Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 14-02-2017 Gestart door Vlitser (Beheerder) op DESKTOP-K25ROTH (14-02-2017 09:16:01) Gestart vanaf D:\Downloads Geladen Profielen: Vlitser (Beschikbare Profielen: defaultuser0 & Vlitser) Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (TeamViewer GmbH) D:\Programs\TeamViewer\TeamViewer_Service.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe (HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe (TeamViewer GmbH) D:\Programs\TeamViewer\TeamViewer.exe (TeamViewer GmbH) D:\Programs\TeamViewer\tv_w32.exe (TeamViewer GmbH) D:\Programs\TeamViewer\tv_x64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Vlitser\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) D:\Downloads\FRST64 (1).exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-24] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => "C:\windows\system32\rundll32.exe" C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [114480 2016-10-27] (Panda Security, S.L.) HKU\S-1-5-21-4033545281-2802118743-3700204960-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2881824 2017-01-19] (Valve Corporation) HKU\S-1-5-21-4033545281-2802118743-3700204960-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.) HKU\S-1-5-21-4033545281-2802118743-3700204960-1001\...\Run: [GoogleChromeAutoLaunch_FBF4E58DBC63D2133A34710F78C94BCE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.) HKU\S-1-5-21-4033545281-2802118743-3700204960-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-11-10] ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2016-11-10] ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () GroupPolicyScripts: Restrictie <======= AANDACHT GroupPolicyScripts-x32: Restrictie <======= AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.1 195.130.130.1 Tcpip\..\Interfaces\{1f3cb0e6-8902-4ed9-876a-96817c7b5976}: [DhcpNameServer] 195.130.131.1 195.130.130.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-4033545281-2802118743-3700204960-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-4033545281-2802118743-3700204960-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE SearchScopes: HKLM -> {6DE9A9B9-639D-4E28-A544-A29EE41208E9} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-01-13] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-01-13] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-08-05] (HP Inc.) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-13] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-13] (Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-08-05] (HP Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-13] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-13] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-13] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-13] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-13] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-13] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-13] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-13] (Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-13] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-09-01] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default [2017-02-14] CHR Extension: (Google Presentaties) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-05] CHR Extension: (Google Documenten) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-05] CHR Extension: (Google Drive) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-05] CHR Extension: (YouTube) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-05] CHR Extension: (Google Cast) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2017-01-12] CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-02-10] CHR Extension: (Adobe Acrobat) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30] CHR Extension: (Google Spreadsheets) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-05] CHR Extension: (Chrome Remote Desktop) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-12] CHR Extension: (Offline Documenten) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-05] CHR Extension: (AdBlock) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31] CHR Extension: (Tribal Wars Time Extension) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\lljnlokhllljaokggocinhlomnfnmgpo [2017-01-05] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Gmail) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-05] CHR Extension: (Chrome Media Router) - C:\Users\Vlitser\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] () R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-05] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-05] (Dropbox, Inc.) R2 DbxSvc; C:\windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.) S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-09-01] (WildTangent) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [892928 2016-06-02] (HP Inc.) [Bestand niet getekend] R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [461336 2016-07-15] (HP Inc.) R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [Bestand niet getekend] R2 IRMTService; C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [181360 2016-06-21] (Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [Bestand niet getekend] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-10] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] () R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109816 2016-10-24] (Panda Security, S.L.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-01-20] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-01-20] (NVIDIA Corporation) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48584 2016-10-27] (Panda Security, S.L.) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-24] (Realtek Semiconductor) R2 TeamViewer; D:\Programs\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77416 2017-01-20] () R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [345872 2016-05-26] (Intel Corporation) R3 IntelReadyModeDriver; C:\windows\System32\drivers\IntelReadyModeDriver.sys [34952 2016-06-21] (Intel Corporation) R2 MBAMChameleon; C:\windows\system32\drivers\MBAMChameleon.sys [176584 2017-02-10] (Malwarebytes) R3 MBAMFarflt; C:\windows\system32\drivers\farflt.sys [110536 2017-02-10] (Malwarebytes) R3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [43968 2017-02-10] (Malwarebytes) R0 MBAMSwissArmy; C:\windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-10] (Malwarebytes) R3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [91584 2017-02-13] (Malwarebytes) S3 NetAdapterCx; C:\windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 Netwtw04; C:\windows\System32\drivers\Netwtw04.sys [7235344 2016-07-18] (Intel Corporation) R1 NNSALPC; C:\windows\system32\DRIVERS\NNSALPC.sys [106928 2016-07-05] (Panda Security, S.L.) R1 NNSHTTP; C:\windows\system32\DRIVERS\NNSHTTP.sys [211376 2016-07-05] (Panda Security, S.L.) R1 NNSHTTPS; C:\windows\system32\DRIVERS\NNSHTTPS.sys [119728 2016-07-05] (Panda Security, S.L.) R1 NNSIDS; C:\windows\system32\DRIVERS\NNSIDS.sys [125872 2016-07-05] (Panda Security, S.L.) R1 NNSNAHSL; C:\windows\system32\DRIVERS\NNSNAHSL.sys [80152 2016-07-06] (Panda Security, S.L.) R1 NNSPICC; C:\windows\system32\DRIVERS\NNSPICC.sys [116656 2016-07-05] (Panda Security, S.L.) R1 NNSPIHSW; C:\windows\system32\DRIVERS\NNSPIHSW.sys [90032 2016-07-05] (Panda Security, S.L.) R1 NNSPOP3; C:\windows\system32\DRIVERS\NNSPOP3.sys [135088 2016-07-05] (Panda Security, S.L.) R1 NNSPROT; C:\windows\system32\DRIVERS\NNSPROT.sys [335792 2016-07-05] (Panda Security, S.L.) R1 NNSPRV; C:\windows\system32\DRIVERS\NNSPRV.sys [197040 2016-07-05] (Panda Security, S.L.) R1 NNSSMTP; C:\windows\system32\DRIVERS\NNSSMTP.sys [123312 2016-07-05] (Panda Security, S.L.) R1 NNSSTRM; C:\windows\system32\DRIVERS\NNSSTRM.sys [278960 2016-07-05] (Panda Security, S.L.) R1 NNSTLSC; C:\windows\system32\DRIVERS\NNSTLSC.sys [125360 2016-07-05] (Panda Security, S.L.) R3 nvlddmkm; C:\windows\System32\DriverStore\FileRepository\nvhdcwu.inf_amd64_66cd0bfdc007680b\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-01-20] (NVIDIA Corporation) S3 NVSWCFilter; C:\windows\System32\drivers\nvswcfilter.sys [35272 2016-07-30] (Windows (R) Win 7 DDK provider) R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation) R3 nvvhci; C:\windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation) R2 PSINAflt; C:\windows\system32\DRIVERS\PSINAflt.sys [179120 2016-10-24] (Panda Security, S.L.) R2 PSINFile; C:\windows\System32\DRIVERS\PSINFile.sys [130992 2016-10-24] (Panda Security, S.L.) R1 PSINKNC; C:\windows\system32\DRIVERS\PSINKNC.sys [207792 2016-10-24] (Panda Security, S.L.) R2 PSINProc; C:\windows\System32\DRIVERS\PSINProc.sys [133552 2016-10-24] (Panda Security, S.L.) R2 PSINProt; C:\windows\system32\DRIVERS\PSINProt.sys [146864 2016-10-24] (Panda Security, S.L.) R2 PSINReg; C:\windows\system32\DRIVERS\PSINReg.sys [117168 2016-10-24] (Panda Security, S.L.) R3 PSKMAD; C:\windows\System32\DRIVERS\PSKMAD.sys [72112 2016-08-09] (Panda Security, S.L.) R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [937728 2016-05-18] (Realtek ) R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [416472 2016-09-09] (Realsil Semiconductor Corporation) R3 rzendpt; C:\windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.) S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-02-13 14:38 - 2017-02-14 09:16 - 00000000 ____D C:\FRST 2017-02-13 13:40 - 2017-02-13 13:41 - 00287278 _____ C:\TDSSKiller.3.1.0.12_13.02.2017_13.40.28_log.txt 2017-02-13 13:11 - 2017-02-13 14:06 - 00000000 ____D C:\Users\Vlitser\AppData\LocalLow\uTorrent 2017-02-10 14:52 - 2017-02-10 14:52 - 00389312 _____ C:\Users\Vlitser\Documents\cc_20170210_145208.reg 2017-02-10 14:40 - 2017-02-13 13:14 - 00000000 ____D C:\Program Files\trend micro 2017-02-10 14:40 - 2017-02-10 14:40 - 00002874 _____ C:\windows\System32\Tasks\CCleanerSkipUAC 2017-02-10 14:40 - 2017-02-10 14:40 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-02-10 14:40 - 2017-02-10 14:40 - 00000000 ____D C:\rsit 2017-02-10 14:40 - 2017-02-10 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-02-10 14:40 - 2017-02-10 14:40 - 00000000 ____D C:\Program Files\CCleaner 2017-02-10 13:06 - 2017-02-10 13:06 - 00000968 _____ C:\Users\Vlitser\Desktop\JRT.txt 2017-02-10 12:51 - 2017-02-10 12:54 - 00000000 ____D C:\AdwCleaner 2017-02-10 12:09 - 2016-12-29 13:28 - 00133056 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe 2017-02-10 12:08 - 2017-02-10 12:10 - 00000000 ____D C:\windows\LastGood 2017-02-10 11:41 - 2017-02-13 21:14 - 00091584 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys 2017-02-10 11:41 - 2017-02-10 13:45 - 00110536 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys 2017-02-10 11:41 - 2017-02-10 11:41 - 00176584 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys 2017-02-10 11:40 - 2017-02-10 13:45 - 00251848 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2017-02-10 11:40 - 2017-02-10 13:45 - 00043968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys 2017-02-10 11:40 - 2017-02-10 11:40 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-02-10 11:40 - 2017-02-10 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-02-10 11:40 - 2017-02-10 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-02-10 11:40 - 2017-02-10 11:40 - 00000000 ____D C:\Program Files\Malwarebytes 2017-02-10 11:40 - 2017-01-20 07:47 - 00077416 _____ C:\windows\system32\Drivers\mbae64.sys 2017-02-10 11:38 - 2017-02-10 11:38 - 00000000 ____D C:\Program Files (x86)\GCRE850.tmp 2017-02-10 11:12 - 2017-02-13 15:22 - 00001123 _____ C:\Users\Vlitser\Documents\starburn.txt 2017-02-10 11:12 - 2017-02-10 11:12 - 00000896 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk 2017-02-10 11:12 - 2017-02-10 11:12 - 00000000 ____D C:\Users\Vlitser\AppData\Local\Wondershare 2017-02-10 11:12 - 2017-02-10 11:12 - 00000000 ____D C:\ProgramData\Wondershare 2017-02-10 11:12 - 2017-02-10 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2017-02-10 11:11 - 2017-02-10 11:32 - 00000000 ____D C:\Users\Vlitser\Documents\Wondershare Filmora 2017-02-10 11:11 - 2017-02-10 11:11 - 00000000 ____D C:\ProgramData\Wondershare Video Editor 2017-02-10 11:11 - 2016-12-02 15:20 - 01250304 _____ (CineForm Inc.) C:\windows\system32\CFDecode64.ax 2017-02-10 11:10 - 2017-02-10 11:11 - 00000000 ____D C:\Users\Public\Documents\Wondershare 2017-02-10 10:51 - 2017-02-10 11:23 - 00000000 ____D C:\Users\Vlitser\Desktop\Praag 2017-02-10 10:06 - 2017-02-10 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys 2017-02-03 10:59 - 2017-02-03 10:59 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2017-02-02 17:48 - 2017-02-02 17:48 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\MiKTeX 2017-02-02 16:28 - 2017-02-02 16:28 - 00000000 ____D C:\Users\Vlitser\AppData\Local\CycloAgent 2017-02-02 16:27 - 2017-02-02 16:27 - 00000000 ____D C:\windows\Downloaded Installations 2017-02-02 16:27 - 2017-02-02 16:27 - 00000000 ____D C:\Program Files (x86)\STMicroelectronics 2017-02-02 16:26 - 2017-02-02 16:26 - 00001704 _____ C:\Users\Public\Desktop\CycloAgent.lnk 2017-02-02 16:26 - 2017-02-02 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mio 2017-02-02 16:26 - 2017-02-02 16:26 - 00000000 ____D C:\Program Files (x86)\CycloAgent 2017-02-02 12:27 - 2017-02-02 12:27 - 00000000 ____D C:\Users\Vlitser\Documents\Thief - Deadly Shadows 2017-01-31 13:33 - 2017-01-31 13:33 - 00000000 ____D C:\Users\Vlitser\Documents\My Games 2017-01-28 15:10 - 2017-01-28 15:10 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\.mono 2017-01-28 15:10 - 2017-01-28 15:10 - 00000000 ____D C:\Users\Vlitser\AppData\Local\Colossal Order 2017-01-28 15:10 - 2017-01-28 15:10 - 00000000 ____D C:\ProgramData\.mono 2017-01-26 14:19 - 2017-01-26 14:19 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\NVIDIA 2017-01-26 14:16 - 2017-01-26 14:16 - 00001496 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2017-01-26 14:16 - 2017-01-26 14:16 - 00000000 ____D C:\windows\LastGood.Tmp 2017-01-26 14:16 - 2017-01-26 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-01-26 14:16 - 2017-01-20 14:36 - 00001951 _____ C:\windows\NvTelemetryContainerRecovery.bat 2017-01-26 14:15 - 2017-01-20 19:41 - 00156608 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll 2017-01-26 14:15 - 2017-01-20 19:41 - 00124352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll 2017-01-26 14:15 - 2017-01-20 19:41 - 00057792 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvhci.sys 2017-01-26 14:15 - 2017-01-20 19:41 - 00046016 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys 2017-01-25 14:44 - 2017-01-26 15:37 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\Pro Cycling Manager 2016 2017-01-25 14:44 - 2017-01-26 15:28 - 00000000 ____D C:\Users\Vlitser\Documents\Pro Cycling Manager 2016 2017-01-25 14:33 - 2017-01-25 14:33 - 00002288 _____ C:\Users\Public\Desktop\Panda Protection.lnk 2017-01-25 14:33 - 2017-01-25 14:33 - 00002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Protection.lnk 2017-01-25 14:33 - 2017-01-25 14:33 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\Panda Security 2017-01-25 14:33 - 2017-01-25 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Protection 2017-01-25 14:33 - 2017-01-25 14:33 - 00000000 ____D C:\Program Files (x86)\Panda Security 2017-01-25 14:33 - 2016-10-24 12:14 - 00207792 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSINKNC.sys 2017-01-25 14:33 - 2016-10-24 12:14 - 00179120 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSINAflt.sys 2017-01-25 14:33 - 2016-10-24 12:14 - 00133552 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSINProc.sys 2017-01-25 14:33 - 2016-10-24 12:14 - 00130992 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSINFile.sys 2017-01-25 14:33 - 2016-10-24 12:14 - 00117168 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSINReg.sys 2017-01-25 14:33 - 2016-10-24 11:59 - 00146864 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSINProt.sys 2017-01-25 14:33 - 2016-08-09 21:17 - 00072112 _____ (Panda Security, S.L.) C:\windows\system32\Drivers\PSKMAD.sys 2017-01-25 14:31 - 2017-01-25 14:33 - 00000000 ____D C:\ProgramData\Panda Security 2017-01-25 11:53 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe 2017-01-25 11:53 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe 2017-01-20 21:20 - 2017-01-20 21:22 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\MAGIX 2017-01-20 21:20 - 2017-01-20 21:21 - 00000000 ____D C:\Users\Vlitser\Documents\MAGIX downloads 2017-01-20 21:20 - 2017-01-20 21:20 - 00000000 ____D C:\Users\Vlitser\Documents\MAGIX_MusicEditor 2017-01-20 21:20 - 2017-01-20 21:20 - 00000000 ____D C:\Users\Vlitser\AppData\Local\Xara 2017-01-20 21:20 - 2017-01-20 21:20 - 00000000 ____D C:\Program Files\Common Files\MAGIX Shared 2017-01-20 21:19 - 2017-02-10 11:11 - 00000000 ____D C:\ProgramData\MAGIX 2017-01-20 21:19 - 2017-01-20 21:19 - 00000000 ___RD C:\Users\Vlitser\Documents\MAGIX 2017-01-20 21:19 - 2017-01-20 21:19 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2017-01-17 05:54 - 2017-01-17 05:54 - 34717624 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll 2017-01-17 05:53 - 2017-01-17 05:53 - 28209080 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll 2017-01-17 05:53 - 2017-01-17 05:53 - 00951224 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll 2017-01-17 05:53 - 2017-01-17 05:53 - 00904752 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll 2017-01-17 05:53 - 2017-01-17 05:53 - 00448568 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll 2017-01-17 05:53 - 2017-01-17 05:53 - 00397240 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 40134192 _____ C:\windows\system32\nvcompiler.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 02961336 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 02594744 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 01964600 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6437654.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 01598392 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6437654.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 01047096 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 00985136 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 00393144 _____ (NVIDIA Corporation) C:\windows\system32\nvDecMFTMjpeg.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 00355768 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvDecMFTMjpeg.dll 2017-01-17 05:52 - 2017-01-17 05:52 - 00054720 _____ (NVIDIA Corporation) C:\windows\system32\nvhdap64.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 35233328 _____ C:\windows\SysWOW64\nvcompiler.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 11017016 _____ (NVIDIA Corporation) C:\windows\system32\nvptxJitCompiler.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 10907368 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 09246824 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 09000336 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvptxJitCompiler.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 00818680 _____ (NVIDIA Corporation) C:\windows\system32\nvEncMFTH264.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 00817656 _____ (NVIDIA Corporation) C:\windows\system32\nvEncMFThevc.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 00698544 _____ (NVIDIA Corporation) C:\windows\system32\nvfatbinaryLoader.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 00657048 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncMFThevc.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 00632176 _____ (NVIDIA Corporation) C:\windows\system32\nvmcumd.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 00586784 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvfatbinaryLoader.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 00407240 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll 2017-01-17 05:51 - 2017-01-17 05:51 - 00339144 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll 2017-01-17 05:50 - 2017-01-17 05:50 - 10453152 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll 2017-01-17 05:50 - 2017-01-17 05:50 - 08847016 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll 2017-01-17 05:50 - 2017-01-17 05:50 - 00658584 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncMFTH264.dll 2017-01-15 14:32 - 2017-01-15 14:32 - 00000000 ____D C:\Users\Vlitser\AppData\LocalLow\Adobe 2017-01-15 14:24 - 2017-01-21 19:54 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-15 14:24 - 2017-01-15 16:53 - 00004562 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2017-01-15 14:24 - 2017-01-15 16:49 - 00000000 ____D C:\ProgramData\Adobe 2017-01-15 14:24 - 2017-01-15 14:24 - 00002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2017-01-15 14:24 - 2017-01-15 14:24 - 00000000 ____D C:\Program Files (x86)\Adobe 2017-01-15 14:23 - 2017-01-15 14:32 - 00000000 ____D C:\Users\Vlitser\AppData\Local\Adobe ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-02-14 09:15 - 2017-01-05 14:18 - 00000000 ____D C:\Program Files (x86)\Steam 2017-02-14 09:15 - 2017-01-05 14:10 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\Skype 2017-02-14 09:15 - 2016-11-10 11:18 - 00000000 ____D C:\ProgramData\NVIDIA 2017-02-13 21:54 - 2017-01-05 14:57 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\MusicBee 2017-02-13 21:54 - 2016-07-29 13:32 - 00000000 ____D C:\windows\system32\SleepStudy 2017-02-13 15:33 - 2017-01-06 21:15 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\vlc 2017-02-13 14:49 - 2017-01-05 14:07 - 00000000 ____D C:\Users\Vlitser\AppData\Local\Packages 2017-02-12 17:57 - 2016-07-16 12:47 - 00000000 ____D C:\windows\AppReadiness 2017-02-12 17:57 - 2016-07-16 12:45 - 00000000 ____D C:\windows\INF 2017-02-12 17:54 - 2017-01-05 21:17 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps 2017-02-10 14:50 - 2016-07-16 12:47 - 00000000 ____D C:\windows\LiveKernelReports 2017-02-10 14:43 - 2017-01-05 14:12 - 00000000 ____D C:\Users\Vlitser\AppData\Local\CrashDumps 2017-02-10 14:43 - 2016-07-29 14:23 - 00000000 ____D C:\windows\Panther 2017-02-10 13:51 - 2016-11-10 18:22 - 00832490 _____ C:\windows\system32\perfh013.dat 2017-02-10 13:51 - 2016-11-10 18:22 - 00207740 _____ C:\windows\system32\perfc013.dat 2017-02-10 13:51 - 2016-07-29 13:37 - 02258548 _____ C:\windows\system32\PerfStringBackup.INI 2017-02-10 13:45 - 2016-07-29 13:32 - 00000006 ____H C:\windows\Tasks\SA.DAT 2017-02-10 13:45 - 2016-07-16 07:04 - 00262144 _____ C:\windows\system32\config\BBI 2017-02-10 12:10 - 2016-11-10 11:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-02-10 11:45 - 2017-01-06 21:24 - 00000372 _____ C:\windows\Tasks\HPCeeScheduleForVlitser.job 2017-02-10 11:45 - 2017-01-05 14:06 - 00000000 ____D C:\Users\Vlitser 2017-02-10 11:45 - 2016-07-29 13:32 - 00681936 _____ C:\windows\system32\FNTCACHE.DAT 2017-02-10 11:40 - 2017-01-05 14:13 - 00003574 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-02-10 11:40 - 2017-01-05 14:13 - 00003450 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-02-10 11:38 - 2017-01-05 14:13 - 00000000 ____D C:\Users\Vlitser\AppData\Local\Google 2017-02-10 10:07 - 2017-01-05 14:14 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-10 10:07 - 2017-01-05 14:14 - 00002287 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-10 10:07 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-10 10:06 - 2016-11-10 11:24 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-02-10 10:04 - 2017-01-06 21:24 - 00003272 _____ C:\windows\System32\Tasks\HPCeeScheduleForVlitser 2017-02-05 09:20 - 2017-01-05 19:14 - 00000000 ____D C:\ProgramData\Skype 2017-02-02 16:27 - 2016-11-10 10:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-02-02 16:11 - 2017-01-05 14:40 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\Mp3tag 2017-01-26 22:04 - 2017-01-05 14:07 - 00000000 ____D C:\Users\Vlitser\AppData\Local\NVIDIA Corporation 2017-01-26 14:16 - 2017-01-05 14:07 - 00000000 ____D C:\Users\Vlitser\AppData\Local\NVIDIA 2017-01-26 14:16 - 2016-11-10 11:18 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-01-26 14:16 - 2016-11-10 11:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-01-25 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy 2017-01-25 14:33 - 2016-07-16 12:47 - 00000000 ____D C:\windows\system32\GroupPolicy 2017-01-25 14:32 - 2016-07-16 12:47 - 00000000 ___HD C:\windows\ELAMBKUP 2017-01-25 14:32 - 2016-07-16 07:04 - 00032768 _____ C:\windows\system32\config\ELAM 2017-01-25 12:13 - 2016-07-16 12:36 - 00000000 ____D C:\windows\CbsTemp 2017-01-23 08:30 - 2016-07-16 15:11 - 00000000 ____D C:\windows\OCR 2017-01-20 19:41 - 2016-11-10 11:18 - 01872320 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll 2017-01-20 19:41 - 2016-11-10 11:18 - 01755072 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll 2017-01-20 19:41 - 2016-11-10 11:18 - 01464768 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll 2017-01-20 19:41 - 2016-11-10 11:18 - 01317312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll 2017-01-20 19:41 - 2016-11-10 11:18 - 00120256 _____ C:\windows\system32\NvRtmpStreamer64.dll 2017-01-20 09:00 - 2017-01-11 10:45 - 00000000 ____D C:\Users\Vlitser\Documents\Aangepaste Office-sjablonen 2017-01-20 07:14 - 2017-01-05 14:08 - 00002400 _____ C:\Users\Vlitser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-01-20 07:14 - 2017-01-05 14:08 - 00000000 ___RD C:\Users\Vlitser\OneDrive 2017-01-18 10:48 - 2016-11-10 10:33 - 00000000 ____D C:\ProgramData\HP 2017-01-17 05:53 - 2016-12-19 20:14 - 14190520 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys 2017-01-17 05:52 - 2016-12-19 20:14 - 01604152 _____ (NVIDIA Corporation) C:\windows\system32\nvhdagenco6420103.dll 2017-01-17 05:52 - 2016-12-19 20:14 - 00221632 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhda64v.sys 2017-01-17 05:50 - 2016-11-10 11:17 - 03972960 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll 2017-01-17 05:50 - 2016-11-10 11:17 - 03509152 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll 2017-01-17 01:37 - 2016-11-10 11:17 - 00042296 _____ C:\windows\system32\nvinfo.pb 2017-01-15 14:32 - 2017-01-05 14:07 - 00000000 ____D C:\Users\Vlitser\AppData\Roaming\Adobe ==================== Bestanden in de root van sommige mappen ======= 2017-02-10 11:03 - 2017-02-10 11:03 - 0004286 _____ () C:\ProgramData\Diamonds Match3.ico ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\windows\system32\winlogon.exe => Bestand is getekend C:\windows\system32\wininit.exe => Bestand is getekend C:\windows\explorer.exe => Bestand is getekend C:\windows\SysWOW64\explorer.exe => Bestand is getekend C:\windows\system32\svchost.exe => Bestand is getekend C:\windows\SysWOW64\svchost.exe => Bestand is getekend C:\windows\system32\services.exe => Bestand is getekend C:\windows\system32\User32.dll => Bestand is getekend C:\windows\SysWOW64\User32.dll => Bestand is getekend C:\windows\system32\userinit.exe => Bestand is getekend C:\windows\SysWOW64\userinit.exe => Bestand is getekend C:\windows\system32\rpcss.dll => Bestand is getekend C:\windows\system32\dnsapi.dll => Bestand is getekend C:\windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-02-10 12:07 ==================== Eind van FRST.txt ============================