Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 14-04-2021 Gestart door Andy (Beheerder) op ANDY-PC (MEDIONPC MS-7728) (15-04-2021 08:53:03) Gestart vanaf C:\Users\Andy\Downloads Geladen Profielen: Andy Platform: Windows 10 Home Versie 2004 19041.867 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) () [Bestand niet getekend] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <6> (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\setup\instup.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe (AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files\Common Files\AVG\Overseer\overseer.exe (bookingDesktopApp.) [Bestand niet getekend] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14> (Google LLC -> Google) C:\Users\Andy\AppData\Local\Google\Chrome\User Data\SwReporter\89.258.200\software_reporter_tool.exe <4> (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (J.M. Driver, LLC -> ) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (J.M. Driver, LLC -> Lynx Technology) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.143.45\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{7F66C965-B55A-4156-A71A-AF0B10E568D2}\MicrosoftEdgeUpdateSetup_X86_1.3.143.45.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Users\Andy\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Nero AG -> Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Shenzhen Moyea Software -> ) C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe (SOURCENEXT) [Bestand niet getekend] C:\Windows\SysWOW64\bgsvcgen.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.306\WsAppService3.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [164608 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\BrowserPlugInHelper.exe [1956352 2014-04-25] () [Bestand niet getekend] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2020\AudialsNotifier.exe [2204816 2019-09-30] (Audials AG -> ) HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31019504 2020-07-31] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Andy\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Andy\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\RunOnce: [Uninstall 21.052.0314.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andy\AppData\Local\Microsoft\OneDrive\21.052.0314.0001\amd64" HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\RunOnce: [Uninstall 21.052.0314.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andy\AppData\Local\Microsoft\OneDrive\21.052.0314.0001" HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Hewlett-Packard Corporation) [Bestand niet getekend] HKLM\...\Windows x64\Print Processors\LMPRTPRC: C:\Windows\System32\spool\prtprocs\x64\lmprtprc.dll [98816 2009-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [328552 2012-01-31] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [712552 2012-01-31] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\Windows\system32\hpzlllhn.dll [48640 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company) HKLM\...\Print\Monitors\PCL hpz3lwn7: C:\Windows\system32\hpz3lwn7.dll [36352 2009-07-14] (Hewlett-Packard Company) [Bestand niet getekend] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> AppInit_DLLs:  acaptuser64.dll => Geen bestand Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2020-12-26] ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (J.M. Driver, LLC -> Lynx Technology) GroupPolicy: Restrictie ? <==== AANDACHT Policies: C:\ProgramData\NTUSER.pol: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {00C839AA-5C68-430E-8494-B5983F4302A2} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-10] (bookingDesktopApp.) [Bestand niet getekend] Task: {097C36B8-81DC-4BEA-919A-FD1C4C233811} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {1852A9CC-413B-4B64-A75D-C720357ED0E4} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {18C35501-8903-4593-A575-5E5D35F90BEA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd) Task: {233D5B1D-44C0-41D0-9A2D-7612360BC586} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1822976 2021-02-23] (AVG Technologies USA, LLC -> AVG Technologies) Task: {28618A1C-5546-4FE4-B9DA-C80871EF2E7D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {29F02B68-C882-447E-AE78-353ACA111B67} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-08] (Adobe Inc. -> Adobe) Task: {2F0CCBAC-2012-49BA-B597-FFE2097225B5} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {39E3BAD9-B77E-40E8-AF1A-4EDBBD4AC5BD} - System32\Tasks\0615avUpdateInfo => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe [2779584 2015-05-07] (AVG Technologies CZ, s.r.o. -> ) Task: {3B6A2309-D4C0-4A87-B670-CF5B8479F344} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {3D435770-5B85-47C5-ADF2-7AC852E919E5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-04] (Mozilla Corporation -> Mozilla Foundation) Task: {3D870BCC-694E-4BB6-9CE9-C6C049D112F4} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {4211C49F-47C8-4E93-9D4F-207C2C215296} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Andy\AppData\Roaming\HP Photo Creations\Communicator.exe [186080 2017-07-03] (RocketLife -> ) Task: {42DE54A5-10B8-4A73-8DF1-868540AA2CD0} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [4730624 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Task: {45B409AD-034D-4F23-A99B-072DEF830C85} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {582CE772-BC1A-4AAE-95A9-612E3F71F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {59060763-AFF5-48EE-A0F2-7DD2F77B6717} - System32\Tasks\{9CB3D507-F9F7-4A42-8B0B-A95032BD7E22} => C:\Windows\system32\pcalua.exe -a "C:\Users\Andy\Programma's Andy\QuickPar-0.9.1.0-NLD.exe" -d "I:\Grabit Downloads\30[1][1].Days.of.Night.DVDRip.XviD-DiAMOND" -c "I:\Grabit Downloads\30[1][1].Days.of.Night.DVDRip.XviD-DiAMOND\30.Days.of.Night.DVDRip.XviD-DiAMOND.SUBS.par2" Task: {5B0D7EC6-A6A5-4003-BD8B-3EA9584072B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.) Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {65BB380D-65CA-4F1C-82F5-AC2321EC767F} - \Browser Manager -> Geen bestand <==== AANDACHT Task: {66700F3D-2ABE-4082-87B8-8D546CAE53C0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {72BBEF92-3230-482B-BB2E-2D66919CAE87} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7E1E65CF-B99D-4E4D-8F05-176BCD87622F} - System32\Tasks\0215avUpdateInfo => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exe [2794520 2015-02-17] (AVG Technologies -> ) Task: {803D698F-2E53-48EF-875C-2278DF667F47} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {81C9863B-7FA7-4B5B-8724-6D0B80E88929} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {854EC3D6-03F4-4853-94F1-AF7BD25757E4} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [4078440 2012-01-31] (Hewlett Packard -> Hewlett-Packard Co.) Task: {8B06F82D-A2F9-4620-B1CD-9FE4061DC117} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8EFEAD35-DF6A-4CDF-BAE1-B83A8A2EA4C3} - System32\Tasks\Microsoft\Windows\Themes Helper\Themes => C:\WINDOWS\System32\Themes.exe [9216 2010-11-21] (Microsoft Corporation) [Bestand niet getekend] Task: {92B4F432-F867-4D36-941A-32D579E3B1FE} - System32\Tasks\{9D22E0FE-F19D-43EC-AAD9-DB0B348C26E7} => C:\Windows\system32\pcalua.exe -a "C:\Users\Andy\Programma's Andy\VirtualDub-1.9.11\auxsetup.exe" -d "C:\Users\Andy\Programma's Andy\VirtualDub-1.9.11" Task: {97A67DF4-0830-465F-B3F5-28A7A89CB64D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe) Task: {AAE7C040-EB16-4DBD-B71A-73E5E1691F24} - System32\Tasks\{6CDE0DFE-72CB-4642-863D-C0720DDAA288} => C:\Windows\system32\pcalua.exe -a "I:\Grabit Downloads\Convert X to DVD\VSO ConvertXtoDVD V4.1.19.365.exe" -d "I:\Grabit Downloads\Convert X to DVD" Task: {AD7FAB58-15DC-4E7D-A4E1-60EE5974B9B7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {AF420AC6-CA29-4854-8452-097F3807D77A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {B090116E-99E3-431E-A1A0-3E90C5B5B109} - System32\Tasks\{C1998399-4408-45FB-9EC6-C7B0D651B23A} => C:\Windows\system32\pcalua.exe -a "C:\Games\The Sims 4\EASetup.exe" -d "C:\Games\The Sims 4" Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {B2FE0908-34DE-42EB-8248-B09124113C8F} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-02-26] () [Bestand niet getekend] Task: {B5F353CE-6293-49C1-8158-8E7C22EB387F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {BC0221DB-43D3-444B-84A9-5384E3EDA426} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-07-31] (Garmin International, Inc. -> ) Task: {BD2B3A81-5556-404C-80F1-DD22E14AB662} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {BDBDC914-38F2-46FF-BD95-416907B1EE4B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C1B69F99-9C8D-474D-A7C2-A2BB6253E5A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-16] (Google Inc -> Google Inc.) Task: {C563629E-5497-4215-BC3B-DD04C07296C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {CCD1963F-9C59-4686-AC1B-2DCDF36F512C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D24F4A6C-D68F-4228-A0D3-396DBF5E0385} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D4B320E1-B644-466F-ADA3-BC4625A3B84E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {D6BDD73A-E61D-4BC5-A3B1-DDEA50ADEDA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E0A2C520-6FE9-4E4E-95C8-33B4BE9805D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {E48F4E22-C6DC-4A54-A49F-D4B6A0ABF24F} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-10] (bookingDesktopApp.) [Bestand niet getekend] Task: {E6127866-8945-4453-B377-341872E47C62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {EC7ABCC5-4FEE-4E34-AFCE-3F6F22150739} - System32\Tasks\{8A6FF5AB-D3E8-462B-8BEA-9E375DF1EC29} => C:\Windows\system32\pcalua.exe -a "C:\Users\Andy\Downloads\GrabIt Downloads\Mediahuman Youtube Downloader 3_9_9_6 (2709) Multilingual + Portable\MediaHuman YouTube Downloader.exe" -d "C:\Users\Andy\Downloads\GrabIt Downloads\Mediahuman Youtube Downloader 3_9_9_6 (2709) Multilingual + Portable" Task: {EDCBC82A-6F80-4802-BADA-9E31595766CC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F07A9ACE-1E7F-41F6-B9A6-0C3C4DF2E61A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.) Task: {F0BD0592-FDCA-4385-84FC-E0BD7AFC8AA7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F2EB2574-3B96-4437-BA81-254AAEBC4B57} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {FD21EB7D-DDF3-4D4D-9312-427BBEA8DB1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-16] (Google Inc -> Google Inc.) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) Task: C:\WINDOWS\Tasks\0215avUpdateInfo.job => C:\ProgramData\Avg_Update_0215av\0215av_AVG-Secure-Search-Update.exe Task: C:\WINDOWS\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Andy\AppData\Roaming\HP Photo Creations\Communicator.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Hosts: Er is meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 195.130.130.2 195.130.131.2 Tcpip\..\Interfaces\{5B90CD70-E56C-4456-B65F-11601705E13B}: [DhcpNameServer] 195.130.130.2 195.130.131.2 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Andy\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-16] FireFox: ======== FF DefaultProfile: 89sbzimw.default FF ProfilePath: C:\Users\Andy\AppData\Roaming\Mozilla\Firefox\Profiles\89sbzimw.default [2021-03-14] FF Homepage: Mozilla\Firefox\Profiles\89sbzimw.default -> hxxp://www.google.be/ FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden FF HKLM-x32\...\Firefox\Extensions: [{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}] - C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt FF Extension: (Aimersoft Video Converter Ultimate) - C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt [2015-10-07] [Verouderd] [niet getekend] FF HKU\S-1-5-21-626991123-2630253986-2610911255-1002\...\Firefox\Extensions: [{CF13FA66-1F4F-426d-BB1B-E07A13BFF2C8}] - C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRFirefoxExt FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-08] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Geen bestand] FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-10] (bookingDesktopApp.) [Bestand niet getekend] FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-10] (bookingDesktopApp.) [Bestand niet getekend] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google Inc -> Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Bestand niet getekend] FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Andy\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (Visan Industries -> RocketLife, LLP) FF Plugin-x32: @winzip.com/Winzip Courier -> C:\Program Files (x86)\WinZip Courier\npwzwmc.dll [Geen bestand] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default [2021-04-15] CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.nieuwsblad.be CHR StartupUrls: Default -> "hxxp://www.google.com" CHR DefaultSearchURL: Default -> hxxps://nl.search.yahoo.com/search?fr=mcafee&type=E210NL91082G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSuggestURL: Default -> hxxps://nl.search.yahoo.com/sugg/gossip/gossip-nl-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Extension: (Presentaties) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-22] CHR Extension: (Documenten) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-22] CHR Extension: (Google Drive) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-16] CHR Extension: (Google Search) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-16] CHR Extension: (Spreadsheets) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-22] CHR Extension: (Offline Documenten) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-15] CHR Extension: (Aimersoft Video Converter Ultimate) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mapcejffhcbidcjmomhalabpcbaeimcb [2016-01-16] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01] CHR Extension: (Gmail) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24] CHR Extension: (Chrome Media Router) - C:\Users\Andy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-15] CHR HKLM-x32\...\Chrome\Extension: [mapcejffhcbidcjmomhalabpcbaeimcb] - C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\SVRChromePlugin.crx [2015-10-07] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-08] (Adobe Inc. -> Adobe) R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [622184 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [353024 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [8091704 2021-03-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109464 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-03-19] (BattlEye Innovations e.K. -> ) R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2011-12-10] (SOURCENEXT) [Bestand niet getekend] S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-10] (bookingDesktopApp.) [Bestand niet getekend] S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-10] (bookingDesktopApp.) [Bestand niet getekend] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-03-19] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-12-16] (Macrovision Corporation -> Macrovision Europe Ltd.) [Bestand niet getekend] S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-04] (Freemake) [Bestand niet getekend] R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG -> Nero AG) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Bestand niet getekend] R2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1232880 2014-05-04] (Shenzhen Moyea Software -> ) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-24] (Malwarebytes Inc -> Malwarebytes) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2018-01-12] (Electronic Arts, Inc. -> Electronic Arts) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Bestand niet getekend] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.306\WsAppService3.exe [56608 2019-06-04] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [130336 2019-06-04] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc. -> SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc. -> SlySoft, Inc.) R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35792 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [208688 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [365592 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [250392 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99376 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16832 2020-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41416 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [178000 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [524544 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107920 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83496 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [850248 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466808 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215464 2021-02-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327104 2021-04-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-02-10] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2019-05-28] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-24] (Malwarebytes Inc -> Malwarebytes) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429288 2020-11-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-11] (Microsoft Windows -> Microsoft Corporation) R3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare Software Co., Ltd. -> Wondershare) S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [129008 2010-09-23] (CyberLink -> CyberLink) S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X] U3 idsvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-04-15 08:53 - 2021-04-15 09:02 - 000037540 _____ C:\Users\Andy\Downloads\FRST.txt 2021-04-15 08:44 - 2021-04-15 08:45 - 002298368 _____ (Farbar) C:\Users\Andy\Downloads\FRST64.exe 2021-04-15 08:44 - 2021-04-15 08:44 - 002298368 _____ (Farbar) C:\Users\Andy\Downloads\Niet bevestigd 199507.crdownload 2021-04-12 10:35 - 2021-04-12 10:35 - 000000000 ____D C:\ProgramData\WindowsPerformanceRecorder 2021-04-03 15:46 - 2021-04-03 15:46 - 000005280 _____ C:\Users\Andy\Downloads\bobby prins dan ga je maar.nzb 2021-04-03 15:41 - 2021-04-03 15:41 - 000044659 _____ C:\Users\Andy\Downloads\Alain Barriere - L_#39_essentiel.nzb 2021-04-03 15:37 - 2021-04-03 15:37 - 000069548 _____ C:\Users\Andy\Downloads\The New Four - Het Beste Van The New Four.nzb 2021-04-03 15:34 - 2021-04-03 15:34 - 000007099 _____ C:\Users\Andy\Downloads\the cascades.nzb 2021-04-03 15:28 - 2021-04-03 15:28 - 000035169 _____ C:\Users\Andy\Downloads\BZN - Tequila Sunset (36).nzb 2021-04-03 15:21 - 2021-04-03 15:21 - 000004758 _____ C:\Users\Andy\Downloads\anneke grnloh.nzb 2021-04-03 15:20 - 2021-04-03 15:20 - 000003760 _____ C:\Users\Andy\Downloads\christian anders.nzb 2021-04-03 15:16 - 2021-04-03 15:16 - 000002841 _____ C:\Users\Andy\Downloads\jacques herb.nzb 2021-04-03 15:15 - 2021-04-03 15:15 - 000006076 _____ C:\Users\Andy\Downloads\art sullivan.nzb 2021-04-03 15:05 - 2021-04-03 15:05 - 000177922 _____ C:\Users\Andy\Downloads\Lolita - Melodien Der Ferne.nzb 2021-04-03 15:03 - 2021-04-03 15:03 - 000007658 _____ C:\Users\Andy\Downloads\engelbert humperdinck winter world.nzb 2021-04-03 15:01 - 2021-04-03 15:01 - 000003098 _____ C:\Users\Andy\Downloads\gerard de vries het spel.nzb 2021-04-03 14:59 - 2021-04-03 14:59 - 000003160 _____ C:\Users\Andy\Downloads\elvis presley im yours.nzb 2021-04-03 14:51 - 2021-04-03 14:51 - 000005635 _____ C:\Users\Andy\Downloads\terry stafford.nzb 2021-04-03 14:49 - 2021-04-03 14:49 - 000006542 _____ C:\Users\Andy\Downloads\bobby vee devil.nzb 2021-04-03 14:40 - 2021-04-03 14:40 - 000002747 _____ C:\Users\Andy\Downloads\bob earl.nzb 2021-04-03 14:36 - 2021-04-03 14:36 - 000027068 _____ C:\Users\Andy\Downloads\Timi Yuro - greatest hits.nzb 2021-04-03 14:28 - 2021-04-03 14:28 - 000005504 _____ C:\Users\Andy\Downloads\andy williams cant get.nzb 2021-04-03 14:25 - 2021-04-03 14:25 - 000031013 _____ C:\Users\Andy\Downloads\Freddy Breck _#8211_ Rote Rosen F_#252_r Dich 1973.nzb 2021-04-03 14:20 - 2021-04-03 14:20 - 000001439 _____ C:\Users\Andy\Downloads\bobby vinton tell me why.nzb 2021-04-03 14:17 - 2021-04-03 14:17 - 000001073 _____ C:\Users\Andy\Downloads\dont say youre sorry.nzb 2021-04-03 14:11 - 2021-04-03 14:11 - 000003726 _____ C:\Users\Andy\Downloads\billy fury.nzb 2021-04-03 13:45 - 2021-04-03 13:45 - 000007632 _____ C:\Users\Andy\Downloads\anne-marie david.nzb 2021-04-03 09:45 - 2021-04-03 09:45 - 000053616 _____ () C:\WINDOWS\system32\Drivers\staport.sys.161743595306202 2021-04-03 09:42 - 2021-04-03 09:41 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2021-04-03 09:42 - 2021-04-03 09:41 - 000216488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw38fde025dc466142.tmp 2021-04-02 13:36 - 2021-04-02 13:36 - 000193034 _____ C:\Users\Andy\Downloads\factuur 2021027.pdf 2021-04-02 13:35 - 2021-04-02 13:35 - 000464847 _____ C:\Users\Andy\Downloads\offerte 2021011.pdf 2021-04-02 13:34 - 2021-04-02 13:34 - 001764655 _____ C:\Users\Andy\Downloads\202107_Factuur_vanessa van de sijpe (1).pdf 2021-04-02 13:32 - 2021-04-02 13:32 - 001764655 _____ C:\Users\Andy\Downloads\202107_Factuur_vanessa van de sijpe.pdf 2021-04-02 13:32 - 2021-04-02 13:32 - 000153341 _____ C:\Users\Andy\Downloads\algemene voorwaarden.pdf 2021-04-02 13:32 - 2021-04-02 13:32 - 000102391 _____ C:\Users\Andy\Downloads\Attest 6%BTW-2.pdf ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2021-04-15 08:59 - 2018-04-13 18:59 - 000000000 ____D C:\FRST 2021-04-15 08:54 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-15 08:43 - 2020-12-26 16:06 - 000000000 ____D C:\Users\Andy\AppData\Roaming\TwonkyServer 2021-04-15 08:38 - 2020-11-11 01:01 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b7af4ec333b9 2021-04-15 08:38 - 2020-11-11 00:45 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-15 08:33 - 2020-11-11 00:45 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-626991123-2630253986-2610911255-1002 2021-04-15 08:33 - 2020-11-11 00:05 - 000002403 _____ C:\Users\Andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-15 08:33 - 2020-01-17 14:15 - 000000000 ___RD C:\Users\Andy\OneDrive 2021-04-12 22:51 - 2020-11-10 23:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-12 22:51 - 2011-09-06 00:24 - 000000000 ____D C:\ProgramData\NVIDIA 2021-04-12 10:04 - 2020-11-11 00:45 - 000004278 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update 2021-04-11 12:02 - 2020-12-26 16:50 - 000000000 ____D C:\Programma's - Films - te bekijken TV 2021-04-10 09:27 - 2020-06-11 07:46 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-10 09:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-10 09:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-08 19:28 - 2020-11-11 00:45 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-04-08 19:28 - 2020-11-11 00:45 - 000003280 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-04-08 19:28 - 2020-11-11 00:45 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-04-08 19:28 - 2020-11-11 00:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-04-08 19:07 - 2017-09-20 20:18 - 000000000 ____D C:\Program Files (x86)\steam 2021-04-08 13:17 - 2020-12-28 20:53 - 000000000 ____D C:\Users\Andy\AppData\Roaming\Star Stable Online 2021-04-07 19:51 - 2020-12-28 20:53 - 000000000 ____D C:\Program Files (x86)\Star Stable Online 2021-04-06 20:05 - 2020-04-13 19:27 - 000000081 _____ C:\Users\Andy\AppData\Local\.bidstack.fault 2021-04-06 20:05 - 2016-02-12 20:19 - 000000000 ____D C:\Users\Andy\AppData\Local\CrashDumps 2021-04-03 15:46 - 2011-12-04 18:43 - 000000000 ____D C:\Users\Andy\Downloads\GrabIt Downloads 2021-04-03 15:00 - 2011-12-06 12:42 - 000000000 ____D C:\Users\Andy\AppData\Roaming\GrabIt 2021-04-03 09:42 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-03 09:41 - 2020-10-20 16:34 - 000178000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2021-04-03 09:41 - 2020-06-16 20:51 - 000524544 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys 2021-04-03 09:41 - 2019-01-14 19:36 - 000365592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys 2021-04-03 09:41 - 2019-01-11 14:21 - 000250392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys 2021-04-03 09:41 - 2019-01-11 14:21 - 000099376 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys 2021-04-03 09:41 - 2019-01-11 14:21 - 000035792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys 2021-04-03 09:41 - 2018-10-22 18:23 - 000041416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys 2021-04-03 09:41 - 2017-11-28 19:25 - 000208688 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys 2021-04-03 09:41 - 2017-06-01 18:25 - 000850248 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys 2021-04-03 09:41 - 2017-06-01 18:25 - 000466808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2021-04-03 09:41 - 2017-06-01 18:25 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2021-04-03 09:41 - 2017-06-01 18:25 - 000107920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys 2021-04-03 09:41 - 2017-06-01 18:25 - 000083496 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2021-04-02 19:50 - 2020-09-30 08:26 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-04-02 11:22 - 2016-01-16 11:46 - 000002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-03-25 16:02 - 2011-12-04 18:48 - 000000000 ____D C:\Users\Andy\Documents\Outlook-bestanden 2021-03-23 01:42 - 2020-09-30 08:26 - 000470864 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll 2021-03-23 01:41 - 2020-09-30 08:26 - 000734008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll 2021-03-18 18:51 - 2017-06-01 18:25 - 000465280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw2533c0029da667f8.tmp 2021-03-16 20:51 - 2011-12-27 18:41 - 000000000 ___RD C:\Users\Andy\Documents\Scanned Documents ==================== Bestanden in de root van sommige mappen ======== 2012-07-25 17:52 - 2012-07-25 17:52 - 000003790 _____ () C:\Users\Andy\easycleaner.reg 2015-09-23 09:08 - 2015-09-23 09:08 - 000000011 _____ () C:\Users\Andy\AppData\Roaming\.tv7 2005-03-24 01:21 - 2013-10-29 21:05 - 000101691 ____H () C:\Users\Andy\AppData\Roaming\Andylog.dat 2005-04-08 04:16 - 2005-04-08 04:16 - 000000015 ____H () C:\Users\Andy\AppData\Roaming\Andyv1.18.0 - Trial versionlog.dat 2011-12-06 13:17 - 2011-12-06 13:17 - 000007859 _____ () C:\Users\Andy\AppData\Roaming\pcouffin.cat 2011-12-06 13:17 - 2011-12-06 13:17 - 000001167 _____ () C:\Users\Andy\AppData\Roaming\pcouffin.inf 2011-12-06 13:18 - 2011-12-06 13:18 - 000000034 _____ () C:\Users\Andy\AppData\Roaming\pcouffin.log 2011-12-06 13:17 - 2011-12-06 13:17 - 000082816 _____ (VSO Software) C:\Users\Andy\AppData\Roaming\pcouffin.sys 2020-04-30 16:22 - 2020-04-30 16:22 - 000000000 _____ () C:\Users\Andy\AppData\Roaming\unp30047649.tmp 2012-07-29 20:07 - 2020-11-27 20:51 - 000001057 _____ () C:\Users\Andy\AppData\Roaming\vso_ts_preview.xml 2019-02-19 21:04 - 2020-02-24 20:52 - 000000020 _____ () C:\Users\Andy\AppData\Roaming\ymddefault.ini 2020-04-13 19:27 - 2021-04-06 20:05 - 000000081 _____ () C:\Users\Andy\AppData\Local\.bidstack.fault 2015-04-17 18:09 - 2015-04-17 18:09 - 000000898 _____ () C:\Users\Andy\AppData\Local\recently-used.xbel 2011-12-28 21:14 - 2015-09-12 17:33 - 000007605 _____ () C:\Users\Andy\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================