Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 05-02-2022 Gestart door Tim & Lies (Beheerder) op DESKTOP-HR4OV5B (08-02-2022 20:04:44) Gestart vanaf C:\Users\Tim & Lies\Desktop Geladen Profielen: Tim & Lies Platform: Microsoft Windows 10 Home Versie 21H1 19043.1466 (X64) Taal: Nederlands (Nederland) Standaardbrowser: Chrome Boot Modus: Normal ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atieclxx.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\atiesrxx.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25> (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (OneSpan North America Inc. -> VASCO Data Security) C:\Users\Tim & Lies\AppData\Local\OneSpan\NativeBridge\digipass-nativebridge.exe (OneSpan North America Inc. -> VASCO Data Security) C:\Users\Tim & Lies\AppData\Local\OneSpan\NativeBridge\digipass-nativebridge-monitor.exe Kon geen toegang krijgen tot proces -> FreemakeUtilsService.exe ==================== Register (gefilterd) =================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-25] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-07-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4231392 2021-04-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [100580600 2020-08-04] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKU\S-1-5-21-204842247-1946392599-1451213874-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-204842247-1946392599-1451213874-1001\...\Run: [DigipassNativeBridge] => C:\Users\Tim & Lies\AppData\Local\OneSpan\NativeBridge\digipass-nativebridge-monitor.exe [108488 2019-11-20] (OneSpan North America Inc. -> VASCO Data Security) HKU\S-1-5-21-204842247-1946392599-1451213874-1001\...\Run: [Spotify] => C:\Users\Tim & Lies\AppData\Roaming\Spotify\Spotify.exe [19347384 2022-02-04] (Spotify AB -> Spotify Ltd) HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-04] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-12-24] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT HKLM\SOFTWARE\Policies\Microsoft\Edge: Restrictie <==== AANDACHT ==================== Geplande Taken (gefilterd) ============ (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {0D4A4C8B-E9B0-4346-B4E9-1DC678415ADF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2022-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - Tim & Lies" /ENABLE Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-204842247-1946392599-1451213874-1001" /ENABLE Task: {1802EFF2-1E13-4B19-AF22-E9B5DFC751A7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {4400893F-8C5C-451F-93CC-903A7EA95BDA} - System32\Tasks\CCleanerSkipUAC - Tim & Lies => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {47341C32-A96C-4B40-820C-AF16182392D7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8573352 2022-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {524D764B-E209-407C-95AC-3FE7CA5E7023} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform) Task: {7AEF89C7-A812-442A-87CD-C11EC8BA6F8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8573352 2022-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {809FE4D4-35C6-497B-B2C2-1E696EDEDC62} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {9DBB185B-6B1D-4305-8D1A-3760D54DC5B4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {BAB118B8-813F-4E34-9932-83B7C8FE4BFE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-26] (Google LLC -> Google LLC) Task: {C18F12B8-704A-452C-BFA0-58F9F7184B75} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software) Task: {C2E59C59-FBE8-4032-B573-30A820A71683} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {CFD8DE0A-EC90-4BAF-ADBC-2219714E574F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-25] (Avast Software s.r.o. -> AVAST Software) Task: {F59E0C48-6950-4BF1-A39C-068567B2B40C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-26] (Google LLC -> Google LLC) Task: {F6BD073D-7702-4D8B-8B17-A658BEF81341} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-02-02] (Microsoft Corporation -> Microsoft Corporation) Task: {F74003A4-D926-42B4-8916-C5FAF55187D8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {FD9D37F8-5F65-483A-9832-C2A2FB3D29E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2022-02-02] (Microsoft Corporation -> Microsoft Corporation) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.130.2 195.130.131.2 Tcpip\..\Interfaces\{909f5d4e-5bd8-4825-8849-c30e8ca406ce}: [DhcpNameServer] 195.130.130.2 195.130.131.2 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT Edge: ======= DownloadDir: C:\Users\Tim & Lies\Downloads Edge Extension: (Geen Naam) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [niet gevonden] Edge Extension: (Geen Naam) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [niet gevonden] Edge Extension: (Geen Naam) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [niet gevonden] Edge Extension: (Geen Naam) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [niet gevonden] Edge Profile: C:\Users\Tim & Lies\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-08] Edge DownloadDir: Default -> C:\Users\Tim & Lies\Downloads Edge StartupUrls: Default -> "hxxps://www.google.be/?gws_rd=ssl" FireFox: ======== FF DefaultProfile: qrux10op.default FF ProfilePath: C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\qrux10op.default [2020-08-31] FF ProfilePath: C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\7qlnfaz6.default-release [2022-02-04] FF Homepage: Mozilla\Firefox\Profiles\7qlnfaz6.default-release -> hxxps://www.google.be/?hl=nl FF Extension: (Dark Reader) - C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\7qlnfaz6.default-release\Extensions\addon@darkreader.org.xpi [2021-12-09] FF Extension: (HTTPS Everywhere) - C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\7qlnfaz6.default-release\Extensions\https-everywhere@eff.org.xpi [2021-10-13] FF Extension: (Decentraleyes) - C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\7qlnfaz6.default-release\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2021-10-13] FF Extension: (Privacy Badger) - C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\7qlnfaz6.default-release\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-12-09] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\7qlnfaz6.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-10-13] FF Extension: (Matte Black (Blue)) - C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\7qlnfaz6.default-release\Extensions\{c01b4916-eb9f-403d-9931-9d7cb152c729}.xpi [2021-02-08] FF Extension: (Adblock Plus - gratis adblocker) - C:\Users\Tim & Lies\AppData\Roaming\Mozilla\Firefox\Profiles\7qlnfaz6.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-12-09] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-204842247-1946392599-1451213874-1001: connective.be/BrowserPlugin -> C:\Users\Tim & Lies\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Bestand niet getekend] Chrome: ======= CHR Profile: C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default [2022-02-08] CHR Notifications: Default -> hxxps://nl.belvilla.be; hxxps://web.whatsapp.com; hxxps://www.chess.com; hxxps://www.facebook.com; hxxps://www.netflix.com CHR HomePage: Default -> hxxps://www.google.be/?gws_rd=ssl CHR StartupUrls: Default -> "hxxps://www.google.be/?gws_rd=ssl" CHR Extension: (Presentaties) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-08-26] CHR Extension: (Documenten) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-08-26] CHR Extension: (Google Drive) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (YouTube) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-08-26] CHR Extension: (Adblock Plus - gratis adblocker) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-12] CHR Extension: (Spreadsheets) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-08-26] CHR Extension: (HTTPS Everywhere) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-07-15] CHR Extension: (Offline Documenten) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-24] CHR Extension: (YouTube Dark Theme) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgoeaddhagkbjnnigiblfebijeinfme [2021-06-05] CHR Extension: (Connective signing extension) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2020-11-17] CHR Extension: (Decentraleyes) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2022-02-02] CHR Extension: (Morpheon Dark) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2022-01-20] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Smallpdf - bewerk/comprimeer/converteer PDF's) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2021-12-05] CHR Extension: (Gmail) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Privacy Badger) - C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-11-27] CHR Profile: C:\Users\Tim & Lies\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-07] CHR HKU\S-1-5-21-204842247-1946392599-1451213874-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-02] (Microsoft Corporation -> Microsoft Corporation) R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [3274432 2021-04-10] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33984 2021-04-19] (Check Point Software Technologies Ltd. -> ) R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33984 2021-04-19] (Check Point Software Technologies Ltd. -> ) S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-09-23] (Mixbyte Inc -> Freemake) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-20] (Malwarebytes Inc -> Malwarebytes) R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18624 2021-03-29] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [137920 2021-04-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-07-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2021-04-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-07-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.) ===================== Drivers (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0373652.inf_amd64_97d024528a122d1a\B372726\amdkmdag.sys [80538504 2021-11-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36784 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [21936 2021-10-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-25] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-25] (Avast Software s.r.o. -> AVAST Software) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Bestand niet getekend] R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [83248 2020-09-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [153040 2021-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies) R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [135984 2020-12-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies) R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [56184 2021-01-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220568 2022-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-11-07] (Malwarebytes Inc -> Malwarebytes) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [461240 2020-07-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [428256 2020-08-29] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-08-29] (Microsoft Windows -> Microsoft Corporation) U3 iswSvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een maand (aangemaakt) (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-02-08 20:04 - 2022-02-08 20:05 - 000028934 _____ C:\Users\Tim & Lies\Desktop\FRST.txt 2022-02-08 20:04 - 2022-02-08 20:05 - 000000000 ____D C:\FRST 2022-02-08 20:03 - 2022-02-08 20:03 - 002311680 _____ (Farbar) C:\Users\Tim & Lies\Downloads\FRST64 (1).exe 2022-02-08 20:03 - 2022-02-08 20:03 - 002311680 _____ (Farbar) C:\Users\Tim & Lies\Desktop\FRST64 (1).exe 2022-02-08 19:37 - 2022-02-08 19:37 - 002311680 _____ (Farbar) C:\Users\Tim & Lies\Downloads\FRST64.exe 2022-01-28 17:09 - 2022-02-08 18:11 - 000000000 ____D C:\Users\Tim & Lies\AppData\Roaming\Spotify 2022-01-28 17:09 - 2022-02-08 18:00 - 000000000 ____D C:\Users\Tim & Lies\AppData\Local\Spotify 2022-01-28 17:09 - 2022-01-28 17:09 - 000726552 _____ (Spotify Ltd) C:\Users\Tim & Lies\Downloads\SpotifySetup (1).exe 2022-01-28 17:09 - 2022-01-28 17:09 - 000001861 _____ C:\Users\Tim & Lies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2022-01-28 16:55 - 2022-01-28 16:55 - 000726552 _____ (Spotify Ltd) C:\Users\Tim & Lies\Downloads\SpotifySetup(1).exe 2022-01-27 17:47 - 2022-01-28 17:11 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-01-14 17:29 - 2022-01-14 17:29 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe 2022-01-14 17:28 - 2022-01-14 17:28 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe 2022-01-14 17:28 - 2022-01-14 17:28 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-01-14 17:18 - 2022-01-14 17:18 - 000000000 ___HD C:\$WinREAgent 2022-01-14 17:16 - 2022-01-14 17:16 - 000000112 ___SH C:\bootTel.dat ==================== Een maand (gewijzigd) ================== (Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.) 2022-02-08 20:02 - 2020-09-23 18:45 - 000000000 ____D C:\Users\Tim & Lies\AppData\Local\SquirrelTemp 2022-02-08 20:02 - 2020-08-26 18:57 - 000000000 ____D C:\Program Files (x86)\Google 2022-02-08 20:02 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-02-08 20:01 - 2020-06-20 12:22 - 000000000 ____D C:\Users\Tim & Lies 2022-02-08 19:53 - 2020-06-20 12:22 - 001680594 _____ C:\Windows\system32\PerfStringBackup.INI 2022-02-08 19:53 - 2019-12-07 16:12 - 000748344 _____ C:\Windows\system32\perfh013.dat 2022-02-08 19:53 - 2019-12-07 16:12 - 000146314 _____ C:\Windows\system32\perfc013.dat 2022-02-08 19:53 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF 2022-02-08 19:50 - 2021-11-26 14:03 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-02-08 19:48 - 2021-12-07 17:33 - 000002270 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Tim & Lies 2022-02-08 19:48 - 2020-08-29 10:11 - 000003194 _____ C:\Windows\system32\Tasks\CCleaner Update 2022-02-08 19:48 - 2020-08-26 19:34 - 000003602 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-02-08 19:48 - 2020-08-26 19:34 - 000003378 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-02-08 19:48 - 2020-08-26 19:00 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2022-02-08 19:48 - 2020-08-26 18:57 - 000003506 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2022-02-08 19:48 - 2020-08-26 18:57 - 000003282 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2022-02-08 19:48 - 2020-06-20 12:24 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-204842247-1946392599-1451213874-1001 2022-02-08 19:48 - 2020-06-20 12:13 - 000008192 ___SH C:\DumpStack.log.tmp 2022-02-08 19:48 - 2020-06-20 12:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-02-08 19:48 - 2020-06-20 12:13 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-02-08 18:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness 2022-02-08 18:30 - 2020-08-29 10:06 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2022-02-08 18:01 - 2020-08-31 14:07 - 000000000 ____D C:\Users\Tim & Lies\AppData\LocalLow\Mozilla 2022-02-08 18:01 - 2020-08-29 10:11 - 000000000 ____D C:\Program Files\CCleaner 2022-02-08 17:59 - 2020-08-26 18:58 - 000000000 ____D C:\Users\Tim & Lies\AppData\Local\D3DSCache 2022-02-07 18:56 - 2021-06-04 21:40 - 000000000 ____D C:\Users\Tim & Lies\AppData\Local\Avast Software 2022-02-05 09:43 - 2020-08-26 19:34 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-02-05 09:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-02-04 16:51 - 2020-08-31 14:07 - 000000000 ____D C:\ProgramData\Mozilla 2022-02-04 16:47 - 2020-08-26 18:58 - 000002267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-02-02 19:09 - 2020-09-23 10:02 - 000000000 ____D C:\Program Files\Microsoft Office 2022-02-01 15:29 - 2020-08-29 10:05 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2022-01-28 17:23 - 2020-08-29 10:05 - 000000000 ____D C:\ProgramData\Avast Software 2022-01-28 17:22 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI 2022-01-28 17:11 - 2020-08-31 14:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-01-28 16:22 - 2021-10-13 13:32 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-01-28 16:22 - 2020-08-31 14:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-01-26 15:26 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports 2022-01-24 19:01 - 2020-10-02 09:20 - 000000000 ____D C:\ProgramData\CanonIJPLM 2022-01-20 18:02 - 2021-06-18 19:26 - 000220568 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2022-01-20 18:02 - 2020-08-29 10:14 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-01-20 18:01 - 2020-08-29 10:13 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-01-20 18:01 - 2020-08-29 10:13 - 000000000 ____D C:\Program Files\Malwarebytes 2022-01-14 22:50 - 2020-06-20 12:13 - 000439456 _____ C:\Windows\system32\FNTCACHE.DAT 2022-01-14 22:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2022-01-14 22:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-01-14 22:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources 2022-01-14 22:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup 2022-01-14 22:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe 2022-01-14 22:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism 2022-01-14 22:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr 2022-01-14 17:31 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp 2022-01-13 19:00 - 2020-08-26 18:58 - 000000000 ____D C:\Users\Tim & Lies\AppData\Local\Adobe 2022-01-13 18:58 - 2020-08-31 17:08 - 000000000 ____D C:\Windows\system32\MRT 2022-01-13 18:57 - 2020-08-31 17:08 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-01-12 13:56 - 2020-08-26 19:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2022-01-12 13:44 - 2021-06-27 09:56 - 000000000 ____D C:\Users\Tim & Lies\AppData\Local\WhatsApp ==================== SigCheck ============================ (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) ==================== Einde van FRST.txt ========================