Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 29-01-2017 Gestart door hugoke (Beheerder) op HUGO (31-01-2017 10:54:40) Gestart vanaf C:\Users\hugoke\Downloads Geladen Profielen: hugoke (Beschikbare Profielen: UpdatusUser & hugoke) Platform: Windows 8.1 Pro (Update) (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe () C:\Program Files (x86)\PHotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe () C:\Windows\SysWOW64\spdsvc.exe () C:\Windows\SysWOW64\SecUPDUtilSvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSHDLL64.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe () C:\Program Files (x86)\PHotkey\PHotkey.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe () C:\Program Files (x86)\PHotkey\Atouch64.exe (Pegatron Corporation) C:\Program Files (x86)\PHotkey\MyWiMax.exe () C:\Program Files (x86)\PHotkey\POsd.exe () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe () C:\Program Files (x86)\PHotkey\GPMTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TODO: ) C:\Program Files (x86)\PHotkey\HCSynApi.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917176 2012-09-05] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16408320 2015-12-14] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407104 2015-12-14] (Realtek Semiconductor) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] () HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057408 2012-06-08] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [203264 2009-10-10] (ArcSoft Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\Run: [DigipassNativeBridge] => C:\Users\hugoke\AppData\Local\VASCO\NativeBridge\digipass-nativebridge-monitor.exe [108592 2016-09-06] (VASCO Data Security) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation) GroupPolicy: Restrictie <======= AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.1 195.130.130.1 Tcpip\..\Interfaces\{364E802C-70D9-40A5-829C-BA26C40C9D73}: [DhcpNameServer] 195.130.131.1 195.130.130.1 Tcpip\..\Interfaces\{ECC4C599-5728-488B-B1FE-813B8AC73FF8}: [DhcpNameServer] 195.130.131.1 195.130.130.1 Internet Explorer: ================== HKU\S-1-5-21-10870461-3760241935-267325191-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.stamnummer3.be/viewforum.php?f=2 HKU\S-1-5-21-10870461-3760241935-267325191-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://clubbrugge.be/nl/ SearchScopes: HKU\S-1-5-21-10870461-3760241935-267325191-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2017-01-06] (F-Secure Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation) BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2017-01-06] (F-Secure Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\hugoke\AppData\Roaming\Mozilla\Firefox\Profiles\yu1qgaqj.default-1459944163459 [2017-01-31] FF Extension: (Search by F-Secure) - C:\Program Files (x86)\F-Secure\SAFE\apps\SafeSearch\\Firefox\main.xpi [2016-10-24] FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2017-01-28] [ niet getekend] FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2017-01-06] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi FF HKU\S-1-5-21-10870461-3760241935-267325191-1002\...\Firefox\Extensions: [safesearch@f-secure.com] - C:\Program Files (x86)\F-Secure\SAFE\apps\SafeSearch\\Firefox\main.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-13] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-13] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Geen bestand] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Geen bestand] FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-15] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-31] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-31] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default [2017-01-16] CHR Extension: (Google Presentaties) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-05] CHR Extension: (Google Documenten) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-05] CHR Extension: (Google Drive) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-05] CHR Extension: (YouTube) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-05] CHR Extension: (Google Spreadsheets) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-05] CHR Extension: (Offline Documenten) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-09] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2017-01-09] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05] CHR Extension: (Gmail) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-05] CHR Extension: (Chrome Media Router) - C:\Users\hugoke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-31] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.) R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] () R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182784 2015-10-16] () [Bestand niet getekend] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation) S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink) S3 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd) R2 fshoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [181216 2016-10-25] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Common\FSMA32.EXE [218080 2016-10-26] (F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [181216 2016-10-25] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Reputation\fsorsp.exe [62432 2016-05-20] (F-Secure Corporation) R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [Bestand niet getekend] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company) S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [Bestand niet getekend] R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] () S3 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] S3 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2012-10-19] () R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-06-18] () R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2016-06-22] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-10-15] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-10-15] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] () R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\Anti-Virus\minifilter\FSgk.sys [229080 2017-01-06] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\SAFE\apps\ComputerSecurity\HIPS\drivers\fshs.sys [106712 2017-01-06] (F-Secure Corporation) R0 fsbts; C:\WINDOWS\System32\Drivers\fsbts.sys [73928 2017-01-06] () R3 fsni; C:\Program Files (x86)\F-Secure\SAFE\apps\CCF_Scanning\bin\fsni64.sys [110800 2017-01-06] (F-Secure Corporation) R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-10-29] () S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-10-29] () S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-10-29] () R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-10-15] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-10-15] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-10-15] (Microsoft Corporation) R3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-01-31 10:54 - 2017-01-31 10:55 - 00020509 _____ C:\Users\hugoke\Downloads\FRST.txt 2017-01-31 10:53 - 2017-01-31 10:54 - 00000000 ____D C:\FRST 2017-01-31 10:53 - 2017-01-31 10:53 - 02420736 _____ (Farbar) C:\Users\hugoke\Downloads\FRST64.exe 2017-01-30 10:19 - 2017-01-30 10:19 - 00000436 __RSH C:\ProgramData\ntuser.pol 2017-01-30 07:41 - 2017-01-30 07:41 - 00000000 ____D C:\Users\hugoke\AppData\Local\VirtualStore 2017-01-29 16:44 - 2017-01-29 16:45 - 01309184 _____ C:\Users\hugoke\Downloads\zoek(1).exe 2017-01-29 14:13 - 2017-01-29 14:25 - 00000000 ____D C:\zoek_backup 2017-01-29 14:13 - 2017-01-29 14:13 - 01309184 _____ C:\Users\hugoke\Downloads\zoek.exe 2017-01-28 11:26 - 2017-01-28 11:26 - 01222144 _____ C:\Users\hugoke\Downloads\RSITx64.exe 2017-01-28 11:26 - 2017-01-28 11:26 - 00000000 ____D C:\rsit 2017-01-28 11:16 - 2017-01-28 11:16 - 00000432 _____ C:\DelFix.txt 2017-01-28 09:50 - 2017-01-28 09:50 - 00486219 _____ C:\Users\hugoke\Downloads\1TYtvAV 2017-01-28 09:31 - 2017-01-28 09:31 - 02748473 _____ C:\Users\hugoke\Downloads\2013-09-14_Het Laatste Nieuws.pdf 2017-01-28 09:31 - 2017-01-28 09:31 - 02748473 _____ C:\Users\hugoke\Downloads\2013-09-14_Het Laatste Nieuws(1).pdf 2017-01-28 07:47 - 2017-01-28 11:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-27 15:29 - 2017-01-27 15:29 - 00000000 ____D C:\Users\hugoke\AppData\Local\VASCO 2017-01-27 15:29 - 2017-01-27 15:29 - 00000000 ____D C:\Users\hugoke\AppData\Local\Package Cache 2017-01-27 15:27 - 2017-01-27 15:27 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer (1).exe 2017-01-27 15:21 - 2017-01-27 15:23 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(13).exe 2017-01-27 15:17 - 2017-01-27 15:17 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(12).exe 2017-01-27 15:17 - 2017-01-27 15:17 - 00992682 _____ C:\Users\hugoke\Downloads\installation_FF(1).pdf 2017-01-26 22:31 - 2017-01-26 22:31 - 00028850 _____ C:\Users\hugoke\Downloads\Microsoft Word - a20170126.pdf 2017-01-25 09:54 - 2017-01-25 09:54 - 00088853 _____ C:\Users\hugoke\Downloads\ListePays_NL-bpackWorld_0(2).pdf 2017-01-24 20:15 - 2017-01-24 20:15 - 00304067 _____ C:\Users\hugoke\Downloads\26393-20170124-fc75c664-0581-43a6-9f0f-3af8e5ef7b58.pdf 2017-01-24 18:44 - 2017-01-24 18:44 - 00204199 _____ C:\Users\hugoke\Downloads\1LYCiLM 2017-01-23 14:03 - 2017-01-23 14:03 - 00829054 _____ C:\Users\hugoke\Desktop\Verzekering001.pdf 2017-01-22 09:53 - 2017-01-22 09:53 - 00082857 _____ C:\Users\hugoke\Downloads\gebruikershandleiding-com.pdf 2017-01-19 22:02 - 2017-01-19 22:02 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(11).exe 2017-01-18 18:34 - 2017-01-18 18:34 - 01176621 _____ C:\Users\hugoke\Downloads\cat_countise2x-gb.pdf 2017-01-17 07:59 - 2017-01-17 07:59 - 00749280 _____ C:\Users\hugoke\Downloads\Alu-Coating-Push-Pull-5B.pdf 2017-01-16 11:05 - 2017-01-16 11:05 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(10).exe 2017-01-14 09:06 - 2017-01-14 09:06 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(9).exe 2017-01-14 09:05 - 2017-01-14 09:05 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(8).exe 2017-01-13 19:49 - 2017-01-13 19:49 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(7).exe 2017-01-12 09:04 - 2017-01-12 09:04 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(6).exe 2017-01-11 10:14 - 2017-01-11 10:14 - 00128249 _____ C:\Users\hugoke\Downloads\invulformulier-euthanasie.pdf 2017-01-11 09:54 - 2017-01-11 09:54 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(5).exe 2017-01-10 20:49 - 2017-01-10 20:49 - 00088853 _____ C:\Users\hugoke\Downloads\ListePays_NL-bpackWorld_0(1).pdf 2017-01-09 20:48 - 2017-01-09 20:48 - 00131169 _____ C:\Users\hugoke\Downloads\h115310.pdf 2017-01-09 16:10 - 2017-01-09 16:10 - 02268614 _____ C:\Users\hugoke\Desktop\fsdiag2.7z 2017-01-09 16:09 - 2017-01-09 16:10 - 00949216 _____ (F-Secure Corporation) C:\Users\hugoke\Downloads\fsdiag_standalone.exe 2017-01-09 14:17 - 2017-01-28 11:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-09 14:17 - 2017-01-09 14:17 - 00243568 _____ C:\Users\hugoke\Downloads\Firefox Setup Stub 50.1.0.exe 2017-01-09 14:17 - 2017-01-09 14:17 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-01-09 14:17 - 2017-01-09 14:17 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-01-09 14:12 - 2017-01-09 14:12 - 00000000 ____D C:\Users\hugoke\Desktop\firefox tabs 2017-01-09 14:06 - 2017-01-09 14:06 - 01867304 _____ (LogMeIn, Inc.) C:\Users\hugoke\Downloads\Support-LogMeInRescue(3).exe 2017-01-09 13:53 - 2017-01-09 13:53 - 01867304 _____ (LogMeIn, Inc.) C:\Users\hugoke\Downloads\Support-LogMeInRescue(2).exe 2017-01-06 15:10 - 2017-01-06 15:10 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(4).exe 2017-01-06 09:52 - 2017-01-31 06:54 - 00003412 _____ C:\WINDOWS\System32\Tasks\Scheduled scanning task 2017-01-06 09:52 - 2017-01-31 06:54 - 00000674 _____ C:\WINDOWS\Tasks\Scheduled scanning task.job 2017-01-06 09:46 - 2017-01-06 09:49 - 00073928 _____ C:\WINDOWS\system32\Drivers\fsbts.sys 2017-01-06 09:41 - 2017-01-06 09:41 - 00002146 _____ C:\Users\Public\Desktop\F-Secure SAFE.lnk 2017-01-06 09:41 - 2017-01-06 09:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure 2017-01-06 09:40 - 2017-01-06 09:40 - 00866272 _____ (F-Secure Corporation) C:\Users\hugoke\Downloads\F-Secure-Safe-Network-Installer.exe 2017-01-05 16:05 - 2017-01-05 16:05 - 00524248 _____ (F-Secure Corporation) C:\Users\hugoke\Downloads\F-SecureOnlineScanner.exe 2017-01-05 13:55 - 2017-01-05 13:55 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(3).exe 2017-01-05 10:01 - 2017-01-05 10:01 - 00196976 _____ C:\Users\hugoke\Downloads\BON_nieuwjaar(1).pdf 2017-01-04 15:48 - 2017-01-04 15:48 - 04485649 _____ C:\Users\hugoke\Downloads\2016.06-(nieuwe-versie)(6).pdf 2017-01-04 14:03 - 2017-01-04 14:03 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(2).exe 2017-01-04 14:03 - 2017-01-04 14:03 - 02717488 _____ (VASCO Data Security) C:\Users\hugoke\Downloads\digipass-nativebridge-installer(1).exe 2017-01-03 19:55 - 2017-01-03 19:55 - 01729673 _____ C:\Users\hugoke\Downloads\droogkasten-pdf-bestand(4).pdf 2017-01-03 14:30 - 2017-01-03 14:30 - 00359190 _____ C:\Users\hugoke\Downloads\Microsoft Word - gr 20161124.pdf 2017-01-03 09:24 - 2017-01-03 09:24 - 00203491 _____ C:\Users\hugoke\Downloads\financien-belastingen-personen(1).pdf 2017-01-03 09:23 - 2017-01-03 09:23 - 00241687 _____ C:\Users\hugoke\Downloads\financien-belastingen-opcentiemen(1).pdf ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-01-31 10:20 - 2016-09-25 07:29 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2017-01-31 10:00 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2017-01-31 08:58 - 2015-10-15 14:17 - 00000000 ____D C:\Users\hugoke\Documents\Outlook-bestanden 2017-01-31 07:58 - 2014-11-21 09:44 - 01861508 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-01-31 07:58 - 2014-11-21 09:05 - 00824302 _____ C:\WINDOWS\system32\perfh013.dat 2017-01-31 07:58 - 2014-11-21 09:05 - 00168066 _____ C:\WINDOWS\system32\perfc013.dat 2017-01-31 06:52 - 2015-10-15 20:23 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{833E24E7-E24D-423C-95FD-11F958550EE7} 2017-01-31 06:51 - 2016-11-17 08:56 - 00000000 ____D C:\Users\hugoke\AppData\LocalLow\Mozilla 2017-01-31 06:49 - 2015-10-15 20:52 - 00000000 ____D C:\Users\hugoke\OneDrive 2017-01-31 06:49 - 2015-10-15 17:52 - 00000000 __SHD C:\Users\hugoke\IntelGraphicsProfiles 2017-01-30 15:22 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-01-30 15:21 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2017-01-30 15:09 - 2015-10-15 13:10 - 00000000 ____D C:\Users\hugoke\AppData\Local\Packages 2017-01-30 10:18 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2017-01-28 12:15 - 2015-10-15 13:20 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-10870461-3760241935-267325191-1002 2017-01-28 11:56 - 2015-10-16 10:01 - 00000000 ____D C:\ProgramData\Skype 2017-01-28 11:26 - 2016-03-16 20:01 - 00000000 ____D C:\Program Files\trend micro 2017-01-27 06:22 - 2016-05-16 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-01-27 06:22 - 2016-05-16 11:17 - 00000000 ____D C:\Program Files (x86)\Java 2017-01-27 06:22 - 2016-02-02 11:41 - 00000000 ____D C:\ProgramData\Oracle 2017-01-27 06:21 - 2016-05-16 11:18 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-01-25 14:58 - 2015-10-15 20:09 - 00000000 ____D C:\Users\hugoke 2017-01-21 14:14 - 2015-12-07 12:04 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-19 20:02 - 2016-12-13 17:48 - 00003166 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-01-19 20:02 - 2016-04-23 20:44 - 00002355 _____ C:\Users\hugoke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive voor Bedrijven.lnk 2017-01-19 20:02 - 2015-10-22 15:32 - 00003174 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-10870461-3760241935-267325191-1002 2017-01-16 13:47 - 2016-09-22 08:24 - 00010240 ___SH C:\Users\hugoke\Desktop\Thumbs.db 2017-01-14 08:50 - 2015-10-15 13:37 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-01-14 08:50 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-13 07:51 - 2016-09-25 07:30 - 00000030 _____ C:\AVScanner.ini 2017-01-13 07:51 - 2016-09-25 07:29 - 00003828 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-01-13 07:51 - 2015-10-20 19:14 - 00000000 ____D C:\Users\hugoke\AppData\Local\Adobe 2017-01-13 07:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-13 07:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-13 07:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-01-12 09:01 - 2015-12-07 12:05 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-11 20:39 - 2015-10-15 15:43 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-11 20:39 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-11 20:35 - 2012-11-13 04:52 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-09 16:10 - 2015-10-15 13:21 - 00000000 ____D C:\ProgramData\F-Secure 2017-01-06 09:57 - 2015-10-15 13:21 - 00000000 ____D C:\Users\hugoke\AppData\Local\F-Secure 2017-01-06 09:40 - 2016-10-20 14:39 - 00000000 ____D C:\Program Files (x86)\F-Secure 2017-01-03 11:17 - 2016-05-20 16:28 - 00000000 ____D C:\ProgramData\ABBYY ==================== Bestanden in de root van sommige mappen ======= 2015-10-31 09:52 - 2016-02-07 10:35 - 0038432 _____ () C:\Users\hugoke\AppData\Roaming\Door komma's gescheiden waarden.ADR 2012-11-13 06:19 - 2012-11-13 06:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-10-21 18:52 - 2016-06-22 16:53 - 0016840 _____ () C:\ProgramData\hpzinstall.log Sommige bestanden in TEMP: ==================== 2017-01-27 06:19 - 2017-01-27 06:19 - 0739904 _____ (Oracle Corporation) C:\Users\hugoke\AppData\Local\Temp\jre-8u121-windows-au.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-01-25 09:40 ==================== Eind van FRST.txt ============================