Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17-11-2020 Gestart door Gebruiker (Beheerder) op LAPTOP-13TKLGHJ (Acer Aspire ES1-572) (18-11-2020 11:55:57) Gestart vanaf C:\andy Geladen Profielen: Gebruiker Platform: Windows 10 Home Versie 2004 19041.572 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Acer Incorporated -> ) C:\OEM\Preload\FUBService\FUBService.exe (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Amundsen\2.1.16258\awc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporated -> Acer) C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\igfxext.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0b3e3ed3ace9602a\IntelCpHeciSvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Wireless Connectivity Solutions -> IntelĀ® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Magnify.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\Gebruiker\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-770788387-2325683597-4085583833-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33102224 2020-11-06] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-770788387-2325683597-4085583833-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Gebruiker\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-770788387-2325683597-4085583833-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32281272 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Windows x64\Print Processors\Canon MP495 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDA9.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MP495 series: C:\WINDOWS\system32\CNMLMA9.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-13] (Google LLC -> Google LLC) ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {05645E41-8DA8-4964-8202-E01E28EF13F7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117600 2020-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {0903D6F8-CA0F-44EC-8FCC-3F32AC1A13B1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117600 2020-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {451FE0BA-D10E-4A3A-BA01-7E0FDB328FE7} - System32\Tasks\Uninstaller_SkipUac_Gebruiker => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6565136 2020-10-19] (IObit Information Technology -> IObit) Task: {47D000FF-49D7-4846-B299-E41AE1173A32} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {4C6FAD56-1E1E-40DE-97AD-B16E3DE38C59} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) Task: {568615A8-BCB4-4927-B64A-87D1BD3128C3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-03] (Google Inc -> Google Inc.) Task: {6470C384-3982-40AE-95A8-D2B0C5691DF3} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {672AF9A0-C6A4-4F94-B69C-1DF6FCA5760A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-02-15] (Acer Incorporated -> Acer Incorporated) Task: {73214B33-38F8-4E19-8EB5-9788D0A92971} - System32\Tasks\Acer Collection Monitor Application => C:\Program Files (x86)\Acer\Acer Collection\ACEMon.exe [417072 2017-12-13] (Acer Incorporated -> Acer Incorporated) Task: {77267F02-8542-40EF-A87A-1B6DD0A049D3} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {8154119A-6945-4C51-8F85-602805797D3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-03] (Google Inc -> Google Inc.) Task: {8C03A048-D2A9-4DC8-BF32-C2663DBE9B26} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-02-18] (Acer Incorporated -> TODO: ) Task: {8EA1FBD2-EF69-4213-9AA9-1ED78FE0B1D1} - System32\Tasks\Acer Collection Application => C:\Program Files (x86)\Acer\Acer Collection\ACEStd.exe [479024 2017-12-14] (Acer Incorporated -> ) Task: {8F311975-A93D-4409-B302-9E027CAC96F9} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe Task: {916A94FF-BC84-42DB-9F4E-A1F525DD475C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3982744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {BA00C054-AABF-46E0-B226-57CDBC781520} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation) Task: {BA28179A-A10B-452C-86FA-6F6D932431B2} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [30976 2015-05-14] (Acer Incorporated -> ) Task: {C656FA3D-D3F7-4216-9BD0-48F0D9D7C7D4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3982744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {C91ABF25-C1BE-46B0-BAC4-02777994BCCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C9CC97CD-70E1-481F-B99F-2597BF11ABFA} - System32\Tasks\App Explorer => C:\Users\Gebruiker\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7941288 2020-05-30] (SweetLabs Inc. -> SweetLabs, Inc) <==== AANDACHT Task: {E86B9D2C-49F7-4B2E-B859-8AA42B2CA6D6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E87C02F7-C571-4C98-A3DC-AFB0887E9D02} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {E99F1DFF-945B-4609-81E3-52DF728525C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1146776 2020-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {E9D13318-7887-4207-857F-C12BD6D69F8A} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [445744 2017-02-15] (Acer Incorporated -> Acer Incorporated) Task: {ED996C56-29BE-48B5-AD89-F10DC6055526} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767664 2017-02-15] (Acer Incorporated -> Acer Incorporated) Task: {F85C13C0-60DA-4C27-AA1B-927CD8F9427C} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{d0306837-6489-49ed-b7c5-b109f068ec24}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d77fd8f6-107e-47f9-b04a-b8698c4b0c2e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d8ff5c25-3b1f-462e-ba0d-65b63de45212}: [DhcpNameServer] 195.130.131.5 195.130.130.5 Edge: ====== Edge Profile: C:\Users\Gebruiker\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-18] Edge StartupUrls: Default -> "hxxps://google.be/" FireFox: ======== FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-05-06] [Verouderd] FF Extension: (Nederlands (NL) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-nl@firefox.mozilla.org [2017-05-06] [Verouderd] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-05-06] [Verouderd] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default [2020-11-17] CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=BQ01" CHR Extension: (Presentaties) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-03] CHR Extension: (Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-03] CHR Extension: (Google Drive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (YouTube) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-03] CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-11-17] CHR Extension: (Spreadsheets) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-03] CHR Extension: (Offline Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-09-30] CHR Extension: (Gmail) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24] CHR Extension: (Chrome Media Router) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-10] CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-11-17] CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-17] CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-09] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-07-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2020-10-19] (IObit Information Technology -> IObit) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-17] (Malwarebytes Inc -> Malwarebytes) S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [461616 2017-02-15] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [506672 2017-02-15] (Acer Incorporated -> Acer Incorporated) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [296752 2017-02-21] (Acer Incorporated -> acer) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-06] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2020-11-17] (CPUID -> CPUID) S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [860872 2018-07-12] (EasyAntiCheat Oy -> EasyAntiCheat Oy) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-11-17] (Malwarebytes Corporation -> Malwarebytes) R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit) R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit) R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217600 2020-11-17] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-11-18] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-11-18] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-17] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [136352 2020-11-18] (Malwarebytes Inc -> Malwarebytes) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-06] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-06] (Microsoft Windows -> Microsoft Corporation) S3 MpKslccda8897; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DC0183D1-C331-4CAF-8A87-77E7754A7E7C}\MpKslDrv.sys [X] S3 MpKslda0b926e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DC0183D1-C331-4CAF-8A87-77E7754A7E7C}\MpKslDrv.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) =================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-11-18 11:41 - 2020-11-18 11:55 - 000000000 ____D C:\andy 2020-11-18 11:29 - 2020-11-18 12:12 - 000000000 ____D C:\FRST 2020-11-18 11:16 - 2020-11-18 11:16 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\CrashDumps 2020-11-18 10:20 - 2020-11-18 10:20 - 000000000 ____D C:\Users\Gebruiker\AppData\LocalLow\IGDump 2020-11-18 09:51 - 2020-11-18 09:51 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2020-11-18 09:49 - 2020-11-18 09:49 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2020-11-18 09:49 - 2020-11-18 09:49 - 000136352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2020-11-17 23:52 - 2020-11-17 23:52 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA% 2020-11-17 23:50 - 2020-11-17 23:50 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-11-17 23:50 - 2020-11-17 23:50 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\mbam 2020-11-17 23:49 - 2020-11-17 23:49 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-11-17 23:49 - 2020-11-17 23:49 - 000217600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-11-17 23:38 - 2020-11-17 23:36 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-11-17 23:38 - 2020-11-17 23:36 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-11-17 23:36 - 2020-11-17 23:36 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-11-17 23:20 - 2020-11-17 23:20 - 000000000 ____D C:\Program Files\Malwarebytes 2020-11-17 20:57 - 2020-11-17 20:57 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B} 2020-11-17 20:56 - 2020-11-17 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2020-11-17 20:53 - 2020-11-17 21:00 - 000000000 ____D C:\Users\Gebruiker\AppData\LocalLow\IObit 2020-11-17 20:52 - 2020-11-17 21:00 - 000000000 ____D C:\ProgramData\ProductData 2020-11-17 20:52 - 2020-11-17 20:52 - 000002980 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Gebruiker 2020-11-17 20:51 - 2020-11-17 20:51 - 000001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2020-11-17 20:51 - 2020-11-17 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2020-11-17 20:48 - 2020-11-17 20:56 - 000000000 ____D C:\Program Files (x86)\IObit 2020-11-17 20:44 - 2020-11-17 21:00 - 000000000 ____D C:\Users\Gebruiker\AppData\Roaming\IObit 2020-11-17 20:44 - 2020-11-17 21:00 - 000000000 ____D C:\ProgramData\IObit 2020-11-17 20:05 - 2020-11-18 09:27 - 000000000 ____D C:\Program Files\CCleaner 2020-11-17 20:05 - 2020-11-17 20:05 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-11-17 20:05 - 2020-11-17 20:05 - 000002896 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2020-11-17 20:05 - 2020-11-17 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-11-17 18:59 - 2020-11-17 19:02 - 030469496 _____ (Piriform Software Ltd) C:\Users\Gebruiker\Downloads\ccsetup574.exe 2020-11-15 15:58 - 2020-11-15 15:58 - 000000000 ____D C:\Users\Gebruiker\AppData\Roaming\Teams 2020-11-13 12:29 - 2020-10-15 04:22 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-11-13 12:29 - 2020-10-15 04:14 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-11-13 08:54 - 2020-11-13 08:54 - 000000112 ___SH C:\bootTel.dat 2020-11-04 10:19 - 2020-11-15 15:58 - 000002388 _____ C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2020-11-04 10:16 - 2020-11-04 10:17 - 101284632 _____ (Microsoft Corporation) C:\Users\Gebruiker\Downloads\Teams_windows_x64.exe 2020-11-01 13:37 - 2020-11-01 13:37 - 000000000 ____D C:\Users\Gebruiker\OneDrive\Documenten\Scanned Documents 2020-11-01 13:37 - 2020-11-01 13:37 - 000000000 ____D C:\Users\Gebruiker\OneDrive\Documenten\rekordbox 2020-11-01 13:37 - 2020-11-01 13:37 - 000000000 ____D C:\Users\Gebruiker\OneDrive\Documenten\Fax 2020-11-01 13:36 - 2020-11-01 14:30 - 000000000 ___RD C:\Users\Gebruiker\OneDrive - vzw KSO Tielt-Ruiselede 2020-11-01 13:36 - 2020-11-01 13:36 - 000000000 ____D C:\Users\Gebruiker\OneDrive\Documenten\Aangepaste Office-sjablonen ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-11-18 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-11-18 11:55 - 2020-08-23 15:24 - 000003508 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck 2020-11-18 11:50 - 2018-05-03 04:43 - 000000000 __SHD C:\Users\Gebruiker\IntelGraphicsProfiles 2020-11-18 10:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-11-18 10:38 - 2020-08-23 14:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-11-18 09:46 - 2018-05-04 22:14 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\Host App Service 2020-11-18 09:44 - 2020-08-06 16:47 - 000000000 ___HD C:\$WinREAgent 2020-11-18 09:28 - 2018-05-03 04:49 - 000000000 ___RD C:\Users\Gebruiker\OneDrive 2020-11-18 00:07 - 2020-08-23 14:07 - 000000000 ____D C:\Users\Gebruiker 2020-11-17 23:38 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-11-17 22:38 - 2020-08-23 15:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-11-17 22:38 - 2020-08-08 21:50 - 000008192 ___SH C:\DumpStack.log.tmp 2020-11-17 21:24 - 2018-07-09 18:27 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\D3DSCache 2020-11-17 20:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2020-11-17 20:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2020-11-17 20:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-11-17 20:22 - 2020-08-14 20:56 - 000000000 ___DC C:\WINDOWS\Panther 2020-11-15 17:05 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-11-15 16:29 - 2018-05-04 11:28 - 000000000 ___RD C:\Users\Gebruiker\3D Objects 2020-11-15 15:54 - 2017-05-06 01:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-11-14 19:40 - 2020-08-26 16:26 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-11-13 19:06 - 2020-08-23 14:34 - 001771328 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-11-13 19:06 - 2019-12-07 16:12 - 000787040 _____ C:\WINDOWS\system32\perfh013.dat 2020-11-13 19:06 - 2019-12-07 16:12 - 000154132 _____ C:\WINDOWS\system32\perfc013.dat 2020-11-13 16:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-11-13 12:26 - 2018-05-03 14:01 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-11 08:51 - 2018-05-04 11:04 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\Packages 2020-11-10 19:43 - 2019-03-19 11:56 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\ElevatedDiagnostics 2020-11-06 13:43 - 2018-05-04 07:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-11-04 10:20 - 2020-03-20 09:47 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\SquirrelTemp 2020-11-01 09:38 - 2020-08-26 16:25 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-01 09:38 - 2020-08-26 16:25 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-10-30 21:15 - 2019-11-20 15:31 - 000000000 ____D C:\Users\Gebruiker\AppData\Roaming\PioneerLog 2020-10-30 18:24 - 2018-07-10 14:59 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\NVIDIA Corporation 2020-10-30 18:06 - 2018-05-03 14:13 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-10-22 17:00 - 2020-08-23 15:24 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-770788387-2325683597-4085583833-1001 2020-10-22 16:59 - 2020-08-23 14:07 - 000002381 _____ C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== Bestanden in de root van sommige mappen ======== 2019-04-15 10:32 - 2019-04-15 10:32 - 000000000 _____ () C:\Users\Gebruiker\AppData\Local\{FAAAE75F-8D9B-41C0-95F5-F45E65C2C4D8} ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================