Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 22-12-2019 Gestart door hadev (Beheerder) op LENOVO (LENOVO 81FL) (22-12-2019 15:23:59) Gestart vanaf C:\Users\hadev\OneDrive\Bureaublad Geladen Profielen: hadev (Beschikbare Profielen: hadev) Platform: Windows 10 Home Versie 1909 18363.535 (X64) Taal: Nederlands (Nederland) Standaardbrowser: IE Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe (Hewlett-Packard -> HP Development Company, L.P.) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (HP) [Bestand niet getekend] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0a3294d3216a4a83\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch_comp.inf_amd64_deecec7d232ced2b\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_a5a132c6d8339491\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch_base.inf_amd64_a5a132c6d8339491\IntelCpHeciSvc.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.54.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\hadev\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\hadev\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [HP LJ300-400 color MFP M375-M475 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2014-04-29] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [331344 2015-07-22] (Hewlett-Packard -> HP Development Company, L.P.) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1413174201-2892480338-577271866-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-1413174201-2892480338-577271866-1001\...\MountPoints2: {86966655-f244-11e9-ae19-fc7774f779ab} - "E:\arcd.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-20] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update-melder.lnk [2019-02-11] ShortcutTarget: Update-melder.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing LLC -> WinZip Computing, S.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2019-02-11] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing LLC -> WinZip Computing, S.L.) ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {00E023FB-6458-47AA-81A6-F72846703E48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {0404A9BA-23A5-4210-B9FD-B5524C1ECC60} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3297728 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0B551272-EE5C-4282-95DD-8A6A7C13D617} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {1415D7E9-FDFA-4FA7-846D-7A7AE271863F} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility:// Task: {2A911E8C-6665-4BFF-B23D-5B8B2FE70337} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) Task: {399C369F-50D5-4D41-8C5D-7F71C059524F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-11] (Google Inc -> Google Inc.) Task: {472A49B5-87DB-4D8F-8862-A8D4A53D6726} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1b3edec7-dacc-4fb0-abb9-1490dd7d0cb5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {4872547E-23E7-4BDC-83E6-F0E3DA7E3DA7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {493F8702-9F63-4B39-9ED5-9760EE87DD1E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-11] (Google Inc -> Google Inc.) Task: {5A02B34E-8644-46E5-B9AA-420BE61FADEA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [654784 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {658DA4BC-FFC0-42AA-ACA3-02EE8DA379A7} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {69BA1FC4-0D99-405E-B32F-C175FCF6CF48} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [982464 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6EC057CA-A05E-4D8C-B6AB-F16775C9B5B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8A75033D-11AF-48D2-B2C1-DAB825B9B3BE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8A995634-67FC-4FC6-A3AD-F1A0F6AFEF35} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\af57315f-1061-4f0e-8c46-15ff7c898e9c => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {9C665956-251F-4550-845B-186A3E088793} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1413174201-2892480338-577271866-1001 => C:\Users\hadev\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {9CAC0E8B-5FA3-4ECB-8C10-62E4D4BB51EB} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A5215AF7-1AD0-4E0C-96BE-A15AC8DD3F5C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54144 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {B7FEDD38-0E12-461B-A2B0-B23CD09F9A2C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BF59DF54-ACF3-4FF2-BB75-ED4C5EF147A4} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C1C2DF9E-D91D-4FCA-A00F-B52B0BE2AD43} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0c216e12-0499-4157-bd9b-066a1db2b39b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) Task: {CD48F247-D955-4DE9-9754-256608959B95} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {D4466F51-A17C-46AF-90C3-50A33981F21F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D5F9426F-17B3-41FE-AAB9-98C6A0EF5F33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DBE8BE92-33F0-4DF4-B53E-CB091197E72F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E02F2BE7-90CA-43C7-BE18-0D1741763165} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [857024 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E4FF66A7-41BC-4B5B-B47B-C29A0A2804E7} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [934848 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E60611FD-89F9-4319-9784-083809A98169} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {E6B20AB0-041D-4810-92DA-79AC00FB4C72} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {EA2E251F-FE66-425A-8509-6A977CDDC1A9} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91728 2015-08-20] (Hewlett-Packard -> HP Development Company, L.P.) Task: {EDD393E2-CAB8-47AD-9C3D-32707C0CFBEF} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\system32\RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{51a4f7ef-d234-4301-8eca-ee4762c6ca54}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9c5e3861-b383-467e-9552-2046035c3ada}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1413174201-2892480338-577271866-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-1413174201-2892480338-577271866-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP HKU\S-1-5-21-1413174201-2892480338-577271866-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/ SearchScopes: HKU\S-1-5-21-1413174201-2892480338-577271866-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-1413174201-2892480338-577271866-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-1413174201-2892480338-577271866-1001 -> {F6FC4507-13E6-49FF-A5F8-C144EDC20B33} URL = BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-12-06] (McAfee, LLC -> McAfee, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-12-06] (McAfee, LLC -> McAfee, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== DownloadDir: C:\Users\hadev\Downloads Edge Notifications: HKU\S-1-5-21-1413174201-2892480338-577271866-1001 -> hxxps://www.pc-helpforum.be; hxxps://www.facebook.com; hxxps://www.ad.nl; hxxps://2conv.com FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (Geen Naam) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-12-06] [niet getekend] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-03-13] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-03-13] (NVIDIA Corporation -> NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2017-01-20] (Verimatrix -> Verimatrix, Inc.) [Bestand niet getekend] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1413174201-2892480338-577271866-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2017-01-20] (Verimatrix -> Verimatrix, Inc.) [Bestand niet getekend] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com" CHR DefaultSearchURL: Default -> hxxps://nl.search.yahoo.com/search?fr=mcafee&type=E211NL714G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR Notifications: Default -> hxxps://2conv.com; hxxps://www.youtube.com CHR Profile: C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default [2019-12-22] CHR Extension: (Presentaties) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-11] CHR Extension: (Documenten) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-11] CHR Extension: (Google Drive) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-11] CHR Extension: (YouTube) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-11] CHR Extension: (Spreadsheets) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-11] CHR Extension: (McAfee® WebAdvisor) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-11-23] CHR Extension: (Offline Documenten) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-06] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-12] CHR Extension: (Gmail) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04] CHR Extension: (Chrome Media Router) - C:\Users\hadev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-20] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.) R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602544 2018-09-27] (Dolby Laboratories, Inc. -> ) R2 ETDService; C:\WINDOWS\System32\ETDService.exe [249496 2019-01-31] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [288200 2018-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Bestand niet getekend] R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\Intel\iCLS Client\lib\SocketHeciServer.exe [780600 2018-10-02] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\Intel\iCLS Client\lib\TPMProvisioningService.exe [718656 2018-10-02] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_0a3294d3216a4a83\jhi_service.exe [578752 2018-11-13] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-14] (Malwarebytes Inc -> Malwarebytes) S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-12] () [Bestand niet getekend] S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-08] (Microsoft Windows Publisher -> Microsoft Corporation) S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe" [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [30360 2019-01-31] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [199192 2018-06-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-11-27] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-22] (Malwarebytes Inc -> Malwarebytes) R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8814104 2018-08-28] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_48039f70bc37eace\nvlddmkm.sys [20470152 2019-03-13] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-05-20] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-05-14] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-01-25] (Realtek Semiconductor Corp. -> Realtek ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-08] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-08] (Microsoft Windows -> Microsoft Corporation) S3 cpuz143; \??\C:\Users\hadev\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== AANDACHT ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) =================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-12-22 15:23 - 2019-12-22 15:24 - 000000000 ____D C:\FRST 2019-12-22 14:27 - 2019-12-22 14:27 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-12-22 14:27 - 2019-12-22 14:27 - 000000000 ___HD C:\OneDriveTemp 2019-12-21 16:00 - 2019-12-21 16:00 - 000000082 _____ C:\Users\hadev\OneDrive\Documenten\cc_20191221_160047.reg 2019-12-21 15:53 - 2019-12-21 15:53 - 001883976 _____ (Malwarebytes) C:\Users\hadev\Downloads\Niet bevestigd 647364.crdownload 2019-12-19 16:53 - 2019-12-19 16:54 - 001736704 _____ C:\Users\hadev\Downloads\videoplayback.m4a.ip63ig4.partial 2019-12-16 19:55 - 2019-12-16 19:55 - 000256209 _____ C:\Users\hadev\OneDrive\Documenten\grafmonument.pdf 2019-12-16 09:59 - 2019-12-16 09:59 - 003177216 _____ C:\Users\hadev\OneDrive\Documenten\De olijfboom Riley, Lucinda.epub 2019-12-16 09:59 - 2019-12-16 09:59 - 000000178 _____ C:\Users\hadev\OneDrive\Documenten\Naamloze bijlage 00223.html 2019-12-13 09:57 - 2019-12-13 09:57 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-12-13 09:57 - 2019-12-13 09:57 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-12-13 09:57 - 2019-12-13 09:57 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-12-13 09:57 - 2019-12-13 09:57 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2019-12-13 09:57 - 2019-12-13 09:57 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-12-13 09:57 - 2019-12-13 09:57 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2019-12-10 16:16 - 2019-12-10 16:16 - 000040723 _____ C:\Users\hadev\OneDrive\Documenten\from fabio lost shipment.csv 2019-12-10 16:14 - 2019-12-10 16:14 - 000019482 _____ C:\Users\hadev\OneDrive\Documenten\Van Mspajder 10-12-19.csv 2019-12-10 16:07 - 2019-12-10 16:07 - 000019215 _____ C:\Users\hadev\OneDrive\Documenten\Naar Mspajder-10-12-19.csv 2019-12-09 15:04 - 2019-12-09 15:04 - 000029406 _____ C:\Users\hadev\OneDrive\Documenten\cc_20191209_150451.reg 2019-12-07 12:29 - 2019-12-07 12:29 - 000021566 _____ C:\Users\hadev\OneDrive\Documenten\FROM ALE-1.xlsx 2019-12-05 12:27 - 2019-12-07 11:59 - 000023506 _____ C:\Users\hadev\OneDrive\Documenten\To-ale.xlsx 2019-12-05 12:16 - 2019-12-05 12:16 - 000059621 _____ C:\Users\hadev\Downloads\nl_stamps_csv_list_custom_list_16_hadeve.csv 2019-12-03 12:58 - 2019-12-03 12:59 - 000034382 _____ C:\Users\hadev\Downloads\nl_stamps_csv_list_country_81-Duitsland_custom_list_11_AleStamps.csv 2019-12-01 15:23 - 2019-12-01 15:27 - 000010897 _____ C:\Users\hadev\OneDrive\Documenten\postzegel-boek-klein.xlsx 2019-11-29 19:24 - 2019-11-29 19:24 - 000000000 ____D C:\Users\hadev\AppData\Local\cache 2019-11-29 14:38 - 2019-12-07 12:29 - 000064626 _____ C:\Users\hadev\OneDrive\Documenten\alestamp-1.xlsx 2019-11-29 14:14 - 2019-11-29 14:14 - 000094238 _____ C:\Users\hadev\Downloads\nl_stamps_csv_list_country_106-ItaliC3AB_custom_list_11_hadeve.csv 2019-11-29 14:12 - 2019-11-29 14:12 - 000008731 _____ C:\Users\hadev\Downloads\nl_stamps_csv_list_country_106-ItaliC3AB_year_1989_custom_list_11_hadeve.csv 2019-11-27 17:13 - 2019-11-27 17:13 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2019-12-22 15:23 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2019-12-22 15:22 - 2019-07-07 09:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-12-22 15:22 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-12-22 14:31 - 2019-07-07 09:35 - 001771832 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-12-22 14:31 - 2019-03-19 13:33 - 000787394 _____ C:\WINDOWS\system32\perfh013.dat 2019-12-22 14:31 - 2019-03-19 13:33 - 000154388 _____ C:\WINDOWS\system32\perfc013.dat 2019-12-22 14:29 - 2018-12-08 15:32 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-22 14:27 - 2019-07-07 09:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-12-22 14:27 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-12-22 14:27 - 2019-02-12 05:05 - 000000000 ___RD C:\Users\hadev\OneDrive 2019-12-22 14:27 - 2019-02-12 05:03 - 000000000 __SHD C:\Users\hadev\IntelGraphicsProfiles 2019-12-22 10:10 - 2019-05-30 15:40 - 000000000 ____D C:\Users\hadev\OneDrive\Documenten\Outlook-bestanden 2019-12-22 10:04 - 2019-07-07 09:33 - 000004198 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{33456A5B-2027-4A8E-ACE6-9CA49B82C02E} 2019-12-22 10:01 - 2019-02-11 18:40 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-12-21 16:11 - 2018-12-08 15:37 - 000000000 ____D C:\ProgramData\McAfee 2019-12-21 16:11 - 2018-12-08 15:37 - 000000000 ____D C:\Program Files\mcafee 2019-12-21 16:10 - 2019-07-07 09:18 - 000000000 ____D C:\Users\hadev 2019-12-21 15:57 - 2019-07-07 09:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2019-12-21 15:57 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-12-21 15:57 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-12-21 11:28 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-21 11:28 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-21 09:30 - 2019-09-30 15:39 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-12-20 11:33 - 2019-10-03 14:06 - 000000000 ____D C:\WINDOWS\Minidump 2019-12-20 11:33 - 2019-05-05 11:07 - 000000000 ____D C:\Users\hadev\AppData\Local\CrashDumps 2019-12-20 08:52 - 2019-02-11 15:19 - 000002332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-12-20 08:52 - 2019-02-11 15:19 - 000002291 _____ C:\ProgramData\Bureaublad\Google Chrome.lnk 2019-12-19 09:59 - 2019-04-10 08:31 - 000000000 ____D C:\Users\hadev\AppData\Local\LenovoServiceBridge 2019-12-14 01:05 - 2019-07-07 09:33 - 000003578 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-14 01:05 - 2019-07-07 09:33 - 000003454 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-13 14:04 - 2019-07-07 09:27 - 000355856 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-12-13 14:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-12-13 14:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-12-13 14:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-12-13 14:04 - 2019-02-12 05:03 - 000000000 ___RD C:\Users\hadev\3D Objects 2019-12-13 14:04 - 2018-04-17 20:03 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-12-13 10:01 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-12-13 10:00 - 2019-02-11 13:35 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-12-13 09:59 - 2019-02-11 13:35 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-12-09 15:03 - 2019-02-12 05:03 - 000000000 ____D C:\Users\hadev\AppData\Local\Packages 2019-12-09 15:02 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-12-08 15:40 - 2018-04-17 20:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== Bestanden in de root van sommige mappen ======== 2019-06-05 11:10 - 2019-06-05 11:19 - 000038482 _____ () C:\Users\hadev\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (Windows).ADR 2019-06-24 09:28 - 2019-06-24 09:28 - 000000743 _____ () C:\Users\hadev\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================