Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 08-03-2020 Gestart door RandySp (Beheerder) op RANDY-PC (Acer Aspire VN7-791) (17-03-2020 10:53:57) Gestart vanaf C:\Users\RandySp\Desktop Geladen Profielen: RandySp (Beschikbare Profielen: RandySp) Platform: Windows 10 Home Versie 1803 17134.1130 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) () [Bestand niet getekend] C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe (Fork, Ltd.) [Bestand niet getekend] C:\Windows\Prey\wpxsvc.exe (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\RandySp\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\RandySp\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\RandySp\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\RandySp\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\RandySp\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\RandySp\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows10Upgrade\Windows10UpgraderApp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-29] (NVIDIA CORPORATION -> NVIDIA Corporation) [Bestand niet getekend] HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [325704 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-24] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3669440298-1739476700-4279047772-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26965296 2020-02-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3669440298-1739476700-4279047772-1001\...\Run: [Chromium] => "c:\users\randysp\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-3669440298-1739476700-4279047772-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-3669440298-1739476700-4279047772-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30868464 2019-12-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-3669440298-1739476700-4279047772-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\RandySp\AppData\Local\Microsoft\Teams\Update.exe [2336912 2020-02-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3669440298-1739476700-4279047772-1001\...\MountPoints2: {ca959ae9-8f41-11e9-833e-206a8aa1d2f0} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30868464 2019-12-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-04] (Google LLC -> Google LLC) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {01A8B0A4-CF0E-4E66-B031-460D571C118A} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [585600 2014-04-08] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) Task: {01F54BC4-0A76-42DE-A78D-DA127169B608} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-11] (Adobe Inc. -> Adobe) Task: {083E6A26-D658-410E-A98B-9445FD6069DF} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> ) Task: {0CEA5A94-C5BD-4B7C-8799-6F2308112815} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {161AACD9-1A0C-43BA-AA31-4F8A524BE7A0} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {19DC197D-2EE7-4021-AF47-118888053D3D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation) Task: {2795555E-CB9E-4426-9772-27BD5AAD91C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349960 2020-02-21] (Microsoft Corporation -> Microsoft Corporation) Task: {2ABA5522-2B53-4060-A273-CF808F75443D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe) Task: {32DC3EA7-1F7A-4EB0-9C6F-401A7684BCB2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {33803A53-BAC5-48EB-9939-A52AF9C4258D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {34EABDA5-A34C-4D71-8AC7-3C93B0A16DCF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {3C6EBB50-5901-45A5-AAFF-280A294215C3} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-06-26] (Acer Incorporated -> Acer Incorporate) Task: {41DADFAA-CF83-4C9C-9735-8CF3A92E7382} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-21] (Microsoft Corporation -> Microsoft Corporation) Task: {4B60B65C-7A28-405C-8FCB-7CE408760501} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {4E37DCAF-540D-489E-AF49-D675D69BCF2B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation) Task: {58A375A7-CDB8-4CDE-B88A-4FBAED993A55} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-21] (Microsoft Corporation -> Microsoft Corporation) Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-12] (Microsoft Windows -> Microsoft Corporation) Task: {5F41FFC7-64CD-46F9-8C36-CF9EDA70DB21} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-12-12] (Garmin International, Inc. -> ) Task: {60181AF3-86EA-4B68-B648-2AAB56C832E5} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe Task: {606AE49E-6FE8-4ABB-89D9-7F13F945319E} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384232 2014-06-12] (Acer Incorporated -> Acer Incorporated) Task: {6C1957C3-7E90-4E2F-AD61-BD1FAA520B47} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [439016 2014-06-10] (Acer Incorporated -> Acer Incorporate) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {740AE644-C46F-451D-BA8E-2270CC70449D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-evelien.randy@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {7E90B390-8C9A-41D5-9A87-1AD395D4FC36} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {81A0BE40-6715-4BE6-A244-3936E21D0B9D} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-08] (Acer Incorporated -> Acer Incorporated) Task: {8534DC3B-EDEF-4BB0-8F76-F62FB25EF724} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41728 2014-08-29] (Acer Incorporated -> ) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8DFBCAD9-4255-4C71-9A4D-DF4B6E10C6EE} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies) Task: {A2C57D39-4893-4352-A419-C78A01E5017C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-21] (Microsoft Corporation -> Microsoft Corporation) Task: {A2E14ABF-6F71-46F4-A15E-FE5403824D63} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3942704 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {AB61D1DA-D2FB-42FF-BB75-CC141F48A27E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {B574BA8F-44E9-49CD-ACD9-DC2C9EC583EB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {BB04C0A9-B5E6-457A-995A-B39C28AB8E35} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {C6555884-548C-4680-BB34-445E0BEE865C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [100608 2014-08-29] (Acer Incorporated -> ) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {CE750F50-B8C1-4266-9084-5298BCFA1301} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [324328 2014-06-26] (Acer Incorporated -> Acer Incorporate) Task: {F0D95C83-8F69-4FE2-8F34-ECBEFE79055D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated) Task: {F5A69E9B-525C-489D-B47B-7EEB3B751348} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-21] (Microsoft Corporation -> Microsoft Corporation) Task: {F68174F6-2CD2-461D-A41F-4C903A0C394A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {FAB92E53-EDA0-4A4A-8DEE-4EAD6F86D71F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.3 195.130.130.3 Tcpip\..\Interfaces\{bef4fdab-bf3d-4e25-bdba-d453598bb0f5}: [DhcpNameServer] 195.130.131.3 195.130.130.3 Tcpip\..\Interfaces\{e5703516-8a34-4297-9b31-21a3e5d9065a}: [DhcpNameServer] 172.18.13.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3669440298-1739476700-4279047772-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKU\S-1-5-21-3669440298-1739476700-4279047772-1001 -> {1455B036-6059-4B8E-9009-8E1C9C3806D2} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO: DeLorme Send To GPS -> {FBAAD182-3C7A-4BC4-A5E9-207B8E0F02FD} -> C:\Program Files\DeLorme\SendToGPS\PNPluginForIE-x64.dll [2013-05-02] (DeLorme Publishing Company -> DeLorme) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.) BHO-x32: pdfMachine -> {56CF4856-ECB4-4e46-A897-A378821F97B9} -> C:\Windows\SysWow64\bgstb.dll [2014-10-09] (Broadgun Software Pty Ltd -> Broadgun Software) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-19] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Geen Naam -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Geen bestand BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-19] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: DeLorme Send To GPS -> {FBAAD182-3C7A-4BC4-A5E9-207B8E0F02FD} -> C:\Program Files (x86)\DeLorme\SendToGPS\PNPluginForIE.dll [2013-05-02] (DeLorme Publishing Company -> DeLorme) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Toolbar: HKLM-x32 - pdfMachine - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\Windows\SysWow64\bgstb.dll [2014-10-09] (Broadgun Software Pty Ltd -> Broadgun Software) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-02-14] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FireFox: ======== FF DefaultProfile: 1y8c4afn.default-1490720948140-1560800152198 FF ProfilePath: C:\Users\RandySp\AppData\Roaming\Mozilla\Firefox\Profiles\1y8c4afn.default-1490720948140-1560800152198 [2020-03-17] FF Notifications: Mozilla\Firefox\Profiles\1y8c4afn.default-1490720948140-1560800152198 -> hxxps://www.youtube.com; hxxps://www.zita.be; hxxps://www.facebook.com; hxxps://www.hbvl.be; hxxps://www.hln.be; hxxps://www.tui.be FF Extension: (Create a new script) - C:\Users\RandySp\AppData\Roaming\Mozilla\Firefox\Profiles\1y8c4afn.default-1490720948140-1560800152198\Extensions\{aecec67f-0d10-4fa7-b7c7-609a2db280cf}.xpi [2020-02-13] FF Extension: (Adblock Plus - gratis adblocker) - C:\Users\RandySp\AppData\Roaming\Mozilla\Firefox\Profiles\1y8c4afn.default-1490720948140-1560800152198\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12] FF ProfilePath: C:\Users\RandySp\AppData\Roaming\Mozilla\Firefox\Profiles\l4u74s8k.dev-edition-default [2020-03-17] FF Extension: (ADB Helper) - C:\Users\RandySp\AppData\Roaming\Mozilla\Firefox\Profiles\l4u74s8k.dev-edition-default\Extensions\adbhelper@mozilla.org [2015-03-03] [Verouderd] [niet getekend] FF Extension: (Valence) - C:\Users\RandySp\AppData\Roaming\Mozilla\Firefox\Profiles\l4u74s8k.dev-edition-default\Extensions\fxdevtools-adapters@mozilla.org [2015-06-01] [Verouderd] [niet getekend] FF HKLM\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => niet gevonden FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F363A72DD7B6435783A76E5F612C9006@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => niet gevonden FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> ) FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-11] (Adobe Inc. -> ) FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-04-08] (Citrix Systems, Inc. -> Citrix Systems, Inc.) FF Plugin-x32: @delorme.com/SendToGPS -> C:\Program Files (x86)\DeLorme\SendToGPS\nppnplugin.dll [2013-05-02] (DeLorme Publishing Company -> DeLorme) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-20] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-20] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> ) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default [2020-03-17] CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://forums.geocaching.com; hxxps://ilovetorun.org; hxxps://m.hln.be; hxxps://mabsit.pushengage.com; hxxps://mail.google.com; hxxps://meridianbet.be; hxxps://netflixinbelgie.be; hxxps://nl.computersm.com; hxxps://nl.metrotime.be; hxxps://nl.pinterest.com; hxxps://racingmechelen.be; hxxps://selfmademillionairesbiz.foxpush.net; hxxps://sisanjuan.gob.ar; hxxps://tvi24.iol.pt; hxxps://web.whatsapp.com; hxxps://www.alibaba.com; hxxps://www.cnet.com; hxxps://www.demorgen.be; hxxps://www.facebook.com; hxxps://www.gva.be; hxxps://www.hbvl.be; hxxps://www.hln.be; hxxps://www.letour.fr; hxxps://www.nieuwsblad.be; hxxps://www.onemorething.nl; hxxps://www.onlinevideoconverter.com; hxxps://www.pc-helpforum.be; hxxps://www.reddit.com; hxxps://www.standaard.be; hxxps://www.trafficdictator.com; hxxps://www.tui.be; hxxps://www.voetbalprimeur.be; hxxps://www.wielerflits.be; hxxps://www.wielerflits.nl; hxxps://www.wish.com; hxxps://www.youtube.com CHR StartupUrls: Default -> "hxxp://www.google.be/" CHR Extension: (Presentaties) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Documenten) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (eID Chrome Extension) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2017-01-04] CHR Extension: (YouTube) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Geocaching Logbook Creator) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbiohbnmefglohaemcbbecmoipkaomfb [2018-01-14] CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-02-19] CHR Extension: (Google Search) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Tampermonkey) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-12-10] CHR Extension: (Spreadsheets) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Offline Documenten) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-14] CHR Extension: (Garmin activity downloader) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\himhggflahpnjikoddlngaopcigalcjh [2017-02-12] CHR Extension: (Violentmonkey) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinjaccalgkegednnccohejagnlnfdag [2020-02-13] CHR Extension: (Skype) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02] CHR Extension: (Anti-captcha) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nconiknmmhhhffhmbknbplalknajiaef [2019-01-26] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Gmail) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23] CHR Extension: (Chrome Media Router) - C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-14] CHR Profile: C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-02-14] CHR Profile: C:\Users\RandySp\AppData\Local\Google\Chrome\User Data\System Profile [2020-02-14] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-3669440298-1739476700-4279047772-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [413544 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6094272 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11597176 2020-02-05] (Microsoft Corporation -> Microsoft Corporation) R2 CronService; C:\Windows\Prey\wpxsvc.exe [611854 2015-05-16] (Fork, Ltd.) [Bestand niet getekend] R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated -> Acer Incorporated) R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11457840 2019-06-23] (EnigmaSoft Limited -> EnigmaSoft Limited) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent Inc -> WildTangent) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-19] (Intel(R) pGFX -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporated -> Acer Incorporate) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation -> NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation -> NVIDIA Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporated -> Acer Incorporate) R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [512816 2019-06-23] (EnigmaSoft Limited -> EnigmaSoft Limited) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [113664 2018-08-27] () [Bestand niet getekend] S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-24] (Acer Incorporated -> acer) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-07-31] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-07-31] (Microsoft Corporation -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37928 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [206160 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [271704 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [207192 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [64344 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43560 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175472 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111144 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84096 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [849256 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [459192 2020-03-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [235280 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [316840 2020-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 EnigmaFileMonDriver; C:\WINDOWS\System32\drivers\EnigmaFileMonDriver.sys [68424 2020-03-17] (EnigmaSoft Limited -> EnigmaSoft Limited) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2019-11-08] (Malwarebytes Corporation -> Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-20] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 MHIKEY10; C:\WINDOWS\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Generic USB smartcard reader) R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2018-04-12] (Microsoft Windows -> Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation -> NVIDIA Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-01-31] (TunnelBear, Inc. -> The OpenVPN Project) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-07-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-07-31] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-07-31] (Microsoft Windows -> Microsoft Corporation) S3 taphss6; \SystemRoot\system32\DRIVERS\taphss6.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) =================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-03-17 10:53 - 2020-03-17 10:59 - 000052536 ____C C:\Users\RandySp\Desktop\FRST.txt 2020-03-17 10:51 - 2020-03-17 10:51 - 002279936 _____ (Farbar) C:\Users\RandySp\Desktop\FRST64.exe 2020-03-17 10:51 - 2020-03-17 10:51 - 000000000 ___HD C:\$GetCurrent 2020-03-17 10:50 - 2020-03-17 10:50 - 000000000 ___HD C:\OneDriveTemp 2020-03-14 19:29 - 2020-03-14 19:29 - 000090327 ____C C:\Users\RandySp\Desktop\ptge.xls 2020-03-14 16:53 - 2020-03-14 16:53 - 001540858 ____C C:\Users\RandySp\Desktop\GENT.gpx 2020-03-13 17:22 - 2020-03-17 10:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-03-11 09:31 - 2020-03-11 09:32 - 000037573 ____C C:\Users\RandySp\Desktop\cmb11032020.xls 2020-03-11 09:12 - 2020-03-11 09:12 - 000034544 ____C C:\Users\RandySp\Desktop\cmb.xls 2020-03-04 20:07 - 2020-03-04 20:07 - 000000024 ____C C:\Users\RandySp\AppData\Roaming\FotoGeoTag.dat 2020-03-04 20:05 - 2020-03-04 20:05 - 000001108 _____ C:\Users\Public\Desktop\FotoGeoTag.lnk 2020-03-04 20:05 - 2020-03-04 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JaVaWa 2020-03-04 20:05 - 2020-03-04 20:05 - 000000000 ____D C:\Program Files (x86)\FotoGeoTag 2020-02-29 20:59 - 2020-02-25 17:15 - 000368088 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2020-02-28 20:20 - 2020-02-29 21:00 - 000003837 _____ C:\Users\RandySp\Desktop\CMB.ods 2020-02-25 17:17 - 2020-02-25 17:15 - 000235280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys 2020-02-25 17:17 - 2020-02-25 17:15 - 000175472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2020-02-22 16:47 - 2020-02-22 17:38 - 000000063 ____C C:\Users\RandySp\Desktop\church1.txt ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-03-17 10:59 - 2018-06-08 22:33 - 001767128 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-03-17 10:59 - 2018-04-12 17:01 - 000785544 _____ C:\WINDOWS\system32\perfh013.dat 2020-03-17 10:59 - 2018-04-12 17:01 - 000153862 _____ C:\WINDOWS\system32\perfc013.dat 2020-03-17 10:59 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2020-03-17 10:57 - 2018-01-04 20:18 - 000000000 ____D C:\FRST 2020-03-17 10:51 - 2020-01-22 18:10 - 000000000 ____D C:\Windows10Upgrade 2020-03-17 10:50 - 2019-06-23 17:43 - 000068424 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys 2020-03-17 10:50 - 2018-06-08 22:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-03-17 10:50 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-03-17 10:50 - 2018-03-17 20:26 - 000000000 ____D C:\Program Files (x86)\TunnelBear 2020-03-17 10:50 - 2017-08-05 21:42 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2020-03-17 10:50 - 2016-10-02 20:29 - 000000000 ____D C:\ProgramData\NVIDIA 2020-03-17 10:50 - 2015-05-22 22:20 - 000000000 ___DC C:\Users\RandySp\Documents\Outlook-bestanden 2020-03-17 10:50 - 2015-01-31 09:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-03-17 10:50 - 2014-12-12 18:29 - 000000000 ___RD C:\Users\RandySp\OneDrive 2020-03-17 10:50 - 2014-12-11 21:31 - 000000000 __SHD C:\Users\RandySp\IntelGraphicsProfiles 2020-03-17 10:49 - 2018-04-11 22:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2020-03-17 10:36 - 2014-12-11 22:44 - 000000000 ___DC C:\Users\RandySp\AppData\Local\CrashDumps 2020-03-17 10:15 - 2018-06-08 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-03-17 09:25 - 2020-01-19 20:42 - 000000676 ____C C:\Users\RandySp\Desktop\ESET Online Scanner.lnk 2020-03-17 09:17 - 2018-06-08 22:38 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6A9B8B9A-F476-42A7-A913-F8DBDCD936DF} 2020-03-17 09:17 - 2014-12-12 18:44 - 000000000 ___DC C:\Users\RandySp\AppData\Local\Adobe 2020-03-16 22:49 - 2016-11-18 10:01 - 000000000 ___DC C:\Users\RandySp\AppData\LocalLow\Mozilla 2020-03-16 17:21 - 2015-07-10 21:27 - 000000000 ___DC C:\Users\RandySp\AppData\Roaming\gsak 2020-03-15 17:56 - 2019-11-15 20:27 - 000009140 ____C C:\Users\RandySp\Desktop\geocache_visits.txt 2020-03-14 19:09 - 2019-10-04 15:59 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2020-03-14 19:09 - 2018-12-07 20:56 - 000002702 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask 2020-03-14 19:09 - 2018-10-24 17:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2020-03-14 19:09 - 2018-06-08 22:38 - 000004154 _____ C:\WINDOWS\system32\Tasks\Software Update Application 2020-03-14 19:09 - 2018-06-08 22:38 - 000003862 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-03-14 19:09 - 2018-06-08 22:38 - 000003742 _____ C:\WINDOWS\system32\Tasks\ACCAgent 2020-03-14 19:09 - 2018-06-08 22:38 - 000003506 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-03-14 19:09 - 2018-06-08 22:38 - 000003388 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2020-03-14 19:09 - 2018-06-08 22:38 - 000003282 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-03-14 19:09 - 2018-06-08 22:38 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update 2020-03-14 19:09 - 2018-06-08 22:38 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-03-14 19:09 - 2018-06-08 22:38 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2020-03-14 19:09 - 2018-06-08 22:38 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3669440298-1739476700-4279047772-1001 2020-03-14 19:09 - 2018-06-08 22:38 - 000002816 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-evelien.randy@outlook.com 2020-03-14 19:09 - 2018-06-08 22:38 - 000002796 _____ C:\WINDOWS\system32\Tasks\ACC 2020-03-14 19:09 - 2018-06-08 22:38 - 000002762 _____ C:\WINDOWS\system32\Tasks\BacKGroundAgent 2020-03-14 19:09 - 2018-06-08 22:38 - 000002680 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2020-03-14 19:09 - 2018-06-08 22:38 - 000002550 _____ C:\WINDOWS\system32\Tasks\abDocsDllLoader 2020-03-14 19:09 - 2018-06-08 22:38 - 000002320 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3669440298-1739476700-4279047772-500 2020-03-14 19:09 - 2018-06-08 22:38 - 000002318 _____ C:\WINDOWS\system32\Tasks\CreateChoiceProcessTask 2020-03-14 19:09 - 2018-06-08 22:38 - 000002306 _____ C:\WINDOWS\system32\Tasks\Trojan Killer 2020-03-14 19:09 - 2018-06-08 22:38 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2020-03-14 19:09 - 2018-06-08 22:38 - 000002182 _____ C:\WINDOWS\system32\Tasks\Quick Access Quick Launcher 2020-03-14 19:09 - 2018-06-08 22:38 - 000002118 _____ C:\WINDOWS\system32\Tasks\DolbySelectorTask 2020-03-14 19:09 - 2018-06-08 22:38 - 000002096 _____ C:\WINDOWS\system32\Tasks\Power Management 2020-03-14 19:09 - 2018-06-08 22:38 - 000002070 _____ C:\WINDOWS\system32\Tasks\Launch Manager 2020-03-14 19:09 - 2018-06-08 22:38 - 000002062 _____ C:\WINDOWS\system32\Tasks\Quick Access 2020-03-14 18:28 - 2018-01-02 23:39 - 000000000 ___DC C:\Users\RandySp\AppData\Local\Packages 2020-03-14 16:58 - 2014-12-12 18:43 - 000000000 ____D C:\ProgramData\Garmin 2020-03-14 12:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-03-14 12:10 - 2017-04-03 17:42 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-03-13 17:29 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2020-03-13 17:23 - 2019-10-04 15:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-03-11 22:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-03-11 22:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-03-11 17:11 - 2018-04-29 09:05 - 000459192 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2020-03-11 08:41 - 2018-06-09 17:16 - 000000000 ___DC C:\Users\RandySp\AppData\Local\D3DSCache 2020-03-06 17:02 - 2016-04-03 22:28 - 000000000 ____D C:\Program Files\CCleaner 2020-03-05 17:07 - 2020-01-22 18:10 - 000000811 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-updateassistent.lnk 2020-03-05 17:07 - 2020-01-22 18:10 - 000000799 ____C C:\Users\RandySp\Desktop\Windows 10-updateassistent.lnk 2020-03-04 18:20 - 2014-12-11 22:46 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-03-04 18:20 - 2014-12-11 22:46 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-03-03 23:04 - 2020-02-09 17:31 - 000004411 ____C C:\Users\RandySp\Desktop\Opgeloste labs.txt 2020-03-01 10:56 - 2018-04-29 09:06 - 000002003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk 2020-03-01 10:56 - 2018-04-29 09:06 - 000001991 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk 2020-02-29 20:59 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-02-29 09:34 - 2020-02-15 12:07 - 000002382 ____C C:\Users\RandySp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2020-02-29 09:34 - 2020-02-15 12:07 - 000002374 ____C C:\Users\RandySp\Desktop\Microsoft Teams.lnk 2020-02-25 17:16 - 2018-04-29 09:05 - 000316840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2020-02-25 17:15 - 2019-01-10 19:21 - 000037928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys 2020-02-25 17:15 - 2018-10-26 20:09 - 000043560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys 2020-02-25 17:15 - 2018-06-26 19:08 - 000016520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys 2020-02-25 17:15 - 2018-04-29 09:05 - 000849256 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys 2020-02-25 17:15 - 2018-04-29 09:05 - 000206160 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys 2020-02-25 17:15 - 2018-04-29 09:05 - 000111144 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys 2020-02-25 17:15 - 2018-04-29 09:05 - 000084096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2020-02-25 17:14 - 2019-01-19 17:47 - 000271704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys 2020-02-25 17:14 - 2019-01-10 19:21 - 000207192 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys 2020-02-25 17:14 - 2019-01-10 19:21 - 000064344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys 2020-02-24 20:52 - 2018-06-08 22:23 - 000002379 ____C C:\Users\RandySp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-02-22 09:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-02-22 00:07 - 2014-12-15 14:57 - 000000000 ____D C:\Program Files\Microsoft Office 2020-02-17 23:10 - 2018-06-08 22:23 - 000000000 ____D C:\Users\RandySp ==================== Bestanden in de root van sommige mappen ======== 2015-05-07 10:17 - 2015-05-07 10:17 - 000000093 ____C () C:\Users\RandySp\AppData\Roaming\ARCompanion.log 2020-03-04 20:07 - 2020-03-04 20:07 - 000000024 ____C () C:\Users\RandySp\AppData\Roaming\FotoGeoTag.dat 2018-09-28 19:19 - 2018-09-28 19:19 - 000000000 ____C () C:\Users\RandySp\AppData\Local\oobelibMkey.log 2019-12-18 22:10 - 2019-12-18 22:10 - 000000722 ____C () C:\Users\RandySp\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================