Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 21-09-2016
Gestart door nasiga (Beheerder) op NASIGA (22-09-2016 16:01:25)
Gestart vanaf C:\Users\nas\Desktop
Geladen Profielen: nasiga (Beschikbare Profielen: nasiga & bouga_000)
Platform: Windows 8.1 (Update) (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2739720367-3800079215-714148290-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2739720367-3800079215-714148290-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2739720367-3800079215-714148290-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2739720367-3800079215-714148290-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-17]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-17]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\nas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2014-05-22]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
GroupPolicy: Restrictie - Chrome <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

ProxyEnable: [.DEFAULT] => Proxy is ingeschakeld.
ProxyServer: [.DEFAULT] => http=127.0.0.1:57890;https=127.0.0.1:57890
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BB6570D3-CE81-4687-A1E9-4312A4EBDE4A}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{EB117DF2-40F0-4553-9216-11C4F8BE2EF1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
HKU\S-1-5-21-2739720367-3800079215-714148290-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/
HKU\S-1-5-21-2739720367-3800079215-714148290-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx
URLSearchHook: HKU\S-1-5-21-2739720367-3800079215-714148290-1002 - (Geen Naam) - {93a3111f-4f74-4ed8-895e-d9708497629e} - Geen bestand
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {F020A2A7-F0DD-4983-B271-CB8774D8EABB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {F020A2A7-F0DD-4983-B271-CB8774D8EABB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2739720367-3800079215-714148290-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1442242963&z=fcf7e579a2814e00202316cd51de6594gzzoozotqc&from=tugs&uid=hitachixhts545050a7e380_te85113q2hjenr2hjenrx&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2739720367-3800079215-714148290-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2739720367-3800079215-714148290-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2739720367-3800079215-714148290-1002 -> {F020A2A7-F0DD-4983-B271-CB8774D8EABB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Geen Naam -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Geen bestand
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Geen Naam -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Geen bestand
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-15] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.piesearch.com/?type=sc&uid=85ab00d1-c7f6-4a46-9095-c2f048898512

FireFox:
========
FF ProfilePath: C:\Users\nas\AppData\Roaming\Mozilla\Firefox\Profiles\3k197mca.default-1473961691753
FF Homepage: www.google.nl
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2739720367-3800079215-714148290-1002: @nsroblox.roblox.com/launcher -> C:\Users\nas\AppData\Local\Roblox\Versions\version-2a3769b753884f05\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2739720367-3800079215-714148290-1002: @nsroblox.roblox.com/launcher64 -> C:\Users\nas\AppData\Local\Roblox\Versions\version-2a3769b753884f05\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Extension: (leethax.net extension) - C:\Users\nas\AppData\Roaming\Mozilla\Firefox\Profiles\3k197mca.default-1473961691753\extensions\leethax@leethax.net.xpi [2016-09-15]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.nl/"
CHR Profile: C:\Users\nas\AppData\Local\Google\Chrome\User Data\Default [2016-09-21]
CHR Extension: (Google Documenten) - C:\Users\nas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-04]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\nas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\nas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-15]

==================== Services (gefilterd) ========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Bestand niet getekend]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [Bestand niet getekend]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Bestand niet getekend]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-21] (IDT, Inc.) [Bestand niet getekend]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (gefilterd) ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-22] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-09-22 16:01 - 2016-09-22 16:01 - 00028521 _____ C:\Users\nas\Desktop\FRST.txt
2016-09-22 16:00 - 2016-09-22 16:01 - 00000000 ____D C:\FRST
2016-09-22 15:59 - 2016-09-22 15:59 - 02402816 _____ (Farbar) C:\Users\nas\Desktop\FRST64.exe
2016-09-21 21:56 - 2016-09-21 21:56 - 00045541 _____ C:\Users\nas\Desktop\HijackThis Logje.txt
2016-09-21 21:52 - 2016-09-21 21:53 - 00000000 ____D C:\rsit
2016-09-21 21:52 - 2016-09-21 21:53 - 00000000 ____D C:\Program Files\trend micro
2016-09-21 21:50 - 2016-09-21 21:51 - 01222144 _____ C:\Users\nas\Desktop\RSITx64.exe
2016-09-21 21:21 - 2016-09-21 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-21 21:14 - 2016-09-21 21:14 - 00015317 _____ C:\Users\nas\Desktop\AdwCleaner[C0].txt
2016-09-21 20:39 - 2016-09-21 20:39 - 04320054 _____ C:\Users\nas\Desktop\Virus.bmp
2016-09-21 20:38 - 2016-09-21 20:38 - 00003600 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-09-21 20:18 - 2016-09-21 20:18 - 01069720 _____ C:\Users\nas\Desktop\male text.txt
2016-09-21 20:03 - 2016-09-21 21:35 - 00000000 ____D C:\AdwCleaner
2016-09-21 20:02 - 2016-09-21 20:02 - 03861056 _____ C:\Users\nas\Desktop\adwcleaner_6.020.exe
2016-09-15 21:39 - 2016-09-15 21:39 - 00000000 ____D C:\Users\nas\AppData\Roaming\vlc
2016-09-15 21:37 - 2016-09-15 21:37 - 00001082 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-09-15 21:37 - 2016-09-15 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-15 21:35 - 2016-09-15 21:35 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-09-15 21:33 - 2016-09-15 21:34 - 30533688 _____ C:\Users\nas\Downloads\vlc-2.2.4-win32.exe
2016-09-15 20:49 - 2016-09-15 20:49 - 13170912 _____ (Microsoft Corporation) C:\Users\nas\Downloads\Silverlight_x64.exe
2016-09-15 20:10 - 2016-09-15 20:10 - 00000000 ____D C:\Users\nas\AppData\Roaming\AVG
2016-09-15 20:05 - 2016-09-15 20:05 - 00000000 ____D C:\Users\nas\AppData\Roaming\TuneUp Software
2016-09-15 20:05 - 2016-09-15 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-09-15 20:03 - 2016-09-15 20:03 - 00000000 ___HD C:\$AVG
2016-09-15 20:01 - 2016-09-22 15:56 - 00000000 ____D C:\ProgramData\MFAData
2016-09-15 20:01 - 2016-09-15 20:01 - 00000000 ____D C:\Users\nas\AppData\Local\MFAData
2016-09-15 19:58 - 2016-09-15 19:58 - 00001004 _____ C:\Users\Public\Desktop\AVG.lnk
2016-09-15 19:58 - 2016-09-15 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-09-15 19:55 - 2016-09-15 20:02 - 00000000 ____D C:\Program Files (x86)\AVG
2016-09-15 19:54 - 2016-09-15 20:11 - 00000000 ____D C:\Users\nas\AppData\Local\AvgSetupLog
2016-09-15 19:54 - 2016-09-15 20:10 - 00000000 ____D C:\Users\nas\AppData\Local\Avg
2016-09-15 19:54 - 2016-09-15 20:03 - 00000000 ____D C:\ProgramData\Avg
2016-09-15 19:53 - 2016-09-15 19:54 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\nas\Downloads\AVG_Protection_Free_1597.exe
2016-09-15 19:48 - 2016-09-15 19:48 - 00000000 ____D C:\Users\nas\Desktop\Oude Firefox-gegevens
2016-09-15 19:46 - 2016-09-21 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-15 19:46 - 2016-09-15 19:46 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-15 19:45 - 2016-09-15 19:45 - 00242264 _____ C:\Users\nas\Downloads\Firefox Setup Stub 48.0.2 (2).exe
2016-09-15 19:38 - 2016-09-15 19:38 - 00000000 ____D C:\Users\nas\AppData\Roaming\Sun
2016-09-15 19:38 - 2016-09-15 19:38 - 00000000 ____D C:\Users\nas\.oracle_jre_usage
2016-09-15 19:31 - 2016-09-15 19:31 - 00242264 _____ C:\Users\nas\Downloads\Firefox Setup Stub 48.0.2 (1).exe
2016-09-15 17:42 - 2016-09-22 15:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-15 17:41 - 2016-09-15 17:42 - 00242264 _____ C:\Users\nas\Downloads\Firefox Setup Stub 48.0.2.exe
2016-09-15 17:41 - 2016-09-15 17:41 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-15 17:41 - 2016-09-15 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-15 17:40 - 2016-09-15 17:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-15 17:40 - 2016-09-15 17:40 - 22851472 _____ (Malwarebytes ) C:\Users\nas\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-15 17:40 - 2016-09-15 17:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-15 17:40 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-15 17:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-15 17:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-15 17:39 - 2016-09-15 17:39 - 00002788 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-09-15 17:39 - 2016-09-15 17:39 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-15 17:39 - 2016-09-15 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-15 17:39 - 2016-09-15 17:39 - 00000000 ____D C:\Program Files\CCleaner
2016-09-15 17:33 - 2016-09-15 17:33 - 08244656 _____ (Piriform Ltd) C:\Users\nas\Downloads\ccsetup522 (1).exe
2016-09-15 17:31 - 2016-09-15 17:31 - 08244656 _____ (Piriform Ltd) C:\Users\nas\Downloads\ccsetup522.exe
2016-09-07 15:40 - 2016-09-21 22:13 - 00002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-07 15:40 - 2016-09-21 22:13 - 00002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-07 15:37 - 2016-09-22 15:51 - 00001066 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-07 15:37 - 2016-09-21 22:13 - 00001070 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-07 15:37 - 2016-09-07 15:40 - 00000000 ____D C:\Users\bouga_000\AppData\Local\Google
2016-09-07 15:37 - 2016-09-07 15:39 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-07 15:37 - 2016-09-07 15:37 - 00004042 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-07 15:37 - 2016-09-07 15:37 - 00003806 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-07 15:36 - 2016-09-07 15:37 - 00000000 ____D C:\Users\bouga_000\AppData\Local\Deployment
2016-09-07 15:36 - 2016-09-07 15:36 - 00000000 ____D C:\Users\bouga_000\AppData\Local\Apps\2.0
2016-09-07 15:26 - 2016-09-07 15:26 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D3572E26-43AE-4168-8A3F-6535F8BE477B}
2016-09-07 15:26 - 2016-09-07 15:26 - 00000000 ____D C:\Users\bouga_000\AppData\Roaming\Macromedia
2016-09-07 15:25 - 2016-09-07 15:25 - 00000000 ____D C:\Users\bouga_000\AppData\Local\WebShield
2016-09-07 15:23 - 2016-09-07 15:24 - 00000000 ___RD C:\Users\bouga_000\OneDrive
2016-09-07 15:22 - 2016-09-07 15:22 - 00000000 ____D C:\Users\bouga_000\AppData\LocalLow\Sun
2016-09-07 15:20 - 2016-09-07 15:38 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2739720367-3800079215-714148290-1006
2016-09-07 15:16 - 2016-09-07 15:16 - 00000000 ____D C:\Users\bouga_000\AppData\Roaming\Synaptics
2016-09-07 15:16 - 2016-09-07 15:16 - 00000000 ____D C:\Users\bouga_000\AppData\Roaming\ICAClient
2016-09-07 15:16 - 2016-09-07 15:16 - 00000000 ____D C:\Users\bouga_000\AppData\Roaming\ATI
2016-09-07 15:16 - 2016-09-07 15:16 - 00000000 ____D C:\Users\bouga_000\AppData\Roaming\Apple Computer
2016-09-07 15:16 - 2016-09-07 15:16 - 00000000 ____D C:\Users\bouga_000\AppData\Local\Hewlett-Packard
2016-09-07 15:16 - 2016-09-07 15:16 - 00000000 ____D C:\Users\bouga_000\AppData\Local\Citrix
2016-09-07 15:16 - 2016-09-07 15:16 - 00000000 ____D C:\Users\bouga_000\AppData\Local\ATI
2016-09-07 15:16 - 2016-09-07 15:16 - 00000000 ____D C:\Users\bouga_000\AppData\Local\AMD
2016-09-07 15:12 - 2016-09-07 15:35 - 00000000 ____D C:\Users\bouga_000\AppData\Local\Packages
2016-09-07 15:12 - 2016-09-07 15:12 - 00002216 _____ C:\Users\bouga_000\Desktop\speed browser.lnk
2016-09-07 15:12 - 2016-09-07 15:12 - 00001430 _____ C:\Users\bouga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-07 15:12 - 2016-09-07 15:12 - 00000020 ___SH C:\Users\bouga_000\ntuser.ini
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\Sjablonen
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\Netwerkprinteromgeving
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\Mijn documenten
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\Menu Start
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\Documents\Mijn video's
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\Documents\Mijn muziek
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\Documents\Mijn afbeeldingen
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 _SHDL C:\Users\bouga_000\AppData\Local\Geschiedenis
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 ____D C:\Users\bouga_000\AppData\Roaming\Adobe
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 ____D C:\Users\bouga_000\AppData\Local\VirtualStore
2016-09-07 15:12 - 2016-09-07 15:12 - 00000000 ____D C:\Users\bouga_000\AppData\Local\speed browser
2016-09-07 15:12 - 2015-11-28 19:28 - 00000000 ____D C:\Users\bouga_000\AppData\Local\Microsoft Help
2016-09-07 15:12 - 2014-12-07 23:50 - 00000000 ____D C:\Users\bouga_000\Documents\hp.system.package.metadata
2016-09-07 15:12 - 2014-12-07 23:50 - 00000000 ____D C:\Users\bouga_000\Documents\hp.applications.package.appdata
2016-09-07 15:12 - 2014-09-24 18:23 - 00000369 _____ C:\Users\bouga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-09-07 15:12 - 2014-09-24 18:23 - 00000369 _____ C:\Users\bouga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-09-07 15:11 - 2016-09-07 15:23 - 00000000 ____D C:\Users\bouga_000
2016-09-05 16:47 - 2016-09-05 16:47 - 01080312 _____ (ROBLOX Corporation) C:\Users\nas\Downloads\RobloxPlayerLauncher (1).exe
2016-09-05 16:25 - 2016-09-05 16:25 - 01080312 _____ (ROBLOX Corporation) C:\Users\nas\Downloads\RobloxPlayerLauncher.exe
2016-09-04 13:17 - 2016-09-15 17:25 - 00002325 _____ C:\Users\nas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-04 13:17 - 2016-09-15 17:25 - 00002295 _____ C:\Users\nas\Desktop\Google Chrome.lnk
2016-09-04 13:15 - 2016-09-04 13:15 - 01065376 _____ (Google Inc.) C:\Users\nas\Downloads\ChromeSetup.exe
2016-08-23 16:31 - 2016-08-23 16:31 - 00310016 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-09-22 15:58 - 2014-12-08 00:18 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{717B1A7D-98F6-457E-BB18-DA6DF5C45806}
2016-09-22 15:55 - 2013-01-15 21:43 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2739720367-3800079215-714148290-1002
2016-09-22 15:51 - 2015-12-12 22:17 - 00000000 ___RD C:\Users\nas\iCloudDrive
2016-09-21 21:42 - 2016-02-27 21:26 - 00000000 ____D C:\Users\nas\AppData\Local\CrashDumps
2016-09-21 21:37 - 2015-04-04 19:30 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-21 21:37 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-21 21:28 - 2015-04-04 19:29 - 00000000 ____D C:\Users\nas\AppData\Local\Adobe
2016-09-21 21:27 - 2015-04-04 19:30 - 00003828 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-09-21 21:27 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-21 21:27 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-21 20:22 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-09-21 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-21 20:00 - 2013-01-15 21:26 - 00000000 ____D C:\Users\nas\AppData\Local\Packages
2016-09-21 17:22 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-09-21 16:59 - 2015-09-28 20:40 - 00000000 ____D C:\ProgramData\Radio
2016-09-21 16:53 - 2015-09-21 19:40 - 00000000 ____D C:\ProgramData\Browser
2016-09-15 21:29 - 2013-07-04 21:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-15 21:29 - 2013-07-04 21:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-15 21:23 - 2013-08-25 11:39 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-15 21:09 - 2013-01-20 14:25 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-15 20:50 - 2013-07-04 21:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-15 20:24 - 2015-04-04 19:30 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-15 20:20 - 2015-04-04 19:30 - 00003854 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-09-15 20:13 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-15 20:09 - 2015-08-13 22:06 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-15 20:05 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-09-15 19:46 - 2015-04-04 19:23 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-15 19:43 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-15 19:39 - 2013-12-16 18:15 - 00000000 ____D C:\ProgramData\Oracle
2016-09-15 19:39 - 2013-12-16 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-15 19:39 - 2013-12-16 18:14 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-15 19:38 - 2014-12-07 23:39 - 00000000 ____D C:\Users\nas
2016-09-15 19:37 - 2013-12-16 18:14 - 00269888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2016-09-15 19:37 - 2013-12-16 18:14 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-09-15 19:28 - 2015-09-14 17:02 - 00000000 ____D C:\ProgramData\sUTjCLPQ
2016-09-15 19:22 - 2012-12-20 00:16 - 00000000 ____D C:\ProgramData\Norton
2016-09-15 19:22 - 2012-12-20 00:16 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2016-09-15 19:10 - 2015-08-13 22:06 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2016-09-15 17:52 - 2014-12-07 23:24 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-05 17:32 - 2016-04-14 21:57 - 00000000 ____D C:\Users\nas\AppData\Local\Google
2016-09-05 16:29 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-05 16:27 - 2015-01-23 19:45 - 00000000 ____D C:\Users\nas\AppData\LocalLow\RbxLogs
2016-09-05 16:26 - 2015-01-23 19:45 - 00000000 ____D C:\Users\nas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

==================== Bestanden in de root van sommige mappen =======

2015-09-21 19:50 - 2015-09-21 19:50 - 0032038 _____ () C:\Users\nas\AppData\Roaming\Edge.ico
2015-08-13 23:18 - 2015-08-13 23:18 - 0003584 _____ () C:\Users\nas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-20 00:05 - 2012-12-20 00:05 - 0000595 _____ () C:\ProgramData\CyberlinkOutput.txt

Sommige bestanden in TEMP:
====================
C:\Users\nas\AppData\Local\Temp\libeay32.dll
C:\Users\nas\AppData\Local\Temp\msvcr120.dll
C:\Users\nas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2016-07-31 23:08

==================== Eind van FRST.txt ============================