Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20.06.2018 Gestart door coole (Beheerder) op DESKTOP-9VO3GE1 (15-07-2018 10:57:06) Gestart vanaf C:\Users\coole\Downloads Geladen Profielen: coole (Beschikbare Profielen: coole) Platform: Windows 10 Home Versie 1803 17134.112 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.154\deploy\LeagueClient.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.154\deploy\LeagueClientUx.exe (Discord Inc.) C:\Users\coole\AppData\Local\Discord\app-0.0.301\Discord.exe () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.154\deploy\LeagueClientUxRender.exe () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.154\deploy\LeagueClientUxRender.exe (Discord Inc.) C:\Users\coole\AppData\Local\Discord\app-0.0.301\Discord.exe (juvlarN) C:\Users\coole\Desktop\games\vibranceGUI.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe (SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (Discord Inc.) C:\Users\coole\AppData\Local\Discord\app-0.0.301\Discord.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\OEM\Preload\FubTracking\FubTracking.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412952 2015-10-12] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-30] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-1604149207-2945385753-925598284-1001\...\Run: [Discord] => C:\Users\coole\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.) HKU\S-1-5-21-1604149207-2945385753-925598284-1001\...\Run: [vibranceGUI] => C:\Users\coole\Desktop\games\vibranceGUI.exe [797184 2018-01-01] (juvlarN) HKU\S-1-5-21-1604149207-2945385753-925598284-1001\...\Run: [Overwolf] => D:\playvig\Overwolf\OverwolfLauncher.exe [1224520 2018-07-01] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-04-03] ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{f0774a1c-1687-4d65-9905-5e8f229111bb}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{f26a5c65-f982-4d96-8714-485044d1b6fa}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1604149207-2945385753-925598284-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.be/ HKU\S-1-5-21-1604149207-2945385753-925598284-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE SearchScopes: HKU\S-1-5-21-1604149207-2945385753-925598284-1001 -> DefaultScope {BB84DDB2-D7F5-4135-A9B0-58A5520514F0} URL = SearchScopes: HKU\S-1-5-21-1604149207-2945385753-925598284-1001 -> {2EB47208-F657-46E3-AF37-880722B84874} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-09-12] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 6yd2b76q.default FF ProfilePath: C:\Users\coole\AppData\Roaming\Mozilla\Firefox\Profiles\6yd2b76q.default [2018-01-01] FF Extension: (Amazon Assistant for Firefox) - C:\Users\coole\AppData\Roaming\Mozilla\Firefox\Profiles\6yd2b76q.default\Extensions\abb-acer@amazon.com [2018-01-01] [Verouderd] FF Extension: (Nederlands (NL) Language Pack) - C:\Users\coole\AppData\Roaming\Mozilla\Firefox\Profiles\6yd2b76q.default\Extensions\langpack-nl@firefox.mozilla.org [2018-01-01] [Verouderd] FF Extension: (Mozilla Partner Defaults) - C:\Users\coole\AppData\Roaming\Mozilla\Firefox\Profiles\6yd2b76q.default\Extensions\partnerdefaults@mozilla.com [2018-01-01] [Verouderd] FF Extension: (Youtube Unblocker Remediation) - C:\Users\coole\AppData\Roaming\Mozilla\Firefox\Profiles\6yd2b76q.default\features\{847f7001-63aa-4d93-ad07-e95c6cf9eba3}\malware-remediation@mozilla.org.xpi [2018-01-01] [Verouderd] FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-04] [Verouderd] [ niet getekend] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.be/ CHR StartupUrls: Default -> "hxxp://www.google.be/" CHR NewTab: Default -> Not-active:"chrome-extension://jepibmfmhopgkplegmkjgifmhabbjadg/newtab/newtab.html" CHR Profile: C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default [2018-07-15] CHR Extension: (Easy Auto Refresh) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2018-07-14] CHR Extension: (Presentaties) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-14] CHR Extension: (Documenten) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-14] CHR Extension: (Google Drive) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-14] CHR Extension: (YouTube) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-14] CHR Extension: (Steam Inventory Helper) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2018-07-14] CHR Extension: (Download Beheer) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\daoidaoebhfcgccdpgjjcbdginkofmfe [2018-07-14] CHR Extension: (Tampermonkey) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-07-14] CHR Extension: (Hoog contrast) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2018-07-14] CHR Extension: (Video Downloader professional) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2018-07-14] CHR Extension: (Polycraft) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopfmbpfhhfnklgmjpoehcjaajhpbhbl [2018-07-14] CHR Extension: (Spreadsheets) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-14] CHR Extension: (Offline Documenten) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-14] CHR Extension: (AdBlock) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-14] CHR Extension: (Flavr - Custom Google™ achtergrond & nieuw tabblad) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg [2018-07-14] CHR Extension: (Cut the Rope) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbadlndcminbkfojhlimnkgaackjmdo [2018-07-14] CHR Extension: (Flashcontrol) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2018-07-14] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-14] CHR Extension: (Gmail) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-14] CHR Extension: (Chrome Media Router) - C:\Users\coole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-14] CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-05-28] () R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-28] (EasyAntiCheat Ltd) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-15] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Bestand niet getekend] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Bestand niet getekend] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-14] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2017-09-14] () R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation) S3 OverwolfUpdater; D:\playvig\Overwolf\OverwolfUpdater.exe [1967432 2018-07-01] (Overwolf LTD) R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [376272 2016-03-23] (Razer Inc.) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758760 2017-09-14] (Intel® Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation) R1 MpKsl0fdec9b7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1E1280BF-64A9-46DB-8C8C-E2707369AD1D}\MpKsl0fdec9b7.sys [58120 2018-07-14] (Microsoft Corporation) R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7647232 2017-10-25] (Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2018-01-24] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010656 2017-11-21] (Realtek ) R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38656 2015-06-09] (Realtek semiconductor corp) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation) S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) S3 ssbthid; C:\WINDOWS\System32\drivers\ssbthid.sys [43888 2017-05-12] (SteelSeries ApS) R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2017-12-15] () R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47944 2018-01-16] (SteelSeries ApS) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (QUALCOMM Incorporated) S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [54104 2017-08-30] (STMicroelectronics) R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [203328 2018-02-26] (Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [213632 2018-02-26] (Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-07-15 10:57 - 2018-07-15 10:57 - 000021940 _____ C:\Users\coole\Downloads\FRST.txt 2018-07-15 10:57 - 2018-07-15 10:57 - 000000000 ____D C:\FRST 2018-07-15 10:56 - 2018-07-15 10:56 - 002412544 _____ (Farbar) C:\Users\coole\Downloads\FRST64.exe 2018-07-14 11:19 - 2018-07-14 21:41 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2018-07-14 11:14 - 2018-07-14 21:42 - 000000000 ____D C:\WINDOWS\pss 2018-07-14 10:50 - 2018-07-14 10:51 - 007402192 _____ (Malwarebytes) C:\Users\coole\Downloads\adwcleaner_7.2.1.exe 2018-07-14 10:35 - 2018-07-14 10:52 - 000000000 ____D C:\AdwCleaner 2018-07-14 10:27 - 2018-07-14 11:48 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-07-14 10:27 - 2018-07-14 11:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-07-14 10:27 - 2018-07-14 10:43 - 000000000 ____D C:\Users\coole\AppData\LocalLow\Mozilla 2018-07-14 10:27 - 2018-07-14 10:27 - 000000000 ____D C:\Users\coole\Desktop\Oude Firefox-gegevens 2018-07-14 10:24 - 2018-07-14 10:24 - 000000000 ____D C:\Users\coole\AppData\Roaming\Google 2018-07-13 22:11 - 2018-07-13 22:11 - 000000000 ____D C:\ProgramData\Packages 2018-07-05 21:15 - 2018-07-13 21:49 - 000000000 ____D C:\Users\coole\AppData\LocalLow\uTorrent 2018-07-05 20:56 - 2018-07-14 11:48 - 000000000 ____D C:\Users\coole\Downloads\Borat (2006) 2018-07-05 20:56 - 2018-07-05 20:56 - 000030655 _____ C:\Users\coole\Downloads\borat-2006-dutch-yify-4117.zip 2018-07-05 20:12 - 2018-07-05 20:12 - 000000000 ____D C:\Users\coole\AppData\Local\bunkus.org 2018-07-05 20:08 - 2018-07-05 20:08 - 000033956 _____ C:\Users\coole\Downloads\dumb-dumber-dutch-yify-21453.zip 2018-07-05 20:03 - 2018-07-14 11:48 - 000000000 ____D C:\Users\coole\Downloads\Dumb and Dumber (1994) 2018-07-04 14:39 - 2018-07-05 14:40 - 000000000 ____D C:\Users\coole\AppData\Roaming\DS4Windows 2018-07-04 14:39 - 2018-07-04 14:39 - 001174539 _____ C:\Users\coole\Downloads\DS4Windows.zip 2018-07-04 14:35 - 2018-07-14 11:48 - 000000000 ____D C:\Users\coole\Desktop\The.Binding.of.Isaac.Afterbirth.Plus.Update.22 2018-07-04 14:28 - 2018-07-04 14:29 - 642732116 _____ C:\Users\coole\Downloads\The.Binding.of.Isaac.Afterbirth.Plus.Update.22.rar 2018-06-30 12:36 - 2018-06-30 12:36 - 000001066 _____ C:\Users\coole\Downloads\lol lists.zip 2018-06-26 22:09 - 2018-06-26 22:10 - 000000000 ____D C:\Users\coole\AppData\Roaming\Notepad++ 2018-06-26 22:09 - 2018-06-26 22:09 - 004299968 _____ (Don HO don.h@free.fr) C:\Users\coole\Downloads\npp.7.5.6.Installer.exe 2018-06-26 22:09 - 2018-06-26 22:09 - 000001092 _____ C:\Users\Public\Desktop\Notepad++.lnk 2018-06-26 22:09 - 2018-06-26 22:09 - 000000000 ____D C:\Users\coole\AppData\Local\Notepad++ 2018-06-26 22:09 - 2018-06-26 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2018-06-26 22:09 - 2018-06-26 22:09 - 000000000 ____D C:\Program Files (x86)\Notepad++ 2018-06-26 21:56 - 2018-06-26 21:56 - 000000000 ____D C:\Users\coole\AppData\Local\FalloutNV 2018-06-26 19:31 - 2018-06-26 19:31 - 000000221 _____ C:\Users\coole\Desktop\Fallout New Vegas.url 2018-06-26 16:22 - 2018-06-26 16:22 - 000000000 ____D C:\Users\coole\AppData\Local\Just Cause 3 Multiplayer 2018-06-26 16:19 - 2018-06-26 16:19 - 000000222 _____ C:\Users\coole\Desktop\Just Cause 3 Multiplayer Mod.url 2018-06-26 16:19 - 2018-06-26 16:19 - 000000000 ____D C:\Users\coole\Documents\Square Enix 2018-06-26 15:02 - 2018-06-26 15:02 - 000000000 ____D C:\Users\coole\AppData\Local\Sniper3 2018-06-26 14:44 - 2018-06-26 14:44 - 000000222 _____ C:\Users\coole\Desktop\Just Cause 3.url 2018-06-26 13:45 - 2018-06-26 13:45 - 000000222 _____ C:\Users\coole\Desktop\Sniper Elite 3.url 2018-06-17 20:23 - 2018-06-17 20:23 - 000000741 _____ C:\Users\Public\Desktop\League of Legends.lnk 2018-06-17 20:23 - 2018-06-17 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2018-06-17 20:22 - 2018-06-17 20:22 - 078841400 _____ (Riot Games, Inc) C:\Users\coole\Downloads\League of Legends installer NA (1).exe 2018-06-17 20:22 - 2018-06-17 20:22 - 000000000 ____D C:\Riot Games ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-07-15 10:55 - 2017-12-30 03:11 - 000000000 ____D C:\ProgramData\NVIDIA 2018-07-15 10:54 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-07-14 21:48 - 2018-05-14 18:33 - 001770622 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-07-14 21:48 - 2018-04-12 18:01 - 000785344 _____ C:\WINDOWS\system32\perfh013.dat 2018-07-14 21:48 - 2018-04-12 18:01 - 000154196 _____ C:\WINDOWS\system32\perfc013.dat 2018-07-14 21:48 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2018-07-14 21:44 - 2016-08-09 06:24 - 000000000 ____D C:\Program Files (x86)\Steam 2018-07-14 21:42 - 2018-05-14 18:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-07-14 21:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-07-14 21:42 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-07-14 21:40 - 2018-05-14 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-07-14 11:49 - 2016-08-09 06:01 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles 2018-07-14 11:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\InfusedApps 2018-07-14 11:48 - 2018-02-04 17:04 - 000000000 ____D C:\Users\coole\Downloads\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P 2018-07-14 11:48 - 2018-02-04 16:59 - 000000000 ____D C:\Users\coole\AppData\Roaming\uTorrent 2018-07-14 11:48 - 2018-01-01 22:19 - 000000000 ____D C:\Users\coole\AppData\Roaming\vibranceGUI 2018-07-14 11:48 - 2018-01-01 22:16 - 000000000 ____D C:\Users\coole\AppData\Roaming\discord 2018-07-14 11:48 - 2017-12-29 22:50 - 000000000 ____D C:\Users\coole\AppData\Local\ConnectedDevicesPlatform 2018-07-14 11:48 - 2016-08-09 06:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2018-07-14 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\registration 2018-07-14 11:46 - 2018-01-01 22:11 - 000000000 ____D C:\Users\coole\AppData\Local\Google 2018-07-14 11:46 - 2018-01-01 22:11 - 000000000 ____D C:\Program Files (x86)\Google 2018-07-14 11:46 - 2018-01-01 21:54 - 000000000 ____D C:\Users\coole\AppData\Roaming\Mozilla 2018-07-14 11:22 - 2018-03-04 20:14 - 000000000 ____D C:\Users\coole\AppData\Local\ElevatedDiagnostics 2018-07-14 11:06 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-07-14 10:56 - 2018-01-01 21:55 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-07-14 10:55 - 2018-02-04 17:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2018-07-14 10:55 - 2018-01-01 21:55 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-07-14 10:51 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-07-14 10:50 - 2018-05-14 18:30 - 000000000 ____D C:\Users\coole 2018-07-14 10:49 - 2018-02-25 20:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-07-13 21:55 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-07-02 17:07 - 2018-05-23 19:49 - 000000000 ____D C:\Users\coole\AppData\Local\D3DSCache 2018-07-02 12:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-06-27 10:52 - 2018-02-04 12:40 - 000000000 ____D C:\Users\coole\Desktop\school 2018-06-26 21:56 - 2018-02-10 15:56 - 000000000 ____D C:\Users\coole\Documents\My Games 2018-06-26 21:14 - 2018-01-01 22:11 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-06-26 19:31 - 2018-01-01 22:02 - 000000000 ____D C:\Users\coole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2018-06-18 21:33 - 2018-01-02 00:39 - 000000000 ____D C:\Users\coole\Documents\League of Legends 2018-06-15 13:35 - 2018-05-14 18:25 - 000498816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-06-15 13:35 - 2017-12-29 22:50 - 000000000 ___RD C:\Users\coole\3D Objects 2018-06-15 13:35 - 2016-02-13 15:20 - 000000000 __RHD C:\Users\Public\AccountPictures ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-05-14 18:25 ==================== Eind van FRST.txt ============================