Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 13-03-2017 Gestart door PC (Beheerder) op PC (14-03-2017 14:51:12) Gestart vanaf C:\Users\PC\Desktop Geladen Profielen: PC (Beschikbare Profielen: PC) Platform: Windows 7 Professional Service Pack 1 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (AMD) C:\Windows\System32\atieclxx.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe (Safer Networking Ltd.) D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (eVenture Limited) C:\Program Files (x86)\hide.me VPN\vpnsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5883912 2017-03-02] (LogMeIn Inc.) HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\...\Run: [GoogleChromeAutoLaunch_E9DDAE7C2EC8559E520CE841B1A9C8F2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1116504 2017-02-01] (Google Inc.) HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\...\MountPoints2: {139f2003-9ae3-11e3-8487-806e6f6e6963} - D:\Setup.exe HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\...\MountPoints2: {20682af6-c090-11e3-97a2-002185c0a6f7} - F:\LaunchU3.exe -a HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\...\MountPoints2: {2f0c4e85-28da-11e6-9478-806e6f6e6963} - E:\Autorun.exe HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\...\MountPoints2: {91bff4a0-25a4-11e5-b1c8-806e6f6e6963} - F:\autorun.exe HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\...\MountPoints2: {94863135-9ae7-11e3-bcb7-002185c0a6f7} - G:\setup.exe HKU\S-1-5-18\...\Run: [] => [X] HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-21] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> Geen bestand ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4 Tcpip\..\Interfaces\{40D06DBB-B2A4-4803-BB25-1C2CC46CDB93}: [NameServer] 208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{CA583B6A-9F0E-49B4-8EB8-5B316A1B3CA0}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2589417015-2426998136-2442908596-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Geen bestand BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll => Geen bestand BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Geen bestand BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> Geen bestand BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll => Geen bestand BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Geen bestand BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-14] (Oracle Corporation) BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Geen bestand BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-14] (Oracle Corporation) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - Geen bestand Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - Geen bestand FireFox: ======== FF DefaultProfile: pjck8kcn.default FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\pjck8kcn.default [2017-03-14] FF NewTab: Mozilla\Firefox\Profiles\pjck8kcn.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\pjck8kcn.default -> Yahoo! Powered FF SelectedSearchEngine: Mozilla\Firefox\Profiles\pjck8kcn.default -> Yahoo! Powered FF HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => niet gevonden FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-14] () FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [Geen bestand] FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [Geen bestand] FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-14] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Geen bestand] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-14] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-14] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Geen bestand] FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin HKU\S-1-5-21-2589417015-2426998136-2442908596-1000: @nsroblox.roblox.com/launcher -> C:\Users\PC\AppData\Local\Roblox\Versions\version-638183e929e84807\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-2589417015-2426998136-2442908596-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\PC\AppData\Local\Roblox\Versions\version-638183e929e84807\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-2589417015-2426998136-2442908596-1000: @tools.google.com/Google Update;version=3 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-2589417015-2426998136-2442908596-1000: @tools.google.com/Google Update;version=9 -> C:\Users\PC\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-2589417015-2426998136-2442908596-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS) Chrome: ======= CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms} CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms} CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2017-03-14] CHR Extension: (Google Presentaties) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-10] CHR Extension: (Google Documenten) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-10] CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-10] CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-10] CHR Extension: (Adblock Plus) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-02-10] CHR Extension: (Social Blade) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2017-02-20] CHR Extension: (Google Spreadsheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-10] CHR Extension: (Offline Documenten) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-10] CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2017-02-23] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10] CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-10] CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKU\S-1-5-21-2589417015-2426998136-2442908596-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-11-11] () R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [241936 2016-11-29] (EasyAntiCheat Ltd) R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3416584 2017-03-02] (LogMeIn Inc.) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2017-01-09] (SurfRight B.V.) R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\vpnsvc.exe [192208 2016-09-28] (eVenture Limited) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2604664 2017-03-01] (AnchorFree Inc.) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2017-02-27] (LogMeIn, Inc.) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] () R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc) R2 SBSDWSCService; D:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-02-02] (TeamViewer GmbH) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.) R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [56080 2017-02-21] (AVG Technologies CZ, s.r.o.) R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [48912 2017-02-21] (AVG Technologies CZ, s.r.o.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-02-16] (AnchorFree Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-02-21] (DT Soft Ltd) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.) R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-08-23] (Anchorfree Inc.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.) S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] S3 dbx; system32\DRIVERS\dbx.sys [X] S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-03-14 14:51 - 2017-03-14 14:53 - 00021753 _____ C:\Users\PC\Desktop\FRST.txt 2017-03-14 14:51 - 2017-03-14 14:51 - 00000000 ____D C:\Users\PC\Desktop\FRST-OlderVersion 2017-03-14 14:48 - 2017-03-14 14:51 - 02424832 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe 2017-03-13 20:43 - 2017-03-12 13:03 - 14201214 _____ C:\Users\PC\Desktop\2017-03-12-1303-17.mp4 2017-03-13 15:33 - 2017-03-13 15:33 - 00000202 _____ C:\Users\PC\Desktop\Euro Truck Simulator.url 2017-03-07 20:41 - 2017-03-02 15:10 - 00263077 _____ C:\Users\PC\Desktop\origin (1).txt 2017-03-07 20:40 - 2017-03-07 20:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AkelPad 2017-03-06 13:14 - 2017-03-06 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2017-03-06 13:14 - 2017-03-06 13:14 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2017-02-25 23:44 - 2017-02-25 23:44 - 00000000 ____D C:\Users\PC\Desktop\films 2017-02-24 13:33 - 2017-02-24 13:33 - 00000000 ____D C:\Users\PC\Desktop\Nieuwe map 2017-02-23 14:20 - 2017-02-21 09:25 - 00044304 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll 2017-02-23 14:20 - 2017-02-21 09:25 - 00042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\authuitu.dll 2017-02-20 13:35 - 2017-02-20 13:35 - 00000000 ____D C:\Users\PC\Desktop\GTA IV 2017-02-19 18:23 - 2017-02-19 18:23 - 00002200 _____ C:\Users\Public\Desktop\Grand Theft Auto IV.lnk 2017-02-19 12:34 - 2017-02-25 23:50 - 00000000 ____D C:\Users\PC\Desktop\Euro Truck Simulator 2 2017-02-18 16:14 - 2017-02-18 16:18 - 00000000 ____D C:\Users\PC\Desktop\1.26 2017-02-17 16:00 - 2017-02-17 16:00 - 00000942 _____ C:\Users\PC\Desktop\City Car Driving.lnk 2017-02-17 16:00 - 2017-02-17 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Car Driving 2017-02-16 16:50 - 2017-02-16 16:50 - 00000027 _____ C:\Users\PC\Desktop\Nieuw tekstdocument.txt 2017-02-16 16:40 - 2017-02-16 16:40 - 00000541 _____ C:\Users\Public\Desktop\Battlefield 1.lnk 2017-02-16 16:40 - 2017-02-16 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1 2017-02-16 14:48 - 2017-02-19 12:35 - 00000000 ____D C:\Users\PC\AppData\Local\MegaDownloader 2017-02-16 14:47 - 2017-02-27 11:15 - 00000000 ____D C:\Users\PC\AppData\Roaming\DMCache 2017-02-16 14:47 - 2017-02-25 15:43 - 00000000 ____D C:\Users\PC\AppData\Roaming\IDM 2017-02-16 14:47 - 2017-02-16 14:47 - 00001013 _____ C:\Users\PC\Desktop\Internet Download Manager.lnk 2017-02-16 14:47 - 2017-02-16 14:47 - 00000000 ____D C:\ProgramData\IDM 2017-02-16 14:46 - 2017-02-27 11:17 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager 2017-02-15 15:20 - 2016-08-08 19:57 - 09311232 _____ C:\Users\PC\Desktop\Impactor.exe 2017-02-14 15:49 - 2017-02-14 15:49 - 00002760 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance 2017-02-14 14:48 - 2017-02-14 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-02-14 14:38 - 2017-02-21 09:25 - 00056080 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\uxtuneup.dll 2017-02-14 14:38 - 2017-02-21 09:25 - 00048912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\SysWOW64\uxtuneup.dll 2017-02-12 19:48 - 2017-02-12 20:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2017-02-12 19:48 - 2017-02-12 19:48 - 00000948 _____ C:\Users\PC\Desktop\Spybot - Search & Destroy.lnk 2017-02-12 19:48 - 2017-02-12 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-03-14 14:52 - 2016-11-28 14:46 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt 2017-03-14 14:50 - 2016-02-02 15:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\TS3Client 2017-03-14 14:46 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-14 14:44 - 2009-07-14 05:45 - 00013984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-03-14 14:44 - 2009-07-14 05:45 - 00013984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-03-14 14:37 - 2017-02-11 18:10 - 00000000 ____D C:\FRST 2017-03-14 14:28 - 2014-02-22 16:44 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-03-13 22:23 - 2014-05-01 13:51 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype 2017-03-13 22:20 - 2017-02-11 20:55 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-03-13 20:34 - 2016-09-17 19:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-03-13 16:03 - 2016-02-28 16:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\OBS 2017-03-13 15:33 - 2016-06-24 15:21 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-03-12 17:21 - 2016-02-28 20:29 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc 2017-03-12 15:49 - 2017-01-14 13:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\Kodi 2017-03-10 18:11 - 2017-02-11 13:58 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla 2017-03-10 18:07 - 2017-01-06 21:09 - 00001360 _____ C:\Users\PC\Desktop\ROBLOX Player.lnk 2017-03-10 18:07 - 2017-01-06 21:08 - 00001179 _____ C:\Users\PC\Desktop\ROBLOX Studio.lnk 2017-03-10 18:07 - 2017-01-06 21:08 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2017-03-10 18:06 - 2017-01-06 21:08 - 00000252 _____ C:\Users\PC\AppData\LocalLow\rbxcsettings.rbx 2017-03-07 07:35 - 2014-12-07 14:45 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-03-07 07:34 - 2016-11-05 21:17 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2017-03-07 07:34 - 2016-11-05 21:17 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2017-03-06 21:52 - 2016-07-21 06:31 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi 2017-03-06 21:52 - 2016-07-21 06:31 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi 2017-03-06 13:14 - 2016-03-23 13:44 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2017-03-05 22:18 - 2016-09-30 17:05 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent 2017-03-05 19:40 - 2014-02-22 18:48 - 00000000 ____D C:\Users\PC\AppData\Local\Rockstar Games 2017-03-05 19:39 - 2016-07-23 11:22 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2017-03-05 19:39 - 2014-02-22 16:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-03-05 19:39 - 2014-02-22 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2017-03-05 19:30 - 2017-02-05 21:37 - 00000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent 2017-03-04 08:47 - 2016-09-10 13:32 - 00000000 ____D C:\ProgramData\Hotspot Shield 2017-03-04 08:47 - 2016-09-10 13:31 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2017-03-04 08:46 - 2016-09-10 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2017-03-04 08:45 - 2014-02-21 11:54 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-02 13:26 - 2015-02-08 15:07 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys 2017-02-25 23:50 - 2009-07-14 10:16 - 00745424 _____ C:\Windows\system32\perfh013.dat 2017-02-25 23:50 - 2009-07-14 10:16 - 00153376 _____ C:\Windows\system32\perfc013.dat 2017-02-25 23:50 - 2009-07-14 06:13 - 01669560 _____ C:\Windows\system32\PerfStringBackup.INI 2017-02-25 23:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2017-02-25 11:51 - 2015-12-27 17:46 - 00000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics 2017-02-23 23:40 - 2014-02-21 14:19 - 00000000 ____D C:\Windows\system32\MRT 2017-02-23 23:38 - 2014-02-21 14:19 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-02-21 09:29 - 2016-02-25 17:43 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe 2017-02-17 16:28 - 2016-07-23 11:20 - 00000000 ____D C:\Program Files\Rockstar Games 2017-02-16 16:41 - 2016-01-26 15:36 - 00000000 ____D C:\Windows\SysWOW64\directx 2017-02-14 20:28 - 2014-02-22 16:44 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-02-14 20:28 - 2014-02-22 16:43 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-02-14 20:28 - 2014-02-22 16:43 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-02-14 20:28 - 2014-02-22 16:43 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-02-14 20:28 - 2014-02-22 16:43 - 00000000 ____D C:\Windows\system32\Macromed 2017-02-13 14:18 - 2016-12-16 21:21 - 00000000 ____D C:\ProgramData\TruckersMP 2017-02-13 13:46 - 2014-05-01 13:51 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-02-13 13:46 - 2014-05-01 13:51 - 00000000 ____D C:\ProgramData\Skype 2017-02-12 14:57 - 2016-01-26 16:34 - 00000000 ____D C:\ProgramData\Avg ==================== Bestanden in de root van sommige mappen ======= 2015-02-27 14:57 - 2015-02-27 14:57 - 0004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-05 09:22 - 2016-09-17 19:03 - 0007672 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg Sommige bestanden in TEMP: ==================== 2017-02-19 20:12 - 2017-02-19 20:12 - 0204800 _____ (Sony DADC Austria AG) C:\Users\PC\AppData\Local\Temp\drm_dyndata_7370014.dll 2017-02-19 17:13 - 2017-03-05 19:40 - 0204800 _____ (Sony DADC Austria AG) C:\Users\PC\AppData\Local\Temp\drm_dyndata_7380014.dll 2017-02-08 14:47 - 2017-02-08 14:47 - 7082272 _____ () C:\Users\PC\AppData\Local\Temp\paint.net.4.0.13.install.exe 2017-02-20 13:36 - 2017-02-20 13:36 - 72953224 _____ () C:\Users\PC\AppData\Local\Temp\Social-Club-v1.2.1.4-Setup.exe 2017-02-06 16:15 - 2017-02-06 16:15 - 0084216 _____ () C:\Users\PC\AppData\Local\Temp\VirtualDJ New Version.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\SysWOW64\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-03-04 10:32 ==================== Eind van FRST.txt ============================