Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 30.01.2019 Gestart door Willem Blaas (Beheerder) op DESKTOP-0OHV0IT (02-02-2019 10:36:39) Gestart vanaf C:\Users\Willem Blaas\Desktop Geladen Profielen: Willem Blaas (Beschikbare Profielen: defaultuser0 & Willem Blaas) Platform: Windows 10 Home Versie 1803 17134.556 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxCUIService.exe (Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxEM.exe (Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (F-Secure Corporation) C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fsulprothoster.exe (F-Secure Corporation) C:\Program Files (x86)\Safe Online\fshoster32.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (F-Secure Corporation) C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fshoster64.exe (F-Secure Corporation) C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fshoster64.exe (F-Secure Corporation) C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fsorsp64.exe (ICEpower) C:\Windows\System32\ICEsoundService64.exe (F-Secure Corporation) C:\Program Files (x86)\Safe Online\fshoster32.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (4Team) C:\Program Files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe (Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe (pdfforge GmbH) C:\Program Files\PDF Architect 6\updater-ws.exe (pdfforge GmbH) C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe () C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe (F-Secure Corporation) C:\Program Files (x86)\Safe Online\fshoster32.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxext.exe (pdfforge GmbH) C:\Program Files\PDF Architect 6\ws.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (4Team Corporation) C:\Program Files (x86)\4Team Corporation\Safe PST Backup\SafePSTBackup.exe (Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe () C:\Program Files (x86)\RocketDock\RocketDock.exe () C:\OEM\Preload\FubTool\FubTool.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4090176 2019-01-22] (Dropbox, Inc.) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3268176 2018-09-10] (Dominik Reichl) HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-12-07] (Glarysoft Ltd) HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\Run: [Safe PST Backup] => C:\Program Files (x86)\4Team Corporation\Safe PST Backup\SafePSTBackup.exe [15792632 2018-02-01] (4Team Corporation) HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd) HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\Run: [Advanced SystemCare 12] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=0|2|Default|0|chrome-extension://pbjikboenpfhbbejgkoklgkhjpfogcam/|pbjikboenpfhbbejgkoklgkhjpfogcam-b95363c922e4761c --flag-switches-begin --flag-switches-end --restore-last-session HKU\S-1-5-21-752935264-2207249693-1250420677-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin Ltd. or its subsidiaries) HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech Inc.) HKLM\...\Drivers32: [MSVideo] => C:\WINDOWS\system32\vfwwdm32.dll [67072 2018-04-12] (Microsoft Corporation) HKLM\...\Drivers32-x32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.) BootExecute: autocheck autochk * ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 Tcpip\..\Interfaces\{6a6c9697-aced-4ec5-a43c-741c1357e3d9}: [DhcpNameServer] 62.179.104.196 213.46.228.196 Tcpip\..\Interfaces\{e8693887-11d0-43e7-bcf8-a687c2f89b6f}: [DhcpNameServer] 62.179.104.196 213.46.228.196 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKU\S-1-5-21-752935264-2207249693-1250420677-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-752935264-2207249693-1250420677-1001 -> {49AA4A95-9DDE-4EF6-8C8B-89AB3C896A5B} URL = BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => Geen bestand BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-08] (Microsoft Corporation) BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Safe Online\apps\Ultralight\nif\1548158474\browser\install\fs_ie_https\fs_ie_https64.dll [2019-01-22] (F-Secure Corporation) BHO: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-03] (Microsoft Corporation) BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Safe Online\apps\Ultralight\nif\1548158474\browser\install\fs_ie_https\fs_ie_https.dll [2019-01-22] (F-Secure Corporation) BHO-x32: PDF Architect 6 Helper -> {9FD094B1-A4BF-415A-82AE-8C2845D0B769} -> C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-helper.dll [2018-10-23] (pdfforge GmbH) BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll => Geen bestand Toolbar: HKLM - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH) Toolbar: HKLM-x32 - PDF Architect 6 Toolbar - {E8536605-CA24-4DFF-B1BC-316EE27F6DF7} - C:\Program Files (x86)\PDF Architect 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2018-10-23] (pdfforge GmbH) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-08] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: lssjbg6o.default FF ProfilePath: C:\Users\Willem Blaas\AppData\Roaming\Nightingale\Profiles\t2iwnxce.default [2018-09-23] FF Extension: (Dutch (nl) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Nightingale\Profiles\t2iwnxce.default\Extensions\langpack-nl@getnightingale.com [2018-08-29] [Verouderd] [niet getekend] FF Extension: (SoundCloud) - C:\Users\Willem Blaas\AppData\Roaming\Nightingale\Profiles\t2iwnxce.default\Extensions\soundcloud@songbirdnest.com [2018-08-29] [Verouderd] [niet getekend] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\albumart@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\bluemonday@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\foldersync-ng@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\foldersync@rsjtdrjgfuzkfg.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\gonzo@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\pinkmartini@songbirdnest.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\playlistfolders@getnightingale.com [niet gevonden] FF Extension: (Geen Naam) - C:\Program Files (x86)\Nightingale\extensions\purplerain@songbirdnest.com [niet gevonden] FF ProfilePath: C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default [2019-02-02] FF user.js: detected! => C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\user.js [2018-11-20] FF Homepage: Mozilla\Firefox\Profiles\lssjbg6o.default -> hxxps://nl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180711__yaff FF NewTab: Mozilla\Firefox\Profiles\lssjbg6o.default -> hxxps://nl.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180711__yaff FF Extension: (Amazon Assistant for Firefox) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\abb-acer@amazon.com [2017-05-04] [Verouderd] FF Extension: (العربية Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-ar@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Английски (САЩ) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-bg@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Czech (CZ) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-cs@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Dansk (da) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-da@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-de@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Ελληνικά Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-el@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (English (US) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-en-US@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Español (España) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-es-ES@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Estonian Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-et@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Finnish Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-fi@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Français Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-fr@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-he@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Magyar (HU) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-hu@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Italiano (IT) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-it@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Japanese Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-ja@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Korean (KR) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-ko@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Lietuvių Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-lt@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Norsk bokmål (NO) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-nb-NO@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-nl@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Polski Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-pl@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Português (pt-BR) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-pt-BR@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Português (Portugal) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-pt-PT@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Russian (RU) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-ru@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Slovak (SK) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-sk@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Slovenski jezik Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-sl@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (српски (sr) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-sr@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Svenska (SE) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-sv-SE@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (ไทย Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-th@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Türkçe (TR) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-tr@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Ukrainian (UA) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-uk@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-zh-CN@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\langpack-zh-TW@firefox.mozilla.org [2017-05-04] [Verouderd] FF Extension: (Mozilla Partner Defaults) - C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\Extensions\partnerdefaults@mozilla.com [2017-05-04] [Verouderd] FF SearchPlugin: C:\Users\Willem Blaas\AppData\Roaming\Mozilla\Firefox\Profiles\lssjbg6o.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-07-11] FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Safe Online\apps\Ultralight\nif\1548158474\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\Safe Online\apps\Ultralight\nif\1548158474\browser\install\fs_firefox_https\fs_firefox_https.xpi [2019-01-22] FF HKLM-x32\...\Firefox\Extensions: [{F5C9A887-F242-4896-AA5B-D5853EAAEA31}] - C:\Program Files (x86)\Kotato\FLV Downloader\FLVD_FF.xpi FF Extension: (FLV Downloader Extension) - C:\Program Files (x86)\Kotato\FLV Downloader\FLVD_FF.xpi [2016-07-26] [Verouderd] FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Safe Online\apps\Ultralight\nif\1548158474\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-01-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.nl/ CHR StartupUrls: Default -> "hxxps://encrypted.google.com/" CHR NewTab: Default -> Not-active:"chrome-extension://dnckbjbhoclehoieokgiecdiakbaoodg/newtabproduct.html", Not-active:"chrome-extension://emilpohamjafokgdhoggckjldbpkbhlh/newtabproduct.html", Not-active:"chrome-extension://gnmjknmalpknlmhpbfmnidbgkncebohg/newtabproduct.html", Active:"chrome-extension://fmgkbbgmfadinoembkciofacghellcmj/newtabproduct.html", Active:"chrome-extension://icbhbegbnafpiiaomogcddhhjpijpikp/newtabproduct.html", Active:"chrome-extension://jhmonpjmhgcjcacmnipddbdlphindcpn/newtabproduct.html", Not-active:"chrome-extension://dhjghcdeopofofdgnmfcnmgmfmbplpmm/newtabproduct.html", Not-active:"chrome-extension://nladljmabboanhihfkjacnnkgjhnokhj/new-tab.html", Not-active:"chrome-extension://ikecjjeekejbjbibeaogbfcpplilghbb/newtab/newtab.html" CHR Profile: C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default [2019-02-02] CHR Extension: (Presentaties) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Documenten) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-03] CHR Extension: (YouTube) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-03] CHR Extension: (Tampermonkey) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-12-20] CHR Extension: (Search Encrypt) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhfibbgfabkckmhgjhinddpgfmppjldl [2019-01-19] CHR Extension: (FileShareFanatic) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjghcdeopofofdgnmfcnmgmfmbplpmm [2018-08-23] CHR Extension: (MyFileConvert) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnckbjbhoclehoieokgiecdiakbaoodg [2018-12-20] CHR Extension: (MapsGalaxy) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjlpnhlacimodfhpbfnajakhjpbnlie [2018-08-28] CHR Extension: (FindYourMaps) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\emilpohamjafokgdhoggckjldbpkbhlh [2019-02-01] CHR Extension: (AudioToAudio - for Chrome) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmgkbbgmfadinoembkciofacghellcmj [2019-02-01] CHR Extension: (Offline Documenten) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (EasyDocMerge) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnmjknmalpknlmhpbfmnidbgkncebohg [2018-10-24] CHR Extension: (Maps & Directions by MapsGalaxy) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icbhbegbnafpiiaomogcddhhjpijpikp [2019-01-31] CHR Extension: (EmailEasyAccess) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikecjjeekejbjbibeaogbfcpplilghbb [2018-07-11] CHR Extension: (FileShareFanatic) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhmonpjmhgcjcacmnipddbdlphindcpn [2018-09-06] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2018-11-26] CHR Extension: (Adaware Secure) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2018-11-09] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Zoom in op afbeeldin) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfffoifiebmakblbndlomkkilcdoham [2019-01-28] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2019-01-28] CHR Extension: (Gmail) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-03] CHR Extension: (Chrome Media Router) - C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-05] CHR Profile: C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-01-30] CHR Profile: C:\Users\Willem Blaas\AppData\Local\Google\Chrome\User Data\System Profile [2019-01-30] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-752935264-2207249693-1250420677-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [406512 2018-12-17] (Windows (R) Win 7 DDK provider) S3 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278616 2017-03-20] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation) R2 CybereasonRansomFree; C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe [13824 2017-11-20] (Cybereason) [Bestand niet getekend] S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-31] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-31] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-01-22] (Dropbox, Inc.) R2 fshoster; C:\Program Files (x86)\Safe Online\fshoster32.exe [213472 2018-05-08] (F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\Safe Online\fshoster32.exe [213472 2018-05-08] (F-Secure Corporation) S3 fsphfext; C:\WINDOWS\SysWOW64\HFExtSvc.exe [166176 2017-05-05] (FSPro Labs) R2 fsulhoster; C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fshoster64.exe [579560 2019-02-01] (F-Secure Corporation) R2 fsulnethoster; C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fshoster64.exe [579560 2019-02-01] (F-Secure Corporation) R2 fsulorsp; C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fsorsp64.exe [101320 2019-02-01] (F-Secure Corporation) R2 fsulprothoster; C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fsulprothoster.exe [579560 2019-02-01] (F-Secure Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806144 2018-11-08] (ICEpower) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Corporation) R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26576 2018-01-11] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation) R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-19] (Logitech) R3 PDF Architect 6; C:\Program Files\PDF Architect 6\ws.exe [2569976 2018-10-23] (pdfforge GmbH) R2 PDF Architect 6 Creator; C:\Program Files\PDF Architect 6\creator\common\creator-ws.exe [832248 2018-10-23] (pdfforge GmbH) R2 PDF Architect 6 Update Service; C:\Program Files\PDF Architect 6\updater-ws.exe [1665272 2018-10-23] (pdfforge GmbH) R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated) R2 SafePSTShadowCopy; C:\Program Files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe [16392 2018-02-01] (4Team) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [113024 2018-02-12] () S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-28] (acer) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-10-07] (Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-10-07] (Microsoft Corporation) S2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X] S2 Dashlane Upgrade Service; "C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe" [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [72032 2018-12-17] (Qualcomm) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2018-06-27] (Samsung Electronics Co., Ltd.) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-07-04] (ELAN Microelectronic Corp.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fsulgk.sys [262200 2019-02-01] (F-Secure Corporation) R1 F-Secure UL HIPS; C:\Program Files (x86)\Safe Online\apps\Ultralight\ulcore\1548938651\fshs.sys [102456 2019-02-01] (F-Secure Corporation) R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [65872 2018-10-11] () S0 fselms; C:\WINDOWS\System32\drivers\fselms.sys [15360 2018-10-11] (F-Secure Corporation) R3 fsni; C:\Program Files (x86)\Safe Online\apps\Ultralight\nif\1548158474\fsni64.sys [109224 2019-01-22] (F-Secure Corporation) S1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2018-09-07] (Glarysoft Ltd) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-05] (REALiX(tm)) R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [967696 2018-09-28] (Intel Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2018-12-17] (Acer Incorporated) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2018-12-17] (Acer Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2018-10-23] (Realtek ) R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [873416 2018-10-26] (Realsil Semiconductor Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57432 2016-09-05] (Synaptics Incorporated) R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-07] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [352424 2018-10-07] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-10-07] (Microsoft Corporation) S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X] S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X] U3 aswbdisk; geen ImagePath S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X] S4 IMFMBRProtect; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFMBRProtect.sys [X] S4 IMFSafeBox; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFSafeBox.sys [X] S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) ======== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-02-02 10:36 - 2019-02-02 10:36 - 000037350 _____ C:\Users\Willem Blaas\Desktop\FRST.txt 2019-02-02 10:29 - 2019-02-02 10:29 - 000000000 ___HD C:\OneDriveTemp 2019-02-02 10:28 - 2019-02-02 10:28 - 000520579 ____N C:\Users\Xfai\approach mat theological.xlsx 2019-02-02 10:28 - 2019-02-02 10:28 - 000520347 ____N C:\Users\Akoy4q\vocabulary.goods.xlsx 2019-02-02 10:28 - 2019-02-02 10:28 - 000229342 ____N C:\Users\Akoy4q\nakedchair.mdb 2019-02-02 10:28 - 2019-02-02 10:28 - 000215739 ____N C:\Users\Xfai\drawing.exchange.legislative.mdb 2019-02-02 10:28 - 2019-02-02 10:28 - 000071360 ____N C:\Users\Xfai\famous_factories.xls 2019-02-02 10:28 - 2019-02-02 10:28 - 000069455 ____N C:\Users\Akoy4q\boards-builder-confusion.xls 2019-02-02 10:28 - 2019-02-02 10:28 - 000055369 ____N C:\Users\Xfai\routinenotesbasementare.pem 2019-02-02 10:28 - 2019-02-02 10:28 - 000053273 ____N C:\Users\Akoy4q\conceptstemaccompanymonths.pem 2019-02-02 10:28 - 2019-02-02 10:28 - 000036253 ____N C:\Users\Xfai\beginning-alliance.txt 2019-02-02 10:28 - 2019-02-02 10:28 - 000024129 ____N C:\Users\Akoy4q\holes_cheat.txt 2019-02-02 10:28 - 2019-02-02 10:28 - 000016707 ____N C:\Users\Akoy4q\directed-animals-cruel-albert.sql 2019-02-02 10:28 - 2019-02-02 10:28 - 000010598 ____N C:\Users\Xfai\willing_way_twelve.sql 2019-02-02 10:28 - 2019-02-02 10:28 - 000000000 __SHD C:\Users\Willem Blaas\Desktop\0K, this directory is for Ransomware detection (just leave it here) 2019-02-02 10:28 - 2019-02-02 10:28 - 000000000 ___HD C:\Users\Xfai 2019-02-02 10:28 - 2019-02-02 10:28 - 000000000 ___HD C:\Users\Willem Blaas\Documents\Qpackage3 2019-02-02 10:28 - 2019-02-02 10:28 - 000000000 ___HD C:\Users\Willem Blaas\Documents\.suser52 2019-02-02 10:28 - 2019-02-02 10:28 - 000000000 ___HD C:\Users\Akoy4q 2019-02-02 10:28 - 2019-02-02 10:28 - 000000000 ____D C:\Acuse23 2019-02-02 10:28 - 2019-02-02 10:28 - 000000000 ____D C:\_hhelper45 2019-02-02 10:26 - 2019-02-02 10:26 - 000057592 _____ C:\ProgramData\agent.uninstall.1549099591.bdinstall.v2.bin 2019-02-01 16:03 - 2019-02-01 16:03 - 000006656 _____ C:\Users\Willem Blaas\Downloads\2019-01 Generation Statistics Details_20190201230342.xls 2019-02-01 15:58 - 2019-02-01 15:58 - 000000000 ____D C:\Users\Willem Blaas\AppData\Local\OneDrive 2019-02-01 15:37 - 2019-02-01 15:37 - 000075629 _____ C:\Users\Willem Blaas\Desktop\Addition01.txt 2019-02-01 15:36 - 2019-02-02 10:36 - 000000000 ____D C:\FRST 2019-02-01 15:36 - 2019-02-01 15:37 - 000073230 _____ C:\Users\Willem Blaas\Desktop\FRST01.txt 2019-02-01 15:34 - 2019-02-01 15:34 - 002428928 _____ (Farbar) C:\Users\Willem Blaas\Desktop\FRST64.exe 2019-01-30 19:02 - 2019-01-30 19:02 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-752935264-2207249693-1250420677-1001 2019-01-30 19:02 - 2019-01-30 19:02 - 000002390 _____ C:\Users\Willem Blaas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-01-25 16:03 - 2019-01-25 16:04 - 000000000 ____D C:\Users\Willem Blaas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader 2019-01-25 16:03 - 2019-01-25 16:04 - 000000000 ____D C:\Users\Willem Blaas\AppData\Local\Flvto Youtube Downloader 2019-01-23 13:48 - 2019-01-23 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-01-22 14:14 - 2019-01-22 14:14 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2019-01-17 14:54 - 2019-01-17 14:54 - 000002540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype voor Bedrijven.lnk 2019-01-17 14:54 - 2019-01-17 14:54 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2019-01-17 14:54 - 2019-01-17 14:54 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2019-01-17 14:54 - 2019-01-17 14:54 - 000002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2019-01-17 14:54 - 2019-01-17 14:54 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2019-01-17 14:54 - 2019-01-17 14:54 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2019-01-17 14:54 - 2019-01-17 14:54 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2019-01-17 14:54 - 2019-01-17 14:54 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2019-01-17 14:54 - 2019-01-17 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's 2019-01-17 14:48 - 2019-01-17 14:48 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2019-01-16 19:11 - 2019-01-09 18:57 - 004527584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-01-16 19:11 - 2019-01-09 18:41 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-01-16 19:11 - 2019-01-09 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-01-16 19:11 - 2019-01-09 18:36 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-01-16 19:11 - 2019-01-09 10:51 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-01-16 19:11 - 2019-01-09 09:55 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2019-01-16 19:11 - 2019-01-09 09:48 - 000527368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-01-16 19:11 - 2019-01-09 09:44 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-01-16 19:11 - 2019-01-09 09:24 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-01-16 19:11 - 2019-01-09 09:11 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-01-16 19:11 - 2019-01-09 09:06 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-01-16 19:11 - 2019-01-09 06:43 - 006567768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-01-16 19:11 - 2019-01-09 06:43 - 001981280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-01-16 19:11 - 2019-01-09 06:43 - 000287640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2019-01-16 19:11 - 2019-01-09 06:40 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2019-01-16 19:11 - 2019-01-09 06:40 - 000226104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2019-01-16 19:11 - 2019-01-09 06:39 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-01-16 19:11 - 2019-01-09 06:39 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-01-16 19:11 - 2019-01-09 06:39 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-01-16 19:11 - 2019-01-09 06:39 - 000789696 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-01-16 19:11 - 2019-01-09 06:39 - 000349656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2019-01-16 19:11 - 2019-01-09 06:39 - 000144072 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe 2019-01-16 19:11 - 2019-01-09 06:34 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-01-16 19:11 - 2019-01-09 06:23 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-01-16 19:11 - 2019-01-09 06:20 - 004940288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-01-16 19:11 - 2019-01-09 06:20 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-01-16 19:11 - 2019-01-09 06:19 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-01-16 19:11 - 2019-01-09 06:19 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-01-16 19:10 - 2019-01-09 19:08 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-01-16 19:10 - 2019-01-09 18:57 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-01-16 19:10 - 2019-01-09 18:42 - 004716032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-01-16 19:10 - 2019-01-09 18:40 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2019-01-16 19:10 - 2019-01-09 18:36 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2019-01-16 19:10 - 2019-01-09 18:35 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2019-01-16 19:10 - 2019-01-09 18:35 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-01-16 19:10 - 2019-01-09 15:50 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-01-16 19:10 - 2019-01-09 11:14 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-01-16 19:10 - 2019-01-09 10:55 - 011919872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-01-16 19:10 - 2019-01-09 10:55 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll 2019-01-16 19:10 - 2019-01-09 09:50 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-01-16 19:10 - 2019-01-09 09:46 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-01-16 19:10 - 2019-01-09 09:46 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-01-16 19:10 - 2019-01-09 08:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-01-16 19:10 - 2019-01-09 06:59 - 000611848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2019-01-16 19:10 - 2019-01-09 06:44 - 000078688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 002253480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 000607376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 000127744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll 2019-01-16 19:10 - 2019-01-09 06:43 - 000071456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe 2019-01-16 19:10 - 2019-01-09 06:42 - 001035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-01-16 19:10 - 2019-01-09 06:42 - 000092704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2019-01-16 19:10 - 2019-01-09 06:41 - 001140680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-01-16 19:10 - 2019-01-09 06:41 - 000983120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-01-16 19:10 - 2019-01-09 06:41 - 000076296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-01-16 19:10 - 2019-01-09 06:40 - 002765336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-01-16 19:10 - 2019-01-09 06:40 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-01-16 19:10 - 2019-01-09 06:40 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-01-16 19:10 - 2019-01-09 06:40 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-01-16 19:10 - 2019-01-09 06:40 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-01-16 19:10 - 2019-01-09 06:40 - 000090872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-01-16 19:10 - 2019-01-09 06:39 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-01-16 19:10 - 2019-01-09 06:39 - 001943128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-01-16 19:10 - 2019-01-09 06:39 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-01-16 19:10 - 2019-01-09 06:39 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-01-16 19:10 - 2019-01-09 06:39 - 000269624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-01-16 19:10 - 2019-01-09 06:39 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-01-16 19:10 - 2019-01-09 06:39 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys 2019-01-16 19:10 - 2019-01-09 06:39 - 000164192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll 2019-01-16 19:10 - 2019-01-09 06:39 - 000085472 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe 2019-01-16 19:10 - 2019-01-09 06:33 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-01-16 19:10 - 2019-01-09 06:32 - 013878272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-01-16 19:10 - 2019-01-09 06:29 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-01-16 19:10 - 2019-01-09 06:29 - 002500096 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2019-01-16 19:10 - 2019-01-09 06:27 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-01-16 19:10 - 2019-01-09 06:27 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-01-16 19:10 - 2019-01-09 06:27 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2019-01-16 19:10 - 2019-01-09 06:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-01-16 19:10 - 2019-01-09 06:26 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-01-16 19:10 - 2019-01-09 06:26 - 002966016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-01-16 19:10 - 2019-01-09 06:25 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll 2019-01-16 19:10 - 2019-01-09 06:24 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-01-16 19:10 - 2019-01-09 06:24 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll 2019-01-16 19:10 - 2019-01-09 06:24 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 001189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2019-01-16 19:10 - 2019-01-09 06:23 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll 2019-01-16 19:10 - 2019-01-09 06:22 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll 2019-01-16 19:10 - 2019-01-09 06:21 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-01-16 19:10 - 2019-01-09 06:21 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-01-16 19:10 - 2019-01-09 06:21 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2019-01-16 19:10 - 2019-01-09 06:21 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll 2019-01-16 19:10 - 2019-01-09 06:20 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2019-01-16 19:10 - 2019-01-09 06:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2019-01-16 19:10 - 2019-01-09 06:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-01-16 19:10 - 2019-01-09 06:20 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2019-01-16 19:10 - 2019-01-09 06:19 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2019-01-16 19:10 - 2019-01-09 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2019-01-16 19:10 - 2019-01-09 06:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-01-16 19:10 - 2019-01-09 06:18 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2019-01-16 19:10 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls 2019-01-16 19:10 - 2019-01-09 05:34 - 000806320 _____ C:\WINDOWS\system32\locale.nls 2019-01-16 19:10 - 2019-01-09 05:34 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim 2019-01-10 11:37 - 2019-01-14 14:14 - 000000208 _____ C:\Users\Willem Blaas\Desktop\Facebook.url 2019-01-09 19:36 - 2019-01-09 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech-camerainstellingen 2019-01-09 19:36 - 2019-01-09 19:36 - 000000000 ____D C:\Program Files\Logitech 2019-01-09 18:58 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2019-01-09 13:40 - 2019-01-02 20:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-01-09 13:40 - 2019-01-02 20:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-01-09 13:37 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-01-09 13:37 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-01-09 13:37 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-01-09 13:37 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-01-09 13:37 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-01-09 13:37 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-01-09 13:37 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-01-09 13:37 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2019-01-09 13:37 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-01-09 13:37 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2019-01-09 13:37 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-01-09 13:37 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-01-09 13:37 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-01-09 13:37 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2019-01-09 13:37 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll 2019-01-09 13:37 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-01-09 13:37 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2019-01-09 13:37 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2019-01-09 13:37 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2019-01-09 13:37 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-01-09 13:37 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-01-09 13:37 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2019-01-09 13:37 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-01-09 13:37 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-01-09 13:37 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2019-01-09 13:37 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-01-09 13:37 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-01-09 13:37 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2019-01-09 13:37 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2019-01-09 13:37 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-01-09 13:36 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll 2019-01-09 13:36 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2019-01-09 13:36 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll 2019-01-09 13:36 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll 2019-01-09 13:36 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2019-01-09 13:36 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll 2019-01-09 13:36 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2019-01-09 13:36 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-01-09 13:36 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll 2019-01-09 13:36 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll 2019-01-09 13:36 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-01-09 13:36 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-01-09 13:36 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll 2019-01-09 13:36 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2019-01-09 13:36 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2019-01-09 13:36 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll 2019-01-09 13:36 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2019-01-09 13:36 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-01-09 13:36 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2019-01-07 13:21 - 2019-01-07 13:21 - 000076636 _____ C:\ProgramData\agent.update.1546863672.bdinstall.v2.bin 2019-01-05 19:15 - 2019-01-05 19:15 - 000000496 _____ C:\Users\Willem Blaas\Desktop\KeePass.lnk 2019-01-05 19:15 - 2019-01-05 19:15 - 000000496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk ==================== Een maand (gewijzigd) ======== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-02-02 10:34 - 2018-05-03 19:45 - 001770546 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-02-02 10:34 - 2018-04-12 17:01 - 000786402 _____ C:\WINDOWS\system32\perfh013.dat 2019-02-02 10:34 - 2018-04-12 17:01 - 000154218 _____ C:\WINDOWS\system32\perfc013.dat 2019-02-02 10:34 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2019-02-02 10:30 - 2017-05-05 10:04 - 000000000 ____D C:\Users\Willem Blaas\AppData\Roaming\IObit 2019-02-02 10:29 - 2018-03-31 14:11 - 000000000 ___RD C:\Users\Willem Blaas\Dropbox 2019-02-02 10:29 - 2017-05-03 12:43 - 000000000 ____D C:\Users\Willem Blaas\Documents\Outlook-bestanden 2019-02-02 10:29 - 2017-05-03 12:19 - 000000000 ___RD C:\Users\Willem Blaas\OneDrive 2019-02-02 10:28 - 2018-05-03 19:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-02-02 10:28 - 2018-04-14 14:56 - 000000000 ____D C:\Program Files (x86)\TunnelBear 2019-02-02 10:28 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-02-02 10:28 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-02-02 10:28 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-02-02 10:28 - 2017-05-05 10:05 - 000000000 ____D C:\Program Files (x86)\IObit 2019-02-02 10:28 - 2017-05-03 12:17 - 000000000 __SHD C:\Users\Willem Blaas\IntelGraphicsProfiles 2019-02-02 10:27 - 2017-05-05 10:06 - 000000000 ____D C:\ProgramData\ProductData 2019-02-02 10:27 - 2017-05-05 10:05 - 000000000 ____D C:\Users\Willem Blaas\AppData\LocalLow\IObit 2019-02-02 10:25 - 2018-03-11 14:57 - 000000000 ____D C:\Program Files (x86)\EaseUS 2019-02-02 10:25 - 2017-08-29 16:42 - 000000000 ____D C:\Users\Willem Blaas\AppData\Local\IIIQF 2019-02-02 10:25 - 2017-06-29 09:33 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2019-02-02 10:22 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-02-01 17:25 - 2018-05-03 19:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-02-01 16:04 - 2017-10-30 16:43 - 000000000 ____D C:\Users\Willem Blaas\AppData\Local\Packages 2019-01-29 17:42 - 2017-05-09 17:48 - 000000000 ____D C:\Users\Willem Blaas\Downloads\rotterdam 2019-01-29 14:59 - 2017-02-14 21:16 - 000000000 ____D C:\ProgramData\Package Cache 2019-01-28 14:48 - 2018-05-05 11:52 - 000000000 ____D C:\WINDOWS\Minidump 2019-01-25 16:08 - 2018-06-21 12:12 - 000000000 ____D C:\Users\Willem Blaas\AppData\Local\AVAST Software 2019-01-25 16:08 - 2017-10-30 15:35 - 000000000 ____D C:\ProgramData\AVAST Software 2019-01-25 16:03 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-01-24 11:23 - 2018-07-18 19:19 - 000000000 ____D C:\ProgramData\Packages 2019-01-23 13:48 - 2018-03-31 14:06 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-01-18 10:01 - 2018-11-16 17:34 - 000000000 ____D C:\Program Files\rempl 2019-01-17 14:53 - 2017-02-14 20:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-01-16 19:16 - 2018-05-03 19:39 - 000406064 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-01-16 19:15 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2019-01-16 19:15 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12 2019-01-16 19:15 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender 2019-01-16 19:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-01-16 19:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-01-16 19:15 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-01-16 19:14 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-01-14 16:19 - 2018-05-03 19:41 - 000000000 ____D C:\Users\Willem Blaas 2019-01-09 13:43 - 2017-05-03 14:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-01-09 13:40 - 2017-05-03 14:12 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-01-08 13:19 - 2017-05-09 17:48 - 000000000 ____D C:\Users\Willem Blaas\Downloads\wandel_divers ==================== Bestanden in de root van sommige mappen ======= 2018-12-08 15:24 - 2018-12-08 15:24 - 007321808 _____ (Malwarebytes) C:\Program Files\adwcleaner_7.2.5.0.exe 2018-12-29 15:13 - 2018-12-29 15:13 - 007320272 _____ (Malwarebytes) C:\Program Files\adwcleaner_7.2.6.0(1).exe 2018-12-29 15:15 - 2018-12-29 15:15 - 007320272 _____ (Malwarebytes) C:\Program Files\adwcleaner_7.2.6.0(2).exe 2018-12-29 15:13 - 2018-12-29 15:13 - 007320272 _____ (Malwarebytes) C:\Program Files\adwcleaner_7.2.6.0.exe 2018-10-21 13:17 - 2018-10-21 13:18 - 024210616 _____ (Audacity Team ) C:\Program Files\audacity-win-2.1.0.exe 2018-08-16 12:18 - 2018-08-16 12:17 - 034676040 _____ (Online Media Technologies Ltd. ) C:\Program Files\AVSAudioConverter.exe 2018-10-15 18:23 - 2018-10-15 18:23 - 000527560 _____ (NCH Software) C:\Program Files\ExpressRipCDRipper.exe 2018-12-20 15:53 - 2018-12-20 15:53 - 073900325 _____ () C:\Program Files\GoogleChromeEnterpriseBundle64.zip 2018-08-29 12:34 - 2018-08-29 12:32 - 015257816 _____ (Nightingale Community ) C:\Program Files\Nightingale_1.12.1-2454_windows-i686.exe 2018-10-06 13:56 - 2018-10-06 13:56 - 001791264 _____ (Patch My PC, LLC) C:\Program Files\PatchMyPC.exe 2018-09-07 14:20 - 2018-10-06 14:00 - 000014925 _____ () C:\Program Files\PatchMyPC.log 2017-05-03 13:40 - 2017-05-03 13:40 - 007649280 _____ () C:\Program Files (x86)\GUT1FFC.tmp 2018-10-23 18:11 - 2018-10-23 18:11 - 000214432 _____ () C:\Users\Willem Blaas\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt 2018-07-17 15:36 - 2018-08-08 14:24 - 000006220 _____ () C:\Users\Willem Blaas\AppData\Roaming\Door komma's gescheiden waarden.EML 2018-05-03 14:37 - 2018-10-23 18:43 - 000001217 _____ () C:\Users\Willem Blaas\AppData\Roaming\uni.txt 2017-06-13 10:36 - 2017-06-13 12:41 - 000659456 _____ () C:\Users\Willem Blaas\AppData\Local\jpegsaver.db 2017-06-13 10:38 - 2017-06-13 12:39 - 000002464 _____ () C:\Users\Willem Blaas\AppData\Local\jpegsaver.jscfg 2017-10-24 12:24 - 2017-10-24 12:24 - 000000849 _____ () C:\Users\Willem Blaas\AppData\Local\recently-used.xbel 2018-03-29 11:29 - 2018-03-29 11:29 - 000000017 _____ () C:\Users\Willem Blaas\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\dllhost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\dllhost.exe => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-05-03 19:39 ==================== Einde van FRST.txt ============================