Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 30-10-2016 Gestart door Pc (Beheerder) op PC-PC (01-11-2016 11:26:34) Gestart vanaf C:\Users\Pc\Downloads Geladen Profielen: Pc (Beschikbare Profielen: Pc & nmees & DefaultAppPool) Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (AMD) C:\Windows\System32\atiesrxx.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe () C:\Program Files (x86)\KPN\Mobiel Internet Software\BecHelperService.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.7.1.32\n360.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Trust.Zone VPN Project) C:\Program Files\Trust.Zone VPN Client\tzclient_x64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe () C:\Program Files (x86)\KPN\Mobiel Internet Software\LoggerServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (AMD) C:\Windows\System32\atieclxx.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.7.1.32\n360.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.7.1.32\conathst.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] () HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.) HKLM\...\Run: [Trust.Zone VPN Client UI Helper] => C:\Program Files\Trust.Zone VPN Client\tzclient_x64.exe [4580600 2016-10-02] (Trust.Zone VPN Project) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992 2009-05-08] (Hewlett-Packard) HKLM-x32\...\Run: [LaunchHPOSIAPP] => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe [385024 2009-04-03] (Hewlett-Packard) HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] () HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1009632 2016-08-29] (DivX, LLC) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [CitrixReceiver] => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [407904 2014-11-27] (Citrix Systems, Inc.) HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153952 2014-11-27] (Citrix Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-2343392737-2357105771-3563990559-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-2343392737-2357105771-3563990559-1000\...\Run: [GoogleChromeAutoLaunch_08FE143FD2AB823235E69C88CCC8ECF7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921704 2016-10-20] (Google Inc.) HKU\S-1-5-21-2343392737-2357105771-3563990559-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd) HKU\S-1-5-21-2343392737-2357105771-3563990559-1000\...\Run: [Dropbox Update] => C:\Users\Pc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.7.1.32\buShell.dll [2016-08-15] (Symantec Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.) Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-14] ShortcutTarget: Dropbox.lnk -> C:\Users\Pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 195.121.1.34 195.121.1.66 Tcpip\..\Interfaces\{898fa565-1f7c-4687-ac35-81c7fe76e86e}: [DhcpNameServer] 194.151.228.3 194.151.228.51 Tcpip\..\Interfaces\{8b26a11f-58cf-416f-bea6-d678a3fc588d}: [NameServer] 194.151.228.34 194.151.228.18 Tcpip\..\Interfaces\{8f1d6d87-affe-41df-badf-48a080819320}: [DhcpNameServer] 192.168.2.254 Tcpip\..\Interfaces\{97220b28-48f9-4bcd-a936-014a2c656c30}: [DhcpNameServer] 192.168.2.254 195.121.1.34 195.121.1.66 Tcpip\..\Interfaces\{9c4c0029-0fda-46f5-ba9c-6796326da084}: [NameServer] 194.151.228.34 194.151.228.18 Tcpip\..\Interfaces\{aead9069-7d63-4542-8eb5-9d21604b2ba8}: [DhcpNameServer] 192.168.2.254 195.121.1.34 195.121.1.66 Tcpip\..\Interfaces\{b6f346bd-9afd-4396-81fd-6cf0a14a1191}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{dd89714b-4260-4858-b10c-2df8b3784e18}: [NameServer] 194.151.228.2 194.151.228.34 Internet Explorer: ================== HKU\S-1-5-21-2343392737-2357105771-3563990559-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/ HKU\S-1-5-21-2343392737-2357105771-3563990559-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_NL&c=94&bd=Pavilion&pf=cndt SearchScopes: HKLM -> DefaultScope {D5525B46-3501-4C5F-8CED-FB7D5A95C913} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcndtie7-nl-nl SearchScopes: HKLM -> {09705E94-C5DE-4FBF-96FE-7043BC316D16} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 SearchScopes: HKLM -> {D5525B46-3501-4C5F-8CED-FB7D5A95C913} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcndtie7-nl-nl SearchScopes: HKLM-x32 -> DefaultScope {D5525B46-3501-4C5F-8CED-FB7D5A95C913} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcndtie7-nl-nl SearchScopes: HKLM-x32 -> {09705E94-C5DE-4FBF-96FE-7043BC316D16} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 SearchScopes: HKLM-x32 -> {D5525B46-3501-4C5F-8CED-FB7D5A95C913} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcndtie7-nl-nl SearchScopes: HKU\S-1-5-21-2343392737-2357105771-3563990559-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\S-1-5-21-2343392737-2357105771-3563990559-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-01] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-01] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.7.1.32\coIEPlg.dll [2016-08-05] (Symantec Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.) FireFox: ======== FF DefaultProfile: sqb6i9gi.default-1374836263121 FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\sqb6i9gi.default-1374836263121 [2016-11-01] FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\sqb6i9gi.default-1374836263121\Extensions\adblockpopups@jessehakanen.net.xpi [2016-09-15] FF Extension: (uBlock Origin) - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\sqb6i9gi.default-1374836263121\Extensions\uBlock0@raymondhill.net.xpi [2016-10-26] FF Extension: (Adblock Plus) - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\sqb6i9gi.default-1374836263121\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-29] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon FF Extension: (Norton Identity Safe) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon [2016-09-22] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.7.0.76\coFFAddon FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-27] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-27] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] () FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2016-09-06] (DivX, LLC) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-01] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => Geen bestand CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\pdf.dll => Geen bestand CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => Geen bestand CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation) CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll => Geen bestand CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => Geen bestand CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => Geen bestand CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll => Geen bestand CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => Geen bestand CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll => Geen bestand CHR Profile: C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default [2016-10-13] CHR Extension: (Google Documenten) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (Google Drive) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Norton Security Toolbar) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-09-22] CHR Extension: (Google Search) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Offline Documenten) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-25] CHR Extension: (Norton Identity Safe) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-04-09] CHR Extension: (Skype) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-26] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-25] CHR Extension: (Gmail) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Extension: (Chrome Media Router) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.7.1.32\Exts\Chrome.crx [2016-09-03] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.7.1.32\Exts\Chrome.crx [2016-09-03] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 BecHelperService; C:\Program Files (x86)\KPN\Mobiel Internet Software\BecHelperService.exe [1917832 2011-03-02] () R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG) R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [Bestand niet getekend] R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.8.0.50\N360.exe [289080 2016-09-24] (Symantec Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Bestand niet getekend] R2 TZVPNCLIENT; C:\Program Files\Trust.Zone VPN Client\tzclient_x64.exe [4580600 2016-10-02] (Trust.Zone VPN Project) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) R3 AVER_H193; C:\WINDOWS\system32\drivers\AVer888RC_64.sys [543616 2009-11-13] (AVerMedia TECHNOLOGIES, Inc.) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\BASHDefs\20161027.001\BHDrvx64.sys [1854712 2016-08-18] (Symantec Corporation) R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360x64\1608000.032\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation) R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-10-26] (Windows (R) Win 7 DDK provider) R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-10-26] (Windows (R) Win 7 DDK provider) R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2015-10-26] (Disc Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-10-04] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-10-04] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.7.0.76\Definitions\IPSDefs\20161031.001\IDSvia64.sys [1012952 2016-10-28] (Symantec Corporation) R0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies) R3 Neo_VPN; C:\WINDOWS\System32\drivers\neo_vpn.sys [22784 2016-10-02] (Trust.Zone VPN Project) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) R3 SRTSP; C:\WINDOWS\System32\Drivers\N360x64\1607010.020\SRTSP64.SYS [773360 2016-08-10] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\N360x64\1608000.032\SRTSPX64.SYS [49400 2016-09-23] (Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\N360x64\1608000.032\SYMEFASI64.SYS [1628888 2016-09-23] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\N360x64\1608000.032\SymELAM.sys [24192 2016-06-02] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [101112 2016-06-24] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\N360x64\1608000.032\Ironx64.SYS [289520 2016-09-23] (Symantec Corporation) R3 SymNetS; C:\WINDOWS\System32\Drivers\N360x64\1607010.020\SYMNETS.SYS [567536 2016-06-02] (Symantec Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U3 idsvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2016-11-01 11:26 - 2016-11-01 11:27 - 00028469 _____ C:\Users\Pc\Downloads\FRST.txt 2016-11-01 11:26 - 2016-11-01 11:26 - 00000000 ____D C:\FRST 2016-11-01 11:25 - 2016-11-01 11:26 - 02408960 _____ (Farbar) C:\Users\Pc\Downloads\FRST64.exe 2016-11-01 10:46 - 2016-11-01 10:46 - 00000000 ____D C:\zoek 2016-11-01 10:28 - 2016-11-01 10:28 - 01309184 _____ C:\Users\Pc\Downloads\zoek(2).exe 2016-11-01 10:14 - 2016-11-01 10:14 - 01309184 _____ C:\Users\Pc\Downloads\zoek(1).exe 2016-11-01 10:08 - 2016-11-01 10:08 - 00017433 _____ C:\WINDOWS\SysWOW64\compmgmt.zip 2016-11-01 10:08 - 2016-11-01 10:08 - 00017433 _____ C:\WINDOWS\SysWOW64\compmgmt (4).zip 2016-11-01 10:08 - 2016-11-01 10:08 - 00017433 _____ C:\WINDOWS\SysWOW64\compmgmt (3).zip 2016-11-01 10:08 - 2016-11-01 10:08 - 00017433 _____ C:\WINDOWS\SysWOW64\compmgmt (2).zip 2016-11-01 10:08 - 2016-11-01 10:08 - 00017433 _____ C:\WINDOWS\SysWOW64\compmgmt (1).zip 2016-11-01 09:58 - 2016-11-01 09:58 - 00034647 _____ C:\Users\Pc\Documents\zoek-resultsPC.txt 2016-11-01 09:18 - 2016-11-01 10:50 - 00003520 _____ C:\runcheck.txt 2016-11-01 09:18 - 2016-11-01 09:37 - 00000000 ____D C:\zoek_backup 2016-11-01 09:17 - 2016-11-01 09:18 - 01309184 _____ C:\Users\Pc\Downloads\zoek.exe 2016-11-01 09:09 - 2016-11-01 09:13 - 00004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{506E6149-A7D9-48E8-859F-2ADBA4BAF480} 2016-11-01 09:06 - 2016-11-01 09:06 - 00737344 _____ (Oracle Corporation) C:\Users\Pc\Downloads\JavaSetup8u111.exe 2016-10-30 13:51 - 2016-10-30 13:52 - 00000000 ____D C:\rsit 2016-10-30 13:51 - 2016-10-30 13:52 - 00000000 ____D C:\Program Files\trend micro 2016-10-30 13:50 - 2016-10-30 13:50 - 01222144 _____ C:\Users\Pc\Downloads\RSITx64.exe 2016-10-30 13:38 - 2016-10-30 13:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Pc\Downloads\HijackThis.exe 2016-10-29 12:07 - 2016-10-29 12:07 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2016-10-28 06:29 - 2016-10-28 06:29 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-10-21 09:24 - 2016-11-01 03:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-10-19 14:01 - 2016-10-19 14:01 - 00000000 ____D C:\WINDOWS\LastGood 2016-10-16 16:11 - 2016-10-16 16:11 - 00100592 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SY1 2016-10-13 16:51 - 2016-10-13 16:51 - 00003800 _____ C:\WINDOWS\System32\Tasks\AutoKMS 2016-10-13 06:44 - 2016-10-13 06:44 - 00000000 ____D C:\WINDOWS\PCHEALTH 2016-10-12 15:02 - 2016-10-05 11:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll 2016-10-12 15:02 - 2016-10-05 11:13 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-10-12 15:02 - 2016-10-05 11:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-10-12 15:02 - 2016-10-05 11:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2016-10-12 15:02 - 2016-10-05 11:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-10-12 15:02 - 2016-10-05 11:12 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-10-12 15:02 - 2016-10-05 11:09 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-10-12 15:02 - 2016-10-05 11:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys 2016-10-12 15:02 - 2016-10-05 10:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-10-12 15:02 - 2016-10-05 10:50 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-10-12 15:02 - 2016-10-05 10:45 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-10-12 15:02 - 2016-10-05 10:44 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-10-12 15:02 - 2016-10-05 10:41 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-10-12 15:02 - 2016-10-05 10:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2016-10-12 15:02 - 2016-10-05 10:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2016-10-12 15:02 - 2016-10-05 10:35 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll 2016-10-12 15:02 - 2016-10-05 10:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2016-10-12 15:02 - 2016-10-05 10:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2016-10-12 15:02 - 2016-10-05 10:34 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2016-10-12 15:02 - 2016-10-05 10:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2016-10-12 15:02 - 2016-10-05 10:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-10-12 15:02 - 2016-10-05 10:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll 2016-10-12 15:02 - 2016-10-05 10:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2016-10-12 15:02 - 2016-10-05 10:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-10-12 15:02 - 2016-10-05 10:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-10-12 15:02 - 2016-10-05 10:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2016-10-12 15:02 - 2016-10-05 10:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2016-10-12 15:02 - 2016-10-05 10:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2016-10-12 15:02 - 2016-10-05 10:29 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-10-12 15:02 - 2016-10-05 10:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2016-10-12 15:02 - 2016-10-05 10:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2016-10-12 15:02 - 2016-10-05 10:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2016-10-12 15:02 - 2016-10-05 10:26 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-10-12 15:02 - 2016-10-05 10:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-10-12 15:02 - 2016-10-05 10:26 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2016-10-12 15:02 - 2016-10-05 10:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-10-12 15:02 - 2016-10-05 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll 2016-10-12 15:02 - 2016-10-05 10:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2016-10-12 15:02 - 2016-10-05 10:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-10-12 15:02 - 2016-10-05 10:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-10-12 15:02 - 2016-10-05 10:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2016-10-12 15:02 - 2016-10-05 10:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-10-12 15:02 - 2016-10-05 10:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2016-10-12 15:02 - 2016-10-05 10:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2016-10-12 15:02 - 2016-10-05 10:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll 2016-10-12 15:02 - 2016-10-05 10:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2016-10-12 15:02 - 2016-10-05 10:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2016-10-12 15:02 - 2016-10-05 10:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2016-10-12 15:02 - 2016-10-05 10:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2016-10-12 15:02 - 2016-10-05 10:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2016-10-12 15:02 - 2016-10-05 10:22 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-10-12 15:02 - 2016-10-05 10:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-10-12 15:02 - 2016-10-05 10:21 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2016-10-12 15:02 - 2016-10-05 10:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-10-12 15:02 - 2016-10-05 10:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2016-10-12 15:02 - 2016-10-05 10:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-10-12 15:02 - 2016-10-05 10:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2016-10-12 15:02 - 2016-10-05 10:19 - 02265088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-10-12 15:02 - 2016-10-05 10:19 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-10-12 15:02 - 2016-10-05 10:19 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-10-12 15:02 - 2016-10-05 10:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-10-12 15:02 - 2016-10-05 10:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-10-12 15:02 - 2016-10-05 10:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-10-12 15:02 - 2016-10-05 10:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-10-12 15:02 - 2016-10-05 10:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-10-12 15:02 - 2016-10-05 10:17 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-10-12 15:02 - 2016-10-05 10:16 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-10-12 15:02 - 2016-10-05 10:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-10-12 15:02 - 2016-10-05 10:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2016-10-12 15:02 - 2016-10-05 10:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-10-12 15:02 - 2016-10-05 10:15 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-10-12 15:02 - 2016-10-05 10:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2016-10-12 15:02 - 2016-10-05 10:15 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-10-12 15:02 - 2016-10-05 10:15 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-10-12 15:02 - 2016-10-05 10:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2016-10-12 15:02 - 2016-10-05 10:14 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-10-12 15:02 - 2016-10-05 10:14 - 02667520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-10-12 15:02 - 2016-10-05 10:14 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2016-10-12 15:02 - 2016-10-05 10:14 - 01778176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-10-12 15:02 - 2016-10-05 10:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-10-12 15:02 - 2016-10-05 10:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-10-12 15:02 - 2016-10-05 10:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll 2016-10-12 15:02 - 2016-10-05 10:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2016-10-12 15:02 - 2016-10-05 10:11 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-10-12 15:02 - 2016-10-05 10:11 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-10-12 15:02 - 2016-10-05 10:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-10-12 15:02 - 2016-10-05 10:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-10-12 15:02 - 2016-10-05 10:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-10-12 15:02 - 2016-10-05 10:09 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-10-12 15:02 - 2016-10-05 10:09 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-10-12 15:02 - 2016-10-05 10:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-10-12 15:02 - 2016-10-05 10:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-10-12 15:02 - 2016-10-05 10:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2016-10-12 15:02 - 2016-10-05 10:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-10-12 15:02 - 2016-10-05 10:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2016-10-12 15:02 - 2016-10-05 10:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-10-12 15:02 - 2016-10-05 10:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-10-12 15:02 - 2016-10-05 10:06 - 02254336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-10-12 15:02 - 2016-10-05 10:06 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2016-10-12 15:02 - 2016-10-05 10:06 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-10-12 15:02 - 2016-10-05 10:06 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-10-12 15:02 - 2016-10-05 10:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-10-12 15:02 - 2016-10-05 10:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-10-12 15:02 - 2016-09-07 06:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-10-12 15:01 - 2016-10-05 11:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-10-12 15:01 - 2016-10-05 11:34 - 01051104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-10-12 15:01 - 2016-10-05 11:34 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-10-12 15:01 - 2016-10-05 11:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2016-10-12 15:01 - 2016-10-05 11:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-10-12 15:01 - 2016-10-05 11:31 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-10-12 15:01 - 2016-10-05 11:31 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-10-12 15:01 - 2016-10-05 11:30 - 07812448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-10-12 15:01 - 2016-10-05 11:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2016-10-12 15:01 - 2016-10-05 11:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-10-12 15:01 - 2016-10-05 11:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-10-12 15:01 - 2016-10-05 11:09 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-10-12 15:01 - 2016-10-05 11:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-10-12 15:01 - 2016-10-05 11:09 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-10-12 15:01 - 2016-10-05 11:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2016-10-12 15:01 - 2016-10-05 11:04 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-10-12 15:01 - 2016-10-05 11:04 - 00628032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-10-12 15:01 - 2016-10-05 11:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-10-12 15:01 - 2016-10-05 10:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2016-10-12 15:01 - 2016-10-05 10:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-10-12 15:01 - 2016-10-05 10:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-10-12 15:01 - 2016-10-05 10:46 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-10-12 15:01 - 2016-10-05 10:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-10-12 15:01 - 2016-10-05 10:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-10-12 15:01 - 2016-10-05 10:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2016-10-12 15:01 - 2016-10-05 10:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-10-12 15:01 - 2016-10-05 10:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2016-10-12 15:01 - 2016-10-05 10:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-10-12 15:01 - 2016-10-05 10:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-10-12 15:01 - 2016-10-05 10:33 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-10-12 15:01 - 2016-10-05 10:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2016-10-12 15:01 - 2016-10-05 10:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll 2016-10-12 15:01 - 2016-10-05 10:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-10-12 15:01 - 2016-10-05 10:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2016-10-12 15:01 - 2016-10-05 10:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2016-10-12 15:01 - 2016-10-05 10:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2016-10-12 15:01 - 2016-10-05 10:29 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-10-12 15:01 - 2016-10-05 10:29 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-10-12 15:01 - 2016-10-05 10:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-10-12 15:01 - 2016-10-05 10:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-10-12 15:01 - 2016-10-05 10:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-10-12 15:01 - 2016-10-05 10:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2016-10-12 15:01 - 2016-10-05 10:28 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-10-12 15:01 - 2016-10-05 10:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2016-10-12 15:01 - 2016-10-05 10:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-10-12 15:01 - 2016-10-05 10:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2016-10-12 15:01 - 2016-10-05 10:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-10-12 15:01 - 2016-10-05 10:24 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-10-12 15:01 - 2016-10-05 10:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-10-12 15:01 - 2016-10-05 10:22 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-10-12 15:01 - 2016-10-05 10:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-10-12 15:01 - 2016-10-05 10:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2016-10-12 15:01 - 2016-10-05 10:21 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-10-12 15:01 - 2016-10-05 10:21 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-10-12 15:01 - 2016-10-05 10:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2016-10-12 15:01 - 2016-10-05 10:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-10-12 15:01 - 2016-10-05 10:20 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-10-12 15:01 - 2016-10-05 10:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-10-12 15:01 - 2016-10-05 10:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-10-12 15:01 - 2016-10-05 10:18 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-10-12 15:01 - 2016-10-05 10:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-10-12 15:01 - 2016-10-05 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll 2016-10-12 15:01 - 2016-10-05 10:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2016-10-12 15:01 - 2016-10-05 10:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-10-12 15:01 - 2016-10-05 10:15 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-10-12 15:01 - 2016-10-05 10:15 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2016-10-12 15:01 - 2016-10-05 10:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-10-12 15:01 - 2016-10-05 10:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2016-10-12 15:01 - 2016-10-05 10:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-10-12 15:01 - 2016-10-05 10:14 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-10-12 15:01 - 2016-10-05 10:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-10-12 15:01 - 2016-10-05 10:14 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-10-12 15:01 - 2016-10-05 10:14 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-10-12 15:01 - 2016-10-05 10:13 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-10-12 15:01 - 2016-10-05 10:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2016-10-12 15:01 - 2016-10-05 10:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2016-10-12 15:01 - 2016-10-05 10:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2016-10-12 15:01 - 2016-10-05 10:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-10-12 15:01 - 2016-10-05 10:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2016-10-12 15:01 - 2016-10-05 10:09 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-10-12 15:01 - 2016-10-05 10:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-10-12 15:01 - 2016-10-05 10:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-10-12 15:01 - 2016-10-05 10:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2016-10-12 15:01 - 2016-10-05 10:07 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-10-12 15:01 - 2016-10-05 10:06 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-10-12 15:01 - 2016-10-05 10:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-10-12 15:01 - 2016-10-05 10:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-10-12 15:01 - 2016-10-05 10:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2016-10-12 15:01 - 2016-10-05 01:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-10-04 07:17 - 2016-10-04 07:17 - 00009702 _____ C:\Users\Pc\Downloads\taxatieverslag.pdf 2016-10-03 16:00 - 2016-10-13 08:22 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-10-02 17:19 - 2016-10-02 17:19 - 00003593 _____ C:\Users\Pc\AppData\LocalLow\lpm.dat 2016-10-02 13:55 - 2016-10-02 13:55 - 00022784 _____ (Trust.Zone VPN Project) C:\WINDOWS\system32\Drivers\neo_vpn.sys 2016-10-02 13:54 - 2016-10-13 16:50 - 00000000 ____D C:\Program Files\Trust.Zone VPN Client 2016-10-02 13:54 - 2016-10-02 13:54 - 00002194 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Trust.Zone VPN Client.lnk 2016-10-02 13:54 - 2016-10-02 13:54 - 00002188 _____ C:\Users\Public\Desktop\Trust.Zone VPN Client.lnk 2016-10-02 13:54 - 2016-10-02 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trust.Zone VPN Client 2016-10-02 13:52 - 2016-10-02 13:53 - 30446768 _____ (Trust.Zone VPN Project) C:\Users\Pc\Downloads\Trust.Zone_Windows_Client_Setup.exe ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2016-11-01 10:36 - 2011-11-14 13:25 - 00000000 ____D C:\Users\Pc\AppData\Local\CrashDumps 2016-11-01 10:21 - 2016-09-22 03:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-11-01 09:37 - 2016-09-22 03:21 - 00000000 ____D C:\Users\Pc 2016-11-01 09:09 - 2014-05-07 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-11-01 09:09 - 2013-10-22 09:21 - 00000000 ____D C:\ProgramData\Oracle 2016-11-01 09:09 - 2013-06-25 09:18 - 00000000 ____D C:\Program Files (x86)\Java 2016-11-01 09:08 - 2014-05-07 15:11 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-11-01 07:30 - 2016-09-22 03:44 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2016-10-30 13:16 - 2012-04-15 11:23 - 00000000 ____D C:\Users\Pc\AppData\Roaming\tixati 2016-10-29 12:07 - 2016-09-22 03:21 - 00000000 ____D C:\Users\DefaultAppPool 2016-10-28 06:29 - 2015-04-04 07:55 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Dropbox 2016-10-27 01:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-10-27 01:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-10-27 01:32 - 2012-04-13 09:49 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-10-25 21:41 - 2013-07-26 12:03 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-25 21:41 - 2013-07-26 12:03 - 00002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-25 13:30 - 2011-11-02 00:23 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-10-25 10:31 - 2012-05-04 02:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-10-23 12:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-10-22 09:44 - 2014-03-12 11:30 - 00000000 ____D C:\Users\Pc\AppData\Local\Battle.net 2016-10-22 09:26 - 2016-07-16 07:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM 2016-10-22 09:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-10-22 05:22 - 2011-11-01 23:59 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2016-10-21 15:40 - 2014-10-15 15:14 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-10-21 15:36 - 2014-10-21 09:39 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2016-10-21 15:31 - 2014-03-12 11:30 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-10-21 09:14 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-10-20 09:28 - 2015-10-25 20:28 - 00000000 ____D C:\Users\Pc\AppData\Local\Packages 2016-10-18 18:35 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-10-16 16:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2016-10-16 16:11 - 2015-04-08 07:08 - 00008319 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT 2016-10-14 02:30 - 2015-04-04 07:56 - 00000000 ___RD C:\Users\Pc\Dropbox 2016-10-13 18:16 - 2015-04-08 07:05 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64 2016-10-13 17:52 - 2011-11-06 20:05 - 00000000 ____D C:\Program Files (x86)\Steam 2016-10-13 17:30 - 2015-10-25 20:35 - 00000000 ___RD C:\Users\Pc\OneDrive 2016-10-13 17:29 - 2015-09-10 06:35 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-10-13 17:29 - 2013-05-02 08:51 - 00000000 ____D C:\Users\Pc\AppData\Local\HTC MediaHub 2016-10-13 16:54 - 2016-09-22 03:20 - 01834698 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-10-13 16:54 - 2016-07-16 23:15 - 00662866 _____ C:\WINDOWS\system32\perfh013.dat 2016-10-13 16:54 - 2016-07-16 23:15 - 00142840 _____ C:\WINDOWS\system32\perfc013.dat 2016-10-13 16:50 - 2016-09-22 03:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-10-13 16:49 - 2016-09-22 03:12 - 00351344 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-10-13 16:49 - 2012-05-30 20:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-10-13 16:49 - 2012-05-30 20:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-10-13 16:48 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-10-13 16:47 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-10-13 16:47 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-10-13 16:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-10-13 16:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-10-13 16:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-10-13 16:47 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-10-13 16:47 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-10-13 16:47 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2016-10-13 15:55 - 2014-08-30 18:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2016-10-13 08:21 - 2015-07-06 11:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-10-13 06:44 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini 2016-10-13 06:38 - 2013-08-15 09:34 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-10-12 15:48 - 2012-02-14 02:27 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-10-12 15:47 - 2012-05-30 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-10-12 14:51 - 2016-07-16 12:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2016-10-12 14:50 - 2016-07-16 12:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2016-10-08 13:44 - 2012-05-15 11:27 - 00000000 ____D C:\Program Files (x86)\Diablo III 2016-10-03 21:09 - 2016-07-16 12:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-10-03 21:09 - 2016-07-16 12:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-10-03 17:12 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-10-03 17:12 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-10-03 17:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-10-03 17:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup 2016-10-03 17:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-10-03 17:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-10-03 17:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2016-10-03 17:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-10-03 17:12 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-10-03 17:12 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-10-03 17:12 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-10-03 15:49 - 2016-09-22 07:04 - 00000000 ____D C:\Users\Pc\AppData\Local\ConnectedDevicesPlatform 2016-10-03 08:21 - 2011-11-01 23:38 - 00000000 ____D C:\Users\Pc\Documents\Nick documenten ==================== Bestanden in de root van sommige mappen ======= 2013-07-30 10:33 - 2016-01-28 20:02 - 0040157 _____ () C:\Users\Pc\AppData\Roaming\ExpressZip.dmp 2014-02-20 17:49 - 2014-02-20 17:49 - 0000359 _____ () C:\Users\Pc\AppData\Roaming\Gangsters2Setup.lnk 2012-01-18 11:03 - 2012-01-18 11:03 - 0007605 _____ () C:\Users\Pc\AppData\Local\Resmon.ResmonCfg 2015-09-04 17:45 - 2015-09-04 17:45 - 4953229 _____ () C:\Users\Pc\AppData\Local\tmp2015-08-27 12.54.06.JPG 2012-06-15 12:27 - 2012-06-15 12:27 - 5577087 _____ () C:\Users\Pc\AppData\Local\tmpP1000951.0 2012-06-15 12:27 - 2012-06-15 12:27 - 1394177 _____ () C:\Users\Pc\AppData\Local\tmpP1000951.JPG 2012-06-15 12:26 - 2013-01-29 15:21 - 5819314 _____ () C:\Users\Pc\AppData\Local\tmpP1000952.0 2012-06-15 12:26 - 2013-01-29 15:21 - 1317162 _____ () C:\Users\Pc\AppData\Local\tmpP1000952.1 2012-06-15 12:26 - 2013-01-29 15:21 - 1307714 _____ () C:\Users\Pc\AppData\Local\tmpP1000952.2 2013-01-29 15:21 - 2013-01-29 15:21 - 1323551 _____ () C:\Users\Pc\AppData\Local\tmpP1000952.JPG 2012-08-30 12:15 - 2012-08-30 12:15 - 0522974 _____ () C:\Users\Pc\AppData\Local\tmpWOWSCRNSHOT_081412_160456.0 2012-08-30 12:15 - 2012-08-30 12:15 - 0415240 _____ () C:\Users\Pc\AppData\Local\tmpWOWSCRNSHOT_081412_160456.JPG Sommige bestanden in TEMP: ==================== C:\Users\Pc\AppData\Local\Temp\7za.exe C:\Users\Pc\AppData\Local\Temp\DaS_21.exe C:\Users\Pc\AppData\Local\Temp\hijackthis.exe C:\Users\Pc\AppData\Local\Temp\NirCmd.exe C:\Users\Pc\AppData\Local\Temp\PEVZ.EXE C:\Users\Pc\AppData\Local\Temp\remove.exe C:\Users\Pc\AppData\Local\Temp\sed.exe C:\Users\Pc\AppData\Local\Temp\shortcut.exe C:\Users\Pc\AppData\Local\Temp\swreg.exe C:\Users\Pc\AppData\Local\Temp\swxcacls.exe C:\Users\Pc\AppData\Local\Temp\wget.exe C:\Users\Pc\AppData\Local\Temp\zoek-delete.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2016-10-19 08:42 ==================== Eind van FRST.txt ============================