Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 02-12-2020 Gestart door v4lov (Beheerder) op DESKTOP-AJV8MAA (MEDION E62009) (03-12-2020 09:41:34) Gestart vanaf C:\Users\v4lov\Downloads Geladen Profielen: v4lov Platform: Windows 10 Home Versie 2004 19041.630 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <33> (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ba5b1813656e5c27\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8f9f51120464f93\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\v4lov\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2009.4.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (OneSpan North America Inc. -> VASCO Data Security) C:\Users\v4lov\AppData\Local\OneSpan\NativeBridge\digipass-nativebridge.exe (OneSpan North America Inc. -> VASCO Data Security) C:\Users\v4lov\AppData\Local\OneSpan\NativeBridge\digipass-nativebridge-monitor.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (RouteThis Inc. -> ) C:\Users\v4lov\AppData\Local\Videostream\app-0.4.3\videostream-native\videostream-native.exe <2> (RouteThis Inc. -> Videostream) C:\Users\v4lov\AppData\Local\Videostream\app-0.4.3\Videostream.exe (SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (The SABnzbd-Team) [Bestand niet getekend] C:\Program Files\SABnzbd\SABnzbd.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1110816 2020-07-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117344 2020-11-21] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3091136 2020-09-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl) HKU\S-1-5-21-1104448991-546628012-2938781405-1003\...\Run: [DigipassNativeBridge] => C:\Users\v4lov\AppData\Local\OneSpan\NativeBridge\digipass-nativebridge-monitor.exe [108488 2019-11-20] (OneSpan North America Inc. -> VASCO Data Security) HKU\S-1-5-21-1104448991-546628012-2938781405-1003\...\Run: [Videostream] => C:\Users\v4lov\AppData\Local\Videostream\app-0.4.3\Videostream.exe [340584 2020-10-04] (RouteThis Inc. -> Videostream) HKU\S-1-5-21-1104448991-546628012-2938781405-1003\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (de data item heeft 102 meer tekens). HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-13] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {09EAE2C9-F153-4D69-A646-F253228E74A9} - \AutoPico Daily Restart -> Geen bestand <==== AANDACHT Task: {145F8AF7-04D1-4280-92E0-3742C234D8A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563192 2020-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {19B16EE8-4CE0-45E2-A759-5F97E1B0FA4F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-21] (Avast Software s.r.o. -> Avast Software) Task: {20D6B865-061E-42F2-8B87-0E95299B0415} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563192 2020-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {2CE9E954-C761-453C-B9CC-33E118ACF56F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208152 2020-11-18] (Microsoft Corporation -> Microsoft Corporation) Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\AutoPico Daily Restart" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6b68a8faeabd3" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1104448991-546628012-2938781405-1003" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1104448991-546628012-2938781405-500" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\PostponeDeviceSetupToast_S-1-5-21-1104448991-546628012-2938781405-1003_0" /ENABLE Task: {2F207FCB-4193-45DE-8420-B345BF380110} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {7E01019C-1B22-4303-8A4D-79E564A2D9C0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208152 2020-11-18] (Microsoft Corporation -> Microsoft Corporation) Task: {93BFFDFA-8144-4B4B-A977-158E248992BD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-30] (Google LLC -> Google LLC) Task: {979F9983-C3F4-40F1-B772-D818449D8E86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-30] (Google LLC -> Google LLC) Task: {ADE7C2A7-0132-45A0-ADB2-875C16F5EE4A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4617832 2020-11-21] (Avast Software s.r.o. -> AVAST Software) Task: {DE6EBBE0-E9EF-4D72-B314-97E1FDD71B70} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512728 2020-11-18] (Microsoft Corporation -> Microsoft Corporation) Task: {EC72F00E-7AD3-4603-B779-2B375015F370} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512728 2020-11-18] (Microsoft Corporation -> Microsoft Corporation) Task: {F1453237-EF16-404C-9865-66B85E384948} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1104448991-546628012-2938781405-1003_0 => {5DED83EF-1E99-48CF-BF83-676D2A6DB408} C:\Windows\System32\oobe\UserOOBE.dll [412160 2020-11-15] (Microsoft Windows -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.2 195.130.130.2 Tcpip\..\Interfaces\{3af06706-62c8-4383-80d7-1df0ed984333}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5d8d8484-7ed1-4e3c-8433-1d438c5036a7}: [DhcpNameServer] 195.130.131.2 195.130.130.2 Edge: ====== DownloadDir: C:\Users\v4lov\Downloads Edge DefaultProfile: Default Edge Profile: C:\Users\v4lov\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-03] Edge DownloadDir: C:\Users\v4lov\Downloads FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-06-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-06-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-06-17] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default [2020-12-03] CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://nl.metrotime.be; hxxps://nl.teknikmark.com; hxxps://pnws.be; hxxps://riverglennapts.com; hxxps://www.autodoc.be; hxxps://www.banggood.com; hxxps://www.conrad.nl; hxxps://www.demorgen.be; hxxps://www.facebook.com; hxxps://www.mister-auto.be; hxxps://www.nieuwsblad.be; hxxps://www.promobutler.be; hxxps://www.reddit.com; hxxps://www.showbizz24.be; hxxps://www.vfroc.nl CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.be/" CHR Extension: (Presentaties) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-30] CHR Extension: (Belfius Smart Card Reader Chrome Extensie) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi [2020-04-30] CHR Extension: (Documenten) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-30] CHR Extension: (Google Drive) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (Web Developer) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2020-04-30] CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-11-18] CHR Extension: (Spreadsheets) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-30] CHR Extension: (Offline Documenten) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13] CHR Extension: (AdBlock - de beste advertentieblokker) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-11-20] CHR Extension: (Mailto-optie) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\hebcihefijmklkimfhenalibpdmalnci [2020-04-30] CHR Extension: (Connective signing extension) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2020-04-30] CHR Extension: (SConnect) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjhbkkaddmmnkghdnnmkjcgpphnopnfk [2020-07-05] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-30] CHR Extension: (Chrome Media Router) - C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-14] CHR Profile: C:\Users\v4lov\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-12] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8454552 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [365648 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [3096160 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482688 2020-10-27] (Microsoft Corporation -> Microsoft Corporation) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [162392 2020-12-02] (SurfRight B.V. -> SurfRight B.V.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-02] (Malwarebytes Inc -> Malwarebytes) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332368 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97352 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16816 2020-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176744 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521752 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469832 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326416 2020-11-21] (Avast Software s.r.o. -> AVAST Software) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-02] (Malwarebytes Corporation -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-02] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-12-02] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-12-02] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-02] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [138904 2020-12-02] (Malwarebytes Inc -> Malwarebytes) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-12-03 09:41 - 2020-12-03 09:41 - 000021106 _____ C:\Users\v4lov\Downloads\FRST.txt 2020-12-03 09:41 - 2020-12-03 09:41 - 000000000 ____D C:\FRST 2020-12-03 09:40 - 2020-12-03 09:40 - 002288640 _____ (Farbar) C:\Users\v4lov\Downloads\FRST64.exe 2020-12-02 11:03 - 2020-12-02 11:03 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2020-12-02 11:03 - 2020-12-02 11:03 - 000138904 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2020-12-02 11:03 - 2020-12-02 11:03 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2020-12-02 11:02 - 2020-12-02 11:02 - 000001110 _____ C:\WINDOWS\system32\.crusader 2020-12-02 10:59 - 2020-12-02 11:02 - 000000000 ____D C:\ProgramData\HitmanPro 2020-12-02 10:59 - 2020-12-02 10:59 - 000001952 _____ C:\Users\Public\Desktop\HitmanPro.lnk 2020-12-02 10:59 - 2020-12-02 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2020-12-02 10:59 - 2020-12-02 10:59 - 000000000 ____D C:\Program Files\HitmanPro 2020-12-02 10:10 - 2020-12-02 10:10 - 000000000 ____D C:\Users\v4lov\Downloads\Nieuwe map 2020-12-02 10:05 - 2020-12-02 10:05 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-12-02 10:05 - 2020-12-02 10:05 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-12-02 10:05 - 2020-12-02 10:05 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-12-02 10:05 - 2020-12-02 10:05 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-12-02 10:05 - 2020-12-02 10:05 - 000000000 ____D C:\Users\v4lov\AppData\Local\mbam 2020-12-02 10:05 - 2020-12-02 10:04 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-12-02 10:05 - 2020-12-02 10:04 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-12-02 10:04 - 2020-12-02 10:04 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-12-02 10:04 - 2020-12-02 10:04 - 000000000 ____D C:\Program Files\Malwarebytes 2020-12-02 09:49 - 2020-12-02 11:03 - 000000000 ____D C:\Users\v4lov\AppData\Local\FSDART 2020-12-02 09:49 - 2020-12-02 09:50 - 000000000 ____D C:\ProgramData\F-Secure 2020-12-02 08:59 - 2020-12-02 10:59 - 000001320 _____ C:\WINDOWS\ntbtlog.txt 2020-12-02 08:59 - 2020-12-02 09:00 - 000000000 ____D C:\NPE 2020-12-02 08:51 - 2020-12-02 09:03 - 000000000 ____D C:\Users\v4lov\AppData\Local\NPE 2020-12-02 08:51 - 2020-12-02 08:51 - 000000000 ____D C:\ProgramData\Norton 2020-12-02 08:34 - 2020-12-02 08:34 - 000000000 ____D C:\rsit 2020-12-02 08:34 - 2020-12-02 08:34 - 000000000 ____D C:\Program Files\trend micro 2020-12-01 16:43 - 2020-12-01 16:43 - 000000304 _____ C:\Users\v4lov\Desktop\eset.txt 2020-12-01 16:13 - 2020-12-01 16:13 - 000000000 ____D C:\WINDOWS\Minidump 2020-12-01 15:39 - 2020-12-02 11:03 - 000003282 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1104448991-546628012-2938781405-1003_0 2020-11-30 08:43 - 2020-12-02 11:03 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b68a8faeabd3 2020-11-21 09:33 - 2020-11-21 09:33 - 000339552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2020-11-21 09:33 - 2020-11-21 09:33 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2020-11-18 10:56 - 2020-11-18 10:56 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2020-11-16 14:26 - 2020-12-01 16:14 - 000000782 _____ C:\Users\v4lov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2020-11-16 14:26 - 2020-12-01 16:14 - 000000654 _____ C:\Users\v4lov\Desktop\ESET Online Scanner.lnk 2020-11-16 14:26 - 2020-11-16 14:26 - 000000000 ____D C:\Users\v4lov\AppData\Local\ESET 2020-11-15 13:03 - 2020-11-15 13:03 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-11-15 13:03 - 2020-11-15 13:03 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-11-15 13:02 - 2020-11-15 13:02 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-11-15 13:02 - 2020-11-15 13:02 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll 2020-11-15 13:02 - 2020-11-15 13:02 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe 2020-11-09 12:24 - 2020-12-02 11:10 - 001680590 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-11-09 12:24 - 2020-11-09 12:24 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2020-11-09 12:22 - 2020-12-02 11:03 - 000003602 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-09 12:22 - 2020-12-02 11:03 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-11-09 12:22 - 2020-12-02 11:03 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-09 12:22 - 2020-12-02 11:03 - 000003280 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-11-09 12:22 - 2020-12-02 11:03 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1104448991-546628012-2938781405-1003 2020-11-09 12:22 - 2020-12-02 11:03 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1104448991-546628012-2938781405-500 2020-11-09 12:22 - 2020-12-02 11:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-11-09 12:22 - 2020-12-02 09:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2020-11-09 12:22 - 2020-11-21 09:33 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2020-11-09 12:22 - 2020-11-09 12:22 - 000007623 _____ C:\WINDOWS\diagwrn.xml 2020-11-09 12:22 - 2020-11-09 12:22 - 000007623 _____ C:\WINDOWS\diagerr.xml 2020-11-09 12:22 - 2020-11-09 12:22 - 000000020 ___SH C:\Users\v4lov\ntuser.ini 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Public\Documents\Mijn video's 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Public\Documents\Mijn muziek 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Public\Documents\Mijn afbeeldingen 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\Sjablonen 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\Netwerkprinteromgeving 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\Mijn documenten 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\Menu Start 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\Documents\Mijn video's 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\Documents\Mijn muziek 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\Documents\Mijn afbeeldingen 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default\AppData\Local\Geschiedenis 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\Sjablonen 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\Netwerkprinteromgeving 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\Mijn documenten 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\Menu Start 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\Documents\Mijn video's 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\Documents\Mijn muziek 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\Documents\Mijn afbeeldingen 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Geschiedenis 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\ProgramData\Sjablonen 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programma's 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\ProgramData\Menu Start 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\ProgramData\Documenten 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 _SHDL C:\ProgramData\Bureaublad 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1104448991-546628012-2938781405-1003 2020-11-09 12:22 - 2020-11-09 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel 2020-11-09 12:22 - 2019-11-26 12:56 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1923924566-3817232509-3562779126-500 2020-11-09 12:22 - 2019-11-25 11:45 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-797636797-662734965-1422696969-500 2020-11-09 12:19 - 2020-12-01 16:53 - 000000000 ____D C:\Users\v4lov 2020-11-09 12:19 - 2020-11-24 10:22 - 000002369 _____ C:\Users\v4lov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\Sjablonen 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\Netwerkprinteromgeving 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\Mijn documenten 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\Menu Start 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\Documents\Mijn video's 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\Documents\Mijn muziek 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\Documents\Mijn afbeeldingen 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's 2020-11-09 12:19 - 2020-11-09 12:19 - 000000000 _SHDL C:\Users\v4lov\AppData\Local\Geschiedenis 2020-11-09 12:18 - 2020-12-03 09:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-11-09 12:18 - 2020-12-02 11:03 - 000008192 ___SH C:\DumpStack.log.tmp 2020-11-09 12:18 - 2020-11-15 16:05 - 000456008 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-11-09 12:17 - 2020-11-09 12:22 - 000000000 ____D C:\Windows.old 2020-11-09 12:16 - 2020-11-09 12:17 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2020-11-09 12:15 - 2020-11-09 12:16 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2020-11-09 12:15 - 2020-11-09 12:15 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2020-11-09 12:14 - 2020-11-09 12:14 - 000000000 ____D C:\ProgramData\ssh 2020-11-09 12:12 - 2020-11-09 12:12 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-11-09 12:12 - 2020-11-09 12:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-11-09 12:12 - 2020-11-09 12:12 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 001822256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-11-09 12:12 - 2020-11-09 12:12 - 001393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-11-09 12:12 - 2020-11-09 12:12 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 001309504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2020-11-09 12:12 - 2020-11-09 12:12 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2020-11-09 12:12 - 2020-11-09 12:12 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2020-11-09 12:12 - 2020-11-09 12:12 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2020-11-09 12:12 - 2020-11-09 12:12 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2020-11-09 12:12 - 2020-11-09 12:12 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2020-11-09 12:12 - 2020-11-09 12:12 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2020-11-09 12:12 - 2020-11-09 12:12 - 000306176 _____ C:\WINDOWS\system32\HeatCore.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2020-11-09 12:12 - 2020-11-09 12:12 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax 2020-11-09 12:12 - 2020-11-09 12:12 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl 2020-11-09 12:12 - 2020-11-09 12:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl 2020-11-09 12:12 - 2020-11-09 12:12 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax 2020-11-09 12:12 - 2020-11-09 12:12 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl 2020-11-09 12:12 - 2020-11-09 12:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb 2020-11-09 12:12 - 2020-11-09 12:12 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb 2020-11-09 12:12 - 2020-11-09 12:12 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-11-09 12:12 - 2020-11-09 12:12 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-11-09 12:12 - 2020-11-09 12:12 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2020-11-09 12:12 - 2020-11-09 12:12 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2020-11-09 12:12 - 2020-11-09 12:12 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-11-09 12:12 - 2020-11-09 12:12 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll 2020-11-09 12:12 - 2020-11-09 12:12 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv 2020-11-09 12:11 - 2020-11-09 12:11 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin 2020-11-09 12:11 - 2020-11-09 12:11 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2020-11-09 12:11 - 2020-11-09 12:11 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll 2020-11-09 12:11 - 2020-11-09 12:11 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-11-09 12:11 - 2020-11-09 12:11 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-11-09 12:11 - 2020-11-09 12:11 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-11-09 12:11 - 2020-11-09 12:11 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-11-09 12:11 - 2020-11-09 12:11 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll 2020-11-09 12:11 - 2020-11-09 12:11 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv 2020-11-09 12:11 - 2020-11-09 12:11 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-11-07 10:32 - 2020-11-09 12:22 - 000000000 ___DC C:\WINDOWS\Panther 2020-11-07 10:29 - 2020-11-07 10:29 - 000000000 ___HD C:\$WinREAgent ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-12-03 09:39 - 2020-10-04 19:31 - 000000000 ____D C:\Users\v4lov\Downloads\complete 2020-12-03 09:34 - 2020-10-01 14:44 - 000000000 ____D C:\Users\v4lov\Downloads\incomplete 2020-12-03 08:47 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-03 08:35 - 2020-06-10 09:52 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-03 08:35 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-03 08:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-03 08:34 - 2020-10-04 20:38 - 000000000 ____D C:\Users\v4lov\AppData\Local\Videostream 2020-12-03 08:34 - 2020-03-30 13:20 - 000000000 ___RD C:\Users\v4lov\OneDrive 2020-12-03 08:34 - 2020-03-30 13:18 - 000000000 __SHD C:\Users\v4lov\IntelGraphicsProfiles 2020-12-02 16:18 - 2020-03-30 13:44 - 000000000 ____D C:\Users\v4lov\AppData\Roaming\KeePass 2020-12-02 11:10 - 2019-12-07 16:12 - 000748176 _____ C:\WINDOWS\system32\perfh013.dat 2020-12-02 11:10 - 2019-12-07 16:12 - 000146146 _____ C:\WINDOWS\system32\perfc013.dat 2020-12-02 11:10 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-02 11:04 - 2020-04-29 08:13 - 000000000 ____D C:\ProgramData\Avast Software 2020-12-02 11:03 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-02 11:02 - 2020-04-29 07:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2020-12-02 11:02 - 2020-04-28 13:33 - 000000000 ____D C:\Program Files\KMSpico 2020-12-02 10:05 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-12-01 16:13 - 2019-12-25 01:59 - 002043084 ____N C:\WINDOWS\Minidump\120120-11218-01.dmp 2020-12-01 15:36 - 2020-04-28 13:59 - 000000000 ____D C:\Users\v4lov\AppData\Local\D3DSCache 2020-11-29 16:33 - 2020-07-20 07:06 - 000010754 _____ C:\Users\v4lov\Desktop\Vera aan rudy.xlsx 2020-11-29 10:33 - 2020-09-30 10:17 - 000000841 _____ C:\Users\v4lov\Desktop\SABnzbd.lnk 2020-11-29 10:33 - 2020-09-30 10:17 - 000000000 ____D C:\Program Files\SABnzbd 2020-11-24 16:44 - 2020-04-02 10:58 - 000000000 ____D C:\Users\v4lov\AppData\Roaming\vlc 2020-11-23 09:30 - 2020-03-30 14:29 - 000006206 _____ C:\Users\v4lov\Desktop\Database.kdbx 2020-11-22 09:29 - 2020-05-25 07:26 - 000000000 ____D C:\Users\v4lov\AppData\Local\CrashDumps 2020-11-21 09:33 - 2020-10-14 13:28 - 000176744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2020-11-21 09:33 - 2020-08-17 09:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2020-11-21 09:33 - 2020-04-29 08:14 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000521752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000469832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000332368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000326416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000206408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000097352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2020-11-21 09:33 - 2020-04-29 08:14 - 000016816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2020-11-18 10:56 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2020-11-18 10:56 - 2019-11-25 12:35 - 000000000 ____D C:\Program Files\Microsoft Office 2020-11-18 09:39 - 2020-04-30 07:19 - 000000000 ____D C:\Program Files (x86)\Belgium Identity Card 2020-11-18 09:08 - 2020-03-30 15:57 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-11-18 09:06 - 2020-03-30 15:57 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-11-17 14:26 - 2020-03-30 13:18 - 000000000 ____D C:\Users\v4lov\AppData\Local\Packages 2020-11-16 22:07 - 2020-08-17 09:31 - 000722760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll 2020-11-16 22:07 - 2020-08-17 09:31 - 000470344 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll 2020-11-16 14:23 - 2020-04-02 10:58 - 000000920 _____ C:\Users\Public\Desktop\VLC media player.lnk 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-11-15 16:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-11-15 13:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2020-11-15 13:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-11-13 09:38 - 2020-03-30 13:35 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-13 09:38 - 2020-03-30 13:35 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-11-10 08:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat 2020-11-09 12:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2020-11-09 12:23 - 2020-03-30 13:18 - 000000000 ___RD C:\Users\v4lov\3D Objects 2020-11-09 12:23 - 2020-03-30 13:15 - 000000000 ____D C:\ProgramData\Packages 2020-11-09 12:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate 2020-11-09 12:23 - 2019-11-25 11:44 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-11-09 12:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT 2020-11-09 12:22 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-11-09 12:22 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2020-11-09 12:20 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries 2020-11-09 12:19 - 2020-10-04 20:38 - 000000000 ____D C:\Users\v4lov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videostream 2020-11-09 12:19 - 2020-09-30 10:17 - 000000000 ____D C:\Users\v4lov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SABnzbd 2020-11-09 12:19 - 2020-06-03 09:18 - 000000000 ____D C:\Users\v4lov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-11-09 12:19 - 2020-04-19 10:04 - 000000000 ____D C:\Users\v4lov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Garmin 2020-11-09 12:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2020-11-09 12:18 - 2019-11-26 13:41 - 000000000 ____D C:\Intel 2020-11-09 12:17 - 2020-06-03 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-11-09 12:17 - 2020-05-29 16:49 - 000000000 ____D C:\Program Files\UNP 2020-11-09 12:17 - 2020-05-25 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SETUP 2020-11-09 12:17 - 2020-04-30 07:19 - 000000000 ____D C:\WINDOWS\SysWOW64\beidpp 2020-11-09 12:17 - 2020-04-29 07:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's 2020-11-09 12:17 - 2020-04-26 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXresizer 2020-11-09 12:17 - 2020-04-19 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2020-11-09 12:17 - 2020-04-02 10:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2020-11-09 12:17 - 2020-04-01 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotnet 2020-11-09 12:17 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup 2020-11-09 12:17 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2020-11-09 12:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2020-11-09 12:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2020-11-09 12:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ta-in 2020-11-09 12:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool 2020-11-09 12:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2020-11-09 12:17 - 2019-11-26 13:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover 2020-11-09 12:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2020-11-09 12:17 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2020-11-09 12:16 - 2020-05-25 08:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2020-11-09 12:16 - 2020-03-30 17:32 - 000000000 ____D C:\WINDOWS\Firmware 2020-11-09 12:16 - 2020-03-30 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2020-11-09 12:16 - 2019-11-27 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDION 2020-11-09 12:16 - 2019-11-27 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI 2020-11-09 12:14 - 2019-12-07 16:15 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2020-11-09 12:14 - 2019-12-07 16:15 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2020-11-09 12:14 - 2019-12-07 16:15 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2020-11-09 12:14 - 2019-12-07 16:15 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2020-11-09 12:14 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2020-11-04 09:51 - 2020-03-30 13:43 - 000001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2020-11-04 09:51 - 2020-03-30 13:43 - 000001178 _____ C:\Users\v4lov\Desktop\KeePass 2.lnk 2020-11-04 09:51 - 2020-03-30 13:43 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2 ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================