Jump to content

event_routing.dll-k.mbam


Recommended Posts

Hello NEbr and welcome to Malwarebytes,

Run the following scan, lets see if anything shows up:

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status... If English is not your primary language Right click on FRST/FRST64 and rename FRSTEnglish/FRST64English

 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Thank you,

Kevin

 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-06-2021
Ran by NYM (administrator) on DESKTOP-U1VBQL9 (18-06-2021 11:19:12)
Running from C:\Users\NYM\Downloads
Loaded Profiles: NYM
Platform: Windows 10 Home Version 20H2 19042.1055 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> The OpenVPN Project) C:\Program Files\Avast Software\SecureLine VPN\OpenVPN\openvpn.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <5>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [122592 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [2878176 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [86128 2020-03-27] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKU\S-1-5-21-83346808-1255448013-1195176118-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408936 2021-06-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-83346808-1255448013-1195176118-1001\...\MountPoints2: {32864e11-cae7-11eb-a24f-002522c1cc5f} - "M:\setup.exe" AUTO
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-06-11]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {233AB98B-4826-4131-963B-F9C58F865062} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5493472 2021-03-29] (Avast Software s.r.o. -> Avast Software)
Task: {26233F00-C797-486D-B230-7C0549BBDB7D} - System32\Tasks\Opera scheduled Autoupdate 1623431498 => c:\users\nym\appdata\local\programs\opera\launcher.exe
Task: {2CD954C5-756A-4DF4-A4E8-9E1BF7BCA14D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {35843381-2BBD-427B-A513-7F5AB57ED696} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {36C52E33-C85E-400E-946F-0B3B85D4EB80} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-10] (Microsoft Windows -> Microsoft Corporation)
Task: {3D7F168F-E83E-4C46-B43A-E0640827E150} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197848 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
Task: {5588FAA4-2F81-4369-B9DE-A3B45089823C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4808928 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
Task: {72FA6A88-C518-4A51-95F7-4356352B817E} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5865752 2021-06-07] (Avast Software s.r.o. -> Avast Software)
Task: {75101A01-67AA-4137-9A59-722FE5032F04} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-10] (Microsoft Windows -> Microsoft Corporation)
Task: {84C043A1-83D4-403D-BDCC-45DAD6BBB1B1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {86906D2C-92C7-41F9-BED0-AD619FF33A98} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4866840 2021-06-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid bb791b6e-e495-42d9-ba20-f40c47aae857
Task: {93850055-FAB6-48F6-91E9-98057B4A01A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-11] (Google LLC -> Google LLC)
Task: {944D4B3F-F9C6-40E7-91B4-F82571C68367} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-06-11] (Avast Software s.r.o. -> Avast Software)
Task: {9B9954B8-3D8C-466A-B7AA-8B848943F01A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A6183676-AE10-4AD3-9F6B-37545F2049D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-06-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2C4111D-556E-486B-A158-5570A6F6CE72} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4665568 2021-06-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log"  --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 7e8f4308-f330-4e60-8d31-171b5b62cd3c
Task: {C3518622-41A7-4960-9BA6-D3962EEEDB14} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C895250F-AFF0-4A09-BCAA-84A548763076} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-11] (Google LLC -> Google LLC)
Task: {D0D2BF84-54E7-4C01-A3B2-2F1AF5B85444} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5493472 2021-03-08] (Avast Software s.r.o. -> Avast Software)
Task: {D9EFC105-47F4-4FFE-AD9B-CA26FAFBC1DB} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4665568 2021-06-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log"  --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 9e8ba367-0a12-4a37-88b0-78c538a3de11
Task: {EC23AC35-44EE-455E-A820-F5BC917F6044} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-11] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{1b8fa5e1-61f0-4da4-9b39-6ff1e66bb38d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{af3f3554-c63c-45b8-8320-5fadb4065f83}: [NameServer] 100.120.25.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\NYM\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-18]
Edge StartupUrls: Default -> "hxxps://google.com/"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\NYM\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-14]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: lxviuy41.default
FF ProfilePath: C:\Users\NYM\AppData\Roaming\Mozilla\Firefox\Profiles\lxviuy41.default [2021-06-11]
FF ProfilePath: C:\Users\NYM\AppData\Roaming\Mozilla\Firefox\Profiles\17upgwtr.default-release [2021-06-18]
FF Homepage: Mozilla\Firefox\Profiles\17upgwtr.default-release -> www.google.com/
FF Extension: (uBlock Origin) - C:\Users\NYM\AppData\Roaming\Mozilla\Firefox\Profiles\17upgwtr.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-06-11]
FF Extension: (Avast Online Security) - C:\Users\NYM\AppData\Roaming\Mozilla\Firefox\Profiles\17upgwtr.default-release\Extensions\wrc@avast.com.xpi [2021-06-11]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\NYM\AppData\Roaming\Mozilla\Firefox\Profiles\17upgwtr.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-06-14]
FF Extension: (Bitwarden - Free Password Manager) - C:\Users\NYM\AppData\Roaming\Mozilla\Firefox\Profiles\17upgwtr.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-06-11]
FF Extension: (NoScript) - C:\Users\NYM\AppData\Roaming\Mozilla\Firefox\Profiles\17upgwtr.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-06-11]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8151120 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [622816 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1353440 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [370400 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4816224 2021-06-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5906144 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8615192 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-06-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522864 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215336 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
R3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-06-11] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-06-11] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2021-06-11] (Avast Software s.r.o. -> Avast Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-06-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-06-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-06-18] (Malwarebytes Inc -> Malwarebytes)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [86632 2021-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-06-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425208 2021-06-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-11] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-18 11:19 - 2021-06-18 11:19 - 000022166 _____ C:\Users\NYM\Downloads\FRST.txt
2021-06-18 11:07 - 2021-06-18 11:19 - 000000000 ____D C:\FRST
2021-06-18 10:59 - 2021-06-18 10:59 - 002300416 _____ (Farbar) C:\Users\NYM\Downloads\FRST64.exe
2021-06-18 10:11 - 2021-06-18 10:11 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-18 10:11 - 2021-06-18 10:11 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-18 10:11 - 2021-06-18 10:11 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-18 10:06 - 2021-06-18 10:06 - 000000037 _____ C:\Users\NYM\Desktop\firefox 01.txt
2021-06-18 09:37 - 2021-06-18 10:29 - 000000106 _____ C:\Users\NYM\Desktop\mbam.txt
2021-06-17 23:18 - 2021-06-17 23:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-17 09:59 - 2021-06-17 09:59 - 001843013 _____ C:\Users\NYM\Downloads\gebruikershandleiding-com.pdf
2021-06-15 16:06 - 2021-06-15 16:06 - 000000092 _____ C:\Users\NYM\Desktop\fysiotherapie-profit afspraak.txt
2021-06-14 22:35 - 2021-06-14 22:35 - 000000000 ____D C:\Users\NYM\Calibre Library
2021-06-14 22:35 - 2021-06-14 22:35 - 000000000 ____D C:\Users\NYM\AppData\Local\calibre-ebook.com
2021-06-14 22:35 - 2021-06-14 22:35 - 000000000 ____D C:\Users\NYM\AppData\Local\calibre-cache
2021-06-14 22:34 - 2021-06-14 22:35 - 000000000 ____D C:\Users\NYM\AppData\Roaming\calibre
2021-06-14 22:33 - 2021-06-14 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2021-06-14 22:33 - 2021-06-14 22:33 - 000000000 ____D C:\Program Files (x86)\Calibre2
2021-06-14 22:32 - 2021-06-14 22:33 - 115367936 _____ C:\Users\NYM\Downloads\calibre-5.21.0.msi
2021-06-14 22:20 - 2021-06-14 22:20 - 000000000 ____D C:\Users\NYM\Desktop\Ramachandran podcast
2021-06-14 20:02 - 2021-06-14 20:02 - 000000000 ____D C:\Users\NYM\Desktop\R&N's
2021-06-13 20:52 - 2021-06-14 21:09 - 000000467 _____ C:\Users\NYM\Desktop\Wakker bemoeding.txt
2021-06-13 14:46 - 2021-06-13 14:57 - 000000000 ____D C:\Users\NYM\Desktop\VPN automatisch aan
2021-06-12 20:50 - 2021-06-12 20:50 - 000000000 ____D C:\Users\NYM\AppData\Roaming\dvdcss
2021-06-12 15:23 - 2021-06-17 23:18 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-83346808-1255448013-1195176118-1001
2021-06-12 15:18 - 2021-06-12 15:18 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-06-12 15:18 - 2021-06-12 15:18 - 000001561 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EXCEL.lnk
2021-06-12 15:00 - 2021-06-12 15:00 - 000001132 _____ C:\Users\NYM\Desktop\Resetten - Shortcut.lnk
2021-06-12 12:49 - 2021-06-12 12:49 - 000000814 _____ C:\Users\NYM\Desktop\Verleden.lnk
2021-06-12 12:49 - 2021-06-12 12:49 - 000000798 _____ C:\Users\NYM\Desktop\NYM02.lnk
2021-06-12 12:25 - 2021-06-12 12:25 - 000000000 ____D C:\Users\NYM\.QtWebEngineProcess
2021-06-12 12:25 - 2021-06-12 12:25 - 000000000 ____D C:\Users\NYM\.MAGIX Movie Edit Pro Plus
2021-06-12 10:54 - 2021-06-18 11:08 - 000000000 ____D C:\Users\NYM\AppData\LocalLow\IGDump
2021-06-12 10:42 - 2021-06-12 10:42 - 000000000 ____D C:\Users\NYM\AppData\Local\Applian
2021-06-12 10:41 - 2021-06-12 10:42 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Replay Video Capture 10
2021-06-12 10:41 - 2021-06-12 10:41 - 000000000 ____D C:\Users\NYM\AppData\Roaming\WM Converter
2021-06-12 10:09 - 2021-06-14 20:02 - 000000000 ____D C:\Users\NYM\Desktop\SS
2021-06-12 10:08 - 2021-06-12 10:08 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-06-12 09:02 - 2021-06-12 09:02 - 000011453 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-12 00:34 - 2021-06-12 00:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-06-12 00:32 - 2021-06-12 00:34 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-06-12 00:32 - 2021-06-12 00:32 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-06-12 00:31 - 2021-06-12 00:31 - 000000000 ____D C:\ProgramData\ssh
2021-06-12 00:27 - 2021-06-12 00:27 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-12 00:26 - 2021-06-12 00:26 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-12 00:26 - 2021-06-12 00:26 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-12 00:26 - 2021-06-12 00:26 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-06-12 00:26 - 2021-06-12 00:26 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-06-12 00:26 - 2021-06-12 00:26 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-06-12 00:26 - 2021-06-12 00:26 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-06-12 00:26 - 2021-06-12 00:26 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-06-12 00:26 - 2021-06-12 00:26 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-06-12 00:26 - 2021-06-12 00:26 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-06-12 00:26 - 2021-06-12 00:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-06-12 00:26 - 2021-06-12 00:26 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-06-12 00:26 - 2021-06-12 00:26 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-06-12 00:26 - 2021-06-12 00:26 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-06-12 00:26 - 2021-06-12 00:26 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-06-12 00:26 - 2021-06-12 00:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-06-12 00:26 - 2021-06-12 00:26 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-06-12 00:26 - 2021-06-12 00:26 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-06-12 00:26 - 2021-06-12 00:26 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-06-12 00:25 - 2021-06-12 00:25 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-12 00:25 - 2021-06-12 00:25 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-12 00:25 - 2021-06-12 00:25 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-06-12 00:25 - 2021-06-12 00:25 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-12 00:25 - 2021-06-12 00:25 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-06-12 00:25 - 2021-06-12 00:25 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-12 00:25 - 2021-06-12 00:25 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-12 00:25 - 2021-06-12 00:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-06-12 00:25 - 2021-06-12 00:25 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-06-12 00:25 - 2021-06-12 00:25 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-06-12 00:25 - 2021-06-12 00:25 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-12 00:25 - 2021-06-12 00:25 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-06-12 00:25 - 2021-06-12 00:25 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-06-12 00:25 - 2021-06-12 00:25 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-06-12 00:25 - 2021-06-12 00:25 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-06-12 00:25 - 2021-06-12 00:25 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-06-12 00:25 - 2021-06-12 00:25 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-12 00:25 - 2021-06-12 00:25 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-12 00:25 - 2021-06-12 00:25 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-06-12 00:25 - 2021-06-12 00:25 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-06-12 00:25 - 2021-06-12 00:25 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-06-12 00:25 - 2021-06-12 00:25 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-06-12 00:25 - 2021-06-12 00:25 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-06-12 00:25 - 2021-06-12 00:25 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-06-12 00:18 - 2021-06-12 00:18 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-06-12 00:18 - 2021-06-12 00:18 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-06-12 00:16 - 2021-06-18 10:17 - 000748058 _____ C:\WINDOWS\system32\perfh013.dat
2021-06-12 00:16 - 2021-06-18 10:17 - 000146102 _____ C:\WINDOWS\system32\perfc013.dat
2021-06-12 00:16 - 2021-06-12 00:16 - 000347800 _____ C:\WINDOWS\system32\perfi013.dat
2021-06-12 00:16 - 2021-06-12 00:16 - 000045450 _____ C:\WINDOWS\system32\perfd013.dat
2021-06-12 00:16 - 2021-06-12 00:16 - 000000000 ____D C:\WINDOWS\SysWOW64\nl
2021-06-12 00:16 - 2021-06-12 00:16 - 000000000 ____D C:\WINDOWS\system32\nl
2021-06-11 21:43 - 2021-06-11 21:43 - 000001013 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Soap-Slime-Sand.lnk
2021-06-11 21:42 - 2021-06-11 21:42 - 000001037 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mood Playlist.lnk
2021-06-11 21:42 - 2021-06-11 21:42 - 000000877 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sunny Fruit Bowl.lnk
2021-06-11 21:40 - 2021-06-11 21:40 - 000000420 _____ C:\Users\NYM\This PC - Shortcut.lnk
2021-06-11 21:40 - 2021-06-11 21:40 - 000000000 ____D C:\Users\NYM\Documents\ARWizard
2021-06-11 21:39 - 2021-06-11 21:39 - 000000000 ____D C:\Users\NYM\AppData\Local\arw
2021-06-11 21:39 - 2021-06-11 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Record Wizard
2021-06-11 21:39 - 2021-06-11 21:39 - 000000000 ____D C:\Program Files (x86)\Audio Record Wizard
2021-06-11 21:34 - 2021-06-11 21:34 - 000000000 ____D C:\WINDOWS\Replay Video Capture 10
2021-06-11 21:34 - 2021-06-11 21:34 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applian LLC
2021-06-11 21:34 - 2021-06-11 21:34 - 000000000 ____D C:\Program Files (x86)\Replay Video Capture 10
2021-06-11 21:33 - 2021-06-11 21:33 - 000002122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Applian Director.lnk
2021-06-11 21:33 - 2021-06-11 21:33 - 000000000 ____D C:\WINDOWS\Applian Director
2021-06-11 21:33 - 2021-06-11 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian LLC
2021-06-11 21:33 - 2021-06-11 21:33 - 000000000 ____D C:\Program Files (x86)\Applian Director 3
2021-06-11 21:27 - 2021-06-17 23:18 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-11 21:27 - 2021-06-17 23:18 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-11 21:27 - 2021-06-11 21:27 - 001310832 _____ (Google LLC) C:\Users\NYM\Downloads\GoogleEarthProSetup.exe
2021-06-11 21:27 - 2021-06-11 21:27 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2021-06-11 21:27 - 2021-06-11 21:27 - 000000000 ____D C:\Users\NYM\AppData\LocalLow\Google
2021-06-11 21:27 - 2021-06-11 21:27 - 000000000 ____D C:\Users\NYM\AppData\Local\NVIDIA
2021-06-11 21:27 - 2021-06-11 21:27 - 000000000 ____D C:\Users\NYM\AppData\Local\Google
2021-06-11 21:27 - 2021-06-11 21:27 - 000000000 ____D C:\Program Files\Google
2021-06-11 21:27 - 2021-06-11 21:27 - 000000000 ____D C:\Program Files (x86)\Google
2021-06-11 21:25 - 2021-06-13 20:47 - 000001247 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GemistDownloader.lnk
2021-06-11 21:25 - 2021-06-12 10:39 - 000000000 ____D C:\Users\NYM\AppData\Roaming\GemistDownloader
2021-06-11 21:25 - 2021-06-11 21:25 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GemistDownloader
2021-06-11 21:25 - 2021-06-11 21:25 - 000000000 ____D C:\Program Files (x86)\GemistDownloader
2021-06-11 21:23 - 2021-06-11 21:23 - 000001261 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mondharmonica - Shortcut.lnk
2021-06-11 21:15 - 2021-06-11 21:15 - 000000951 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gitaarles.lnk
2021-06-11 21:14 - 2021-06-11 21:14 - 000001146 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eventvwr.lnk
2021-06-11 21:14 - 2021-06-11 21:14 - 000001139 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskmgr.lnk
2021-06-11 21:09 - 2021-06-11 21:09 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2021-06-11 21:09 - 2021-06-11 21:09 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2021-06-11 21:08 - 2021-06-11 21:08 - 054261822 _____ C:\Users\NYM\Downloads\MSIAfterburnerSetup.zip
2021-06-11 21:08 - 2021-06-11 21:08 - 000000000 ____D C:\Users\NYM\Downloads\MSIAfterburnerSetup
2021-06-11 21:07 - 2021-06-11 21:07 - 000000690 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NYM.lnk
2021-06-11 21:06 - 2021-06-11 21:06 - 000000581 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2021-06-11 21:06 - 2021-06-11 21:06 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Woord Voor Woord
2021-06-11 21:06 - 2021-06-11 21:06 - 000000000 ____D C:\Program Files\WVW
2021-06-11 21:06 - 1997-07-14 19:00 - 000127488 ____R (Microsoft Corporation) C:\WINDOWS\dsetup.dll
2021-06-11 21:04 - 2016-11-04 22:30 - 000000064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictionary.com.url
2021-06-11 21:03 - 2021-06-11 21:03 - 000000206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forvo the pronunciation dictionary. All the words in the world pronounced by native speakers.URL
2021-06-11 21:03 - 2020-09-05 13:42 - 000000219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forvo Farsi.URL
2021-06-11 21:00 - 2021-06-11 21:00 - 000001068 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vertalen.lnk
2021-06-11 20:55 - 2021-06-15 20:52 - 000000162 _____ C:\WINDOWS\Egvd.ini
2021-06-11 20:55 - 2021-06-11 20:55 - 000000004 _____ C:\timestmp.tmp
2021-06-11 20:55 - 2021-06-11 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Van Dale
2021-06-11 20:54 - 2021-06-11 20:54 - 000000000 ____D C:\VanDale
2021-06-11 20:53 - 2013-06-15 10:23 - 000000053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Vertalen.url
2021-06-11 20:53 - 1998-10-09 14:36 - 000327168 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn0413.exe
2021-06-11 20:47 - 2021-06-11 20:47 - 000000742 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Timer.lnk
2021-06-11 20:46 - 2021-06-11 20:46 - 000000644 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apps.lnk
2021-06-11 20:43 - 2021-06-11 20:45 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Winamp
2021-06-11 20:43 - 2021-06-11 20:44 - 000000000 ____D C:\Program Files (x86)\Winamp
2021-06-11 20:43 - 2021-06-11 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2021-06-11 20:42 - 2021-06-11 20:43 - 008201952 _____ (Nullsoft, Inc.) C:\Users\NYM\Downloads\winamp58_3660_beta_full_en-us.exe
2021-06-11 20:42 - 2021-06-11 20:42 - 000000000 ____D C:\Users\NYM\Documents\Custom Office Templates
2021-06-11 20:39 - 2021-06-17 20:19 - 000000000 ____D C:\Users\NYM\AppData\Roaming\vlc
2021-06-11 20:39 - 2021-06-11 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-06-11 20:38 - 2021-06-11 20:38 - 042753816 _____ C:\Users\NYM\Downloads\vlc-3.0.15-win64.exe
2021-06-11 20:38 - 2021-06-11 20:38 - 000000000 ____D C:\Program Files\VideoLAN
2021-06-11 20:13 - 2021-06-11 20:13 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-06-11 20:09 - 2021-06-11 20:09 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-06-11 19:50 - 2021-06-11 20:07 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-11 19:50 - 2021-06-11 19:50 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-06-11 19:33 - 2021-06-11 19:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-11 19:28 - 2021-06-11 19:28 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2021-06-11 19:28 - 2021-06-11 19:28 - 000000000 ____D C:\Users\NYM\AppData\Roaming\DAEMON Tools Lite
2021-06-11 19:28 - 2021-06-11 19:28 - 000000000 ____D C:\Users\NYM\AppData\Local\Disc_Soft_Ltd
2021-06-11 19:28 - 2021-06-11 19:28 - 000000000 ____D C:\ProgramData\Documents\Daemon Tools Images
2021-06-11 19:27 - 2021-06-11 19:27 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2021-06-11 19:27 - 2021-06-11 19:27 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2021-06-11 19:27 - 2021-06-11 19:27 - 000000000 ____D C:\Users\Public\Documents\Catch!
2021-06-11 19:27 - 2021-06-11 19:27 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Disc-Soft
2021-06-11 19:27 - 2021-06-11 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2021-06-11 19:27 - 2021-06-11 19:27 - 000000000 ____D C:\ProgramData\Documents\Catch!
2021-06-11 19:27 - 2021-06-11 19:27 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-06-11 19:27 - 2021-06-11 19:27 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2021-06-11 19:26 - 2021-06-11 19:26 - 001910080 _____ (Disc Soft Ltd) C:\Users\NYM\Downloads\DTLiteInstaller.exe
2021-06-11 19:11 - 2021-06-18 10:46 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Opera Software
2021-06-11 19:11 - 2021-06-18 10:46 - 000000000 ____D C:\Users\NYM\AppData\Local\Opera Software
2021-06-11 19:11 - 2021-06-18 10:12 - 000004194 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1623431498
2021-06-11 19:11 - 2021-06-11 19:11 - 002595512 _____ (Opera Software) C:\Users\NYM\Downloads\OperaSetup.exe
2021-06-11 19:05 - 2021-06-11 19:05 - 000000000 ____D C:\Users\NYM\AppData\Local\Brother
2021-06-11 19:03 - 2021-06-11 19:03 - 000000000 ____D C:\Users\NYM\AppData\Local\Brother_Industries,_Ltd
2021-06-11 18:58 - 2021-06-11 21:27 - 000000000 ____D C:\Users\NYM\AppData\Local\D3DSCache
2021-06-11 18:58 - 2021-06-11 18:58 - 000000000 ____D C:\Users\NYM\AppData\Roaming\ControlCenter4
2021-06-11 18:56 - 2021-06-17 23:18 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-83346808-1255448013-1195176118-1002
2021-06-11 18:56 - 2021-06-11 18:56 - 000000000 ___RD C:\Users\Bezoekers\OneDrive
2021-06-11 18:56 - 2021-06-11 18:56 - 000000000 ____D C:\Users\Bezoekers\AppData\Roaming\ControlCenter4
2021-06-11 18:56 - 2021-06-11 18:56 - 000000000 ____D C:\Users\Bezoekers\AppData\Roaming\Brother
2021-06-11 18:56 - 2021-06-11 18:56 - 000000000 ____D C:\Users\Bezoekers\AppData\Roaming\Avast Software
2021-06-11 18:56 - 2021-06-11 18:56 - 000000000 ____D C:\Users\Bezoekers\AppData\Local\CEF
2021-06-11 18:55 - 2021-06-11 18:56 - 000002375 _____ C:\Users\Bezoekers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-11 18:55 - 2021-06-11 18:56 - 000002348 _____ C:\Users\Bezoekers\Desktop\Microsoft Edge.lnk
2021-06-11 18:55 - 2021-06-11 18:56 - 000000000 ____D C:\Users\Bezoekers\AppData\Local\Packages
2021-06-11 18:55 - 2021-06-11 18:56 - 000000000 ____D C:\Users\Bezoekers
2021-06-11 18:55 - 2021-06-11 18:55 - 000000020 ___SH C:\Users\Bezoekers\ntuser.ini
2021-06-11 18:55 - 2021-06-11 18:55 - 000000000 ___RD C:\Users\Bezoekers\3D Objects
2021-06-11 18:55 - 2021-06-11 18:55 - 000000000 ____D C:\Users\Bezoekers\AppData\Roaming\Adobe
2021-06-11 18:55 - 2021-06-11 18:55 - 000000000 ____D C:\Users\Bezoekers\AppData\Local\VirtualStore
2021-06-11 18:55 - 2021-06-11 18:55 - 000000000 ____D C:\Users\Bezoekers\AppData\Local\Publishers
2021-06-11 18:55 - 2021-06-11 18:55 - 000000000 ____D C:\Users\Bezoekers\AppData\Local\D3DSCache
2021-06-11 18:55 - 2021-06-11 18:55 - 000000000 ____D C:\Users\Bezoekers\AppData\Local\ConnectedDevicesPlatform
2021-06-11 18:45 - 2021-06-11 18:45 - 000000000 ____D C:\ProgramData\zeon
2021-06-11 18:45 - 2021-06-11 18:45 - 000000000 ____D C:\Program Files\Nuance
2021-06-11 18:44 - 2021-06-11 18:45 - 000000000 ____D C:\ProgramData\Nuance
2021-06-11 18:44 - 2021-06-11 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 14
2021-06-11 18:44 - 2021-06-11 18:45 - 000000000 ____D C:\Program Files (x86)\Nuance
2021-06-11 18:44 - 2021-06-11 18:44 - 000001915 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2021-06-11 18:44 - 2021-06-11 18:44 - 000000000 ____D C:\Users\NYM\Documents\MyWebPages
2021-06-11 18:44 - 2021-06-11 18:44 - 000000000 ____D C:\Users\NYM\AppData\Local\Nuance
2021-06-11 18:44 - 2021-06-11 18:44 - 000000000 ____D C:\ProgramData\ScanSoft
2021-06-11 18:44 - 2021-06-11 18:44 - 000000000 ____D C:\ProgramData\Macrovision
2021-06-11 18:44 - 2021-06-11 18:44 - 000000000 ____D C:\ProgramData\FLEXnet
2021-06-11 18:39 - 2021-06-11 18:51 - 000000000 ____D C:\Program Files (x86)\Browny02
2021-06-11 18:39 - 2021-06-11 18:39 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK
2021-06-11 18:38 - 2021-06-11 19:07 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Brother
2021-06-11 18:38 - 2021-06-11 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2021-06-11 18:38 - 2021-06-11 18:56 - 000000000 ____D C:\ProgramData\ControlCenter4
2021-06-11 18:38 - 2021-06-11 18:49 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2021-06-11 18:35 - 2021-06-11 19:03 - 000000000 ____D C:\ProgramData\Brother
2021-06-11 18:34 - 2021-06-11 19:07 - 000000000 ____D C:\Program Files (x86)\Brother
2021-06-11 18:13 - 2021-06-14 22:35 - 000000000 ____D C:\Users\NYM\AppData\Local\cache
2021-06-11 18:13 - 2021-06-11 18:13 - 000000000 ____D C:\Users\NYM\AppData\Local\MusicMaker
2021-06-11 17:55 - 2021-06-11 17:55 - 000000000 ____D C:\Users\NYM\AppData\Local\Xara
2021-06-11 17:54 - 2021-06-11 18:12 - 000000000 ___RD C:\Users\NYM\Documents\MAGIX
2021-06-11 17:54 - 2021-06-11 17:54 - 000000000 ____D C:\Program Files\Common Files\MAGIX Shared
2021-06-11 17:53 - 2021-06-11 18:10 - 000000000 ____D C:\ProgramData\MAGIX
2021-06-11 17:53 - 2021-06-11 17:53 - 000000000 ____D C:\Users\Public\Documents\MAGIX
2021-06-11 17:53 - 2021-06-11 17:53 - 000000000 ____D C:\ProgramData\Documents\MAGIX
2021-06-11 17:52 - 2021-06-11 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2021-06-11 17:52 - 2021-06-11 18:10 - 000000000 ____D C:\Program Files\MAGIX
2021-06-11 17:51 - 2021-06-11 17:58 - 000000000 ____D C:\Program Files\Common Files\MAGIX Services
2021-06-11 17:45 - 2021-06-11 18:10 - 000000000 ____D C:\Users\NYM\AppData\Roaming\MAGIX
2021-06-11 17:45 - 2021-06-11 17:45 - 000000000 ____D C:\Users\NYM\Documents\MAGIX Downloads
2021-06-11 16:48 - 2021-06-17 16:25 - 000002373 _____ C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-11 16:48 - 2021-06-11 16:48 - 000002270 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-11 16:48 - 2021-06-11 16:48 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-06-11 16:33 - 2021-06-18 11:07 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-11 16:33 - 2021-06-18 11:06 - 000000000 ____D C:\Users\NYM\AppData\LocalLow\Mozilla
2021-06-11 16:33 - 2021-06-18 07:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-11 16:33 - 2021-06-18 07:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-11 16:33 - 2021-06-17 23:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-11 16:33 - 2021-06-11 16:33 - 000332992 _____ (Mozilla) C:\Users\NYM\Downloads\Firefox Installer (1).exe
2021-06-11 16:33 - 2021-06-11 16:33 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-06-11 16:33 - 2021-06-11 16:33 - 000000993 _____ C:\ProgramData\Desktop\Firefox.lnk
2021-06-11 16:33 - 2021-06-11 16:33 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Mozilla
2021-06-11 16:33 - 2021-06-11 16:33 - 000000000 ____D C:\Users\NYM\AppData\Local\Mozilla
2021-06-11 16:32 - 2021-06-11 16:32 - 000333056 _____ (Mozilla) C:\Users\NYM\Downloads\Firefox Installer.exe
2021-06-11 16:19 - 2021-06-11 16:19 - 000002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2021-06-11 16:19 - 2021-06-11 16:19 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2021-06-11 16:18 - 2021-06-18 10:11 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-06-11 16:18 - 2021-06-11 16:18 - 000059312 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2021-06-11 16:18 - 2021-06-11 16:18 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2021-06-11 16:18 - 2021-06-11 16:18 - 000002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2021-06-11 16:18 - 2021-06-11 16:18 - 000000000 _RSHD C:\ProgramData\Key-Base
2021-06-11 16:18 - 2021-06-11 16:18 - 000000000 ____D C:\ProgramData\UpdShl
2021-06-11 16:18 - 2021-06-11 16:18 - 000000000 ____D C:\ProgramData\{28679250-D4FA-11D3-E7BD-2D3B505F3DE0}
2021-06-11 16:18 - 2021-06-07 18:01 - 000081688 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-06-11 16:17 - 2021-06-12 09:12 - 000000000 ____D C:\Users\NYM\AppData\Local\CrashDumps
2021-06-11 16:17 - 2021-06-11 19:07 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-11 16:17 - 2021-06-11 17:10 - 000000000 ____D C:\Users\NYM\AppData\Local\AvastAntiTrackPremium
2021-06-11 16:17 - 2021-06-11 16:17 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AvastAntiTrackPremium
2021-06-11 16:17 - 2021-06-11 16:17 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2021-06-11 16:17 - 2021-06-11 16:17 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2021-06-11 16:17 - 2021-06-11 16:17 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-06-11 16:17 - 2021-06-08 05:12 - 000086632 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\netfilter2.sys
2021-06-11 16:16 - 2021-06-11 16:16 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2021-06-11 16:16 - 2021-06-11 16:12 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-06-11 16:14 - 2021-06-18 10:47 - 000000000 ____D C:\Users\NYM\AppData\Local\Avast Software
2021-06-11 16:13 - 2021-06-11 16:19 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Avast Software
2021-06-11 16:13 - 2021-06-11 16:13 - 000000000 ____D C:\Users\NYM\AppData\Local\CEF
2021-06-11 16:12 - 2021-06-17 23:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-06-11 16:12 - 2021-06-11 16:19 - 000000000 ____D C:\Program Files\Avast Software
2021-06-11 16:12 - 2021-06-11 16:18 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-06-11 16:12 - 2021-06-11 16:16 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-06-11 16:12 - 2021-06-11 16:12 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000522864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-06-11 16:12 - 2021-06-11 16:12 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-06-11 16:11 - 2021-06-18 10:11 - 000000000 ____D C:\ProgramData\Avast Software
2021-06-11 16:11 - 2021-06-11 16:11 - 000224544 _____ (AVAST Software) C:\Users\NYM\Downloads\avast_free_antivirus_setup_online.exe
2021-06-11 16:11 - 2021-06-11 16:11 - 000224544 _____ (AVAST Software) C:\Users\NYM\Downloads\avast_free_antivirus_setup_online (1).exe
2021-06-11 16:07 - 2021-06-13 15:07 - 000000000 ____D C:\WINDOWS\Panther
2021-06-11 16:00 - 2021-06-11 16:00 - 000000000 ____D C:\Users\NYM\AppData\LocalLow\Temp
2021-06-11 15:58 - 2021-06-11 15:58 - 001447178 _____ (Igor Pavlov) C:\Users\NYM\Downloads\7z1900-x64.exe
2021-06-11 15:58 - 2021-06-11 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-06-11 15:58 - 2021-06-11 15:58 - 000000000 ____D C:\Program Files\7-Zip
2021-06-11 15:56 - 2021-06-16 07:57 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-11 15:56 - 2021-06-11 15:56 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-11 15:56 - 2021-06-11 15:56 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-11 15:56 - 2021-06-11 15:56 - 000000000 ____D C:\Users\NYM\AppData\Local\mbam
2021-06-11 15:56 - 2021-06-11 15:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-11 15:56 - 2021-06-11 15:55 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-11 15:56 - 2021-06-11 15:55 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-11 15:55 - 2021-06-11 15:55 - 002080712 _____ (Malwarebytes) C:\Users\NYM\Downloads\MBSetup.exe
2021-06-11 15:55 - 2021-06-11 15:55 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-11 15:51 - 2021-06-11 15:51 - 000000000 ____D C:\Users\NYM\AppData\Local\OneDrive
2021-06-11 15:50 - 2021-06-11 15:50 - 000000507 _____ C:\Users\NYM\Desktop\DATA.lnk
2021-06-11 15:28 - 2021-06-17 23:18 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-11 15:28 - 2021-06-17 23:18 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d75ebefa820f85
2021-06-11 14:49 - 2020-10-05 14:03 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2021-06-11 14:49 - 2020-10-05 14:03 - 000047424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2021-06-11 14:48 - 2020-10-05 14:02 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445671.dll
2021-06-11 14:48 - 2020-10-05 14:02 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445671.dll
2021-06-11 14:44 - 2021-06-18 10:17 - 001680590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-11 14:44 - 2021-06-11 14:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-11 14:43 - 2021-06-11 14:43 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-06-11 14:42 - 2021-06-18 10:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-11 14:42 - 2021-06-11 14:42 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-06-11 14:42 - 2021-06-11 14:42 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-06-11 14:42 - 2021-06-11 14:42 - 000000020 ___SH C:\Users\NYM\ntuser.ini
2021-06-11 14:37 - 2021-06-14 22:35 - 000000000 ____D C:\Users\NYM
2021-06-11 14:36 - 2021-06-13 07:49 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-11 14:35 - 2021-06-18 10:11 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-11 14:35 - 2021-06-18 10:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-11 14:35 - 2021-06-11 18:57 - 000814864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-11 13:22 - 2021-06-11 13:22 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2021-06-11 12:40 - 2021-06-12 18:59 - 000000000 ____D C:\ProgramData\Packages
2021-06-11 12:20 - 2021-06-11 12:20 - 000000000 ___HD C:\$WinREAgent
2021-06-11 12:18 - 2021-06-11 12:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-11 12:03 - 2021-06-11 21:20 - 000000000 ____D C:\Users\NYM\AppData\Local\PlaceholderTileLogoFolder
2021-06-11 12:03 - 2021-06-11 12:03 - 000000000 ____D C:\Users\NYM\AppData\Local\Comms
2021-06-11 12:00 - 2021-06-12 15:18 - 000000000 ____D C:\Program Files\rempl
2021-06-11 12:00 - 2021-06-11 12:18 - 000000000 ____D C:\Program Files\ruxim
2021-06-11 12:00 - 2021-06-11 12:14 - 000000000 ____D C:\Program Files\CUAssistant
2021-06-11 12:00 - 2021-06-11 12:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-11 11:48 - 2021-06-17 16:25 - 000000000 ___RD C:\Users\NYM\OneDrive
2021-06-11 11:47 - 2021-06-11 11:47 - 000000000 ___HD C:\Users\NYM\MicrosoftEdgeBackups
2021-06-11 11:46 - 2021-06-15 10:43 - 000000000 ____D C:\Users\NYM\AppData\Local\VirtualStore
2021-06-11 11:46 - 2021-06-12 18:56 - 000000000 ____D C:\Users\NYM\AppData\Local\Packages
2021-06-11 11:46 - 2021-06-11 20:22 - 000000000 ____D C:\Users\NYM\AppData\Local\ConnectedDevicesPlatform
2021-06-11 11:46 - 2021-06-11 18:55 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-06-11 11:46 - 2021-06-11 14:42 - 000000000 ___RD C:\Users\NYM\3D Objects
2021-06-11 11:46 - 2021-06-11 11:46 - 000000000 ____D C:\Users\NYM\AppData\Roaming\Adobe
2021-06-11 11:46 - 2021-06-11 11:46 - 000000000 ____D C:\Users\NYM\AppData\Local\Publishers
2021-06-11 11:46 - 2021-06-11 11:46 - 000000000 ____D C:\Users\NYM\AppData\Local\MicrosoftEdge
2021-06-11 11:44 - 2021-06-18 10:11 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-11 11:44 - 2021-06-12 11:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-06-11 11:44 - 2021-06-12 00:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-06-11 11:44 - 2021-06-12 00:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-06-11 11:44 - 2021-06-11 16:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-06-11 11:44 - 2021-04-08 23:26 - 005627760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-06-11 11:44 - 2021-04-08 23:26 - 002635632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-06-11 11:44 - 2021-04-08 23:26 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-06-11 11:44 - 2021-04-08 23:26 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-06-11 11:44 - 2021-04-08 23:26 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-06-11 11:44 - 2021-04-08 23:26 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-06-11 11:44 - 2021-04-05 19:44 - 009527077 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-06-11 11:44 - 2021-02-28 18:48 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-06-11 11:44 - 2020-10-01 07:19 - 000195560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2021-06-11 11:39 - 2021-06-11 11:39 - 000000000 _SHDL C:\Documents and Settings
2021-06-11 11:36 - 2021-06-11 11:36 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-06-11 11:11 - 2021-06-18 11:06 - 000002285 _____ C:\Users\NYM\Desktop\Waardeloze dromen.txt
2021-06-11 11:11 - 2021-06-16 14:07 - 000004294 _____ C:\Users\NYM\Desktop\Vermoeidheid onderzoek.txt
2021-06-11 11:11 - 2021-06-15 11:09 - 000001302 _____ C:\Users\NYM\Desktop\Tally.lnk
2021-06-11 11:11 - 2021-06-15 10:56 - 000002699 _____ C:\Users\NYM\Desktop\Reagaton.txt
2021-06-11 11:11 - 2021-06-12 20:21 - 000001327 _____ C:\Users\NYM\Desktop\Gebonden.lnk
2021-06-11 11:11 - 2021-06-12 12:58 - 000000000 ____D C:\Users\NYM\Desktop\Verhuizing Aandachtspunten
2021-06-11 11:11 - 2021-06-12 12:54 - 000000000 ____D C:\Users\NYM\Desktop\Auto playlist
2021-06-11 11:11 - 2021-06-12 12:54 - 000000000 ____D C:\Users\NYM\Desktop\Auto overzetten
2021-06-11 11:11 - 2021-06-12 12:51 - 000000000 ____D C:\Users\NYM\Desktop\Steam Games
2021-06-11 11:11 - 2021-06-12 12:45 - 000000000 ____D C:\Users\NYM\Desktop\ZipStitch
2021-06-11 11:11 - 2021-06-12 12:45 - 000000000 ____D C:\Users\NYM\Desktop\100 zijden dobbelstenen
2021-06-11 11:11 - 2021-06-12 12:42 - 000000000 ____D C:\Users\NYM\Desktop\Belasting doorgeven
2021-06-11 11:11 - 2021-06-12 12:36 - 000000000 ____D C:\Users\NYM\Desktop\Books
2021-06-11 11:11 - 2021-06-12 12:32 - 000000000 ____D C:\Users\NYM\Desktop\SPORT Lijst
2021-06-11 11:11 - 2021-06-10 18:15 - 000002525 _____ C:\Users\NYM\Desktop\Candiplex recept.txt
2021-06-11 11:11 - 2021-06-10 14:15 - 000001166 _____ C:\Users\NYM\Desktop\Celebrities.lnk
2021-06-11 11:11 - 2021-06-09 23:26 - 000001171 _____ C:\Users\NYM\Desktop\Atheism.lnk
2021-06-11 11:11 - 2021-06-05 19:42 - 000002734 _____ C:\Users\NYM\Desktop\VC HL's.txt
2021-06-11 11:11 - 2021-06-03 17:31 - 000001094 _____ C:\Users\NYM\Desktop\Voetbal.lnk
2021-06-11 11:11 - 2021-05-31 23:42 - 000001411 _____ C:\Users\NYM\Desktop\Dekens en graden.lnk
2021-06-11 11:11 - 2021-05-31 21:33 - 000001551 _____ C:\Users\NYM\Desktop\Spinnen tijdstip wasserij.lnk
2021-06-11 11:11 - 2021-05-26 13:08 - 000000968 _____ C:\Users\NYM\Desktop\06-Juni - Shortcut.lnk
2021-06-11 11:11 - 2021-05-24 21:43 - 000000842 _____ C:\Users\NYM\Desktop\Wetenschappelijke termen.txt
2021-06-11 11:11 - 2021-05-24 10:53 - 000000166 _____ C:\Users\NYM\Desktop\Been genezing.txt
2021-06-11 11:11 - 2021-05-23 22:57 - 000001139 _____ C:\Users\NYM\Desktop\The X-files.lnk
2021-06-11 11:11 - 2021-05-19 17:11 - 000000147 _____ C:\Users\NYM\Desktop\Hobby thoughts.txt
2021-06-11 11:11 - 2021-05-18 17:14 - 000002444 _____ C:\Users\NYM\Desktop\Vragen egn kz.txt
2021-06-11 11:11 - 2021-05-16 18:46 - 000000171 _____ C:\Users\NYM\Desktop\Oog trillend onderzoek.txt
2021-06-11 11:11 - 2021-05-14 16:47 - 000000023 _____ C:\Users\NYM\Desktop\To-do-list.txt
2021-06-11 11:11 - 2021-05-13 15:28 - 000001558 _____ C:\Users\NYM\Desktop\Johan Braeckman - De ongelovige Thomas heeft een punt - Shortcut.lnk
2021-06-11 11:11 - 2021-05-04 20:14 - 000001249 _____ C:\Users\NYM\Desktop\De kracht van gesproken woorden .txt - Shortcut.lnk
2021-06-11 11:11 - 2021-04-29 22:25 - 000001383 _____ C:\Users\NYM\Desktop\Antwoorden Wetenschappelijk.lnk
2021-06-11 11:11 - 2021-04-22 13:34 - 000001144 _____ C:\Users\NYM\Desktop\Tafel Organizer - Shortcut.lnk
2021-06-11 11:11 - 2021-04-18 22:20 - 000014824 _____ C:\Users\NYM\Desktop\HL podcast.txt
2021-06-11 11:11 - 2021-04-18 14:03 - 000001468 _____ C:\Users\NYM\Desktop\David Hand - Het onwaarschijnlijkheidsprincipe - Shortcut.lnk
2021-06-11 11:11 - 2021-04-17 16:59 - 000000619 _____ C:\Users\NYM\Desktop\Klein beginnen.txt
2021-06-11 11:11 - 2021-04-15 11:43 - 000001164 _____ C:\Users\NYM\Desktop\HL R&N.txt
2021-06-11 11:11 - 2021-04-11 15:44 - 000001480 _____ C:\Users\NYM\Desktop\Ongedaan gemaakt.lnk
2021-06-11 11:11 - 2021-04-10 20:53 - 000001814 _____ C:\Users\NYM\Desktop\Wetenschappers vroegen zich vroeger af wat.lnk
2021-06-11 11:11 - 2021-04-10 12:18 - 000000830 _____ C:\Users\NYM\Desktop\Psychology.lnk
2021-06-11 11:11 - 2021-04-05 14:51 - 000001599 _____ C:\Users\NYM\Desktop\Dieet (Ontbijt_Lunch) - Shortcut.lnk
2021-06-11 11:11 - 2021-04-04 21:34 - 000001427 _____ C:\Users\NYM\Desktop\Richard Dawkins - God als misvatting - Shortcut (2).lnk
2021-06-11 11:11 - 2021-04-03 10:44 - 000001529 _____ C:\Users\NYM\Desktop\Waarschijnlijkheid.lnk
2021-06-11 11:11 - 2021-04-03 10:44 - 000001505 _____ C:\Users\NYM\Desktop\Waarschijnlijkheidstheorie Boeken.lnk
2021-06-11 11:11 - 2021-04-01 20:03 - 000002144 _____ C:\Users\NYM\Desktop\Joes Guitar lessons - Michael Jackson - Give in to me - Shortcut.lnk
2021-06-11 11:11 - 2021-03-22 12:27 - 000000814 _____ C:\Users\NYM\Desktop\Voorbeelden.txt
2021-06-11 11:11 - 2021-03-07 18:33 - 000001900 _____ C:\Users\NYM\Desktop\Intentie en dat is alles.lnk
2021-06-11 11:11 - 2021-02-14 12:52 - 000001279 _____ C:\Users\NYM\Desktop\Indiara Sfair.lnk
2021-06-11 11:11 - 2021-02-14 12:10 - 000002285 _____ C:\Users\NYM\Desktop\Appelazaijn (athlet's feet apple cider vinegar).lnk
2021-06-11 11:11 - 2021-02-10 22:38 - 000002077 _____ C:\Users\NYM\Desktop\Baking soda treatment.lnk
2021-06-11 11:11 - 2021-01-31 13:46 - 000001114 _____ C:\Users\NYM\Desktop\Playlist - Shortcut.lnk
2021-06-11 11:11 - 2021-01-28 20:03 - 000000000 ____D C:\Users\NYM\Desktop\Wandelschoen
2021-06-11 11:11 - 2021-01-27 20:17 - 000001331 _____ C:\Users\NYM\Desktop\Impulscontrole.lnk
2021-06-11 11:11 - 2021-01-16 20:12 - 000001276 _____ C:\Users\NYM\Desktop\Gordijn balkondeur - Shortcut.lnk
2021-06-11 11:11 - 2021-01-10 16:30 - 000001059 _____ C:\Users\NYM\Desktop\Coconut Bread - Shortcut.lnk
2021-06-11 11:11 - 2020-12-31 14:46 - 000001633 _____ C:\Users\NYM\Desktop\LickNRiff - Free Guitar Education - Shortcut.lnk
2021-06-11 11:11 - 2020-12-24 10:59 - 000001200 _____ C:\Users\NYM\Desktop\Meal this week.lnk
2021-06-11 11:11 - 2020-12-09 20:33 - 000001364 _____ C:\Users\NYM\Desktop\Gitaar tips.lnk
2021-06-11 11:11 - 2020-12-09 19:49 - 000001238 _____ C:\Users\NYM\Desktop\Elastische compressie - Shortcut.lnk
2021-06-11 11:11 - 2020-12-01 13:21 - 000001212 _____ C:\Users\NYM\Desktop\Muziektheorie.lnk
2021-06-11 11:11 - 2020-11-30 21:38 - 000000981 _____ C:\Users\NYM\Desktop\Korting datums.txt
2021-06-11 11:11 - 2020-11-19 13:59 - 000001190 _____ C:\Users\NYM\Desktop\Gitaarles.lnk
2021-06-11 11:11 - 2020-10-01 11:03 - 000000079 _____ C:\Users\NYM\Desktop\Verlanglijst aankoop.txt
2021-06-11 11:11 - 2020-08-15 19:14 - 000001340 _____ C:\Users\NYM\Desktop\NBG-vertaling 1951.lnk
2021-06-11 11:11 - 2020-07-09 09:32 - 000000846 _____ C:\Users\NYM\Desktop\Safe.lnk
2021-06-11 11:11 - 2020-07-06 16:47 - 000001688 _____ C:\Users\NYM\Desktop\Bible Subjects.lnk
2021-06-11 11:11 - 2020-07-01 19:36 - 000000748 _____ C:\Users\NYM\Desktop\Links & Info - Shortcut.lnk
2021-06-11 11:11 - 2020-07-01 19:27 - 000001640 _____ C:\Users\NYM\Desktop\Bijbel in Gewone Taal (BGT).lnk
2021-06-11 11:11 - 2020-06-07 09:55 - 000000668 _____ C:\Users\NYM\Desktop\V-R.lnk
2021-06-11 11:11 - 2020-05-29 10:32 - 000001116 _____ C:\Users\NYM\Desktop\Sunny Fruit Bowl.lnk
2021-06-11 11:11 - 2020-05-28 16:32 - 000001587 _____ C:\Users\NYM\Desktop\1.13.10.lnk
2021-06-11 11:11 - 2020-05-20 13:54 - 000001288 _____ C:\Users\NYM\Desktop\Wellion Luna meter.lnk
2021-06-11 11:11 - 2020-05-18 18:07 - 000001690 _____ C:\Users\NYM\Desktop\Versjes toevoegen aan lijst om door de dag te herhalen - Shortcut.lnk
2021-06-11 11:11 - 2020-05-17 14:07 - 000001604 _____ C:\Users\NYM\Desktop\4-10-however.lnk
2021-06-11 11:11 - 2020-05-07 18:36 - 000001295 _____ C:\Users\NYM\Desktop\Ratio that recommend.lnk
2021-06-11 11:11 - 2020-05-04 09:43 - 000001621 _____ C:\Users\NYM\Desktop\Papierversnipperaar.lnk
2021-06-11 11:11 - 2020-05-01 15:01 - 000001123 _____ C:\Users\NYM\Desktop\ttb.org.lnk
2021-06-11 11:11 - 2020-04-25 12:01 - 000001280 _____ C:\Users\NYM\Desktop\Mood.lnk
2021-06-11 11:11 - 2019-12-30 22:00 - 000000777 _____ C:\Users\NYM\Desktop\Wo.lnk
2021-06-11 11:11 - 2019-09-14 10:30 - 000001009 _____ C:\Users\NYM\Desktop\Video Thee.lnk
2021-06-11 11:11 - 2019-06-02 15:41 - 000001298 _____ C:\Users\NYM\Desktop\Boodschappenlijst.lnk
2021-06-11 11:11 - 2019-06-02 15:38 - 000001158 _____ C:\Users\NYM\Desktop\Parents Visit.lnk
2021-06-11 11:11 - 2019-02-08 21:50 - 000001234 _____ C:\Users\NYM\Desktop\Schoonmaken.lnk
2021-06-11 11:11 - 2018-11-28 16:10 - 000001540 _____ C:\Users\NYM\Desktop\Christmas Tree On Wall.lnk
2021-06-11 11:11 - 2018-07-19 13:32 - 000000809 _____ C:\Users\NYM\Desktop\Tijd Methode.lnk
2021-06-11 11:11 - 2018-06-03 15:19 - 000000767 _____ C:\Users\NYM\Desktop\Maaltijd Manual.lnk
2021-06-11 11:11 - 2018-01-07 15:02 - 000001138 _____ C:\Users\NYM\Desktop\Winterjas.lnk
2021-06-11 11:11 - 2017-10-30 11:07 - 000001566 _____ C:\Users\NYM\Desktop\Wasserij Lijst.lnk
2021-06-11 11:11 - 2017-04-09 21:02 - 000001272 _____ C:\Users\NYM\Desktop\Tempratuur Buiten.lnk
2021-06-11 11:11 - 2017-04-04 15:51 - 000001639 _____ C:\Users\NYM\Desktop\3 keer per jaar onderhouden.lnk
2021-06-11 11:11 - 2016-09-01 16:49 - 000001167 _____ C:\Users\NYM\Desktop\Vroeg opstaan.lnk
2021-06-11 11:11 - 2016-01-06 11:58 - 000001291 _____ C:\Users\NYM\Desktop\Virtual reality-bril - Shortcut.lnk
2021-06-11 11:10 - 2021-06-12 12:54 - 000000000 ____D C:\Users\NYM\Desktop\Linkdin Learning
2021-06-11 11:10 - 2021-06-12 12:51 - 000000000 ____D C:\Users\NYM\Desktop\Richard Dawkins
2021-06-11 11:10 - 2021-06-12 12:50 - 000000000 ___RD C:\Users\NYM\Desktop\Netflix
2021-06-11 11:10 - 2021-06-12 12:50 - 000000000 ____D C:\Users\NYM\Desktop\NightCry
2021-06-11 11:10 - 2021-06-12 12:50 - 000000000 ____D C:\Users\NYM\Desktop\Films
2021-06-11 11:10 - 2021-06-12 12:45 - 000000000 ____D C:\Users\NYM\Desktop\Kleding lijst
2021-06-11 11:10 - 2021-06-12 12:45 - 000000000 ____D C:\Users\NYM\Desktop\Dobbelspel
2021-06-11 11:10 - 2021-06-12 12:45 - 000000000 ____D C:\Users\NYM\Desktop\Diet Week
2021-06-11 11:10 - 2021-06-12 12:43 - 000000000 ____D C:\Users\NYM\Desktop\Corona vaccinicatie
2021-06-11 11:10 - 2021-06-12 12:42 - 000000000 ____D C:\Users\NYM\Desktop\Corona (COVID19)
2021-06-11 11:10 - 2021-06-12 12:36 - 000000000 ____D C:\Users\NYM\Desktop\Lijst boeken overzetten tab
2021-06-01 11:43 - 2021-06-01 11:43 - 007429936 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-01 11:43 - 2021-06-01 11:43 - 002729760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-01 11:43 - 2021-06-01 11:43 - 001490224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446231.dll
2021-06-01 11:43 - 2021-06-01 11:43 - 001163552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-01 11:43 - 2021-06-01 11:43 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-01 11:43 - 2021-06-01 11:43 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-01 11:43 - 2021-06-01 11:43 - 000678672 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-01 11:43 - 2021-06-01 11:43 - 000671512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-01 11:43 - 2021-06-01 11:43 - 000556832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 008306480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 006076544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 004610336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 002102560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-01 11:42 - 2021-06-01 11:42 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-01 11:42 - 2021-06-01 11:42 - 001730864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446231.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 001587488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 001511200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 001452320 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-01 11:42 - 2021-06-01 11:42 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-01 11:42 - 2021-06-01 11:42 - 001191712 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 000655648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-06-01 11:42 - 2021-06-01 11:42 - 000546080 _____ C:\WINDOWS\SysWOW64\nvofapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-18 10:17 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-18 10:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-18 10:10 - 2019-12-07 11:03 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2021-06-18 08:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-18 07:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-17 08:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-14 14:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-13 15:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-12 09:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-12 09:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-06-12 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-06-12 00:35 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-06-12 00:35 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-06-12 00:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-06-12 00:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-06-12 00:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-06-12 00:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-06-12 00:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\InfusedApps
2021-06-12 00:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-06-12 00:31 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-06-12 00:31 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-06-12 00:31 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-06-12 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-06-12 00:30 - 2019-12-07 11:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-06-12 00:30 - 2019-12-07 11:52 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-06-12 00:18 - 2019-12-07 11:51 - 000000000 ____D C:\WINDOWS\OCR
2021-06-12 00:17 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-06-12 00:17 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-06-12 00:16 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-06-12 00:16 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-06-12 00:16 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-06-12 00:16 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-06-12 00:16 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-06-12 00:16 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-06-11 20:09 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-11 18:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-11 16:16 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-11 14:58 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-11 14:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-06-11 14:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-11 14:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-06-11 14:42 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-06-11 14:42 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-06-11 14:39 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-06-11 12:13 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
2021-06-01 11:42 - 2019-10-04 16:51 - 007120336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-06-01 11:42 - 2019-10-04 16:32 - 000061321 _____ C:\WINDOWS\system32\nvinfo.pb

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.txt

Link to post
Share on other sites

Hello NEbr,

Do not see any reference in the FRST logs to event_routing.dll-k.mbam, i do not believe that entry is malicious, maybe possibly related to Avast...

Run FRST one more time:

Type or copy/paste the following into the edit box after "Search:".

event_routing.dll-k.mbam;event_routing.dll

Click Search Files button and post the log (Search.txt) it makes to your reply...
 
Thank you,
 
Kevin...
Link to post
Share on other sites

Thank you, I did receive a notification from avast this morning which it said "We've secured firefox.exe[11940] because it was infected with MSIL:NanoCore-B[Trj]". I've added screenshot as attachment "Avast.jpg". That file is not quarantined, I can't find it anywhere

Also this morning after Windows started up I saw malwarebytes icon disappear from taskbar and come back again.

Search.txt is in attachment aswell.

 

Avast.jpg

Search.txt

Link to post
Share on other sites

Hiya NBer,

Your FRST logs are not showing any evidence of Malware or Infection, the search for event_routing.dll did confirm that it was related to Avast. Lets try the following scans to further check your system...

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download "Microsoft's Safety Scanner" and save direct to the desktop

Ensure to get the correct version for your system....

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download


Right click on the Tool, select Run as Administrator the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.


Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\msert.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Thank you,

Kevin..
Link to post
Share on other sites

Below you see MSRT log and i've added AdwCleaner (2 logfiles as attachment).

After running AdwCleaner I didn't receive any message to restart the pc, I did restart it manually and after restart didn't receive any log either, so all I could do is use the logs that I could find and there are 2, AdwCleaner[C00].txt and AdwCleaner[S00].txt.

 

MSRT log:


---------------------------------------------------------------------------------------
Microsoft Safety Scanner v1.341, (build 1.341.945.0)
Started On Fri Jun 18 15:31:54 2021

Engine: 1.1.18300.4
Signatures: 1.341.945.0
MpGear: 1.1.16330.1
Run Mode: Interactive Graphical Mode

Quick Scan Results:
-------------------
Threat Detected: VirTool:Win32/DefenderTamperingRestore and Removed!
  Action: Remove, Result: 0x00000000
    regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware
        SigSeq: 0x0000055555C57273

Results Summary:
----------------
Found VirTool:Win32/DefenderTamperingRestore and Removed!
Successfully Submitted MAPS Report
Successfully Submitted Heartbeat Report
Microsoft Safety Scanner Finished On Fri Jun 18 15:37:32 2021


Return code: 6 (0x6)

 

 

AdwCleaner[C00].txt AdwCleaner[S00].txt

Link to post
Share on other sites

I run Malwarebytes (quick scan) and it did found something, which doesn't show up in Detection history -> Quarantined items, but only history.

See screenshot (00.jpg).

I recently format and reinstalled my windows, and I'm using Avast VPN, I was not actively using it before, so that is the most new thing to my system.

Before reinstalling my pc I did notice a change in my system, I was receiving advertises on windows media player, which is uncommon, see screenshot (see: wmp-ad.jpg). see those names (Mark Victor Hansen And Robert G. Allen - TwentyFive) that wasn't the name of my file, I couldn't find those info in details either, that was one of the reasons I've reinstalled my pc. I dont have that issue anymore.

So beside EVENT_ROUTING.DLL-K.MBAM and ASWCMNBS.DLL-K.MBAM, I don't see any issues.

 

00.jpg

wmp-ad.jpg

Link to post
Share on other sites

23 minutes ago, NEbr said:

So beside EVENT_ROUTING.DLL-K.MBAM and ASWCMNBS.DLL-K.MBAM

Sorry for the intrusion @kevinf80. That detection happens when you have scan for rootkits enabled during your scans.

I would  also recommend creating exclusions between Malwarebytes and Your AV to help prevent any possible conflicts or performance issues.  Please add the items listed in this support article to Your AV 's allow list(s)/trust list(s)/exclusion list(s) particularly for any of its real-time protection components and likewise add Your AV 's program folder(s) (likely located under C:\Program Files and/or C:\Program Files (x86)) to Malwarebytes' Allow List using the method described under the Allow a file or folder section of this support article and do the same for its primary data folder which is likely located under C:\ProgramData (you may need to show hidden files and folders to see it).

 

Please also refer to this support article which lists several known applications which conflict with the Web Protection in Malwarebytes currently, which includes Avast.

Link to post
Share on other sites

Hiya @Porthos

Quote

Sorry for the intrusion @kevinf80. That detection happens when you have scan for rootkits enabled during your scans.

I`ve never see that flagged previously on many systems with Avast and Malwarebytes installed, specifically when I request Malwarebytes scans with scan for rootkits enabled. Is this a recent issue...?

@NEbr are you ok for your thread to be closed out now...

Cheers,

Kevin..

Link to post
Share on other sites

1 minute ago, kevinf80 said:

I`ve never see that flagged previously on many systems with Avast and Malwarebytes installed

It is not really an Avast issue. Malwarebytes will detect those k-mbam files from rootkit scanning. It does not always detect them but id does from time to time.

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.