Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 21-03-2021 Gestart door Gebruiker (Beheerder) op GEBRUIKER-PC (22-03-2021 16:39:09) Gestart vanaf C:\Users\Gebruiker\Downloads Geladen Profielen: Gebruiker Platform: Windows 10 Home Versie 2004 19041.867 (X64) Taal: Nederlands (Nederland) Standaardbrowser: FF Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (Brother Industries, Ltd.) [Bestand niet getekend] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe (Brother Industries, Ltd.) [Bestand niet getekend] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [Bestand niet getekend] C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) [Bestand niet getekend] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) [Bestand niet getekend] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Gebruiker\AppData\Local\Microsoft\BingSvc\BingSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <10> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [116960 2021-02-23] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-05] (Brother Industries, Ltd.) [Bestand niet getekend] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-20] (Intel Corporation -> Intel Corporation) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [Bestand niet getekend] HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [Bestand niet getekend] HKU\S-1-5-21-3963349371-3354336234-3057670200-1000\...\Run: [MyDriveConnect.exe] => C:\Users\Gebruiker\MyDrive Connect\TomTom MyDrive Connect.exe [2161624 2020-05-03] (TomTom International B.V. -> TomTom) HKU\S-1-5-21-3963349371-3354336234-3057670200-1000\...\Run: [Nuria] => C:\Program Files (x86)\Nuria\Nuria.exe [2909184 2012-10-09] (iPing Research BV) [Bestand niet getekend] HKU\S-1-5-21-3963349371-3354336234-3057670200-1000\...\Run: [BingSvc] => C:\Users\Gebruiker\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-13] (Microsoft Corporation -> © 2015 Microsoft Corporation) HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109080 2018-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-30] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass -> ) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {01B51417-B089-46BF-B587-AC9D49E1DB08} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {027830B9-CB82-4726-A736-B3C51CE50535} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {0474165E-4593-448B-A396-601DB90E1056} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {08F4D014-81C4-4928-A13D-E71A4007D9C8} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0DDF7C6B-C1C6-4163-97C3-B2F926C78AA8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {0E76E495-6540-4093-ADE3-C7E06E3C2093} - System32\Tasks\Driver Booster SkipUAC (Gebruiker) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {12940D70-26D1-42FE-9EA9-E547D14771A3} - System32\Tasks\avastBCLRestartS-1-5-21-3963349371-3354336234-3057670200-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 0 Task: {1815EBDD-51C8-4B79-ABE9-F0370EEE0167} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {1DA59459-5CF3-4484-9041-16A79888DA51} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {28E6B5A3-4451-4754-A812-E4A308E83CF9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {3C9F5457-C95C-4BC7-984C-31D08102916B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3F07CA0E-62B0-43B6-AD42-C7AC247DD3C0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {4056649D-A8B0-42B4-9FF9-AA921A9BEB98} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4083DD47-5B43-4965-B6C4-4E16AFB92754} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-13] (Mozilla Corporation -> Mozilla Foundation) Task: {43648B0B-AE13-46D3-B887-0CCB30C5420E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software) Task: {4485C055-5BAD-4062-8871-3B27C82B72FC} - System32\Tasks\{9F51EA19-7CB5-4A8F-9ED4-250ECE2CFCE4} => C:\Program Files (x86)\Skype\Phone\Skype.exe Task: {4631A566-D5BC-41A0-A2E3-09459F927A5B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-29] (Google Inc -> Google Inc.) Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {59334A52-D7B2-46AC-A90C-8A8334EA73A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5BF0C521-E935-41C9-B08B-4534FFE8A7C1} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {5D14F306-3ACA-4807-A0E8-63E06C34965D} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-23] (Avast Software s.r.o. -> AVAST Software) Task: {6118116E-351F-4B2C-B577-B018ADA58092} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {674CDFF7-3371-4FDE-AE40-4E719BA3FE63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-29] (Google Inc -> Google Inc.) Task: {709D48A3-13B5-4317-B0EB-270928B9F2DE} - System32\Tasks\Registration Trigger IBM Lotus Symphony Task => C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe Task: {70FBB447-A6BA-48FD-B9C8-5B9D40920E12} - System32\Tasks\{76ACC6ED-767F-4691-898F-68E2FB53388F} => C:\Program Files (x86)\Skype\Phone\Skype.exe Task: {7421A1AF-FFB2-4212-8BC2-9B8E675DA6F7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {790F75FF-7F98-4D4B-B2D6-89DBB75DD404} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {7DBEC321-FA53-4739-B3B9-2BD2966C26BA} - System32\Tasks\{4D026518-CAC1-4382-A5D5-236BF2482DA6} => C:\Program Files (x86)\Skype\Phone\Skype.exe Task: {8693AF94-197F-43DB-95F6-6FC25EC491E5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {86E05F90-4379-44A2-B6E6-B27E9151480A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {89313BCB-6DEC-4E44-A3E0-DF105B6E39C7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8DCA2861-4593-46B9-8F00-75ACC09884A7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {9EEDE411-9DE8-48EB-B437-8D1C34927C65} - System32\Tasks\{61979726-65E2-44F0-8C82-B0AD85060322} => C:\Program Files (x86)\Skype\Phone\Skype.exe Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CreateChoiceProcessTask" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Driver Booster SkipUAC (Gebruiker)" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6d20f13385fe0" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\Registration Trigger IBM Lotus Symphony Task" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{00982427-DCA4-4B3B-BC46-E296DEB374B4}" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\{065E2473-C512-47EF-A2DA-1AB841087AE7}" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\{4D026518-CAC1-4382-A5D5-236BF2482DA6}" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\{61979726-65E2-44F0-8C82-B0AD85060322}" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\{76ACC6ED-767F-4691-898F-68E2FB53388F}" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\{9F51EA19-7CB5-4A8F-9ED4-250ECE2CFCE4}" /ENABLE Task: {A2A1FF30-B18E-4512-A9A9-4B202EFC54D2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {A83B4D37-F646-4DB0-B4A8-0976017063EB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {BC748B5C-8757-414F-8257-8772D2006C33} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {C049405D-9528-44A2-B874-8D771D2D7330} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {CCC1B44F-345F-4D04-838D-A4E746FD0DE3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D0398DBD-02CD-4B54-BAF1-2FF4307BC108} - System32\Tasks\{065E2473-C512-47EF-A2DA-1AB841087AE7} => C:\Program Files (x86)\Skype\Phone\Skype.exe Task: {D36CC271-2052-42A2-85A9-FAE319A43604} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E198285A-F052-444A-B8CE-EED88F090A0D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E703F5BD-86D0-449A-B448-8AEE3B32B506} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {E969B5A7-CA0C-4DCB-AFF7-EB151A9CE9A2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {EC5F7F80-1CBC-4DA8-83AC-2F9821879A4A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {FB7FB765-E61C-4717-AA73-2944651E65EE} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FBCDD8B1-BD42-4DA1-A47F-8A039D0DDBA2} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196 Tcpip\..\Interfaces\{22f6bbed-db31-44c0-9750-8134abbaa3c3}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{312114f8-fc2c-48b4-ba74-537be5e53030}: [DhcpNameServer] 213.46.228.196 62.179.104.196 Tcpip\..\Interfaces\{4bbc7cab-1f8e-4e37-8159-16e4bee4fbff}: [DhcpNameServer] 62.179.104.196 213.46.228.196 Tcpip\..\Interfaces\{5c42d1e7-e541-4838-abd1-926df0318f16}: [DhcpNameServer] 213.46.228.196 62.179.104.196 Tcpip\..\Interfaces\{962b5ddf-ad35-4bd6-94ff-d5a37a8d133f}: [DhcpNameServer] 213.46.228.196 62.179.104.196 Edge: ======= Edge Profile: C:\Users\Gebruiker\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-22] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: ovjpeqxl.default-1586521026212 FF ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 [2021-03-22] FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: {0e58f6a7-1788-470a-a74c-36921e55d3e0} FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: {20fc2e06-e3e4-4b2b-812b-ab431220cada} FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: wikipedia@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: marktplaats@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: ebay@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: ddg@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: bolcom@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: bing@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212 -> Enabled: google@search.mozilla.org FF Extension: (HTTPS Everywhere) - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212\Extensions\https-everywhere@eff.org.xpi [2021-01-29] FF Extension: (IBM Security Rapport) - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212\Extensions\rapportext@trusteer.com.xpi [2020-04-11] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (LastPass: Free Password Manager) - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212\Extensions\support@lastpass.com.xpi [2021-03-16] FF Extension: (Startpage — Private Search Engine & New Tab) - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212\Extensions\{0e58f6a7-1788-470a-a74c-36921e55d3e0}.xpi [2021-02-23] FF Extension: (Startpage.com - privacy zoekmachine) - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\ovjpeqxl.default-1586521026212\Extensions\{20fc2e06-e3e4-4b2b-812b-ab431220cada}.xpi [2020-04-10] FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-30] (LastPass -> LastPass) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-30] (LastPass -> LastPass) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default [2020-08-18] CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms} CHR DefaultSearchKeyword: Default -> bing.com CHR Extension: (IBM Security Rapport) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2020-02-20] CHR Extension: (Avira Password Manager) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-04-02] CHR Extension: (Avira Safe Shopping) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-04-02] CHR Extension: (Avira Browser Safety) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-04-02] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-04-02] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-20] CHR Extension: (Chrome Media Router) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-02] CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] CHR HKU\S-1-5-21-3963349371-3354336234-3057670200-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Opera: ======= OPR Profile: C:\Users\Gebruiker\AppData\Roaming\Opera Software\Opera Stable [2021-02-22] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.nl/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Avira Safe Shopping) - C:\Users\Gebruiker\AppData\Roaming\Opera Software\Opera Stable\Extensions\dalelnnofafalcmkmnhdbigbjjkloabo [2021-01-05] OPR Extension: (Rich Hints Agent) - C:\Users\Gebruiker\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-01-05] OPR Extension: (Avira Password Manager) - C:\Users\Gebruiker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngohaaocccbohaffogpbgfpmpgbcgccg [2021-01-05] OPR Extension: (Free Avira Phantom VPN – Unblock Websites) - C:\Users\Gebruiker\AppData\Roaming\Opera Software\Opera Stable\Extensions\pcgkmkjdikhiodinhloioejnpjgmfigd [2020-03-21] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7878680 2021-03-18] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621608 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [352480 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56904 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Bestand niet getekend] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-11] (Malwarebytes Inc -> Malwarebytes) S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99624 2020-11-04] (ProtonVPN AG -> ) S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61736 2020-11-04] (ProtonVPN AG -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\NisSrv.exe [3294680 2020-03-21] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MsMpEng.exe [103168 2020-03-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-02-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-23] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-23] (Avast Software s.r.o. -> AVAST Software) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] S3 CySmb; C:\WINDOWS\System32\drivers\cysmb.sys [10752 2016-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Cypress Semiconductor, Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-17] (Martin Malik - REALiX -> REALiX(tm)) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-03-22] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-18] (Malwarebytes Inc -> Malwarebytes) S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-03-21] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-21] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-03-22 16:39 - 2021-03-22 16:39 - 000031161 _____ C:\Users\Gebruiker\Downloads\FRST.txt 2021-03-22 16:35 - 2021-03-22 16:39 - 000000000 ___DC C:\FRST 2021-03-22 16:30 - 2021-03-22 16:30 - 002300928 _____ (Farbar) C:\Users\Gebruiker\Downloads\FRST64.exe 2021-03-22 15:43 - 2021-03-22 15:43 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-03-20 12:47 - 2021-03-20 12:48 - 000011057 _____ C:\Users\Gebruiker\Downloads\afspraak.ics 2021-03-13 13:23 - 2021-03-13 13:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-03-13 12:18 - 2021-03-13 13:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-03-13 12:17 - 2021-03-13 12:17 - 001328400 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll 2021-03-13 12:17 - 2021-03-13 12:17 - 001282560 _____ C:\WINDOWS\system32\FaceProcessor.dll 2021-03-13 12:17 - 2021-03-13 12:17 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll 2021-03-13 12:16 - 2021-03-13 12:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-03-13 12:16 - 2021-03-13 12:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-03-13 12:16 - 2021-03-13 12:16 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-03-13 12:16 - 2021-03-13 12:16 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-03-13 12:16 - 2021-03-13 12:16 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-03-13 12:16 - 2021-03-13 12:16 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-03-13 12:16 - 2021-03-13 12:16 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll 2021-03-13 12:16 - 2021-03-13 12:16 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-03-13 12:15 - 2021-03-13 12:15 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll 2021-03-13 12:15 - 2021-03-13 12:15 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-03-13 12:15 - 2021-03-13 12:15 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-03-09 10:59 - 2021-03-10 09:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-03-08 15:38 - 2021-03-08 15:38 - 002084016 _____ (Malwarebytes) C:\Users\Gebruiker\Downloads\MBSetup.exe 2021-02-23 16:02 - 2021-02-23 16:02 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2021-02-23 16:02 - 2021-02-23 16:02 - 000000000 ____D C:\Users\Gebruiker\AppData\Roaming\Avast Software 2021-02-23 16:01 - 2021-03-18 17:36 - 000465160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-02-23 16:01 - 2021-03-16 13:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-02-23 16:01 - 2021-02-23 16:01 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2021-02-23 16:01 - 2021-02-23 16:01 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2021-02-23 16:01 - 2021-02-23 16:01 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2021-02-23 16:00 - 2021-02-23 16:00 - 000000000 ____D C:\Program Files\Avast Software ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-03-22 16:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-03-22 16:11 - 2021-01-12 09:40 - 000003468 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d20f13385fe0 2021-03-22 16:11 - 2020-12-14 12:52 - 000003662 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-03-22 16:11 - 2020-12-14 12:52 - 000003564 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-03-22 16:11 - 2020-12-14 12:52 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-03-22 16:11 - 2020-12-14 12:52 - 000003438 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-03-22 16:11 - 2020-12-14 12:52 - 000003404 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{00982427-DCA4-4B3B-BC46-E296DEB374B4} 2021-03-22 16:11 - 2020-12-14 12:52 - 000003340 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-03-22 16:11 - 2020-12-14 12:52 - 000002664 _____ C:\WINDOWS\system32\Tasks\Registration Trigger IBM Lotus Symphony Task 2021-03-22 16:11 - 2020-12-14 12:52 - 000002598 _____ C:\WINDOWS\system32\Tasks\CreateChoiceProcessTask 2021-03-22 16:11 - 2020-12-14 12:52 - 000002334 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Gebruiker) 2021-03-22 16:11 - 2020-12-14 12:52 - 000002164 _____ C:\WINDOWS\system32\Tasks\{9F51EA19-7CB5-4A8F-9ED4-250ECE2CFCE4} 2021-03-22 16:11 - 2020-12-14 12:52 - 000002164 _____ C:\WINDOWS\system32\Tasks\{76ACC6ED-767F-4691-898F-68E2FB53388F} 2021-03-22 16:11 - 2020-12-14 12:52 - 000002164 _____ C:\WINDOWS\system32\Tasks\{61979726-65E2-44F0-8C82-B0AD85060322} 2021-03-22 16:11 - 2020-12-14 12:52 - 000002164 _____ C:\WINDOWS\system32\Tasks\{4D026518-CAC1-4382-A5D5-236BF2482DA6} 2021-03-22 16:11 - 2020-12-14 12:52 - 000002164 _____ C:\WINDOWS\system32\Tasks\{065E2473-C512-47EF-A2DA-1AB841087AE7} 2021-03-22 16:11 - 2020-12-14 12:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-03-22 15:50 - 2020-12-14 12:46 - 002009754 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-03-22 15:50 - 2019-12-07 16:12 - 000862028 _____ C:\WINDOWS\system32\perfh013.dat 2021-03-22 15:50 - 2019-12-07 16:12 - 000183178 _____ C:\WINDOWS\system32\perfc013.dat 2021-03-22 15:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-03-22 15:46 - 2013-12-11 17:00 - 000000000 ____D C:\ProgramData\Mozilla 2021-03-22 15:45 - 2017-02-15 10:21 - 000000000 ____D C:\Users\Gebruiker\AppData\LocalLow\Mozilla 2021-03-22 15:43 - 2020-12-14 12:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-03-22 15:43 - 2020-12-14 12:42 - 000008192 ___SH C:\DumpStack.log.tmp 2021-03-22 15:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-03-22 15:43 - 2014-10-19 13:13 - 000000000 __SHD C:\Users\Gebruiker\IntelGraphicsProfiles 2021-03-22 15:43 - 2013-12-11 17:48 - 000000000 ____D C:\ProgramData\AVAST Software 2021-03-22 15:42 - 2020-12-14 12:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-03-22 15:42 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-03-21 15:24 - 2015-08-17 14:42 - 000007891 _____ C:\WINDOWS\BRRBCOM.INI 2021-03-21 14:54 - 2021-02-01 12:28 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\ProtonVPN 2021-03-21 10:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-03-20 15:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-03-20 15:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-03-20 10:51 - 2020-07-03 09:19 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-03-18 16:46 - 2020-08-28 18:36 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\CrashDumps 2021-03-18 09:02 - 2021-01-11 12:31 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-03-16 13:15 - 2020-12-14 12:44 - 000000000 ____D C:\Users\DefaultAppPool 2021-03-13 13:59 - 2014-04-25 08:30 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\ElevatedDiagnostics 2021-03-13 13:56 - 2015-07-03 12:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-03-13 13:23 - 2015-07-03 12:59 - 000001249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-03-13 13:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-03-13 13:14 - 2020-12-14 12:42 - 000352368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-03-13 13:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-03-13 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-03-12 10:10 - 2013-12-11 16:02 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-03-12 10:07 - 2013-12-11 16:02 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-03-10 09:28 - 2020-03-22 15:05 - 000001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-02-23 16:01 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-02-23 16:01 - 2016-08-30 16:56 - 000044568 _____ () C:\WINDOWS\system32\Drivers\staport.sys 2021-02-23 15:58 - 2020-03-21 13:09 - 000000000 ____D C:\Program Files (x86)\Avira 2021-02-23 15:58 - 2017-02-23 11:54 - 000000000 ____D C:\ProgramData\Avira 2021-02-23 15:46 - 2013-12-27 17:06 - 000000000 ____D C:\ProgramData\Package Cache 2021-02-23 15:46 - 2010-11-21 04:27 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe ==================== Bestanden in de root van sommige mappen ======== 2013-12-16 11:23 - 2014-10-30 10:53 - 014147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe 2014-02-12 17:42 - 2014-08-18 15:52 - 000003584 _____ () C:\Users\Gebruiker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2020-04-05 12:38 - 2020-04-05 12:38 - 000000017 _____ () C:\Users\Gebruiker\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================