Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 14-02-2017 Gestart door gebruiker (Beheerder) op GEBRUIKER-HP (14-02-2017 22:13:31) Gestart vanaf H:\ Geladen Profielen: gebruiker (Beschikbare Profielen: gebruiker) Platform: Windows 7 Professional Service Pack 1 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE (Dolphin Oceanic Ltd.) C:\Windows\System32\dolsrvcbar2.exe (Dolphin Computer Access Ltd.) C:\Windows\System32\dol_start.exe (brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\Sitecom\Sitecom WiFi USB Adapter AC580\WPSHWPBC.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Spotify Ltd) C:\Users\gebruiker\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Dolphin Computer Access Ltd.) C:\Program Files (x86)\Dolphin\SnovaSuite1303\Snova.EXE (Spotify Ltd) C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe (Hauppauge Computer Works) C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Spotify Ltd) C:\Users\gebruiker\AppData\Roaming\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe () C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Dolphin Computer Access Ltd.) C:\Program Files (x86)\Dolphin\Sam\sam.exe (Dolphin Computer Access Ltd.) C:\Program Files (x86)\Dolphin\Sam\vocalizer\sam.Vocalizer.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Dolphin Computer Access Ltd.) C:\Program Files (x86)\Dolphin\Sam\orpheus\sam.dolostub.exe (Dolphin Computer Access Ltd.) C:\Program Files (x86)\Dolphin\SnovaSuite1303\amd64\x64whook.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-08-23] (Realtek Semiconductor) HKLM\...\Run: [HPSYSDRV] => C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [62768 2008-11-20] (Hewlett-Packard) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-21] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-25] (Intel Corporation) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [684064 2012-07-18] (PDF Complete Inc) HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe HKLM-x32\...\Run: [Share-to-Web Namespace Daemon] => C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [57344 2001-07-03] (Hewlett-Packard) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.) HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-12-02] (Nero AG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-11] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-4124429694-2918782111-3283645683-1001\...\Run: [Spotify Web Helper] => C:\Users\gebruiker\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-06] (Spotify Ltd) HKU\S-1-5-21-4124429694-2918782111-3283645683-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [132392 2008-12-12] (Nero AG) HKU\S-1-5-21-4124429694-2918782111-3283645683-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.) HKU\S-1-5-21-4124429694-2918782111-3283645683-1001\...\Run: [DolphinOceanicAccess] => C:\Program Files (x86)\Dolphin\SnovaSuite1303\Snova.EXE [7848696 2014-08-26] (Dolphin Computer Access Ltd.) HKU\S-1-5-21-4124429694-2918782111-3283645683-1001\...\Run: [Spotify] => C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe [7133808 2017-02-06] (Spotify Ltd) HKU\S-1-5-21-4124429694-2918782111-3283645683-1001\...\MountPoints2: J - J:\LaunchU3.exe -a HKU\S-1-5-21-4124429694-2918782111-3283645683-1001\...\MountPoints2: {3b73dc30-81cc-11e2-8a73-10604b78ee19} - J:\LaunchU3.exe -a HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Dolphin\SnovaSuite1303\amd64\dol_logon.exe [506104 2014-08-26] (Dolphin Computer Access Ltd.) HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Dolphin\SnovaSuite1303\amd64\dol_secure.exe [70392 2014-08-26] (Dolphin Computer Access Ltd.) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-11] (AVAST Software) ShellIconOverlayIdentifiers: [0_OneComShellExt1] -> {F6BBFE20-F40C-449D-867A-70D304E407CC} => C:\Users\gebruiker\AppData\Roaming\Bix\Extensions\OnecomShellExt.dll -> Geen bestand ShellIconOverlayIdentifiers: [0_OneComShellExt2] -> {12BC1D5F-8949-451A-9F47-0240E9E31D11} => C:\Users\gebruiker\AppData\Roaming\Bix\Extensions\OnecomShellExt.dll -> Geen bestand ShellIconOverlayIdentifiers: [0_OneComShellExt3] -> {817B4083-0CBC-4538-BB47-746BA33CE791} => C:\Users\gebruiker\AppData\Roaming\Bix\Extensions\OnecomShellExt.dll -> Geen bestand Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2015-09-21] ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk [2015-09-21] ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 195.130.130.5 195.130.131.5 Tcpip\..\Interfaces\{F61CE3D7-BD57-41A7-BAD8-7A0BB180BDFF}: [DhcpNameServer] 195.130.130.5 195.130.131.5 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-4124429694-2918782111-3283645683-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.tijd.be/ SearchScopes: HKU\S-1-5-21-4124429694-2918782111-3283645683-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4124429694-2918782111-3283645683-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4124429694-2918782111-3283645683-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={5B52383D-7DC8-4FB6-A02A-53A3A4C347AE}&mid=b6a98473b70e47d3aba5c1290d9c07ea-0f8f9c04a0b565619b5787fb8f0f8aa1b93f8414&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-12-05 10:31:06&v=4.2.3.128&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-11] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security) BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-21] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-11] (AVAST Software) BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-21] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab FireFox: ======== FF ProfilePath: C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\78c9dv9f.default-1464799947386 [2017-02-11] FF Extension: (Web Developer) - C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\78c9dv9f.default-1464799947386\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2016-11-02] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48 FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48 FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-09-29] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] () FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [Geen bestand] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4124429694-2918782111-3283645683-1001: @citrixonline.com/appdetectorplugin -> C:\Users\gebruiker\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-01-28] (Citrix Online) FF Plugin HKU\S-1-5-21-4124429694-2918782111-3283645683-1001: vasco.com/VascoCardReaderPlugin -> C:\Users\gebruiker\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll [2014-10-27] (VASCO Data Security) FF Plugin HKU\S-1-5-21-4124429694-2918782111-3283645683-1001: vasco.com/VascoCardReaderPlugin64 -> C:\Users\gebruiker\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll [2014-10-27] (VASCO Data Security) Chrome: ======= CHR Profile: C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default [2017-02-14] CHR Extension: (Google Presentaties) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-20] CHR Extension: (Belfius Smart Card Reader Chrome Extensie) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi [2015-09-12] CHR Extension: (Google Documenten) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-20] CHR Extension: (Google Drive) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Search) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Adobe Acrobat) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-01] CHR Extension: (Google Spreadsheets) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-20] CHR Extension: (Offline Documenten) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Gmail) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-20] CHR Extension: (Chrome Media Router) - C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-11] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-11] (AVAST Software) R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd) [Bestand niet getekend] R2 DolphinCBarSrv2; C:\Windows\system32\dolsrvcbar2.exe [445952 2013-08-15] (Dolphin Oceanic Ltd.) [Bestand niet getekend] R2 DolStart; C:\Windows\system32\dol_start.exe [238840 2014-08-26] (Dolphin Computer Access Ltd.) R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [577536 2012-08-24] (Hauppauge Computer Works) [Bestand niet getekend] R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134624 2012-07-18] (PDF Complete Inc) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Bestand niet getekend] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-08-23] (Realtek Semiconductor) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WPSHWPBC; C:\Program Files (x86)\Sitecom\Sitecom WiFi USB Adapter AC580\WPSHWPBC.exe [311296 2013-08-27] () [Bestand niet getekend] S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X] S2 Intel(R) PROSet Monitoring Service; geen ImagePath S2 vToolbarUpdater40.3.6; "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe" [X] S3 wampapache; "F:\web\wamp\bin\apache\apache2.2.11\bin\httpd.exe" -k runservice [X] S3 wampmysqld; F:\web\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe wampmysqld [X] S2 WtuSystemSupport; "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309784 2017-02-11] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-02-11] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-11] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-11] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-11] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-11] (AVAST Software) S0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-11] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-11] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-11] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-11] (AVAST Software) R1 DolBoot; C:\Windows\system32\dolboot.sys [57592 2014-08-26] (Dolphin Computer Access Ltd.) R3 hcw85cir; C:\Windows\System32\drivers\hcw85cir3.sys [33792 2011-09-29] (Hauppauge Computer Works, Inc.) U5 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2016-11-12] (Microsoft Corporation) U5 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG) R3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2222224 2014-10-08] (MediaTek Inc.) S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2013-02-01] () U5 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.) S3 IFCoEMP; \SystemRoot\system32\drivers\ifM60x64.sys [X] S3 IFCoEVB; \SystemRoot\system32\drivers\ifP60X64.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-02-14 22:08 - 2017-02-14 22:13 - 00000000 ____D C:\FRST 2017-02-14 21:36 - 2017-02-14 22:04 - 00000000 ____D C:\EEK 2017-02-11 16:43 - 2017-02-11 16:43 - 00001884 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-02-11 16:43 - 2017-02-11 16:43 - 00000342 ____H C:\Windows\Tasks\Avast Emergency Update.job 2017-02-11 16:43 - 2017-02-11 16:43 - 00000000 ____D C:\Users\gebruiker\AppData\Roaming\AVAST Software 2017-02-11 16:43 - 2017-02-11 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2017-02-11 16:43 - 2017-02-11 16:42 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-02-11 16:43 - 2017-02-11 16:42 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00309784 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-02-11 16:43 - 2017-02-11 16:42 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-02-11 16:41 - 2017-02-11 16:41 - 00000000 ____D C:\Program Files\AVAST Software 2017-02-11 16:40 - 2017-02-11 17:16 - 00000000 ____D C:\ProgramData\AVAST Software 2017-02-11 16:20 - 2017-02-11 16:32 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2017-02-11 16:19 - 2017-02-11 16:32 - 00000000 ____D C:\AVG_Remover 2017-02-11 15:04 - 2017-02-11 15:04 - 00000000 ____D C:\rsit 2017-02-11 15:03 - 2017-02-11 15:03 - 00000607 _____ C:\Users\gebruiker\Desktop\RSITx64.exe - Snelkoppeling.lnk 2017-02-10 21:08 - 2017-02-10 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sitecom WiFi USB Adapter AC580 2017-02-10 21:08 - 2017-02-10 21:08 - 00000000 ____D C:\Program Files (x86)\Sitecom 2017-02-10 21:08 - 2014-10-08 19:55 - 02222224 _____ (MediaTek Inc.) C:\Windows\system32\Drivers\netr28ux.sys 2017-02-10 21:08 - 2014-09-30 14:05 - 00078936 _____ C:\Windows\system32\Drivers\FW_7662.bin 2017-02-10 21:08 - 2014-08-06 18:17 - 00334992 _____ (Mediatek Inc.) C:\Windows\system32\RaCoInstx.dll 2017-02-10 21:08 - 2014-08-06 18:17 - 00016103 _____ C:\Windows\system32\RaCoInst.dat 2017-02-10 21:08 - 2014-07-24 11:08 - 00020626 _____ C:\Windows\system32\Drivers\Patch_7662.bin 2017-02-10 21:08 - 2013-03-08 12:22 - 00000068 _____ C:\Windows\system32\RT20013C1B.ini 2017-02-10 21:08 - 2013-03-08 12:22 - 00000068 _____ C:\Windows\system32\RT20013C17.ini 2017-02-06 12:51 - 2017-02-06 12:51 - 00003288 ____N C:\bootsqm.dat 2017-02-06 12:50 - 2017-02-06 12:50 - 00000000 __SHD C:\found.002 2017-02-02 21:41 - 2017-02-02 21:41 - 00024568 _____ C:\Users\gebruiker\Downloads\website - praktische info 2017-01-30 23:27 - 2017-01-30 23:27 - 00042637 _____ C:\Users\gebruiker\Downloads\downloaded (20).pdf 2017-01-30 19:00 - 2017-01-30 19:00 - 02996238 _____ C:\Users\gebruiker\Downloads\01_all_gpv1st_20170131_belhp_00.pdf 2017-01-25 15:03 - 2017-01-25 15:04 - 116014690 _____ C:\Users\gebruiker\Downloads\Vallejo_Method_Banish_Blunders.zip 2017-01-23 18:31 - 2017-01-23 18:31 - 03350757 _____ C:\Users\gebruiker\Downloads\01_all_gpv1st_20170124_belhp_00.pdf 2017-01-18 23:15 - 2017-01-18 23:15 - 00042149 _____ C:\Users\gebruiker\Downloads\downloaded (19).pdf 2017-01-16 20:59 - 2017-01-16 20:59 - 02815886 _____ C:\Users\gebruiker\Downloads\01_all_gpv1st_20170117_belhp_00.pdf 2017-01-15 12:55 - 2017-02-06 12:52 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForgebruiker.job 2017-01-15 12:55 - 2017-02-03 23:30 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForgebruiker ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-02-14 21:59 - 2015-01-08 22:33 - 00000000 ____D C:\Users\gebruiker\AppData\Local\Free YouTube Downloader 2017-02-14 21:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing 2017-02-11 17:33 - 2013-02-01 21:49 - 00000000 ____D C:\ProgramData\PDFC 2017-02-11 16:44 - 2013-03-04 21:18 - 00000000 ____D C:\temp 2017-02-11 16:41 - 2009-07-14 05:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-02-11 16:41 - 2009-07-14 05:45 - 00027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-02-11 16:37 - 2013-06-19 20:33 - 00000000 ____D C:\Users\gebruiker\AppData\Roaming\Spotify 2017-02-11 16:36 - 2015-09-12 16:02 - 00000587 _____ C:\Users\gebruiker\Desktop\WampServer.lnk 2017-02-11 16:36 - 2014-08-14 17:36 - 00000000 ____D C:\Users\gebruiker\AppData\Local\CrashDumps 2017-02-11 16:32 - 2013-06-19 20:33 - 00000000 ____D C:\Users\gebruiker\AppData\Local\Spotify 2017-02-11 16:32 - 2009-07-14 06:08 - 00032570 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-02-11 16:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-11 16:31 - 2015-12-05 10:30 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp 2017-02-11 16:22 - 2015-07-02 02:14 - 00000000 ____D C:\Users\gebruiker\AppData\Local\Avg 2017-02-11 16:20 - 2015-07-02 02:17 - 00000000 ____D C:\Program Files\Common Files\AV 2017-02-11 16:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2017-02-11 15:04 - 2013-11-04 17:16 - 00000000 ____D C:\Program Files\trend micro 2017-02-10 23:01 - 2015-01-21 12:01 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-02-10 22:59 - 2016-05-05 15:49 - 00000000 ____D C:\Users\gebruiker\AppData\Roaming\Hola 2017-02-10 22:49 - 2017-01-09 21:16 - 00000000 ____D C:\Users\gebruiker\AppData\LocalLow\Mozilla 2017-02-10 22:05 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries 2017-02-10 21:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2017-02-10 21:08 - 2013-02-01 21:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-02-09 21:34 - 2013-02-01 21:10 - 00760332 _____ C:\Windows\system32\perfh013.dat 2017-02-09 21:34 - 2013-02-01 21:10 - 00158376 _____ C:\Windows\system32\perfc013.dat 2017-02-09 21:34 - 2009-07-14 06:13 - 01698364 _____ C:\Windows\system32\PerfStringBackup.INI 2017-02-06 18:37 - 2013-03-06 18:54 - 00000000 ____D C:\Users\gebruiker\AppData\Local\ElevatedDiagnostics 2017-02-05 08:03 - 2013-09-13 19:41 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-02-05 08:02 - 2016-01-28 20:11 - 00000642 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-4124429694-2918782111-3283645683-1001.job 2017-02-05 08:02 - 2016-01-28 20:11 - 00000546 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4124429694-2918782111-3283645683-1001.job 2017-02-03 23:24 - 2013-02-21 10:55 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CD85A6EC-015D-450B-B2A1-B1CF2261FA4F} 2017-01-26 22:45 - 2013-05-30 21:37 - 00000000 ____D C:\Users\gebruiker\Documents\My Scans 2017-01-25 11:08 - 2016-01-28 20:11 - 00003688 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-4124429694-2918782111-3283645683-1001 2017-01-25 11:08 - 2016-01-28 20:11 - 00003592 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4124429694-2918782111-3283645683-1001 2017-01-19 20:03 - 2016-06-04 22:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Bestanden in de root van sommige mappen ======= 2013-07-04 00:36 - 2016-03-02 14:52 - 0000139 _____ () C:\Users\gebruiker\AppData\Roaming\default.pls 2015-09-12 15:50 - 2017-01-15 12:53 - 0000034 _____ () C:\Users\gebruiker\AppData\Local\SuperNova_exit_error.log 2013-05-18 15:40 - 2013-05-18 16:52 - 0003660 _____ () C:\ProgramData\hpzinstall.log 2013-02-27 17:31 - 2013-02-27 17:31 - 0000032 _____ () C:\ProgramData\msdesksw_default.theme 1646-12-05 23:46 - 1623-03-16 18:07 - 0000000 _____ () C:\ProgramData\xpM204.theme Sommige bestanden in TEMP: ==================== 2017-01-09 16:03 - 2017-01-09 16:03 - 0607416 _____ (Vitzo Ltd.) C:\Users\gebruiker\AppData\Local\Temp\ad4d2avx.exe 2016-01-20 10:45 - 2016-01-20 10:45 - 2892128 _____ (AVG Technologies) C:\Users\gebruiker\AppData\Local\Temp\avg-72e83e59-2496-461c-8b78-2c23790e904a.exe 2016-05-05 15:47 - 2016-05-05 15:47 - 2770560 _____ (Hola Networks Ltd.) C:\Users\gebruiker\AppData\Local\Temp\Hola-Setup-x64-1.13.351.exe 2016-04-23 00:14 - 2016-04-23 00:14 - 0739904 _____ (Oracle Corporation) C:\Users\gebruiker\AppData\Local\Temp\jre-8u91-windows-au.exe 2016-03-02 14:46 - 2016-03-02 14:46 - 13936107 _____ (HOW Inc. ) C:\Users\gebruiker\AppData\Local\Temp\nzkpqw2b.exe 2016-10-13 21:50 - 2016-10-13 21:50 - 1473832 _____ (HOW Inc. ) C:\Users\gebruiker\AppData\Local\Temp\qbb0wdkp.exe 2015-08-03 00:58 - 2015-08-03 00:58 - 0118784 _____ () C:\Users\gebruiker\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\SysWOW64\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-01-25 10:15 ==================== Eind van FRST.txt ============================