand niet getekend] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Facebook, Inc. -> ) C:\Users\Rickske\AppData\Local\Facebook\Games\FacebookGames.exe
(Facebook, Inc. -> Facebook Inc.) C:\Users\Rickske\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MAGIX AG) [Bestand niet getekend] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Rickske\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.350_none_43278ee965418581\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Micro-Star International Co., Ltd.) [Bestand niet getekend] C:\Program Files (x86)\S-Bar\MSIService.exe
(MSI) [Bestand niet getekend] C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(Oberon Media, Inc. -> ) C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(The CefSharp Authors) [Bestand niet getekend] C:\Users\Rickske\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

==================== Register (gefilterd) ===================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11697768 2011-09-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3738344 2015-10-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-10-22] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\Run: [Facebook Update] => C:\Users\Rickske\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-30] (Facebook, Inc. -> Facebook Inc.)
HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\Run: [Dropbox Update] => C:\Users\Rickske\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-16] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\Run: [Facebook Update] => C:\Users\Rickske\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-30] (Facebook, Inc. -> Facebook Inc.)
HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\Run: [Dropbox Update] => C:\Users\Rickske\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-16] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\Katinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2015-03-10]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [Bestand niet getekend]
Startup: C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Games Arcade (BETA).lnk [2016-10-01]
ShortcutTarget: Facebook Games Arcade (BETA).lnk -> C:\Users\Rickske\AppData\Local\Facebook\Games\FacebookGames.exe (Facebook, Inc. -> )
Startup: C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-02-04]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [Bestand niet getekend]
Startup: C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2016-12-14]
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Geplande Taken (gefilterd) ============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {01D9DD8D-FAAA-438F-89C1-8D6FEC2F462A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {027F7358-F765-4801-ADC9-3B1FDCC552FF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0D71D314-7371-46DD-AF63-11E78AE0DEED} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16C9BEF0-75C9-4BD8-B3BD-D566B0C1BDF5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {19E4D3E8-E03C-4CAE-B8F1-4CE7B382E8ED} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {28E52A9E-E66D-419D-93DD-F7CB06A35E0D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3B4092DA-EB39-427D-BEDE-255CDB7ACCDA} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-11-02] (Microsoft Windows -> Microsoft Corporation)
Task: {444D9985-51F0-40D0-8308-28C7C4FF872A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd -> Piriform Ltd)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4D95DB8F-9531-4AA0-B57B-AFDFFA4A8FD2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001UA => C:\Users\Rickske\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-30] (Facebook, Inc. -> Facebook Inc.)
Task: {4F15DC49-C3CD-43A2-8A3E-2166F0806741} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001UA1d23fd44091b9d8 => C:\Users\Rickske\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {50899537-A748-4C7F-BEDE-F56183EEFBFC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D441ADD-FF43-4E92-941C-09A38EBEE848} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E31BB5F-BF95-4633-9204-0911683F0B90} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {63CC45C2-3D37-4A91-A45C-FA54BD75A27F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {6C619323-3AE1-4565-B729-FBF4C20CDC1B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6CF4841E-EB0C-453E-81F0-F8F17FDDC667} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001Core1d23fd43f5193eb => C:\Users\Rickske\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7041CC37-5F2D-4F56-8BFB-2EFF0BACDF48} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-10] (Google Inc -> Google Inc.)
Task: {753E0BED-39B1-45F4-A1DA-41733DBF884B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EF556B0-0426-4EA8-AA48-00DFDEC36CB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-03-10] (Google Inc -> Google Inc.)
Task: {83A97B12-CF52-4C82-A9AB-ACD5C0605D88} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8E59AF34-2BD5-4FCD-ABAB-74620EEE5B81} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {92136591-A739-4512-B7FB-DEAF7B341F14} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {977F8847-3D2C-4DBE-9A3B-1CBB44126154} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1438600 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {998C443C-9954-42B2-91AC-B8D7073C5DC7} - System32\Tasks\{631350F8-B287-48AE-BE72-C11242B3E71A} => C:\windows\system32\pcalua.exe -a C:\Users\Rickske\Downloads\ssves_2.0_setup.exe -d C:\Users\Rickske\Downloads
Task: {99FEDAB9-0CCA-4074-B298-358B8087E336} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A0B3D2E8-7F03-426D-80AB-DA252064F108} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A2C03015-0E8B-46F3-A0EB-21107EB3F10B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {A9000415-888C-49E3-833A-61BDC4C7D333} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AA80EE50-38A6-4B1C-B0F1-3BB0E7E04E7B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC847AD7-8AD0-4E69-AA8A-825EF978BFD8} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {B0AF724E-6048-4515-94E1-B8FF2CAC76EF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B1A1E14E-6DF9-45C3-9B7F-EE25CF1529B9} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B638A873-8322-4E22-8D2D-045515D365A0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {BA37AF93-5937-423F-890E-F5E770E5AA0F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BB86A3CC-8E2A-4DE3-966E-7E5C335062D0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BBADE4A9-6CBB-4816-BBB2-3C4830D0E315} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDEF92F6-E345-4FC2-A563-EC08950C6A3B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001Core => C:\Users\Rickske\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-30] (Facebook, Inc. -> Facebook Inc.)
Task: {C0D23D43-C26F-459A-A134-DA21103453C6} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-11-02] (Microsoft Windows -> Microsoft Corporation)
Task: {C9091DFE-9571-46FF-97F5-145C9EC5A3D3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CAE07F28-005F-465D-A5E3-D9F353A60F85} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D00E464F-D562-4666-801A-9C8699B00516} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {D5F5B858-92C5-4C9A-BC5F-BADA8A7045A3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DAE6B9DD-DC63-4D46-BBD1-61092D293D8F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E471C770-5A9C-4A7F-8DE9-24D4C15F5121} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E8AC385B-CBF0-4B7F-A4A6-17B911812AA4} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {E96CA702-9235-4F81-A31F-F057DAAEE9B0} - System32\Tasks\{31AA1469-0385-4B8D-842D-FE3479EB9485} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Uninstall Information\97\4448\uninstall.exe" -c /PUninstall="HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC Performer_is1" /reg=32 /cid=97 /session=1403292951
Task: {E9DC0333-B308-481E-A24C-62281F17A844} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF5B6729-2858-476C-9089-8BE233C73D0A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000 2015-09-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F75B804A-032F-44EF-ABAE-208D3D651B6E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE503CD7-A0E5-47D5-A54B-BB47448BB0D1} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001Core1d23fd43f5193eb.job => C:\Users\Rickske\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001UA1d23fd44091b9d8.job => C:\Users\Rickske\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001Core.job => C:\Users\Rickske\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001UA.job => C:\Users\Rickske\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{163650e8-264d-4904-b334-fffdc620d155}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{82bb3a75-938b-4370-be24-886eb96d0642}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3241837054-988920231-2416323044-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/
HKU\S-1-5-21-3241837054-988920231-2416323044-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/
HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
URLSearchHook: HKU\S-1-5-21-3241837054-988920231-2416323044-1001 - (Geen Naam) - {796b75f6-6187-47e2-8f1f-c16e059e6e19} - C:\Program Files (x86)\FilmFanatic\bar\1.bin\paSrcAs.dll Geen bestand
URLSearchHook: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318 - (Geen Naam) - {796b75f6-6187-47e2-8f1f-c16e059e6e19} - C:\Program Files (x86)\FilmFanatic\bar\1.bin\paSrcAs.dll Geen bestand
SearchScopes: HKLM -> DefaultScope {D8D07A14-80DB-47D8-AB9E-7733455165F1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
SearchScopes: HKLM -> {D8D07A14-80DB-47D8-AB9E-7733455165F1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D8D07A14-80DB-47D8-AB9E-7733455165F1} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3241837054-988920231-2416323044-1001 -> DefaultScope {128A4C35-9407-406C-AAE9-091BD766AD17} URL = hxxp://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3241837054-988920231-2416323044-1001 -> {128A4C35-9407-406C-AAE9-091BD766AD17} URL = hxxp://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318 -> DefaultScope {128A4C35-9407-406C-AAE9-091BD766AD17} URL = hxxp://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318 -> {128A4C35-9407-406C-AAE9-091BD766AD17} URL = hxxp://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-08] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Rickske\AppData\Roaming\TomTom\HOME\Profiles\qqewm675.default [2013-12-09]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2013-12-09] [Verouderd] [niet getekend]
FF HKU\S-1-5-21-3241837054-988920231-2416323044-1001\...\Firefox\Extensions: [speedtest199@BestOffers] - C:\Users\Rickske\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
FF Extension: (Speed Test) - C:\Users\Rickske\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers [2014-06-20] [Verouderd] [niet getekend]
FF HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\...\Firefox\Extensions: [speedtest199@BestOffers] - C:\Users\Rickske\AppData\Roaming\Mozilla\Extensions\speedtest199@BestOffers
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-11-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-11-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2020-01-20] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2020-01-20] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3241837054-988920231-2416323044-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Rickske\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-3241837054-988920231-2416323044-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rickske\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Rickske\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rickske\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.be/
CHR StartupUrls: Default -> "hxxp://www.google.be/"
CHR Notifications: Default -> hxxps://eu1.badoo.com; hxxps://eu1.badoo.com
CHR Profile: C:\Users\Rickske\AppData\Local\Google\Chrome\User Data\Default [2020-01-23]
CHR Extension: (eID Chrome Extension) - C:\Users\Rickske\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2016-06-03]
CHR Extension: (YouTube) - C:\Users\Rickske\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google Search) - C:\Users\Rickske\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-09]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Rickske\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-20]
CHR Extension: (Gmail) - C:\Users\Rickske\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\Rickske\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-20]
CHR HKU\S-1-5-21-3241837054-988920231-2416323044-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\Rickske\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx <niet gevonden>
CHR HKU\S-1-5-21-3241837054-988920231-2416323044-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01232020171723318\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\Rickske\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx <niet gevonden>
CHR HKLM-x32\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\Rickske\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx <niet gevonden>

==================== Services (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Bestand niet getekend]
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-10-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Bestand niet getekend]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Bestand niet getekend]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-23] (Malwarebytes Inc -> Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2011-07-11] (Micro-Star International Co., Ltd.) [Bestand niet getekend]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI) [Bestand niet getekend]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-06] (Symantec Corporation -> Symantec Corporation)
R2 OberonGameConsoleService; C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [44432 2010-01-27] (Oberon Media, Inc. -> )
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [82480 2015-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
R3 amdiox64; C:\WINDOWS\System32\drivers\amdiox64.sys [46136 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [80512 2011-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [42624 2011-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-13] (Bluestack Systems, Inc. -> BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 InputFilter_Hid_FlexDef2b; C:\WINDOWS\System32\drivers\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Siliten)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [218288 2020-01-23] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-01-23] (Malwarebytes Inc -> Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [44672 2010-11-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een maand (aangemaakt) ===================

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2020-01-23 17:20 - 2020-01-23 17:20 - 000006484 _____ C:\Users\Rickske\Desktop\AdwCleaner[C00].txt
2020-01-23 17:17 - 2020-01-23 17:17 - 000218288 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-01-23 17:16 - 2020-01-23 17:16 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-23 17:06 - 2020-01-23 17:07 - 008237744 _____ (Malwarebytes) C:\Users\Rickske\Desktop\adwcleaner_8.0.1.exe
2020-01-23 17:01 - 2020-01-23 17:01 - 001924728 _____ (Malwarebytes) C:\Users\Rickske\Downloads\MBSetup.exe
2020-01-23 17:01 - 2020-01-23 17:01 - 000000000 ____D C:\Users\Rickske\AppData\Local\cache
2020-01-23 17:00 - 2020-01-23 17:00 - 000000000 ____D C:\Users\Rickske\AppData\Local\mbam
2020-01-23 16:59 - 2020-01-23 16:59 - 000002031 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-01-23 16:59 - 2020-01-23 16:59 - 000000000 ____D C:\Users\Rickske\AppData\Local\mbamtray
2020-01-23 16:59 - 2020-01-23 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-01-23 16:58 - 2020-01-23 16:57 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-01-23 16:58 - 2020-01-23 16:57 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-01-23 16:57 - 2020-01-23 16:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-01-23 16:56 - 2020-01-23 16:56 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-23 16:53 - 2020-01-23 16:56 - 001924728 _____ (Malwarebytes) C:\Users\Rickske\Desktop\MBSetup.exe
2020-01-23 16:07 - 2020-01-23 16:14 - 000015450 _____ C:\Users\Rickske\Desktop\Fixlog.txt
2020-01-23 16:07 - 2020-01-23 16:07 - 000000000 ____D C:\Users\Rickske\Desktop\FRST-OlderVersion
2020-01-22 17:36 - 2020-01-22 17:36 - 000000000 ____D C:\Users\Katinka\AppData\Roaming\Mozilla
2020-01-21 17:17 - 2020-01-21 17:23 - 000058504 _____ C:\Users\Rickske\Desktop\Addition.txt
2020-01-21 17:15 - 2020-01-21 17:15 - 000000000 ____D C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-01-21 17:03 - 2020-01-23 17:34 - 000038912 _____ C:\Users\Rickske\Desktop\FRST.txt
2020-01-20 19:20 - 2020-01-20 19:20 - 000036764 _____ C:\Users\Rickske\Documents\cc_20200120_192004.reg
2020-01-20 19:02 - 2020-01-20 19:02 - 001397976 _____ (Google LLC) C:\Users\Rickske\Downloads\ChromeSetup (1).exe
2020-01-20 18:45 - 2020-01-20 18:45 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-01-20 18:45 - 2020-01-20 18:45 - 000002524 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-01-20 18:45 - 2020-01-20 18:45 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-01-20 18:45 - 2020-01-20 18:45 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-01-20 18:45 - 2020-01-20 18:45 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2020-01-20 18:45 - 2020-01-20 18:45 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-01-20 18:45 - 2020-01-20 18:45 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-01-20 18:45 - 2020-01-20 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's
2020-01-20 18:14 - 2020-01-20 18:14 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3241837054-988920231-2416323044-1001
2020-01-20 18:01 - 2020-01-23 17:31 - 000000000 ____D C:\FRST
2020-01-20 18:00 - 2020-01-20 18:00 - 000000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2020-01-20 18:00 - 2020-01-20 18:00 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2020-01-20 17:21 - 2020-01-23 16:07 - 002580480 _____ (Farbar) C:\Users\Rickske\Desktop\FRST64.exe
2020-01-20 17:03 - 2020-01-20 17:04 - 001397976 _____ (Google LLC) C:\Users\Rickske\Downloads\ChromeSetup.exe

==================== Een maand (gewijzigd) ==================

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2020-01-23 17:36 - 2016-07-16 12:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-23 17:29 - 2014-06-29 14:18 - 000000000 ____D C:\Users\Rickske\AppData\Local\Adobe
2020-01-23 17:20 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-23 17:16 - 2016-10-22 10:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-23 17:15 - 2016-07-16 07:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-23 17:13 - 2014-07-15 15:40 - 000000000 ____D C:\AdwCleaner
2020-01-23 17:09 - 2016-10-22 10:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-23 16:58 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-23 16:53 - 2015-09-26 23:01 - 000000000 ____D C:\Users\Rickske\AppData\Local\Packages
2020-01-23 16:16 - 2016-10-22 11:19 - 000000008 __RSH C:\Users\Rickske\ntuser.pol
2020-01-23 16:16 - 2016-10-22 09:31 - 000000000 ____D C:\Users\Rickske
2020-01-23 16:15 - 2012-03-26 21:49 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-01-23 16:13 - 2014-07-06 18:23 - 000000000 ____D C:\Users\Rickske\AppData\LocalLow\Temp
2020-01-23 16:11 - 2012-10-13 15:28 - 000002415 _____ C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grillades _ Grilliate.lnk
2020-01-23 16:11 - 2009-07-14 04:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2020-01-22 20:08 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-22 19:45 - 2016-10-22 09:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-22 18:39 - 2016-10-22 09:31 - 000000000 ____D C:\Users\Joachim
2020-01-22 18:26 - 2014-11-08 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-22 18:26 - 2014-11-08 11:48 - 000000000 ____D C:\Program Files (x86)\Java
2020-01-22 18:04 - 2015-09-27 13:01 - 000000000 ____D C:\Users\Joachim\AppData\Local\Packages
2020-01-22 17:50 - 2016-10-22 09:31 - 000000000 ____D C:\Users\Katinka
2020-01-22 17:45 - 2015-09-27 13:35 - 000000000 ____D C:\Users\Katinka\AppData\Local\Packages
2020-01-22 17:34 - 2015-09-10 06:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-22 17:26 - 2010-11-21 04:27 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-01-22 16:30 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-22 15:17 - 2016-11-16 07:39 - 000001056 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001UA1d23fd44091b9d8.job
2020-01-22 15:17 - 2016-11-16 07:39 - 000001004 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001Core1d23fd43f5193eb.job
2020-01-21 17:17 - 2016-10-16 18:43 - 000000000 ____D C:\Users\Rickske\AppData\Local\Dropbox
2020-01-21 17:17 - 2012-11-27 14:58 - 000000000 ____D C:\Users\Rickske\AppData\Roaming\Dropbox
2020-01-21 17:04 - 2016-11-16 07:40 - 000004208 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001UA1d23fd44091b9d8
2020-01-21 17:04 - 2016-11-16 07:39 - 000003832 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskUserS-1-5-21-3241837054-988920231-2416323044-1001Core1d23fd43f5193eb
2020-01-21 17:00 - 2012-05-28 12:40 - 000002421 _____ C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-20 19:31 - 2012-05-28 12:37 - 000000000 ____D C:\Users\Rickske\AppData\Local\ElevatedDiagnostics
2020-01-20 19:26 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\INF
2020-01-20 19:17 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-01-20 19:04 - 2015-03-10 16:02 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-20 19:04 - 2015-03-10 16:02 - 000002362 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-20 19:03 - 2016-10-22 10:14 - 000003578 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-20 19:03 - 2016-10-22 10:14 - 000003454 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-20 18:52 - 2016-07-16 12:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-20 18:52 - 2012-03-26 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Game Corner
2020-01-20 18:52 - 2012-03-26 21:23 - 000000000 ____D C:\Program Files (x86)\MSI Game Corner
2020-01-20 18:37 - 2012-03-26 21:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-01-20 18:14 - 2017-02-13 20:04 - 000002381 _____ C:\Users\Rickske\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-20 18:14 - 2015-09-26 23:16 - 000000000 ___RD C:\Users\Rickske\OneDrive
2020-01-20 18:11 - 2015-09-26 23:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-20 17:54 - 2016-10-22 09:19 - 000384512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-20 17:49 - 2015-03-10 16:01 - 000000000 ____D C:\Program Files (x86)\Google

==================== Bestanden in de root van sommige mappen ========

2014-06-20 20:37 - 2014-06-20 20:37 - 000000000 _____ () C:\Users\Rickske\AppData\Roaming\PDFConverterApp
2015-05-07 15:06 - 2015-05-07 15:06 - 000007627 _____ () C:\Users\Rickske\AppData\Local\Resmon.ResmonCfg
2017-01-05 15:52 - 2016-11-23 14:37 - 000000570 _____ () C:\Users\Rickske\AppData\Local\TroubleshooterConfig.json

==================== SigCheck ============================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)


LastRegBack: 2020-01-20 19:26
==================== Einde van FRST.txt ========================