Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 12-01-2017 Gestart door Esther (Beheerder) op ESTHER-PC (13-01-2017 11:05:08) Gestart vanaf C:\Users\Esther\Downloads Geladen Profielen: Esther (Beschikbare Profielen: Esther) Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (F-Secure Corporation) C:\Program Files (x86)\KPN Veilig\apps\CCF_Reputation\fsorsp.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (F-Secure Corporation) C:\Program Files (x86)\KPN Veilig\fshoster32.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (F-Secure Corporation) C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (F-Secure Corporation) C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\Common\FSHDLL64.EXE (F-Secure Corporation) C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (F-Secure Corporation) C:\Program Files (x86)\KPN Veilig\fshoster32.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\FAHWindow32.exe (WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\WzPreloader.exe (WinZip Computing, S.L.) C:\Program Files (x86)\WinZip\FAHWindow64.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26287016 2017-01-06] (Dropbox, Inc.) HKLM-x32\...\Run: [PCFIXTRAYERNMB] => c:\pcfiXtrayknfii.lnk [2141 2016-04-18] () HKLM-x32\...\Run: [PCFIXTRAYMSPSL] => c:\pcfiXtraylmxrr.lnk [2141 2016-04-19] () HKLM-x32\...\Run: [PCFIXTRAYEJXNN] => c:\pcfiXtrayyxmtl.lnk [2141 2016-05-01] () HKLM-x32\...\Run: [PCFIXTRAYCNJRX] => c:\pcfiXtrayoznvp.lnk [2141 2016-04-21] () HKLM-x32\...\Run: [PCFIXTRAYTMOTK] => c:\pcfiXtraydrwjk.lnk [2141 2016-04-22] () HKLM-x32\...\Run: [PCFIXTRAYJCZUH] => c:\pcfiXtraymmvla.lnk [2141 2016-04-22] () HKLM-x32\...\Run: [PCFIXTRAYQGYCL] => c:\pcfiXtrayceraq.lnk [2181 2016-07-14] () HKLM-x32\...\Run: [PCFIXTRAYCUJSK] => c:\pcfiXtrayqvqyk.lnk [2141 2016-04-23] () HKLM-x32\...\Run: [PCFIXTRAYWXQHI] => c:\pcfiXtrayaspwg.lnk [2181 2016-12-30] () HKLM-x32\...\Run: [PCFIXTRAYLLYRL] => c:\pcfiXtrayqreao.lnk [2181 2016-09-12] () HKLM-x32\...\Run: [PCFIXTRAYGFGGK] => c:\pcfiXtrayexzqo.lnk [2141 2016-04-26] () HKLM-x32\...\Run: [PCFIXTRAYRYVUT] => c:\pcfiXtraykohgw.lnk [2141 2016-04-27] () HKLM-x32\...\Run: [PCFIXTRAYJYMRI] => c:\pcfiXtraykervw.lnk [2141 2016-04-28] () HKLM-x32\...\Run: [PCFIXTRAYKQFSV] => c:\pcfiXtrayoolbp.lnk [2181 2016-12-15] () HKLM-x32\...\Run: [PCFIXTRAYJDLDA] => c:\pcfiXtrayamprv.lnk [2141 2016-04-30] () HKLM-x32\...\Run: [PCFIXTRAYKWWJJ] => c:\pcfiXtrayonnvb.lnk [2181 2016-05-01] () HKLM-x32\...\Run: [PCFIXTRAYQTSFM] => c:\pcfiXtrayeijtx.lnk [2181 2017-01-13] () HKLM-x32\...\Run: [PCFIXTRAYGIJJX] => c:\pcfiXtrayzebva.lnk [2181 2016-08-26] () HKLM-x32\...\Run: [PCFIXTRAYDWEOX] => c:\pcfiXtrayvultm.lnk [2181 2016-05-04] () HKLM-x32\...\Run: [PCFIXTRAYKKUXX] => c:\pcfiXtrayyscnj.lnk [2181 2016-05-05] () HKLM-x32\...\Run: [PCFIXTRAYVZYMH] => c:\pcfiXtrayjrson.lnk [2181 2016-05-06] () HKLM-x32\...\Run: [PCFIXTRAYKUKOV] => c:\pcfiXtrayqwprk.lnk [2181 2016-05-07] () HKLM-x32\...\Run: [PCFIXTRAYGQOOX] => c:\pcfiXtrayitsne.lnk [2181 2016-05-08] () HKLM-x32\...\Run: [PCFIXTRAYJYEQI] => c:\pcfiXtrayevuwl.lnk [2181 2016-05-16] () HKLM-x32\...\Run: [PCFIXTRAYWMGHG] => c:\pcfiXtrayydptr.lnk [2181 2016-05-10] () HKLM-x32\...\Run: [PCFIXTRAYBPNPV] => c:\pcfiXtrayqparf.lnk [2181 2016-10-19] () HKLM-x32\...\Run: [PCFIXTRAYCKEVY] => c:\pcfiXtraymrjfu.lnk [2181 2016-05-12] () HKLM-x32\...\Run: [PCFIXTRAYJVZBU] => c:\pcfiXtraykzsjf.lnk [2181 2016-05-13] () HKLM-x32\...\Run: [PCFIXTRAYTMHWW] => c:\pcfiXtraywkzkz.lnk [2181 2016-09-22] () HKLM-x32\...\Run: [PCFIXTRAYUEZVY] => c:\pcfiXtraygbyod.lnk [2181 2016-05-14] () HKLM-x32\...\Run: [PCFIXTRAYJIVWH] => c:\pcfiXtrayudufv.lnk [2181 2016-05-15] () HKLM-x32\...\Run: [PCFIXTRAYFZKDV] => c:\pcfiXtrayerjri.lnk [2181 2016-10-18] () HKLM-x32\...\Run: [PCFIXTRAYMDNKT] => c:\pcfiXtrayzjchm.lnk [2181 2016-05-18] () HKLM-x32\...\Run: [PCFIXTRAYULAPK] => c:\pcfiXtrayoyyqj.lnk [2181 2016-05-19] () HKLM-x32\...\Run: [PCFIXTRAYWCWEH] => c:\pcfiXtrayxgxdh.lnk [2181 2016-05-20] () HKLM-x32\...\Run: [PCFIXTRAYBREVW] => c:\pcfiXtraywrvce.lnk [2181 2016-05-21] () HKLM-x32\...\Run: [PCFIXTRAYNYVPM] => c:\pcfiXtrayzbbba.lnk [2181 2016-05-22] () HKLM-x32\...\Run: [PCFIXTRAYBRWUW] => c:\pcfiXtrayqhzlt.lnk [2181 2016-05-23] () HKLM-x32\...\Run: [PCFIXTRAYMULHT] => c:\pcfiXtrayxmbzk.lnk [2181 2016-05-24] () HKLM-x32\...\Run: [PCFIXTRAYIMFZM] => c:\pcfiXtrayptokh.lnk [2181 2016-05-25] () HKLM-x32\...\Run: [PCFIXTRAYTSPWW] => c:\pcfiXtraylvvcr.lnk [2181 2016-09-02] () HKLM-x32\...\Run: [PCFIXTRAYVWKOM] => c:\pcfiXtrayjetbo.lnk [2181 2016-11-08] () HKLM-x32\...\Run: [PCFIXTRAYWSQHV] => c:\pcfiXtraytlikj.lnk [2181 2016-05-28] () HKLM-x32\...\Run: [PCFIXTRAYFQIJV] => c:\pcfiXtrayjmfsk.lnk [2181 2016-05-29] () HKLM-x32\...\Run: [PCFIXTRAYCHYQJ] => c:\pcfiXtraytsuex.lnk [2181 2016-05-30] () HKLM-x32\...\Run: [PCFIXTRAYTPTXJ] => c:\pcfiXtrayfzazo.lnk [2181 2016-11-02] () HKLM-x32\...\Run: [PCFIXTRAYWSTIH] => c:\pcfiXtrayadswb.lnk [2181 2016-06-26] () HKLM-x32\...\Run: [PCFIXTRAYZVMCY] => c:\pcfiXtraypyafc.lnk [2181 2016-06-02] () HKLM-x32\...\Run: [PCFIXTRAYDFXIF] => c:\pcfiXtrayqapkk.lnk [2181 2016-06-03] () HKLM-x32\...\Run: [PCFIXTRAYPQKYW] => c:\pcfiXtrayrcqtc.lnk [2181 2016-06-04] () HKLM-x32\...\Run: [PCFIXTRAYQMXCY] => c:\pcfiXtrayilqmv.lnk [2181 2016-08-16] () HKLM-x32\...\Run: [PCFIXTRAYKWESI] => c:\pcfiXtrayuwjmm.lnk [2181 2016-06-06] () HKLM-x32\...\Run: [PCFIXTRAYOOQFV] => c:\pcfiXtrayfvyzx.lnk [2181 2016-06-07] () HKLM-x32\...\Run: [PCFIXTRAYTOXNW] => c:\pcfiXtrayepiji.lnk [2181 2016-06-08] () HKLM-x32\...\Run: [PCFIXTRAYBVYXJ] => c:\pcfiXtraykxtqf.lnk [2181 2016-06-09] () HKLM-x32\...\Run: [PCFIXTRAYHEAVS] => c:\pcfiXtrayqeaxn.lnk [2181 2016-06-10] () HKLM-x32\...\Run: [PCFIXTRAYZCXXF] => c:\pcfiXtrayfvjla.lnk [2181 2016-06-11] () HKLM-x32\...\Run: [PCFIXTRAYLAGRK] => c:\pcfiXtraypcnyq.lnk [2181 2016-06-12] () HKLM-x32\...\Run: [PCFIXTRAYTNSPW] => c:\pcfiXtraymghkl.lnk [2181 2016-06-13] () HKLM-x32\...\Run: [PCFIXTRAYIFEQG] => c:\pcfiXtrayouzcv.lnk [2181 2016-06-14] () HKLM-x32\...\Run: [PCFIXTRAYMQJFG] => c:\pcfiXtrayjnelk.lnk [2181 2016-06-15] () HKLM-x32\...\Run: [PCFIXTRAYCVGUX] => c:\pcfiXtrayrwqor.lnk [2181 2016-06-16] () HKLM-x32\...\Run: [PCFIXTRAYXBIHJ] => c:\pcfiXtraybhgye.lnk [2181 2017-01-12] () HKLM-x32\...\Run: [PCFIXTRAYMLWZY] => c:\pcfiXtrayjyupw.lnk [2181 2016-06-18] () HKLM-x32\...\Run: [PCFIXTRAYWSIGV] => c:\pcfiXtraynumty.lnk [2181 2016-06-19] () HKLM-x32\...\Run: [PCFIXTRAYVWZVA] => c:\pcfiXtraywumrl.lnk [2181 2016-06-20] () HKLM-x32\...\Run: [PCFIXTRAYXRUBW] => c:\pcfiXtrayszrbl.lnk [2181 2016-06-21] () HKLM-x32\...\Run: [PCFIXTRAYDJAKS] => c:\pcfiXtrayeznyd.lnk [2181 2016-06-22] () HKLM-x32\...\Run: [PCFIXTRAYOBCHW] => c:\pcfiXtraycqutk.lnk [2181 2016-06-23] () HKLM-x32\...\Run: [PCFIXTRAYLCXYL] => c:\pcfiXtrayvlibq.lnk [2181 2016-06-24] () HKLM-x32\...\Run: [PCFIXTRAYDPLSZ] => c:\pcfiXtrayzgnpd.lnk [2181 2016-06-27] () HKLM-x32\...\Run: [PCFIXTRAYQZBYK] => c:\pcfiXtrayyzohx.lnk [2181 2016-06-28] () HKLM-x32\...\Run: [PCFIXTRAYTCRPW] => c:\pcfiXtraygbabp.lnk [2181 2016-06-29] () HKLM-x32\...\Run: [PCFIXTRAYHSAJL] => c:\pcfiXtrayhjrjv.lnk [2181 2016-06-30] () HKLM-x32\...\Run: [PCFIXTRAYWJPMV] => c:\pcfiXtrayropca.lnk [2181 2016-07-01] () HKLM-x32\...\Run: [PCFIXTRAYMYGJG] => c:\pcfiXtraymkhed.lnk [2181 2016-07-02] () HKLM-x32\...\Run: [PCFIXTRAYNMPLT] => c:\pcfiXtrayupggj.lnk [2181 2016-07-03] () HKLM-x32\...\Run: [PCFIXTRAYHINZJ] => c:\pcfiXtrayydafu.lnk [2181 2016-07-04] () HKLM-x32\...\Run: [PCFIXTRAYIGYYA] => c:\pcfiXtraycuthy.lnk [2181 2016-07-05] () HKLM-x32\...\Run: [PCFIXTRAYDJKME] => c:\pcfiXtraysitaf.lnk [2181 2016-07-06] () HKLM-x32\...\Run: [PCFIXTRAYUNQWL] => c:\pcfiXtrayuhltb.lnk [2181 2016-07-07] () HKLM-x32\...\Run: [PCFIXTRAYDOHLF] => c:\pcfiXtrayrxpal.lnk [2181 2016-07-08] () HKLM-x32\...\Run: [PCFIXTRAYPSIKK] => c:\pcfiXtraynsnay.lnk [2181 2016-07-09] () HKLM-x32\...\Run: [PCFIXTRAYMFLOY] => c:\pcfiXtrayvyywp.lnk [2181 2016-07-10] () HKLM-x32\...\Run: [PCFIXTRAYOIRKW] => c:\pcfiXtrayfvxml.lnk [2181 2016-07-11] () HKLM-x32\...\Run: [PCFIXTRAYIWTXG] => c:\pcfiXtrayzxruj.lnk [2181 2016-07-12] () HKLM-x32\...\Run: [PCFIXTRAYRUAYU] => c:\pcfiXtraycxhzh.lnk [2181 2016-07-13] () HKLM-x32\...\Run: [PCFIXTRAYMLOYZ] => c:\pcfiXtraydpyql.lnk [2181 2016-07-15] () HKLM-x32\...\Run: [PCFIXTRAYNTPSN] => c:\pcfiXtraybnsmh.lnk [2181 2016-07-16] () HKLM-x32\...\Run: [PCFIXTRAYPLXCW] => c:\pcfiXtraytkujg.lnk [2181 2016-07-17] () HKLM-x32\...\Run: [PCFIXTRAYSWMTI] => c:\pcfiXtrayafgdx.lnk [2181 2016-11-01] () HKLM-x32\...\Run: [PCFIXTRAYZESUT] => c:\pcfiXtraykvegb.lnk [2181 2016-07-19] () HKLM-x32\...\Run: [PCFIXTRAYRIICB] => c:\pcfiXtrayzbdra.lnk [2181 2016-07-20] () HKLM-x32\...\Run: [PCFIXTRAYKAVWJ] => c:\pcfiXtraykeiik.lnk [2181 2016-07-21] () HKLM-x32\...\Run: [PCFIXTRAYDWTNL] => c:\pcfiXtrayhlmjj.lnk [2181 2016-07-22] () HKLM-x32\...\Run: [PCFIXTRAYXWTJK] => c:\pcfiXtrayxcbaz.lnk [2181 2016-08-21] () HKLM-x32\...\Run: [PCFIXTRAYEYUSN] => c:\pcfiXtrayhlddy.lnk [2181 2016-08-07] () HKLM-x32\...\Run: [PCFIXTRAYFZSEU] => c:\pcfiXtraylbfit.lnk [2181 2016-08-08] () HKLM-x32\...\Run: [PCFIXTRAYFXJDI] => c:\pcfiXtraylzivf.lnk [2181 2016-08-09] () HKLM-x32\...\Run: [PCFIXTRAYXAVEV] => c:\pcfiXtrayuojru.lnk [2181 2016-08-10] () HKLM-x32\...\Run: [PCFIXTRAYOFEJJ] => c:\pcfiXtrayxgoyw.lnk [2181 2016-08-18] () HKLM-x32\...\Run: [PCFIXTRAYRPLAT] => c:\pcfiXtrayjrpyn.lnk [2181 2016-08-12] () HKLM-x32\...\Run: [PCFIXTRAYVDAPM] => c:\pcfiXtrayezlkr.lnk [2181 2016-08-13] () HKLM-x32\...\Run: [PCFIXTRAYUVYTY] => c:\pcfiXtraylnuxf.lnk [2181 2016-08-14] () HKLM-x32\...\Run: [PCFIXTRAYSXGDB] => c:\pcfiXtrayuowie.lnk [2181 2016-10-08] () HKLM-x32\...\Run: [PCFIXTRAYQKIKM] => c:\pcfiXtraydtjdn.lnk [2181 2016-08-15] () HKLM-x32\...\Run: [PCFIXTRAYZOHXY] => c:\pcfiXtraygkbnx.lnk [2181 2016-08-17] () HKLM-x32\...\Run: [PCFIXTRAYTYKXX] => c:\pcfiXtraynvynb.lnk [2181 2016-08-19] () HKLM-x32\...\Run: [PCFIXTRAYOJZLW] => c:\pcfiXtraylftlw.lnk [2181 2016-08-20] () HKLM-x32\...\Run: [PCFIXTRAYSERYI] => c:\pcfiXtrayktfnc.lnk [2181 2016-08-22] () HKLM-x32\...\Run: [PCFIXTRAYHTXYL] => c:\pcfiXtraytjvqg.lnk [2181 2016-08-23] () HKLM-x32\...\Run: [PCFIXTRAYGBMFX] => c:\pcfiXtrayqybln.lnk [2181 2016-08-24] () HKLM-x32\...\Run: [PCFIXTRAYGQYIJ] => c:\pcfiXtraywczph.lnk [2181 2016-08-25] () HKLM-x32\...\Run: [PCFIXTRAYJIABB] => c:\pcfiXtraytkhap.lnk [2181 2016-08-27] () HKLM-x32\...\Run: [PCFIXTRAYIQKDL] => c:\pcfiXtrayrbrac.lnk [2181 2016-08-28] () HKLM-x32\...\Run: [PCFIXTRAYVMUIV] => c:\pcfiXtraytwtsd.lnk [2181 2016-08-29] () HKLM-x32\...\Run: [PCFIXTRAYACYXH] => c:\pcfiXtrayvwxnp.lnk [2181 2016-08-30] () HKLM-x32\...\Run: [PCFIXTRAYQWBYF] => c:\pcfiXtrayfontu.lnk [2181 2016-08-31] () HKLM-x32\...\Run: [PCFIXTRAYPDGCK] => c:\pcfiXtrayahsxa.lnk [2181 2016-09-13] () HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [PCFIXTRAYMILWM] => c:\pcfiXtrayojakk.lnk [2181 2017-01-11] () HKLM-x32\...\Run: [PCFIXTRAYCQRKJ] => c:\pcfiXtraypgzvv.lnk [2181 2016-09-04] () HKLM-x32\...\Run: [PCFIXTRAYQHWJY] => c:\pcfiXtrayudhoy.lnk [2181 2016-09-05] () HKLM-x32\...\Run: [PCFIXTRAYOZXJW] => c:\pcfiXtraykitvn.lnk [2181 2016-09-06] () HKLM-x32\...\Run: [PCFIXTRAYVZIOT] => c:\pcfiXtrayxbyqq.lnk [2181 2016-12-06] () HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-08-25] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [PCFIXTRAYJMNEA] => c:\pcfiXtrayvalqs.lnk [2181 2016-09-08] () HKLM-x32\...\Run: [PCFIXTRAYNDUHH] => c:\pcfiXtrayfiznx.lnk [2181 2016-09-09] () HKLM-x32\...\Run: [PCFIXTRAYYKNEJ] => c:\pcfiXtrayblhfp.lnk [2181 2016-09-10] () HKLM-x32\...\Run: [PCFIXTRAYGSSEW] => c:\pcfiXtrayabtlb.lnk [2181 2016-09-11] () HKLM-x32\...\Run: [PCFIXTRAYHBBDL] => c:\pcfiXtraycpvak.lnk [2181 2016-09-14] () HKLM-x32\...\Run: [PCFIXTRAYHRWYF] => c:\pcfiXtrayaqccd.lnk [2181 2016-09-15] () HKLM-x32\...\Run: [PCFIXTRAYQAVAK] => c:\pcfiXtrayunsyv.lnk [2181 2016-09-16] () HKLM-x32\...\Run: [PCFIXTRAYXKTIJ] => c:\pcfiXtrayqeoyq.lnk [2181 2016-09-17] () HKLM-x32\...\Run: [PCFIXTRAYSTWUI] => c:\pcfiXtraytzfxg.lnk [2181 2016-09-18] () HKLM-x32\...\Run: [PCFIXTRAYZRZFA] => c:\pcfiXtrayhzaqv.lnk [2181 2016-09-19] () HKLM-x32\...\Run: [PCFIXTRAYZFOEY] => c:\pcfiXtraylewwz.lnk [2181 2016-12-09] () HKLM-x32\...\Run: [PCFIXTRAYKKMWX] => c:\pcfiXtraysafwf.lnk [2181 2016-09-21] () HKLM-x32\...\Run: [PCFIXTRAYXSYMJ] => c:\pcfiXtrayzkfqv.lnk [2181 2016-09-23] () HKLM-x32\...\Run: [PCFIXTRAYOOYCJ] => c:\pcfiXtraymdwxi.lnk [2181 2016-09-24] () HKLM-x32\...\Run: [PCFIXTRAYNQGJI] => c:\pcfiXtrayclvht.lnk [2181 2016-09-24] () HKLM-x32\...\Run: [PCFIXTRAYBAEUI] => c:\pcfiXtrayilbxy.lnk [2181 2016-09-25] () HKLM-x32\...\Run: [PCFIXTRAYCDDMK] => c:\pcfiXtraylbuxi.lnk [2181 2016-09-26] () HKLM-x32\...\Run: [PCFIXTRAYAKSAN] => c:\pcfiXtrayrtqvr.lnk [2181 2016-12-13] () HKLM-x32\...\Run: [PCFIXTRAYJJEZH] => c:\pcfiXtraywamve.lnk [2181 2016-12-02] () HKLM-x32\...\Run: [PCFIXTRAYAGIAM] => c:\pcfiXtraypezsb.lnk [2181 2016-09-29] () HKLM-x32\...\Run: [PCFIXTRAYRGKYT] => c:\pcfiXtraynllhp.lnk [2181 2016-09-30] () HKLM-x32\...\Run: [PCFIXTRAYWHRII] => c:\pcfiXtrayvylne.lnk [2181 2016-09-30] () HKLM-x32\...\Run: [PCFIXTRAYGSVFJ] => c:\pcfiXtrayicdwa.lnk [2181 2016-10-01] () HKLM-x32\...\Run: [PCFIXTRAYNYDQM] => c:\pcfiXtrayfkxsl.lnk [2181 2016-10-02] () HKLM-x32\...\Run: [PCFIXTRAYKTGYX] => c:\pcfiXtraynokvv.lnk [2181 2016-10-03] () HKLM-x32\...\Run: [PCFIXTRAYAKDCZ] => c:\pcfiXtrayecxxu.lnk [2181 2016-10-04] () HKLM-x32\...\Run: [PCFIXTRAYMRDWA] => c:\pcfiXtraywnyzf.lnk [2181 2016-10-05] () HKLM-x32\...\Run: [PCFIXTRAYIAXTF] => c:\pcfiXtraybfukm.lnk [2181 2016-10-06] () HKLM-x32\...\Run: [PCFIXTRAYIDGYH] => c:\pcfiXtraybfteb.lnk [2181 2016-10-07] () HKLM-x32\...\Run: [PCFIXTRAYJJWYH] => c:\pcfiXtrayprqet.lnk [2181 2016-10-09] () HKLM-x32\...\Run: [PCFIXTRAYSKMAI] => c:\pcfiXtrayskepx.lnk [2181 2016-10-14] () HKLM-x32\...\Run: [PCFIXTRAYAEHAH] => c:\pcfiXtraywlyvy.lnk [2181 2016-11-07] () HKLM-x32\...\Run: [PCFIXTRAYINJUG] => c:\pcfiXtrayyiymi.lnk [2181 2016-10-15] () HKLM-x32\...\Run: [PCFIXTRAYZEVBN] => c:\pcfiXtrayrmcvl.lnk [2181 2016-10-16] () HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.) HKLM-x32\...\Run: [PCFIXTRAYUONTK] => c:\pcfiXtrayqgbgf.lnk [2181 2016-10-20] () HKLM-x32\...\Run: [PCFIXTRAYMFVPL] => c:\pcfiXtrayjifzs.lnk [2181 2016-10-21] () HKLM-x32\...\Run: [PCFIXTRAYRMDGZ] => c:\pcfiXtrayisdyp.lnk [2181 2016-10-22] () HKLM-x32\...\Run: [PCFIXTRAYJBNZV] => c:\pcfiXtrayexkkz.lnk [2181 2016-10-23] () HKLM-x32\...\Run: [PCFIXTRAYROZWZ] => c:\pcfiXtrayabewm.lnk [2181 2016-10-24] () HKLM-x32\...\Run: [PCFIXTRAYSRVUU] => c:\pcfiXtrayapdjd.lnk [2181 2016-10-25] () HKLM-x32\...\Run: [PCFIXTRAYHICXX] => c:\pcfiXtrayktucr.lnk [2181 2016-10-26] () HKLM-x32\...\Run: [PCFIXTRAYKTOZX] => c:\pcfiXtraytxgmg.lnk [2181 2016-10-27] () HKLM-x32\...\Run: [PCFIXTRAYDDTSY] => c:\pcfiXtrayyromf.lnk [2181 2016-10-28] () HKLM-x32\...\Run: [PCFIXTRAYYQYEY] => c:\pcfiXtraywsaxh.lnk [2181 2016-10-29] () HKLM-x32\...\Run: [PCFIXTRAYOFWIJ] => c:\pcfiXtrayqxrgl.lnk [2181 2016-10-30] () HKLM-x32\...\Run: [PCFIXTRAYLQNQK] => c:\pcfiXtrayuwiza.lnk [2181 2016-10-31] () HKLM-x32\...\Run: [PCFIXTRAYWWLIJ] => c:\pcfiXtraybsrgy.lnk [2181 2016-11-03] () HKLM-x32\...\Run: [PCFIXTRAYYSCCX] => c:\pcfiXtrayobbvm.lnk [2181 2016-11-04] () HKLM-x32\...\Run: [PCFIXTRAYDSTLS] => c:\pcfiXtrayanrpa.lnk [2181 2016-11-05] () HKLM-x32\...\Run: [PCFIXTRAYAJGST] => c:\pcfiXtraydbwhw.lnk [2181 2016-11-07] () HKLM-x32\...\Run: [PCFIXTRAYQTQVS] => c:\pcfiXtraykztoq.lnk [2181 2016-11-09] () HKLM-x32\...\Run: [PCFIXTRAYOWVKV] => c:\pcfiXtraypcyjb.lnk [2181 2016-11-09] () HKLM-x32\...\Run: [PCFIXTRAYUMFNS] => c:\pcfiXtrayghyog.lnk [2181 2016-11-10] () HKLM-x32\...\Run: [PCFIXTRAYVWOMG] => c:\pcfiXtrayiuslp.lnk [2181 2016-11-11] () HKLM-x32\...\Run: [PCFIXTRAYHIFYS] => c:\pcfiXtraysmeni.lnk [2181 2016-11-12] () HKLM-x32\...\Run: [PCFIXTRAYKVWWW] => c:\pcfiXtraydxjen.lnk [2181 2016-11-13] () HKLM-x32\...\Run: [PCFIXTRAYVMCJM] => c:\pcfiXtrayafqjp.lnk [2181 2016-11-14] () HKLM-x32\...\Run: [PCFIXTRAYSXRWV] => c:\pcfiXtrayiyclh.lnk [2181 2017-01-02] () HKLM-x32\...\Run: [PCFIXTRAYNMEKH] => c:\pcfiXtrayhfavg.lnk [2181 2016-11-16] () HKLM-x32\...\Run: [PCFIXTRAYBCDCB] => c:\pcfiXtrayudtaj.lnk [2181 2016-11-30] () HKLM-x32\...\Run: [PCFIXTRAYTPJVX] => c:\pcfiXtrayrpcwl.lnk [2181 2016-11-18] () HKLM-x32\...\Run: [PCFIXTRAYPXFJK] => c:\pcfiXtraymzjal.lnk [2181 2016-11-19] () HKLM-x32\...\Run: [PCFIXTRAYLCPSX] => c:\pcfiXtraypdcde.lnk [2181 2016-11-20] () HKLM-x32\...\Run: [PCFIXTRAYRLQVU] => c:\pcfiXtrayaapry.lnk [2181 2016-11-21] () HKLM-x32\...\Run: [PCFIXTRAYBPZXW] => c:\pcfiXtrayeiuea.lnk [2181 2016-11-22] () HKLM-x32\...\Run: [PCFIXTRAYAEKST] => c:\pcfiXtraydmipq.lnk [2181 2016-11-23] () HKLM-x32\...\Run: [PCFIXTRAYGMTMK] => c:\pcfiXtrayuuvze.lnk [2181 2016-11-24] () HKLM-x32\...\Run: [PCFIXTRAYTTTYK] => c:\pcfiXtraymxwtp.lnk [2181 2016-11-25] () HKLM-x32\...\Run: [PCFIXTRAYKHERV] => c:\pcfiXtraysihkr.lnk [2181 2016-11-26] () HKLM-x32\...\Run: [PCFIXTRAYSPBYJ] => c:\pcfiXtrayliwqz.lnk [2181 2016-11-27] () HKLM-x32\...\Run: [PCFIXTRAYFDMGI] => c:\pcfiXtrayzzdom.lnk [2181 2016-11-28] () HKLM-x32\...\Run: [PCFIXTRAYHGBDX] => c:\pcfiXtrayjwumq.lnk [2181 2016-11-29] () HKLM-x32\...\Run: [PCFIXTRAYBSXXW] => c:\pcfiXtrayresbc.lnk [2181 2016-12-01] () HKLM-x32\...\Run: [PCFIXTRAYYMDCL] => c:\pcfiXtrayhucrh.lnk [2181 2016-12-03] () HKLM-x32\...\Run: [PCFIXTRAYJWAUU] => c:\pcfiXtraygfoau.lnk [2181 2016-12-04] () HKLM-x32\...\Run: [PCFIXTRAYQQHCZ] => c:\pcfiXtraykahol.lnk [2181 2016-12-05] () HKLM-x32\...\Run: [PCFIXTRAYUYOOJ] => c:\pcfiXtraysdcoo.lnk [2181 2016-12-07] () HKLM-x32\...\Run: [PCFIXTRAYAPCCU] => c:\pcfiXtraylkvjr.lnk [2181 2016-12-08] () HKLM-x32\...\Run: [PCFIXTRAYIIDXH] => c:\pcfiXtrayauqeg.lnk [2181 2016-12-10] () HKLM-x32\...\Run: [PCFIXTRAYANBTH] => c:\pcfiXtrayrzcuw.lnk [2181 2016-12-10] () HKLM-x32\...\Run: [PCFIXTRAYUBJOX] => c:\pcfiXtrayasdkd.lnk [2181 2016-12-11] () HKLM-x32\...\Run: [PCFIXTRAYATUCN] => c:\pcfiXtraymhvmp.lnk [2181 2016-12-12] () HKLM-x32\...\Run: [PCFIXTRAYFJXNX] => c:\pcfiXtraynyawb.lnk [2181 2016-12-14] () HKLM-x32\...\Run: [PCFIXTRAYHVUDY] => c:\pcfiXtrayvhwwn.lnk [2181 2016-12-14] () HKLM-x32\...\Run: [PCFIXTRAYOPCNO] => c:\pcfiXtraytwsfs.lnk [2181 2016-12-16] () HKLM-x32\...\Run: [PCFIXTRAYOXAFJ] => c:\pcfiXtraynswor.lnk [2181 2016-12-17] () HKLM-x32\...\Run: [PCFIXTRAYNAWPA] => c:\pcfiXtraystuqd.lnk [2181 2016-12-18] () HKLM-x32\...\Run: [PCFIXTRAYSCFUW] => c:\pcfiXtraybevlb.lnk [2181 2016-12-19] () HKLM-x32\...\Run: [PCFIXTRAYBIMVI] => c:\pcfiXtrayouxok.lnk [2181 2016-12-20] () HKLM-x32\...\Run: [PCFIXTRAYOJJFI] => c:\pcfiXtrayzoaoz.lnk [2181 2016-12-21] () HKLM-x32\...\Run: [PCFIXTRAYCRLSK] => c:\pcfiXtraycytjq.lnk [2181 2016-12-22] () HKLM-x32\...\Run: [PCFIXTRAYKXAUW] => c:\pcfiXtrayvgkck.lnk [2181 2016-12-23] () HKLM-x32\...\Run: [PCFIXTRAYKQQMI] => c:\pcfiXtraybyrds.lnk [2181 2016-12-24] () HKLM-x32\...\Run: [PCFIXTRAYRIAFM] => c:\pcfiXtraytuglp.lnk [2181 2016-12-25] () HKLM-x32\...\Run: [PCFIXTRAYBFEUV] => c:\pcfiXtraypsajv.lnk [2181 2016-12-26] () HKLM-x32\...\Run: [PCFIXTRAYOPKHV] => c:\pcfiXtraybbcqu.lnk [2181 2016-12-27] () HKLM-x32\...\Run: [PCFIXTRAYKOOZK] => c:\pcfiXtraynqzbj.lnk [2181 2016-12-28] () HKLM-x32\...\Run: [PCFIXTRAYAXOEA] => c:\pcfiXtrayafszp.lnk [2181 2016-12-28] () HKLM-x32\...\Run: [PCFIXTRAYYUKIX] => c:\pcfiXtrayyamnl.lnk [2181 2016-12-29] () HKLM-x32\...\Run: [PCFIXTRAYRXBYH] => c:\pcfiXtrayvhjnk.lnk [2181 2016-12-31] () HKLM-x32\...\Run: [PCFIXTRAYRRMAG] => c:\pcfiXtraycjimp.lnk [2181 2017-01-01] () HKLM-x32\...\Run: [PCFIXTRAYNDKNV] => c:\pcfiXtrayshtcu.lnk [2181 2017-01-03] () HKLM-x32\...\Run: [PCFIXTRAYOLSLK] => c:\pcfiXtrayygqig.lnk [2181 2017-01-04] () HKLM-x32\...\Run: [PCFIXTRAYFKNZU] => c:\pcfiXtraybugyp.lnk [2181 2017-01-04] () HKLM-x32\...\Run: [PCFIXTRAYMUTIT] => c:\pcfiXtraydvyqw.lnk [2181 2017-01-05] () HKLM-x32\...\Run: [PCFIXTRAYMBBNX] => c:\pcfiXtrayubhls.lnk [2181 2017-01-06] () HKLM-x32\...\Run: [PCFIXTRAYLBLHR] => c:\pcfiXtrayhlnwv.lnk [2181 2017-01-07] () HKLM-x32\...\Run: [PCFIXTRAYHVCMX] => c:\pcfiXtraycqtoy.lnk [2181 2017-01-08] () HKLM-x32\...\Run: [PCFIXTRAYKAZMV] => c:\pcfiXtrayjupse.lnk [2181 2017-01-09] () HKLM-x32\...\Run: [PCFIXTRAYERVNA] => c:\pcfiXtrayqeciu.lnk [2181 2017-01-10] () HKLM-x32\...\Run: [PCFIXTRAYSOPDN] => c:\pcfiXtraymsyuj.lnk [2181 2017-01-11] () HKLM-x32\...\Run: [PCFIXTRAYWHVQK] => c:\pcfiXtraycpjjw.lnk [2181 2017-01-11] () HKLM-x32\...\Run: [PCFIXTRAYOWVHJ] => c:\pcfiXtrayvjvhn.lnk [2181 2017-01-11] () HKLM-x32\...\Run: [PCFIXTRAYNJUHU] => c:\pcfiXtraymyyqc.lnk [2181 2017-01-12] () HKLM-x32\...\Run: [PCFIXTRAYZYDVS] => c:\pcfiXtrayqxefh.lnk [2181 2017-01-13] () HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023664 2016-08-25] (Samsung) HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-15] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-15] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-15] (Microsoft Corporation) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-15] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-15] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Esther\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-15] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-10-04] ShortcutTarget: FAH.lnk -> C:\Program Files (x86)\WinZip\FAHConsole.exe (WinZip Computing, S.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-10-04] ShortcutTarget: Update Notifier.lnk -> C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-10-04] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files (x86)\WinZip\WzPreloader.exe (WinZip Computing, S.L.) BootExecute: autocheck autochk * sdnclean64.exe CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT CHR HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Hosts: 127.0.0.1 localhost Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{17d08207-81b4-42a2-9397-1e640261f83e}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{8a0289be-0065-483b-baaa-91c0808406fe}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{8ae2af2a-ac92-486e-b76e-e6cb2e42bfbe}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{8ae2af2a-ac92-486e-b76e-e6cb2e42bfbe}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{95516cee-8262-11e6-8a9c-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{a0ff5d09-2de4-479f-acb7-fdd610349d3a}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{a0ff5d09-2de4-479f-acb7-fdd610349d3a}: [DhcpNameServer] 192.168.2.254 Tcpip\..\Interfaces\{b0ead572-60f0-4e9e-94e0-2112a946b927}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{dc8184db-38d2-459a-a4d5-3924aa26347d}: [NameServer] 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/ HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation) BHO: AlllSaveR -> {3F43ED28-76C2-4ECD-B06B-C4F04161CC2B} -> C:\Program Files (x86)\AlllSaveR\LKLdnfUjf6sFBs.x64.dll => Geen bestand BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\KPN Veilig\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2017-01-11] (F-Secure Corporation) BHO: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation) BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-03-20] (pdfforge GmbH) BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\KPN Veilig\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2017-01-11] (F-Secure Corporation) BHO-x32: Geen Naam -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> Geen bestand BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation) FireFox: ======== FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\KPN Veilig\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\KPN Veilig\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2017-01-11] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-03-23] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\KPN Veilig\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 3 CHR HomePage: Profile 3 -> hxxps://www.google.nl/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8 CHR StartupUrls: Profile 3 -> "hxxp://www.trovi.com/?gd=&ctid=CT3331213&octid=EB_ORIGINAL_CTID&ISID=M4AB84077-7C31-43C3-A6E6-30EFC36DA467&SearchSource=55&CUI=&UM=8&UP=SP2A1A914A-D0FF-4FDC-B9B6-9D71CF7C81AC&SSPV=","hxxp://www.yessearches.com/?mode=nnnb&ptid=sqr1&uid=711D8F3AF1F87FA2D17E4CA16CCCFC57&v=20160415&ts=AHEqA3UsB3QkCE..","search.mpc.am" CHR Session Restore: Profile 3 -> is ingeschakeld. CHR Profile: C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-04-17] CHR Extension: (Ponyhoof) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\efjjgphedlaihnlgaibiaihhmhaejjdd [2015-07-26] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== AANDACHT CHR Extension: (Anti Porn Pro The best Anti Porn addon) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hbepadcdhpahlikldbochnhfleejiokp [2015-02-16] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== AANDACHT CHR Extension: (AlllSaveR) - C:\ProgramData\bccekifpmjegopegffdafmgjhmapeonh\ [] CHR Profile: C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-07] CHR Extension: (Gmail) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR Extension: (Chrome Media Router) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14] CHR Profile: C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-01-08] CHR Profile: C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-01-13] CHR Extension: (Google Presentaties) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-08] CHR Extension: (Google Documenten) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-08] CHR Extension: (Google Drive) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-08] CHR Extension: (YouTube) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-08] CHR Extension: (Google Spreadsheets) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-08] CHR Extension: (Offline Documenten) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-08] CHR Extension: (Search by F-Secure) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gkmikccifolokanfakbeadbmgchomeli [2017-01-11] CHR Extension: (Text Random) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jcakeldemhilioafiglcndhmcpfojfhl [2017-01-10] CHR Extension: (Jtiemn) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jgjehogefocibconnphackdfjpcfjeam [2017-01-10] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2017-01-11] CHR Extension: (Drop to mark Full) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kbehfmfgfjgpeppggkbjoeknifmgkccb [2017-01-10] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-08] CHR Extension: (Gmail) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-08] CHR Extension: (Chrome Media Router) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-08] CHR Profile: C:\Users\Esther\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-07] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/KPN Veilig/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2015-10-23] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-04-29] (ASUS) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Bestand niet getekend] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-26] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-26] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51504 2017-01-06] (Dropbox, Inc.) R2 fshoster; C:\Program Files (x86)\KPN Veilig\fshoster32.exe [186840 2016-03-11] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-11-24] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\KPN Veilig\apps\CCF_Reputation\fsorsp.exe [60456 2017-01-11] (F-Secure Corporation) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [Bestand niet getekend] S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2243288 2015-03-20] (pdfforge GmbH) S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-03-20] (pdfforge GmbH) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [Bestand niet getekend] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [Bestand niet getekend] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] () R3 F-Secure Gatekeeper; C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [229080 2017-01-11] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\KPN Veilig\apps\ComputerSecurity\HIPS\drivers\fshs.sys [106712 2017-01-11] (F-Secure Corporation) R0 fsbts; C:\WINDOWS\System32\Drivers\fsbts.sys [73928 2017-01-11] () R3 fsni; C:\Program Files (x86)\KPN Veilig\apps\CCF_Scanning\bin\fsni64.sys [110800 2017-01-11] (F-Secure Corporation) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-12] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-13] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-13] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [250816 2017-01-13] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-13] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U0 aswVmm; geen ImagePath S3 dbx; system32\DRIVERS\dbx.sys [X] S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-01-13 11:05 - 2017-01-13 11:08 - 00050815 _____ C:\Users\Esther\Downloads\FRST.txt 2017-01-13 11:04 - 2017-01-13 11:05 - 00000000 ____D C:\FRST 2017-01-13 11:02 - 2017-01-13 11:04 - 02419200 _____ (Farbar) C:\Users\Esther\Downloads\FRST64.exe 2017-01-13 10:57 - 2017-01-13 10:57 - 00000000 ___HD C:\OneDriveTemp 2017-01-13 07:30 - 2017-01-13 07:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KPN Veilig 2017-01-13 07:29 - 2017-01-13 07:29 - 00002181 _____ C:\pcfiXtrayqxefh.lnk 2017-01-12 23:22 - 2017-01-12 23:22 - 00002181 _____ C:\pcfiXtraymyyqc.lnk 2017-01-12 16:34 - 2017-01-12 23:25 - 00000262 __RSH C:\ProgramData\ntuser.pol 2017-01-12 15:52 - 2017-01-13 10:43 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-01-12 15:52 - 2017-01-13 08:42 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-01-12 15:52 - 2017-01-13 08:42 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-01-12 15:52 - 2017-01-13 08:42 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-01-12 15:52 - 2017-01-12 15:52 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-01-12 15:52 - 2017-01-12 15:52 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-01-12 15:52 - 2017-01-12 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-01-12 15:52 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-01-12 15:51 - 2017-01-12 15:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-01-12 15:51 - 2017-01-12 15:51 - 00000000 ____D C:\Program Files\Malwarebytes 2017-01-12 15:49 - 2017-01-12 15:50 - 54199488 _____ (Malwarebytes ) C:\Users\Esther\Downloads\mb3-setup-consumer-3.0.5.1299.exe 2017-01-12 14:30 - 2017-01-12 14:30 - 00126947 _____ C:\Users\Esther\Downloads\APK-herinneringsbrief.pdf 2017-01-12 14:29 - 2017-01-12 14:30 - 00087195 _____ C:\Users\Esther\Downloads\Voorlopigeaanslag2017.pdf 2017-01-12 07:33 - 2017-01-12 07:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-01-11 21:51 - 2017-01-11 21:51 - 00205543 _____ C:\Users\Esther\Downloads\2017_1_10_nota.pdf 2017-01-11 19:02 - 2017-01-11 19:02 - 00002181 _____ C:\pcfiXtrayvjvhn.lnk 2017-01-11 17:56 - 2017-01-11 17:56 - 00013393 _____ C:\Users\Esther\Documents\Geen titel 1.html 2017-01-11 17:35 - 2017-01-11 17:35 - 00082951 _____ C:\Users\Esther\Documents\Agenda OC van 11 januari 2017.pdf 2017-01-11 16:14 - 2017-01-11 16:17 - 00073928 _____ C:\WINDOWS\system32\Drivers\fsbts.sys 2017-01-11 15:57 - 2017-01-11 15:57 - 00000085 _____ C:\WINDOWS\wininit.ini 2017-01-11 15:40 - 2017-01-11 15:40 - 00002181 _____ C:\pcfiXtraycpjjw.lnk 2017-01-11 15:32 - 2017-01-13 07:30 - 00002044 _____ C:\Users\Public\Desktop\KPN Veilig.lnk 2017-01-11 15:32 - 2017-01-11 15:33 - 00000000 ____D C:\Program Files (x86)\KPN Veilig 2017-01-11 15:32 - 2017-01-11 15:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\F-Secure 2017-01-11 15:31 - 2017-01-11 16:35 - 00000000 ____D C:\Users\Esther\AppData\Local\F-Secure 2017-01-11 15:31 - 2017-01-11 16:14 - 00000000 ____D C:\ProgramData\F-Secure 2017-01-11 15:31 - 2017-01-11 15:31 - 00860128 _____ (F-Secure Corporation) C:\Users\Esther\Downloads\KPN Veilig_C-7T8YD-UEHPV-EPLX9-LB4MV_.exe 2017-01-11 08:15 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-11 08:15 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-11 08:15 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-11 08:15 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-11 08:15 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-11 08:15 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-01-11 08:15 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-11 08:15 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-11 08:15 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-01-11 08:15 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-11 08:15 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-11 08:15 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-11 08:15 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-11 08:15 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-11 08:15 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-11 08:15 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-11 08:15 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-11 08:15 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-11 08:15 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-11 08:15 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-11 08:15 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-11 08:15 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-11 08:15 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-11 08:15 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-11 08:15 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-11 08:15 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-11 08:15 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-11 08:15 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-11 08:15 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-11 08:15 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-11 08:15 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-11 08:15 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-11 08:15 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-11 08:15 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-11 08:14 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-01-11 08:14 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-11 08:14 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-11 08:14 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-11 08:14 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-11 08:14 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-11 08:14 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-11 08:14 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-11 08:14 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-11 08:14 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-11 08:14 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-11 08:14 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-11 08:14 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-11 08:14 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-11 08:14 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-11 08:14 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-11 08:14 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-11 08:14 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-11 08:14 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-11 08:14 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-11 08:14 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-11 08:14 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-11 08:14 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-11 08:14 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-11 08:14 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-11 08:14 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-11 08:14 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-11 08:14 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-11 08:14 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-11 08:14 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-11 08:14 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-11 08:14 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll 2017-01-11 08:14 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-01-11 08:14 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-11 08:14 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-11 08:14 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-11 08:14 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-11 08:14 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-11 08:14 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-11 08:14 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-11 08:14 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-11 08:14 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-11 08:14 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-11 08:14 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-11 08:14 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-11 08:14 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-11 08:14 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-11 08:14 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-11 08:14 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-11 08:14 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-11 08:14 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-11 08:14 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-11 08:14 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-11 08:14 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-11 08:14 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-11 08:14 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-11 08:14 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-11 08:14 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-11 08:14 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-11 08:14 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-11 08:14 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-11 08:14 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-11 08:14 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-11 08:14 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-11 08:14 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-11 08:14 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-11 08:14 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-11 08:14 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-11 08:14 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-11 08:14 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-11 08:14 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-11 08:14 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-11 08:14 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-11 08:14 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-11 08:14 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-11 08:14 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-11 08:14 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-11 08:14 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-11 08:14 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-11 08:14 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-01-11 08:14 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-11 08:14 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-11 08:14 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2017-01-11 08:14 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-11 08:14 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-11 08:14 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-11 08:14 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-11 08:14 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-11 08:14 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-11 08:14 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-11 08:14 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-11 08:14 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-01-11 08:14 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-11 08:14 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2017-01-11 08:14 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-11 08:14 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-11 08:14 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-11 08:14 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-11 08:14 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-11 08:14 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-11 08:14 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-01-11 08:14 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-11 08:14 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-11 08:14 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-01-11 08:14 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-11 08:14 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-11 08:14 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-11 08:14 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-11 08:14 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-11 08:14 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-11 08:14 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-11 08:14 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-11 08:14 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-11 08:14 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-01-11 08:14 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-11 08:14 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-11 08:14 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-11 08:14 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-11 08:14 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-11 08:14 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-11 08:14 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-11 08:14 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-11 08:14 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-11 08:14 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-11 08:14 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-11 08:14 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-11 08:14 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-11 08:14 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-11 08:14 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-11 08:14 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-11 08:14 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-11 08:14 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-11 07:25 - 2017-01-11 07:25 - 00002181 _____ C:\pcfiXtraymsyuj.lnk 2017-01-10 07:21 - 2017-01-10 07:21 - 00002181 _____ C:\pcfiXtrayqeciu.lnk 2017-01-09 16:56 - 2017-01-09 16:56 - 00002181 _____ C:\pcfiXtrayjupse.lnk 2017-01-08 07:01 - 2017-01-08 07:01 - 00002181 _____ C:\pcfiXtraycqtoy.lnk 2017-01-07 08:03 - 2017-01-07 08:03 - 00002181 _____ C:\pcfiXtrayhlnwv.lnk 2017-01-06 09:57 - 2017-01-06 09:57 - 00002181 _____ C:\pcfiXtrayubhls.lnk 2017-01-06 01:04 - 2017-01-06 01:04 - 00051504 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-01-06 00:48 - 2017-01-06 00:48 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-01-05 06:50 - 2017-01-05 06:50 - 00002181 _____ C:\pcfiXtraydvyqw.lnk 2017-01-04 17:23 - 2017-01-04 17:23 - 00000000 ____D C:\Program Files\Common Files\AV 2017-01-04 17:23 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe 2017-01-04 17:10 - 2017-01-04 17:10 - 00002181 _____ C:\pcfiXtraybugyp.lnk 2017-01-04 17:05 - 2017-01-04 17:05 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2017-01-04 17:04 - 2017-01-11 16:07 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2017-01-04 17:04 - 2017-01-11 15:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2017-01-04 17:02 - 2017-01-04 17:03 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Esther\Downloads\spybot-2.4-1.exe 2017-01-04 16:57 - 2017-01-04 16:58 - 04291320 _____ (BrightFort LLC ) C:\Users\Esther\Downloads\spywareblastersetup55.exe 2017-01-04 06:51 - 2017-01-04 06:51 - 00002181 _____ C:\pcfiXtrayygqig.lnk 2017-01-03 07:51 - 2017-01-03 07:51 - 00002181 _____ C:\pcfiXtrayshtcu.lnk 2017-01-01 12:04 - 2017-01-01 12:04 - 00002181 _____ C:\pcfiXtraycjimp.lnk 2016-12-31 10:10 - 2016-12-31 10:10 - 00002181 _____ C:\pcfiXtrayvhjnk.lnk 2016-12-29 19:11 - 2016-12-29 19:11 - 00000000 ____D C:\Users\Esther\AppData\Local\Cyberlink 2016-12-29 13:42 - 2016-12-29 13:42 - 00082322 _____ C:\Users\Esther\Downloads\Scan_20161229 (2).jpg 2016-12-29 13:41 - 2016-12-29 13:41 - 00344385 _____ C:\Users\Esther\Downloads\Scan_20161229.jpg 2016-12-29 13:36 - 2016-12-29 13:36 - 00002181 _____ C:\pcfiXtrayyamnl.lnk 2016-12-28 11:52 - 2016-12-28 11:52 - 00002181 _____ C:\pcfiXtrayafszp.lnk 2016-12-28 09:20 - 2016-12-28 09:20 - 00002181 _____ C:\pcfiXtraynqzbj.lnk 2016-12-28 00:16 - 2016-12-28 00:14 - 00085724 _____ C:\Users\Esther\Downloads\Scan_20161228 (2) - kopie.jpg 2016-12-28 00:16 - 2016-12-28 00:13 - 00085168 _____ C:\Users\Esther\Downloads\Scan_20161228 - kopie.jpg 2016-12-28 00:14 - 2016-12-28 00:14 - 00085724 _____ C:\Users\Esther\Downloads\Scan_20161228 (2).jpg 2016-12-28 00:13 - 2016-12-28 00:13 - 00085168 _____ C:\Users\Esther\Downloads\Scan_20161228.jpg 2016-12-27 10:23 - 2016-12-27 10:23 - 00002181 _____ C:\pcfiXtraybbcqu.lnk 2016-12-26 10:16 - 2016-12-26 10:16 - 00002181 _____ C:\pcfiXtraypsajv.lnk 2016-12-25 11:27 - 2016-12-25 11:27 - 00002181 _____ C:\pcfiXtraytuglp.lnk 2016-12-24 07:45 - 2016-12-24 07:45 - 00002181 _____ C:\pcfiXtraybyrds.lnk 2016-12-23 07:41 - 2016-12-23 07:41 - 00002181 _____ C:\pcfiXtrayvgkck.lnk 2016-12-22 06:45 - 2016-12-22 06:45 - 00002181 _____ C:\pcfiXtraycytjq.lnk 2016-12-21 07:26 - 2016-12-21 07:26 - 00002181 _____ C:\pcfiXtrayzoaoz.lnk 2016-12-20 07:42 - 2016-12-20 07:42 - 00002181 _____ C:\pcfiXtrayouxok.lnk 2016-12-19 15:31 - 2016-12-19 15:31 - 00002181 _____ C:\pcfiXtraybevlb.lnk 2016-12-18 11:31 - 2016-12-18 11:31 - 00002181 _____ C:\pcfiXtraystuqd.lnk 2016-12-17 09:41 - 2016-12-17 09:41 - 00002181 _____ C:\pcfiXtraynswor.lnk 2016-12-16 07:18 - 2016-12-16 07:18 - 00002181 _____ C:\pcfiXtraytwsfs.lnk 2016-12-15 22:23 - 2016-12-15 22:23 - 00003280 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2016-12-14 09:06 - 2016-12-14 09:06 - 00002181 _____ C:\pcfiXtrayvhwwn.lnk 2016-12-14 08:01 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-12-14 08:01 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-12-14 08:01 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-12-14 08:01 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-12-14 08:01 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-12-14 08:01 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-12-14 08:01 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-12-14 08:01 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-12-14 08:01 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-12-14 08:01 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2016-12-14 08:01 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-12-14 08:01 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-12-14 08:01 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-12-14 08:01 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-12-14 08:00 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-12-14 08:00 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-12-14 08:00 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-12-14 08:00 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-12-14 08:00 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-12-14 08:00 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-12-14 08:00 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-12-14 08:00 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-14 08:00 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2016-12-14 08:00 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2016-12-14 08:00 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-12-14 08:00 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-12-14 08:00 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2016-12-14 08:00 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-12-14 08:00 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-12-14 08:00 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-12-14 08:00 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2016-12-14 08:00 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-12-14 08:00 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-12-14 08:00 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-12-14 08:00 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-12-14 08:00 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-12-14 08:00 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2016-12-14 08:00 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-12-14 08:00 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2016-12-14 08:00 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-12-14 08:00 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-12-14 08:00 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-12-14 08:00 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-12-14 08:00 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-12-14 08:00 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-12-14 08:00 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2016-12-14 08:00 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll 2016-12-14 08:00 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-12-14 08:00 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-12-14 08:00 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll 2016-12-14 08:00 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-12-14 08:00 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-12-14 08:00 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-12-14 08:00 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-12-14 08:00 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-12-14 08:00 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-12-14 08:00 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-12-14 08:00 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-12-14 08:00 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2016-12-14 08:00 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2016-12-14 08:00 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-12-14 08:00 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-12-14 08:00 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-12-14 08:00 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2016-12-14 08:00 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-12-14 08:00 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-12-14 08:00 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-12-14 08:00 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-12-14 08:00 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-12-14 08:00 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-12-14 08:00 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-12-14 08:00 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll 2016-12-14 08:00 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-12-14 08:00 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-12-14 08:00 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2016-12-14 08:00 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-12-14 08:00 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-12-14 08:00 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2016-12-14 08:00 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2016-12-14 08:00 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2016-12-14 08:00 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-12-14 08:00 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-12-14 07:23 - 2016-12-14 07:23 - 00002181 _____ C:\pcfiXtraynyawb.lnk ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-01-13 11:03 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-01-13 11:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-13 10:58 - 2016-01-26 19:48 - 00000000 ___RD C:\Users\Esther\Dropbox 2017-01-13 10:58 - 2014-11-13 14:39 - 00000062 _____ C:\Users\Esther\AppData\Roaming\sp_data.sys 2017-01-13 10:57 - 2014-11-15 01:17 - 00000000 __RDO C:\Users\Esther\OneDrive 2017-01-13 10:56 - 2016-09-24 14:25 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-01-13 10:56 - 2016-08-07 08:55 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2017-01-13 10:56 - 2015-08-17 12:12 - 00000000 __SHD C:\Users\Esther\IntelGraphicsProfiles 2017-01-13 08:42 - 2016-05-02 07:19 - 00002181 _____ C:\pcfiXtrayeijtx.lnk 2017-01-13 08:41 - 2016-09-24 15:05 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-13 08:41 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI 2017-01-13 08:38 - 2015-07-15 15:46 - 00000000 ____D C:\ProgramData\NCH Software 2017-01-13 08:38 - 2015-07-15 15:46 - 00000000 ____D C:\Program Files (x86)\NCH Software 2017-01-13 08:37 - 2014-11-13 14:38 - 00000000 ____D C:\Users\Esther\AppData\Local\Packages 2017-01-13 08:35 - 2014-11-23 18:16 - 00000000 ____D C:\Users\Esther\AppData\Roaming\uTorrent 2017-01-12 19:43 - 2016-04-17 10:10 - 00000000 ____D C:\Users\Esther\AppData\Local\PPTAssist 2017-01-12 18:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-12 16:35 - 2016-09-24 14:43 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-01-12 16:35 - 2016-09-07 20:33 - 00002069 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk 2017-01-12 16:35 - 2016-01-26 19:48 - 00001253 _____ C:\Users\Esther\Desktop\Dropbox.lnk 2017-01-12 16:35 - 2015-07-27 16:09 - 00000966 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk 2017-01-12 16:35 - 2014-11-14 17:35 - 00002294 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-01-12 16:22 - 2016-04-21 09:22 - 00000000 ____D C:\Program Files (x86)\Movavi Video Converter 14 2017-01-12 12:00 - 2016-09-24 15:05 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2017-01-12 12:00 - 2016-09-24 15:05 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2017-01-12 07:33 - 2016-01-26 19:45 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-01-12 07:24 - 2016-06-17 06:17 - 00002181 _____ C:\pcfiXtraybhgye.lnk 2017-01-11 21:43 - 2015-08-17 12:14 - 00000000 ____D C:\Users\Esther\AppData\Local\Comms 2017-01-11 16:07 - 2016-09-03 07:49 - 00002181 _____ C:\pcfiXtrayojakk.lnk 2017-01-11 15:51 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-01-11 15:51 - 2016-02-13 14:33 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-11 15:39 - 2016-09-24 14:25 - 00395160 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-11 15:37 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-11 15:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-11 15:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-11 15:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-11 15:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-11 14:44 - 2014-11-21 07:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2017-01-11 14:43 - 2016-09-24 15:05 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-11 08:30 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-11 08:24 - 2014-11-13 20:35 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-11 08:20 - 2014-11-13 20:35 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-06 09:57 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-01-04 17:48 - 2014-05-16 02:49 - 00000000 ____D C:\ProgramData\Temp 2017-01-02 09:34 - 2016-11-15 16:08 - 00002181 _____ C:\pcfiXtrayiyclh.lnk 2016-12-30 10:16 - 2016-04-24 08:51 - 00002181 _____ C:\pcfiXtrayaspwg.lnk 2016-12-28 10:21 - 2016-09-02 17:44 - 00000000 ____D C:\ProgramData\Microsoft Help 2016-12-28 10:21 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-12-28 10:19 - 2013-04-26 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-16 22:07 - 2016-09-24 15:05 - 00003574 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-16 22:07 - 2016-09-24 15:05 - 00003450 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-16 22:07 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks 2016-12-15 22:23 - 2015-08-17 12:19 - 00002433 _____ C:\Users\Esther\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-15 07:23 - 2016-04-29 08:10 - 00002181 _____ C:\pcfiXtrayoolbp.lnk 2016-12-14 17:13 - 2016-09-24 14:32 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f48e7735-4ba1-11e6-80c8-a4badb27b402}.TMContainer00000000000000000001.regtrans-ms 2016-12-14 16:19 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly 2016-12-14 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US 2016-12-14 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US 2016-12-14 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot 2016-12-14 09:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch ==================== Bestanden in de root van sommige mappen ======= 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Esther\AppData\Roaming\CKCY 2014-11-13 14:39 - 2017-01-13 10:58 - 0000062 _____ () C:\Users\Esther\AppData\Roaming\sp_data.sys 2014-11-17 14:58 - 2015-02-21 10:58 - 0000229 _____ () C:\Users\Esther\AppData\Roaming\WB.CFG 2014-12-10 15:09 - 2014-12-10 15:09 - 0000331 _____ () C:\Users\Esther\AppData\Roaming\WinInstallFlashLog.ini 2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Esther\AppData\Roaming\WYRSSKMK 2015-05-05 19:03 - 2015-06-21 15:47 - 0004608 _____ () C:\Users\Esther\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-19 07:58 - 2014-12-17 07:58 - 0000001 _____ () C:\Users\Esther\AppData\Local\DSI.DAT 2016-01-03 12:20 - 2016-01-03 12:20 - 0005034 _____ () C:\ProgramData\cbkxtjjv.ukg 2016-09-24 14:28 - 2016-09-24 14:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-01-03 11:28 - 2016-01-03 11:28 - 0000016 _____ () C:\ProgramData\mntemp 2013-04-26 00:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2013-04-26 00:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2013-04-26 00:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-01-12 15:15 ==================== Eind van FRST.txt ============================