Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17-10-2016 Gestart door Algemeen (Beheerder) op PC-NICK-MEDION (26-10-2016 17:07:25) Gestart vanaf C:\Users\Algemeen\Downloads Geladen Profielen: Algemeen (Beschikbare Profielen: Algemeen) Platform: Windows 8.1 Connected (Update) (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818552 2013-11-07] (Motorola Solutions, Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [490760 2013-11-26] (CyberLink Corp.) HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-11] (CyberLink Corp.) HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-18] (CyberLink Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-2949633537-1013791697-2583205244-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) AutoConfigURL: [S-1-5-21-2949633537-1013791697-2583205244-1003] => hxxp://unstops.net/wpad.dat?a48aaa4121ad8cff87ddd85b280defa59535167 Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 195.130.130.1 195.130.131.1 Tcpip\..\Interfaces\{CD9AD1C9-D7A9-4CD1-B9E6-7C61544BAB16}: [DhcpNameServer] 195.130.130.1 195.130.131.1 ManualProxies: 0hxxp://unstops.net/wpad.dat?a48aaa4121ad8cff87ddd85b280defa59535167 Internet Explorer: ================== HKU\S-1-5-21-2949633537-1013791697-2583205244-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.be/ HKU\S-1-5-21-2949633537-1013791697-2583205244-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://www.bing.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2949633537-1013791697-2583205244-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-2949633537-1013791697-2583205244-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2949633537-1013791697-2583205244-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-2949633537-1013791697-2583205244-1003 -> {ielnksrch} URL = hxxp://www.bing.com/search?q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-26] (Oracle Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-26] (Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-23] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-23] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-23] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-23] (Microsoft Corporation) FireFox: ======== FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2015-10-16] [ niet getekend] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-07] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-26] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-26] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-07] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-07] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default [2016-10-26] CHR Extension: (Google Presentaties) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-22] CHR Extension: (Google Documenten) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-22] CHR Extension: (Google Drive) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-22] CHR Extension: (YouTube) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-22] CHR Extension: (Google Spreadsheets) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-22] CHR Extension: (Offline Documenten) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-29] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-22] CHR Extension: (Gmail) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-22] CHR Extension: (Chrome Media Router) - C:\Users\Algemeen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-06] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation) R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink) R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink) R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Bestand niet getekend] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-08-08] () S3 vmicvss; C:\windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation) S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X] S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 ACSSCR; C:\windows\system32\DRIVERS\a38usb.sys [82480 2015-08-19] (Advanced Card Systems Ltd.) R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.) R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.) R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) S0 ebdrv; C:\windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) S3 HWHandSet; C:\windows\system32\DRIVERS\hw_quusbmdm.sys [223232 2015-05-07] (Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.) R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation) R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3610592 2014-01-28] (Intel Corporation) S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 RSP2STOR; C:\windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-08-19] (Realtek Semiconductor Corp.) S3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-01-15] (Realtek Semiconductor Corporation ) R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation) S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S2 npf; \??\C:\windows\system32\drivers\npf.sys [X] S1 {2918635d-38d1-46e9-bc6b-40eb3d4eb596}Gw64; system32\drivers\{2918635d-38d1-46e9-bc6b-40eb3d4eb596}Gw64.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2016-10-26 17:07 - 2016-10-26 17:08 - 00015427 _____ C:\Users\Algemeen\Downloads\FRST.txt 2016-10-26 17:07 - 2016-10-26 17:07 - 00000000 ____D C:\FRST 2016-10-26 17:05 - 2016-10-26 17:06 - 02407424 _____ (Farbar) C:\Users\Algemeen\Downloads\FRST64.exe 2016-10-25 17:56 - 2016-10-25 17:56 - 01222144 _____ C:\Users\Algemeen\Downloads\RSITx64.exe 2016-10-16 17:59 - 2016-10-16 19:44 - 00000000 ____D C:\Users\Algemeen\Desktop\Documents\Sollicitatie pleegzorg Halle 2016-10-16 17:26 - 2016-10-16 17:26 - 06761600 _____ (ESET spol. s r.o.) C:\Users\Algemeen\Downloads\esetonlinescanner_enu.exe 2016-10-16 17:26 - 2016-10-16 17:26 - 00000000 ____D C:\Users\Algemeen\AppData\Local\ESET 2016-10-16 17:17 - 2016-09-13 01:48 - 00085680 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2016-10-16 17:17 - 2016-09-09 15:38 - 01629184 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2016-10-16 17:17 - 2016-09-09 15:38 - 01226752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2016-10-16 17:17 - 2016-09-09 15:38 - 00586752 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2016-10-16 17:17 - 2016-09-09 15:38 - 00575488 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2016-10-16 17:17 - 2016-09-09 15:38 - 00314368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2016-10-16 17:17 - 2016-09-09 15:38 - 00273408 _____ (Microsoft Corporation) C:\windows\system32\centel.dll 2016-10-16 17:17 - 2016-09-09 15:38 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2016-10-16 17:17 - 2016-09-09 15:38 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2016-10-16 17:16 - 2016-10-01 02:22 - 07444312 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2016-10-16 17:16 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2016-10-16 17:16 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2016-10-16 17:16 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2016-10-16 17:16 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2016-10-16 17:16 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2016-10-16 17:16 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2016-10-16 17:16 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2016-10-16 17:16 - 2016-09-30 07:41 - 01033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll 2016-10-16 17:16 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2016-10-16 17:16 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2016-10-16 17:16 - 2016-09-30 07:33 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2016-10-16 17:16 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2016-10-16 17:16 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2016-10-16 17:16 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2016-10-16 17:16 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2016-10-16 17:16 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2016-10-16 17:16 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2016-10-16 17:16 - 2016-09-30 07:11 - 00880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll 2016-10-16 17:16 - 2016-09-30 07:06 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2016-10-16 17:16 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2016-10-16 17:16 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2016-10-16 17:16 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2016-10-16 17:16 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2016-10-16 17:16 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2016-10-16 17:16 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2016-10-16 17:16 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2016-10-16 17:16 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2016-10-16 17:16 - 2016-09-17 20:16 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\adsmsext.dll 2016-10-16 17:16 - 2016-09-17 19:53 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2016-10-16 17:16 - 2016-09-17 19:21 - 00089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsmsext.dll 2016-10-16 17:16 - 2016-09-17 19:03 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2016-10-16 17:16 - 2016-09-17 19:02 - 01446400 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2016-10-16 17:16 - 2016-09-14 03:53 - 01663184 _____ (Microsoft Corporation) C:\windows\system32\winload.efi 2016-10-16 17:16 - 2016-09-14 03:53 - 01523208 _____ (Microsoft Corporation) C:\windows\system32\winload.exe 2016-10-16 17:16 - 2016-09-14 03:53 - 01490112 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi 2016-10-16 17:16 - 2016-09-14 03:53 - 01358952 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe 2016-10-16 17:16 - 2016-09-13 00:03 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\offreg.dll 2016-10-16 17:16 - 2016-09-12 23:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\offreg.dll 2016-10-16 17:16 - 2016-09-09 16:17 - 04170752 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2016-10-16 17:16 - 2016-09-08 22:41 - 00121176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys 2016-10-16 17:16 - 2016-09-08 16:00 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2016-10-16 17:16 - 2016-09-08 16:00 - 00138240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys 2016-10-16 17:16 - 2016-09-08 00:07 - 01988096 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll 2016-10-16 17:16 - 2016-09-07 23:59 - 01754112 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll 2016-10-16 17:16 - 2016-09-07 23:59 - 01377792 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll 2016-10-16 17:16 - 2016-09-07 23:57 - 01560064 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll 2016-10-16 17:16 - 2016-09-07 23:56 - 01491456 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll 2016-10-16 17:16 - 2016-08-31 19:22 - 03754496 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll 2016-10-16 17:16 - 2016-08-31 18:33 - 02410496 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll 2016-10-16 17:16 - 2016-08-25 22:50 - 00747008 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll 2016-10-16 17:16 - 2016-08-25 21:40 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll 2016-10-16 17:16 - 2016-08-13 02:05 - 09323008 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL 2016-10-16 17:16 - 2016-08-13 02:03 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifibus.sys 2016-10-16 17:16 - 2016-08-13 02:02 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwififlt.sys 2016-10-16 17:16 - 2016-08-13 02:01 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys 2016-10-16 17:16 - 2016-08-13 00:35 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\rastapi.dll 2016-10-16 17:16 - 2016-08-13 00:19 - 09323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL 2016-10-16 17:16 - 2016-08-12 23:47 - 15431168 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll 2016-10-16 17:16 - 2016-08-12 23:17 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastapi.dll 2016-10-16 17:16 - 2016-08-12 22:52 - 13317120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll 2016-10-16 17:16 - 2016-08-12 03:58 - 02315496 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll 2016-10-16 17:16 - 2016-08-12 03:58 - 01946176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll 2016-10-16 17:16 - 2016-08-11 20:33 - 00096256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\parport.sys 2016-10-16 17:16 - 2016-08-11 20:33 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\serial.sys 2016-10-16 17:16 - 2016-08-11 20:33 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\serenum.sys 2016-10-16 17:16 - 2016-08-11 19:17 - 01574912 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe 2016-10-16 17:16 - 2016-08-11 15:39 - 00445765 _____ C:\windows\system32\ApnDatabase.xml 2016-10-16 17:16 - 2016-08-11 07:46 - 00420184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys 2016-10-16 17:16 - 2016-08-03 17:42 - 01317888 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Streaming.dll 2016-10-16 17:16 - 2016-08-03 17:36 - 01102848 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Streaming.dll 2016-10-16 17:16 - 2016-08-03 17:36 - 00289792 _____ (Microsoft Corporation) C:\windows\system32\PlayToDevice.dll 2016-10-16 17:16 - 2016-08-03 17:33 - 00215552 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToDevice.dll 2016-10-16 17:16 - 2016-07-30 19:12 - 02896384 _____ (Microsoft Corporation) C:\windows\system32\esent.dll 2016-10-16 17:16 - 2016-07-30 18:36 - 02537472 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll 2016-10-16 17:16 - 2016-07-26 15:40 - 00162850 _____ C:\windows\SysWOW64\C_932.NLS 2016-10-16 17:16 - 2016-07-26 15:40 - 00162850 _____ C:\windows\system32\C_932.NLS 2016-10-16 17:16 - 2016-07-23 20:18 - 01220096 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll 2016-10-16 17:16 - 2016-07-23 20:12 - 00954880 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll 2016-10-16 17:15 - 2016-08-27 21:44 - 22360288 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2016-10-16 17:15 - 2016-08-27 20:26 - 19789232 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2016-10-16 17:14 - 2016-08-27 21:44 - 02755504 _____ (Microsoft Corporation) C:\windows\explorer.exe 2016-10-16 17:14 - 2016-08-27 21:44 - 00133256 _____ (Microsoft Corporation) C:\windows\system32\RestoreOptIn.exe 2016-10-16 17:14 - 2016-08-27 20:26 - 02411048 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe 2016-10-16 17:14 - 2016-08-27 20:26 - 00113656 _____ (Microsoft Corporation) C:\windows\SysWOW64\RestoreOptIn.exe 2016-10-16 17:14 - 2016-08-27 18:33 - 02881536 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll 2016-10-16 17:14 - 2016-08-27 18:11 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll 2016-10-16 17:14 - 2016-08-27 18:09 - 14466560 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll 2016-10-16 17:14 - 2016-08-27 17:55 - 12879360 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll 2016-10-16 17:14 - 2016-08-21 00:24 - 02778624 _____ (Microsoft Corporation) C:\windows\system32\authui.dll 2016-10-16 17:14 - 2016-08-21 00:12 - 02463744 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll 2016-10-07 22:52 - 2016-10-07 22:52 - 00443632 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp140.dll 2016-10-07 22:52 - 2016-10-07 22:52 - 00394496 _____ (Microsoft Corporation) C:\windows\system32\vccorlib140.dll 2016-10-07 22:52 - 2016-10-07 22:52 - 00334608 _____ (Microsoft Corporation) C:\windows\system32\concrt140.dll 2016-10-07 22:52 - 2016-10-07 22:52 - 00089328 _____ (Microsoft Corporation) C:\windows\system32\vcruntime140.dll 2016-10-07 22:52 - 2016-10-07 22:52 - 00085744 _____ (Microsoft Corporation) C:\windows\SysWOW64\vcruntime140.dll 2016-10-07 22:49 - 2016-10-07 22:49 - 00639728 _____ (Microsoft Corporation) C:\windows\system32\msvcp140.dll 2016-10-07 22:49 - 2016-10-07 22:49 - 00244504 _____ (Microsoft Corporation) C:\windows\SysWOW64\concrt140.dll 2016-10-07 22:45 - 2016-10-07 22:45 - 00271112 _____ (Microsoft Corporation) C:\windows\SysWOW64\vccorlib140.dll 2016-09-30 20:20 - 2016-10-16 19:43 - 00000000 ____D C:\Users\Algemeen\Desktop\Documents\Sollicitatie De Loper Asse 2016-09-30 18:40 - 2016-09-30 18:40 - 00000000 ____D C:\Users\Algemeen\Desktop\Documents\Aangepaste Office-sjablonen ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2016-10-26 16:38 - 2015-07-28 14:12 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2949633537-1013791697-2583205244-1003 2016-10-26 16:36 - 2016-05-04 14:20 - 00001094 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-10-26 16:27 - 2016-02-29 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-10-26 16:27 - 2015-10-16 12:21 - 00000000 ____D C:\ProgramData\Oracle 2016-10-26 16:27 - 2015-10-16 12:21 - 00000000 ____D C:\Program Files (x86)\Java 2016-10-26 16:26 - 2016-02-29 19:21 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2016-10-26 16:18 - 2016-05-04 14:20 - 00001090 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-10-26 16:16 - 2016-06-21 22:40 - 00486368 _____ C:\windows\system32\FNTCACHE.DAT 2016-10-26 16:16 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT 2016-10-26 16:16 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf 2016-10-25 21:37 - 2014-04-29 11:41 - 00485032 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe 2016-10-25 18:04 - 2015-10-12 20:53 - 00000000 ___SD C:\windows\system32\CompatTel 2016-10-25 18:04 - 2015-10-12 20:53 - 00000000 ____D C:\windows\system32\appraiser 2016-10-25 18:04 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData 2016-10-25 17:57 - 2016-05-08 22:44 - 00000000 ____D C:\Program Files\trend micro 2016-10-25 17:50 - 2016-05-04 14:20 - 00002239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-25 17:50 - 2016-05-04 14:20 - 00002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-23 12:30 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-10-23 12:26 - 2014-04-29 14:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-10-23 12:00 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp 2016-10-23 11:51 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness 2016-10-16 19:20 - 2015-07-28 14:05 - 00000000 ____D C:\Users\Algemeen\AppData\Local\Packages 2016-10-16 17:19 - 2015-10-11 10:04 - 00000000 ____D C:\windows\system32\MRT 2016-10-16 17:12 - 2014-04-29 11:41 - 143495576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2016-10-13 19:58 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-10-11 17:33 - 2016-02-29 19:37 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2016-10-11 17:33 - 2016-02-29 19:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-10-05 17:20 - 2015-10-07 23:56 - 00474112 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll 2016-10-01 02:15 - 2016-08-08 13:14 - 00828408 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2016-10-01 02:15 - 2016-08-08 13:14 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-09-27 16:18 - 2015-12-28 21:04 - 00433152 ___SH C:\Users\Algemeen\Desktop\Thumbs.db ==================== Bestanden in de root van sommige mappen ======= 2016-08-01 18:17 - 2016-08-01 18:17 - 7065600 _____ () C:\Program Files (x86)\GUT7927.tmp 2015-11-13 12:03 - 2015-11-13 12:03 - 0000107 _____ () C:\Users\Algemeen\AppData\Roaming\settings.xml 2015-12-03 17:33 - 2015-12-03 17:43 - 0000600 _____ () C:\Users\Algemeen\AppData\Local\PUTTY.RND 2014-04-30 20:44 - 2014-04-30 20:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Sommige bestanden in TEMP: ==================== C:\Users\Algemeen\AppData\Local\Temp\jre-8u101-windows-au.exe C:\Users\Algemeen\AppData\Local\Temp\jre-8u111-windows-au.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\windows\system32\winlogon.exe => Bestand is getekend C:\windows\system32\wininit.exe => Bestand is getekend C:\windows\explorer.exe => Bestand is getekend C:\windows\SysWOW64\explorer.exe => Bestand is getekend C:\windows\system32\svchost.exe => Bestand is getekend C:\windows\SysWOW64\svchost.exe => Bestand is getekend C:\windows\system32\services.exe => Bestand is getekend C:\windows\system32\User32.dll => Bestand is getekend C:\windows\SysWOW64\User32.dll => Bestand is getekend C:\windows\system32\userinit.exe => Bestand is getekend C:\windows\SysWOW64\userinit.exe => Bestand is getekend C:\windows\system32\rpcss.dll => Bestand is getekend C:\windows\system32\dnsapi.dll => Bestand is getekend C:\windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2016-10-26 16:38 ==================== Eind van FRST.txt ============================