Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 14-12-2020 Gestart door flami (Beheerder) op DESKTOP-TIJPHM2 (Acer Aspire TC-605) (28-12-2020 00:51:53) Gestart vanaf C:\Users\flami\Downloads Geladen Profielen: flami Platform: Windows 10 Home Versie 1909 18363.1256 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (BullGuard Ltd -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardHelper.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardCore.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFileScanner.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFiltering.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFirewall.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentry.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentryEye.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe (BullGuard Ltd. -> BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (Open-Shell) [Bestand niet getekend] C:\Program Files\Open-Shell\StartMenu.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [224768 2019-10-26] (Open-Shell) [Bestand niet getekend] HKLM\...\Run: [BullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe [416056 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 1 HKU\S-1-5-21-229794501-1121372831-532239594-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) GroupPolicy: Restrictie ? <==== AANDACHT Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0248A74C-8EFE-4D35-A08C-F064391F4021} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {16AC32AF-778D-4FB8-BEDB-1A7171405B39} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {235799BC-E753-4830-8581-BDD90DDB6DAC} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {290F038B-0BF5-449C-A9DD-075D9FCF43DF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2AE6E9BA-5B24-4E35-BC59-77E98A5D771E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {30CD4CA9-3222-4C4F-8B40-482D222635D1} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {390DBB8B-4480-4E69-85D0-222D8AEC391D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {3B9128DF-AFBB-4856-B85B-B491BC634B07} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {41B3898B-592C-474C-8301-D0209B9AB431} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe Task: {4535017C-D929-4405-851A-F6BA6B23BB0B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe Task: {4CDD75FF-2790-4315-804D-5F01FDAA4E8C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {571489F8-0D07-4EE8-BFB9-A25B5CBBC478} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {765BC70C-861D-43EE-A222-698342970985} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe Task: {8E9CF39A-499D-454E-9A1B-405EC9BC86C4} - System32\Tasks\BullGuard\BullGuardUpdate2 => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe [2981696 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) Task: {AAAF6A79-F7C1-45D6-9CC3-4F75459A183B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {BE85002C-F54A-4A68-8844-20BB53477BE5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D8AE1941-5567-4F20-BA04-67D745082CF8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-23] (Mozilla Corporation -> Mozilla Foundation) Task: {EA64E3C7-5044-4897-ABDB-0402E7E69434} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FD380C27-1598-43E1-8C3E-9B86187E6A2C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Hosts: Er is meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{206f83d0-e15a-4edb-8a70-6e5b929380b6}: [DhcpNameServer] 192.168.1.1 HKLM\System\...\Parameters\PersistentRoutes: [104.87.88.177,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [104.89.242.39,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [104.96.147.3,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [111.221.29.177,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [111.221.29.253,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.34.230,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.40.37,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.61.100,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.61.64,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.61.68,255.255.255.255,0.0.0.0,1] PersistentRoutes: Er zijn 95 PersistentRoutes. FireFox: ======== FF DefaultProfile: 8maxltrb.default-1574339924015 FF ProfilePath: C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015 [2020-12-28] FF Extension: (Facebook Container) - C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015\Extensions\@contain-facebook.xpi [2020-09-30] FF Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015\Extensions\hotspot-shield@anchorfree.com.xpi [2020-12-24] FF Extension: (uBlock Origin) - C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015\Extensions\uBlock0@raymondhill.net.xpi [2020-12-26] FF Extension: (Colorful cubes) - C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015\Extensions\{168c7cf2-8d10-460d-94f3-6482b8602cc2}.xpi [2020-07-28] FF Extension: (Startpage.com - privacy zoekmachine) - C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-10-24] FF Extension: (gray leaf) - C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015\Extensions\{979aae3a-31db-479d-b7d5-95054b5a33ff}.xpi [2020-07-28] FF Extension: (Video DownloadHelper) - C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-19] FF Extension: (Northern Lake by MaDonna) - C:\Users\flami\AppData\Roaming\Mozilla\Firefox\Profiles\8maxltrb.default-1574339924015\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2020-07-28] FF HKLM-x32\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard => niet gevonden FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-09-16] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-09-16] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) S3 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBackup.exe [1578296 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFileScanner.exe [830784 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) R3 BsHelper; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardHelper.exe [390352 2020-02-28] (BullGuard Ltd -> BullGuard Ltd.) R2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFiltering.exe [5266744 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardCore.exe [3031360 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsNet; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardFirewall.exe [1251648 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [486208 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsSentry; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardSentry.exe [955200 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [3121976 2020-12-14] (BullGuard Ltd. -> BullGuard Ltd.) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-03] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-29] (AnchorFree Inc -> The OpenVPN Project) R1 BdAgent; C:\WINDOWS\System32\DRIVERS\BdAgent.sys [175128 2020-01-20] (BullGuard LTD -> BullGuard Ltd.) S0 BdBoot; C:\WINDOWS\System32\DRIVERS\BdBoot.sys [29320 2019-08-12] (Microsoft Windows Early Launch Anti-malware Publisher -> BullGuard Ltd.) R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [178760 2019-03-05] (BullGuard LTD -> BullGuard Ltd.) R0 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [155464 2020-07-13] (BullGuard LTD -> BullGuard Ltd.) R1 BdSpy; C:\WINDOWS\System32\DRIVERS\BdSpy.sys [92360 2020-08-18] (BullGuard LTD -> BullGuard Ltd.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [Bestand niet getekend] R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [51712 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) R3 splitcam_hd_driver; C:\WINDOWS\System32\drivers\splitcam_hd_driver.sys [38000 2020-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2018-04-09] (ExprsVPN LLC -> The OpenVPN Project) S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation) U5 vsock; C:\Windows\System32\Drivers\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-04-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-04-03] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-03] (Microsoft Windows -> Microsoft Corporation) U1 aswbdisk; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-12-28 00:51 - 2020-12-28 00:52 - 000017530 _____ C:\Users\flami\Downloads\FRST.txt 2020-12-24 12:10 - 2020-12-24 12:10 - 000000000 _____ C:\WINDOWS\Minidump\121620-22703-01.dmp 2020-12-24 12:10 - 2020-12-24 12:10 - 000000000 _____ C:\WINDOWS\Minidump\101620-20218-01.dmp 2020-12-24 12:10 - 2020-12-24 12:10 - 000000000 _____ C:\WINDOWS\Minidump\080420-25656-01.dmp 2020-12-24 12:10 - 2020-12-24 12:10 - 000000000 _____ C:\WINDOWS\Minidump\072120-21046-01.dmp 2020-12-24 05:17 - 2020-12-24 05:17 - 000000000 ____D C:\Users\flami\Documents\My ISO Files 2020-12-24 05:17 - 2020-12-24 05:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO 2020-12-24 05:17 - 2020-12-24 05:17 - 000000000 ____D C:\Program Files (x86)\UltraISO 2020-12-23 15:13 - 2020-12-23 15:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-12-23 15:10 - 2020-12-24 03:59 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-12-23 00:34 - 2020-12-23 00:34 - 001156152 _____ (Akeo Consulting) C:\Users\flami\Downloads\rufus-3.13.exe 2020-12-23 00:11 - 2020-12-23 00:11 - 000689664 _____ C:\Users\flami\Downloads\FreeISOBurner.exe 2020-12-22 23:59 - 2020-12-22 23:59 - 001724579 _____ (pendrivelinux.com) C:\Users\flami\Downloads\YUMI-2.0.8.2a.exe 2020-12-22 23:40 - 2020-12-22 23:40 - 000000338 _____ C:\Users\flami\Documents\dvd.txt 2020-12-22 23:37 - 2020-12-22 23:37 - 000000000 ____D C:\Users\flami\Downloads\Greenshot-NO-INSTALLER-1.2.10.6-RELEASE 2020-12-22 23:36 - 2020-12-22 23:36 - 001502832 _____ C:\Users\flami\Downloads\Greenshot-NO-INSTALLER-1.2.10.6-RELEASE.zip 2020-12-22 22:35 - 2020-12-22 22:35 - 000000000 ____D C:\Users\flami\AppData\Roaming\PowerISO 2020-12-22 22:34 - 2017-06-07 01:36 - 000138296 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys 2020-12-22 22:20 - 2020-12-22 22:20 - 000000141 _____ C:\Users\flami\Documents\linux mint.txt 2020-12-22 22:18 - 2020-12-22 22:24 - 1984790528 _____ C:\Users\flami\Downloads\linuxmint-20-cinnamon-64bit.iso 2020-12-22 17:12 - 2020-12-22 17:12 - 002286592 _____ (Farbar) C:\Users\flami\Downloads\FRST64.exe 2020-12-19 00:51 - 2020-12-19 00:51 - 000000000 ____D C:\Users\flami\AppData\Local\AnchorFree_Inc 2020-12-18 22:04 - 2020-12-18 22:04 - 003750506 _____ C:\Users\flami\Downloads\QuickHash-Windows-v3.2.0.zip 2020-12-18 21:12 - 2020-12-18 21:12 - 008447152 _____ (Malwarebytes) C:\Users\flami\Downloads\adwcleaner_8.0.8.exe 2020-12-18 20:38 - 2020-12-18 20:38 - 000000000 ____D C:\ProgramData\Caphyon 2020-12-17 17:50 - 2020-12-17 17:50 - 000000334 _____ C:\Users\flami\.vivaldi_reporting_data 2020-12-17 17:37 - 2020-12-17 17:40 - 000000000 ____D C:\Users\flami\AppData\Roaming\VMware 2020-12-17 17:29 - 2020-08-11 00:25 - 000048224 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll 2020-12-17 17:29 - 2020-08-11 00:25 - 000044128 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll 2020-12-17 17:29 - 2020-08-11 00:24 - 000105912 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys 2020-12-17 17:27 - 2020-12-24 05:24 - 000000000 ____D C:\Users\flami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMwareWorkstationPro 2020-12-17 17:27 - 2020-12-24 04:46 - 000000000 ___HD C:\Users\flami\AppData\Roaming\2k1 2020-12-16 00:27 - 2020-12-16 00:27 - 000000512 _____ C:\WINDOWS\GA_OF.dat 2020-12-14 14:18 - 2020-12-14 14:18 - 000163112 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BgGamingMonitor.dll 2020-12-09 16:04 - 2020-10-19 06:42 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll 2020-12-09 16:04 - 2020-10-19 06:42 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll 2020-12-09 16:03 - 2020-03-04 13:54 - 000050592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NvModuleTracker.sys 2020-12-08 21:19 - 2020-12-08 21:19 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll 2020-12-08 21:19 - 2020-12-08 21:19 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2020-12-08 21:19 - 2020-12-08 21:19 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-08 21:19 - 2020-12-08 21:19 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-08 21:19 - 2020-12-08 21:19 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-08 21:19 - 2020-12-08 21:19 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-08 21:19 - 2020-12-08 21:19 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2020-12-08 21:19 - 2020-12-08 21:19 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2020-12-08 21:18 - 2020-12-08 21:18 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-08 21:18 - 2020-12-08 21:18 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-07 20:03 - 2020-12-07 20:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-229794501-1121372831-532239594-1001 2020-12-07 09:18 - 2020-12-07 09:18 - 000000000 ____D C:\Users\flami\AppData\Local\balena-etcher-updater 2020-12-07 08:50 - 2020-12-07 08:50 - 000000000 ____D C:\Users\flami\AppData\Roaming\gnupg 2020-12-07 02:01 - 2020-12-07 02:01 - 000204526 _____ C:\Users\flami\Documents\Doccle.htm 2020-12-07 02:01 - 2020-12-07 02:01 - 000000000 ____D C:\Users\flami\Documents\Doccle_bestanden ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2020-12-28 00:52 - 2020-03-08 00:44 - 000000000 ____D C:\FRST 2020-12-28 00:51 - 2020-04-03 21:10 - 000000000 ____D C:\ProgramData\BullGuard 2020-12-28 00:51 - 2019-11-21 19:21 - 000000000 ____D C:\Users\flami\AppData\Local\OpenShell 2020-12-28 00:28 - 2019-11-21 18:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-12-27 22:43 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-27 22:42 - 2019-11-21 14:06 - 000000000 ____D C:\ProgramData\Mozilla 2020-12-27 22:42 - 2017-12-05 07:37 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-27 22:41 - 2020-09-11 17:31 - 000000000 ____D C:\Users\flami\AppData\LocalLow\Mozilla 2020-12-27 22:41 - 2017-12-05 10:35 - 000000000 ____D C:\Program Files\CCleaner 2020-12-27 22:39 - 2020-04-03 17:40 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK 2020-12-27 22:39 - 2019-11-21 18:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-12-27 17:59 - 2019-03-19 05:37 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2020-12-27 01:08 - 2020-06-17 16:36 - 000000000 ____D C:\Users\flami\AppData\Roaming\vlc 2020-12-24 12:10 - 2020-07-21 11:06 - 000000000 ____D C:\WINDOWS\Minidump 2020-12-24 06:16 - 2017-12-05 12:24 - 000000000 ____D C:\Users\flami\AppData\Local\transmission 2020-12-24 05:28 - 2020-02-14 15:37 - 000000000 ____D C:\Users\flami\AppData\Local\D3DSCache 2020-12-24 05:01 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2020-12-24 04:08 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-24 04:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-24 03:59 - 2017-12-05 08:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-12-23 15:13 - 2017-12-05 08:48 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-12-23 00:35 - 2019-11-21 14:10 - 000000262 __RSH C:\ProgramData\ntuser.pol 2020-12-17 18:30 - 2017-12-07 17:06 - 000000000 ____D C:\ProgramData\VMware 2020-12-17 18:29 - 2019-03-19 13:33 - 000786140 _____ C:\WINDOWS\system32\perfh013.dat 2020-12-17 18:29 - 2019-03-19 13:33 - 000154170 _____ C:\WINDOWS\system32\perfc013.dat 2020-12-17 17:50 - 2019-11-21 18:48 - 000000000 ____D C:\Users\flami 2020-12-17 17:44 - 2017-12-07 17:09 - 000000000 ____D C:\Users\flami\AppData\Local\VMware 2020-12-17 17:29 - 2017-12-07 17:07 - 001798882 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2020-12-17 16:01 - 2019-11-21 18:57 - 001771832 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-17 09:39 - 2018-03-11 03:17 - 000001024 ____H C:\AMTAG.BIN 2020-12-13 23:59 - 2020-11-19 23:53 - 000000023 _____ C:\Users\flami\Documents\invullen.txt 2020-12-11 17:24 - 2020-01-28 19:33 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-12-11 01:09 - 2019-12-02 21:39 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-12-09 16:04 - 2019-11-21 19:51 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:04 - 2019-11-21 19:51 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:04 - 2017-12-05 07:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2020-12-09 16:04 - 2017-12-05 07:36 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-12-09 16:04 - 2017-12-05 07:36 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2020-12-09 16:03 - 2019-11-21 19:51 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:03 - 2019-11-21 19:51 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:03 - 2019-11-21 19:51 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:03 - 2019-11-21 19:51 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:03 - 2019-11-21 19:51 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:03 - 2019-11-21 19:51 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:03 - 2019-11-21 19:50 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-09 16:03 - 2019-11-21 19:50 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2020-12-08 21:38 - 2020-10-25 00:14 - 000257976 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-08 21:36 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-12-08 21:24 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-08 21:19 - 2017-12-05 07:20 - 000410830 __RSH C:\bootmgr 2020-12-04 02:51 - 2017-12-05 07:43 - 000000000 ____D C:\Program Files\Common Files\logishrd 2020-11-29 12:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-11-29 12:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed ==================== Bestanden in de root van sommige mappen ======== 2020-10-08 22:09 - 2020-10-08 22:09 - 000000218 _____ () C:\Users\flami\AppData\Local\recently-used.xbel 2019-11-21 20:06 - 2019-11-21 20:06 - 000000017 _____ () C:\Users\flami\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================