Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 31-08-2019 Gestart door Gebruiker (Beheerder) op DESKTOP-CF1IU29 (Sony Corporation SVF1521A6EW) (03-09-2019 18:05:30) Gestart vanaf C:\Users\Gebruiker\Desktop Geladen Profielen: Gebruiker (Beschikbare Profielen: Gebruiker) Platform: Windows 10 Home Versie 1803 17134.885 (X64) Taal: Nederlands (Nederland) Standaardbrowser: "C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" -- "%1" Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [316336 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [CommonToolkitTray_Solvusoft] => C:\Program Files (x86)\Solvusoft\Tray\SolvusoftTray.exe HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3270050818-2528369238-2113803340-1001\...\Run: [Yahoo Messenger Updater] => C:\Users\Gebruiker\AppData\Roaming\Yahoo Messenger\YMUpdater\YMUpdater.exe [115656 2016-09-03] (Yahoo! Inc. -> Yahoo!, Inc.) HKU\S-1-5-21-3270050818-2528369238-2113803340-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3270050818-2528369238-2113803340-1001\...\MountPoints2: {c6af910e-e9ac-11e5-af48-34238777cb98} - "D:\AutoLcd209x.exe" HKU\S-1-5-21-3270050818-2528369238-2113803340-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [149504 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-27] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\75.1.849.144\Installer\chrmstp.exe [2019-08-05] (AVG Technologies USA, Inc. -> AVG Technologies) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-03-12] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Bestand niet getekend] FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {187AE372-B780-4EDF-98EF-F0A0EDC723BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-10] (Google Inc -> Google Inc.) Task: {1D09E248-ACC9-4AEE-B01F-62B7091EDDEF} - System32\Tasks\{5FF2868F-C442-498D-AFFA-347019F38A7C} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.18.0.112/nl/abandoninstall?source=lightinstaller&page=tsPlugin Task: {2FFD093E-8F63-45C1-930F-2E91946308BD} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-06-28] (AVG Netherlands B.V. -> AVG Technologies) Task: {3B6342D0-15A0-4A71-8774-28E4C08B0784} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1811688 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies) Task: {4B712407-B10C-4E3D-BAA0-BCAB55809989} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Task: {55A4F7B2-D17F-4978-B7B7-F9AC81675848} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {675DA87B-A119-443D-B4CE-43347FE112B1} - System32\Tasks\WinThruster64-Gebruiker-Startup => C:\Program Files\Solvusoft\WinThruster\WinThruster64.exe <==== AANDACHT Task: {6AA84115-8E2F-425F-8796-68C5207D501D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6B59CFEF-FF51-4AEC-A7F5-3F4314A419D8} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\Z71HFVI3\esetonlinescanner_enu.exe Task: {70E1E332-160F-4864-B44E-287CF6C886B1} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-06-28] (AVG Netherlands B.V. -> AVG Technologies) Task: {72DDB4FC-1AB7-4C9B-B71C-6FE73EA63037} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {7665CC7E-E66E-4BD8-82A8-99D152D7096C} - System32\Tasks\0316avzUpdateInfo => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe [2977864 2016-03-06] (AVG Technologies CZ, s.r.o. -> ) Task: {86A3EF42-6333-4680-B6B5-F883E08A54AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-10] (Google Inc -> Google Inc.) Task: {8D9D0E8B-D035-4F3E-BBAF-FAC91DC56C8C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems) Task: {97464095-7556-4FEA-80FE-BD69BA2C7C85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd) Task: {99F71CC9-A790-4787-8208-107323B0ECD8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2077616 2019-08-27] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {A2594E93-517E-4088-BB01-8B3AD9D9AEEF} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1811688 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies) Task: {BBDA3CBB-1E1A-4B42-9BBA-6E0B166DC92D} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3990448 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {C5505CD5-4FE9-401B-AE76-95A348AD7281} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\Z71HFVI3\esetonlinescanner_enu.exe Task: {C5F17F11-E43A-4045-B754-249ABCB55532} - System32\Tasks\WinThruster64-Gebruiker-Notification => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== AANDACHT Task: {D1E9C5A2-72AE-4D6E-A08B-D1D51FE17AE0} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe Task: C:\WINDOWS\Tasks\WinThruster64-Gebruiker-Notification.job => C:\Program Files\Solvusoft\WinThruster\Sync.exe <==== AANDACHT Task: C:\WINDOWS\Tasks\WinThruster64-Gebruiker-Startup.job => C:\Program Files\Solvusoft\WinThruster\WinThruster64.exe <==== AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3f1f3e15-634d-4ccd-8210-4fff7c8ec17e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ddfaaa0a-466c-4cd6-8887-2e39dd25ef2e}: [DhcpNameServer] 203.144.207.49 203.144.207.29 110.164.252.222 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT HKU\S-1-5-21-3270050818-2528369238-2113803340-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT HKU\S-1-5-21-3270050818-2528369238-2113803340-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/nl-be?pc=EUPP_&inst=1 BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: eID Extension -> {89D6D363-6550-47C1-B83F-2433F6844EC6} -> C:\Program Files (x86)\eid-ie\eidie64.dll [2018-03-26] (e-Contract.be BVBA -> ) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Bestand niet getekend] FireFox: ======== FF DefaultProfile: 2v3av13h.default FF ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\2v3av13h.default [2019-09-03] FF Homepage: Mozilla\Firefox\Profiles\2v3av13h.default -> hxxps://www.google.be/?hl=nl&gws_rd=ssl FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2017-10-31] [Verouderd] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN) [Bestand niet getekend] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-21] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default [2019-09-01] CHR Extension: (Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-06] CHR Extension: (Google Drive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-12] CHR Extension: (YouTube) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-12] CHR Extension: (Offline Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-29] CHR Extension: (Gmail) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01] CHR Extension: (Chrome Media Router) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-01] CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-31] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.) S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-06-28] (AVG Netherlands B.V. -> AVG Technologies) R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [405120 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6023528 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-06-28] (AVG Netherlands B.V. -> AVG Technologies) S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\75.1.849.144\elevation_service.exe [978768 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies) R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110048 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-01-13] (Intel Corporation - pGFX -> Intel Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-09] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-09] (Microsoft Corporation -> Microsoft Corporation) R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare software CO., LIMITED -> Wondershare) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 A38CCID; C:\WINDOWS\system32\DRIVERS\a38ccid.sys [82480 2015-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.) R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37368 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [209816 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [263784 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [206624 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61736 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42552 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [169672 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112576 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [88200 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1031048 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [478144 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [236288 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [387440 2019-08-29] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2018-08-23] (SoftEther Corporation -> SoftEther Corporation) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated -> Synaptics Incorporated) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-01-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-01-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-09] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) ======== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-09-03 18:05 - 2019-09-03 18:07 - 000021767 ____C C:\Users\Gebruiker\Desktop\FRST.txt 2019-09-02 19:25 - 2019-09-03 18:05 - 000000000 ___DC C:\FRST 2019-09-02 19:24 - 2019-09-02 19:24 - 001615360 ____C (Farbar) C:\Users\Gebruiker\Desktop\FRST64.exe 2019-09-01 16:58 - 2019-09-02 19:55 - 000003072 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn 2019-09-01 16:58 - 2019-09-02 19:55 - 000002692 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime 2019-09-01 15:51 - 2019-09-01 15:51 - 000001674 ____C C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2019-09-01 15:51 - 2019-09-01 15:51 - 000000000 ___DC C:\Users\Gebruiker\AppData\Local\ESET 2019-09-01 13:22 - 2019-09-01 13:22 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk 2019-09-01 13:22 - 2019-09-01 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2019-09-01 13:22 - 2019-09-01 13:22 - 000000000 ____D C:\Program Files\iPod 2019-09-01 13:21 - 2019-09-01 13:22 - 000000000 ____D C:\Program Files\iTunes 2019-08-29 23:04 - 2019-08-29 23:04 - 000363952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2019-08-29 23:04 - 2019-08-29 23:04 - 000236288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys 2019-08-29 23:04 - 2019-08-29 23:04 - 000169672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2019-08-12 05:39 - 2019-08-12 06:15 - 000102631 _____ C:\Users\Gebruiker\Desktop\WhatsApp Image 2019-08-09 at 20.49.29.jpeg 2019-08-12 05:37 - 2019-08-12 05:37 - 000002221 ____C C:\Users\Gebruiker\Desktop\WhatsApp.lnk 2019-08-12 05:37 - 2019-08-12 05:37 - 000000000 ___DC C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2019-08-12 05:36 - 2019-08-12 05:37 - 000000000 ___DC C:\Users\Gebruiker\AppData\Local\WhatsApp 2019-08-06 11:39 - 2019-08-06 11:39 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-08-06 11:36 - 2019-08-06 11:36 - 020891464 _____ (Piriform Software Ltd) C:\Users\Gebruiker\Downloads\ccsetup560.exe ==================== Een maand (gewijzigd) ======== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-09-03 18:05 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-09-03 18:01 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration 2019-09-03 18:00 - 2019-03-19 15:08 - 000000000 ___HD C:\$WINDOWS.~BT 2019-09-03 18:00 - 2018-05-15 08:51 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2019-09-03 18:00 - 2018-05-15 08:51 - 000011433 _____ C:\WINDOWS\diagerr.xml 2019-09-03 18:00 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF 2019-09-03 17:59 - 2018-05-15 08:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-09-03 16:58 - 2018-05-15 08:52 - 000004278 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update 2019-09-03 16:58 - 2016-03-09 20:18 - 000000000 __SHD C:\Users\Gebruiker\IntelGraphicsProfiles 2019-09-02 19:56 - 2016-03-12 22:20 - 000000000 ___DC C:\Users\Gebruiker\AppData\Local\ClassicShell 2019-09-02 19:55 - 2018-08-25 21:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software 2019-09-02 19:55 - 2018-05-28 09:36 - 000002988 _____ C:\WINDOWS\System32\Tasks\WinThruster64-Gebruiker-Notification 2019-09-02 19:55 - 2018-05-28 09:36 - 000002464 _____ C:\WINDOWS\System32\Tasks\WinThruster64-Gebruiker-Startup 2019-09-02 19:55 - 2018-05-28 09:36 - 000000416 _____ C:\WINDOWS\Tasks\WinThruster64-Gebruiker-Notification.job 2019-09-02 19:55 - 2018-05-28 09:36 - 000000408 _____ C:\WINDOWS\Tasks\WinThruster64-Gebruiker-Startup.job 2019-09-02 19:55 - 2018-05-15 08:52 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-09-02 19:55 - 2018-05-15 08:52 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2019-09-02 19:55 - 2018-05-15 08:52 - 000003350 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9D2E398C-5635-4216-AE43-A9857E5DE930} 2019-09-02 19:55 - 2018-05-15 08:52 - 000003280 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-09-02 19:55 - 2018-05-15 08:52 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2019-09-02 19:55 - 2018-05-15 08:52 - 000003094 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater 2019-09-02 19:55 - 2018-05-15 08:52 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3270050818-2528369238-2113803340-1001 2019-09-02 19:55 - 2018-05-15 08:52 - 000002286 _____ C:\WINDOWS\System32\Tasks\0316avzUpdateInfo 2019-09-02 19:55 - 2018-05-15 08:52 - 000002262 _____ C:\WINDOWS\System32\Tasks\{5FF2868F-C442-498D-AFFA-347019F38A7C} 2019-09-02 19:55 - 2018-05-15 08:52 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2019-09-02 18:09 - 2016-03-28 13:15 - 000000000 ___DC C:\Users\Gebruiker\AppData\LocalLow\Adblock Plus for IE 2019-09-01 19:43 - 2019-04-01 10:07 - 000000000 ____D C:\WINDOWS\Panther 2019-09-01 17:06 - 2018-05-15 08:52 - 001767124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-09-01 17:06 - 2018-04-12 18:01 - 000785364 _____ C:\WINDOWS\system32\perfh013.dat 2019-09-01 17:06 - 2018-04-12 18:01 - 000153682 _____ C:\WINDOWS\system32\perfc013.dat 2019-09-01 17:01 - 2018-05-15 08:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-09-01 17:01 - 2016-03-10 12:12 - 000000000 ____D C:\Program Files (x86)\Java 2019-09-01 17:00 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-09-01 16:16 - 2016-03-12 15:35 - 000000000 ___DC C:\Users\Gebruiker\Documents\Office 2019-09-01 13:19 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-09-01 13:19 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-08-31 11:58 - 2017-04-23 18:19 - 000000000 ___DC C:\Users\Gebruiker\AppData\Roaming\WhatsApp 2019-08-31 10:43 - 2017-07-21 13:50 - 000000000 ____D C:\Program Files\rempl 2019-08-31 09:54 - 2018-05-15 08:43 - 000000000 ____D C:\Users\Gebruiker 2019-08-30 00:17 - 2016-03-09 19:40 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-08-30 00:11 - 2016-03-09 19:40 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-08-29 23:06 - 2018-07-03 18:35 - 000000000 ___DC C:\Users\Gebruiker\AppData\Local\CrashDumps 2019-08-29 23:04 - 2019-01-14 15:56 - 000263784 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys 2019-08-29 23:04 - 2019-01-05 12:18 - 000206624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys 2019-08-29 23:04 - 2019-01-05 12:18 - 000061736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys 2019-08-29 23:04 - 2019-01-05 12:18 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys 2019-08-29 23:04 - 2018-10-29 06:58 - 000042552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys 2019-08-29 23:04 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-08-29 23:04 - 2017-12-12 05:01 - 000209816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys 2019-08-29 23:04 - 2017-05-08 19:12 - 001031048 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys 2019-08-29 23:04 - 2017-05-08 19:12 - 000478144 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2019-08-29 23:04 - 2017-05-08 19:12 - 000387440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2019-08-29 23:04 - 2017-05-08 19:12 - 000112576 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys 2019-08-29 23:04 - 2017-05-08 19:12 - 000088200 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2019-08-29 22:57 - 2016-03-10 12:06 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-08-27 06:51 - 2019-01-15 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-08-27 06:40 - 2016-03-10 12:17 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-08-12 05:37 - 2016-09-03 12:01 - 000000000 ___DC C:\Users\Gebruiker\AppData\Local\SquirrelTemp 2019-08-12 05:32 - 2019-01-28 11:31 - 000002381 ____C C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-08-12 05:32 - 2016-03-09 19:31 - 000000000 ___RD C:\Users\Gebruiker\OneDrive 2019-08-06 11:39 - 2018-02-13 18:57 - 000000000 ____D C:\Program Files\CCleaner 2019-08-05 07:46 - 2019-04-12 17:37 - 000003826 _____ C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) 2019-08-05 07:46 - 2019-04-12 17:37 - 000003242 _____ C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) 2019-08-05 07:46 - 2018-06-28 18:36 - 000002395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk 2019-08-05 07:12 - 2018-01-02 19:26 - 000000000 ___RD C:\Users\Gebruiker\3D Objects 2019-08-05 07:12 - 2016-03-09 19:28 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-08-05 07:10 - 2018-05-15 08:41 - 000448848 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-08-05 07:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-08-05 07:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2019-08-05 07:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-08-05 07:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-08-05 07:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-08-05 07:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-08-05 07:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning 2019-08-05 07:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-08-05 07:09 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism ==================== SigCheck =============================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ============================