Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-03-2017 Gestart door Dimitry (Beheerder) op DIMITRY (02-04-2017 18:11:39) Gestart vanaf C:\Users\Dimitry\Downloads Geladen Profielen: Dimitry (Beschikbare Profielen: Dimitry) Platform: Windows 8.1 (Update) (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: IE) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] () HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2183752 2017-02-10] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKU\S-1-5-21-919706677-2626140902-522991668-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit) HKU\S-1-5-21-919706677-2626140902-522991668-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-07-14] (TomTom) HKU\S-1-5-21-919706677-2626140902-522991668-1001\...\RunOnce: [Uninstall C:\Users\Dimitry\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dimitry\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.130.4 195.130.131.4 Tcpip\..\Interfaces\{AEA9E869-0496-420E-A17F-D3101FCD16C8}: [DhcpNameServer] 195.130.130.4 195.130.131.4 Tcpip\..\Interfaces\{FF29DC36-F53E-43E2-9743-C7F40F0FD34B}: [DhcpNameServer] 192.13.128.24 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-919706677-2626140902-522991668-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-919706677-2626140902-522991668-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB SearchScopes: HKU\S-1-5-21-919706677-2626140902-522991668-1001 -> DefaultScope {621EB8AE-8BD7-4B94-AEC0-8D62CE578412} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-919706677-2626140902-522991668-1001 -> {621EB8AE-8BD7-4B94-AEC0-8D62CE578412} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-919706677-2626140902-522991668-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0FA26E9E-9CCC-40BC-BBC9-7EE108C58F23}&mid=26ca45d8254647cda1e6d92b20b564e6-eb2839c21c833a64840f1eb99431150e1525124a&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1216tb&pr=fr&d=2016-04-27 19:58:46&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-10] (AVG) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-29] (Oracle Corporation) BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-02-10] (AVG) BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-29] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Dimitry\AppData\Roaming\TomTom\HOME\Profiles\egrr2wif.default [2016-09-27] FF Extension: (Emulator) - C:\Users\Dimitry\AppData\Roaming\TomTom\HOME\Profiles\egrr2wif.default\Extensions\Navcore.9.540.1497205@tomtom.com [2016-09-27] [ niet getekend] FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-09-01] [ niet getekend] FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2015-05-26] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [Geen bestand] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] () FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-29] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) "WinDivert1.1" => dienst kan niet worden ontgrendeld. <===== AANDACHT R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Bestand niet getekend] S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-03-23] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-03-23] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-03-23] (AVG Technologies CZ, s.r.o.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-25] (Digital Wave Ltd.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Bestand niet getekend] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit) S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Bestand niet getekend] R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-05-07] (IObit) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.) R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [Bestand niet getekend] R2 vToolbarUpdater40.3.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.7\ToolbarUpdater.exe [1354312 2017-02-10] (AVG Secure Search) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-02-10] () ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2014-09-19] (ASUS Corporation) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( ) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation) R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [25608 2016-03-06] (SlimWare Utilities, Inc.) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X] S5 WinDivert1.1; <===== AANDACHT: gegrendeld Service ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-04-02 18:11 - 2017-04-02 18:12 - 00019123 _____ C:\Users\Dimitry\Downloads\FRST.txt 2017-04-02 18:10 - 2017-04-02 18:11 - 00000000 ____D C:\FRST 2017-04-02 18:08 - 2017-04-02 18:09 - 02424832 _____ (Farbar) C:\Users\Dimitry\Downloads\FRST64.exe 2017-04-02 09:41 - 2017-04-02 09:41 - 00000000 ____D C:\Users\Dimitry\AppData\Roaming\WildTangent 2017-04-02 09:37 - 2017-04-02 09:40 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2017-04-02 09:37 - 2017-04-02 09:37 - 00000000 ____D C:\ProgramData\NCH Software 2017-04-02 09:21 - 2017-04-02 09:21 - 22896728 _____ (Philipp Schmieder Medien ) C:\Users\Dimitry\Downloads\clipgrab-3.6.4-cgorg.exe 2017-04-02 09:18 - 2017-04-02 09:18 - 00000000 ____D C:\Users\Dimitry\Documents\Apowersoft 2017-04-02 09:16 - 2017-04-02 09:42 - 00000000 ____D C:\Users\Dimitry\AppData\Local\Apowersoft 2017-04-02 09:16 - 2017-04-02 09:41 - 00000000 ____D C:\Users\Dimitry\AppData\Roaming\Apowersoft 2017-04-02 08:38 - 2017-04-02 08:38 - 00000339 _____ C:\Users\Dimitry\Desktop\PcHelp Forum.url 2017-04-02 08:37 - 2017-04-02 08:39 - 00000182 _____ C:\Users\Dimitry\Desktop\Computeridee Forum.url 2017-03-31 11:50 - 2017-03-31 11:50 - 00082961 _____ C:\Users\Dimitry\Desktop\medische bijstand.pdf 2017-03-27 21:44 - 2017-03-27 21:44 - 00145007 _____ C:\Users\Dimitry\Desktop\ziekte Dimitry (1).pdf 2017-03-27 21:35 - 2017-03-27 21:35 - 00000141 _____ C:\Users\Dimitry\Desktop\Intranet Reynaers.url 2017-03-21 23:08 - 2017-03-21 23:08 - 00134333 _____ C:\Users\Dimitry\Desktop\F2 - ZIEKTE OF ONGEVAL.pdf 2017-03-19 21:17 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-03-19 21:17 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-03-19 21:17 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-03-19 21:17 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-03-19 21:17 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-03-19 21:17 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-03-19 21:17 - 2017-03-04 09:05 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-03-19 21:17 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-03-19 21:17 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-03-19 21:17 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-03-19 21:17 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-03-19 21:17 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-03-19 21:17 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-03-19 21:17 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-03-19 21:17 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-03-19 21:17 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-03-19 21:17 - 2017-03-02 19:25 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-03-19 21:17 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-03-19 21:17 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-03-19 21:17 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-03-19 21:17 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-03-19 21:17 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-03-19 21:17 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-03-19 21:17 - 2017-02-11 21:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-03-19 21:17 - 2017-02-11 07:12 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-03-19 21:17 - 2017-02-11 07:12 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2017-03-19 21:17 - 2017-02-11 07:00 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-03-19 21:17 - 2017-02-11 06:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-03-19 21:17 - 2017-02-11 06:56 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-03-19 21:17 - 2017-02-10 21:09 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-03-19 21:17 - 2017-02-10 07:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-03-19 21:17 - 2017-02-10 07:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-03-19 21:17 - 2017-02-10 07:09 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2017-03-19 21:17 - 2017-02-10 07:08 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-03-19 21:17 - 2017-02-10 07:01 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-03-19 21:17 - 2017-02-10 07:00 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-03-19 21:17 - 2017-02-10 06:59 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-03-19 21:17 - 2017-02-10 03:31 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-03-19 21:17 - 2017-02-10 02:12 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-03-19 21:17 - 2017-02-09 17:28 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-03-19 21:17 - 2017-02-09 17:19 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-03-19 21:17 - 2017-02-09 17:16 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-03-19 21:17 - 2017-02-09 17:16 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-03-19 21:17 - 2017-02-09 16:59 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2017-03-19 21:17 - 2017-02-09 16:58 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2017-03-19 21:17 - 2017-02-09 16:58 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2017-03-19 21:17 - 2017-02-04 22:32 - 07444832 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-03-19 21:17 - 2017-02-04 22:30 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-03-19 21:17 - 2017-02-04 22:30 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-03-19 21:17 - 2017-02-04 22:30 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-03-19 21:17 - 2017-02-04 22:30 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-03-19 21:17 - 2017-02-04 21:32 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2017-03-19 21:17 - 2017-02-04 21:30 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-03-19 21:17 - 2017-02-04 20:14 - 01001472 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-03-19 21:17 - 2017-02-04 19:50 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-03-19 21:17 - 2017-02-04 19:40 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2017-03-19 21:17 - 2017-02-04 19:32 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2017-03-19 21:17 - 2017-02-04 19:17 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-03-19 21:17 - 2017-02-04 19:10 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2017-03-19 21:17 - 2017-02-04 19:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-03-19 21:17 - 2017-01-21 23:37 - 00567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-03-19 21:17 - 2017-01-21 21:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-03-19 21:17 - 2017-01-21 21:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-03-19 21:17 - 2017-01-21 21:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-03-19 21:17 - 2017-01-21 21:20 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-03-19 21:17 - 2017-01-21 20:40 - 00756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-03-19 21:17 - 2017-01-21 20:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-03-19 21:17 - 2017-01-21 20:37 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-03-19 21:17 - 2017-01-21 19:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-03-19 21:17 - 2017-01-21 19:48 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-03-19 21:17 - 2017-01-14 19:49 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2017-03-19 21:17 - 2017-01-11 21:37 - 02345984 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-03-19 21:17 - 2017-01-10 21:08 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-03-19 21:17 - 2017-01-05 20:20 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-03-19 21:17 - 2017-01-05 20:09 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll 2017-03-19 21:17 - 2017-01-05 19:36 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-03-19 21:17 - 2017-01-05 19:29 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll 2017-03-19 21:17 - 2017-01-05 19:13 - 07796224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2017-03-19 21:17 - 2017-01-05 18:57 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2017-03-19 21:17 - 2016-11-09 21:22 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-03-19 21:12 - 2017-02-23 16:50 - 00093360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-03-19 21:12 - 2017-02-22 16:35 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-03-19 21:12 - 2017-02-22 16:35 - 01286144 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-03-19 21:12 - 2017-02-22 16:35 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-03-19 21:12 - 2017-02-22 16:35 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-03-19 21:12 - 2017-02-22 16:35 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-03-19 21:12 - 2017-02-22 16:35 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-03-19 21:12 - 2017-02-22 16:35 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-03-19 21:12 - 2017-02-22 16:35 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-03-12 13:36 - 2017-03-12 13:36 - 00000000 ____D C:\Users\Dimitry\Downloads\PopcornTime 2017-03-10 20:37 - 2017-03-11 22:33 - 00011606 _____ C:\Users\Dimitry\Desktop\Aankoop Dimitry.xlsx ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-04-02 18:02 - 2015-05-05 17:29 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-919706677-2626140902-522991668-1001 2017-04-02 17:57 - 2016-05-29 12:46 - 00001539 _____ C:\Users\Dimitry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk 2017-04-02 17:57 - 2015-05-05 17:26 - 00000081 _____ C:\Users\Dimitry\AppData\Roaming\sp_data.sys 2017-04-02 17:57 - 2015-05-05 17:26 - 00000000 ____D C:\Users\Dimitry\OneDrive 2017-04-02 17:52 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-02 14:55 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-04-02 14:49 - 2015-05-06 22:11 - 02519552 ___SH C:\Users\Dimitry\Desktop\Thumbs.db 2017-04-02 14:49 - 2015-05-06 22:07 - 00000000 ___RD C:\Users\Dimitry\Desktop\Dimitry 2017-04-02 14:03 - 2014-10-29 14:33 - 00806704 _____ C:\Windows\system32\perfh013.dat 2017-04-02 14:03 - 2014-10-29 14:33 - 00162170 _____ C:\Windows\system32\perfc013.dat 2017-04-02 14:03 - 2014-10-29 14:22 - 00793160 _____ C:\Windows\system32\perfh010.dat 2017-04-02 14:03 - 2014-10-29 14:22 - 00156082 _____ C:\Windows\system32\perfc010.dat 2017-04-02 14:03 - 2014-10-29 14:02 - 00754248 _____ C:\Windows\system32\perfh007.dat 2017-04-02 14:03 - 2014-10-29 14:02 - 00158900 _____ C:\Windows\system32\perfc007.dat 2017-04-02 14:03 - 2014-03-18 17:26 - 03685920 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-02 14:03 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-04-02 13:55 - 2015-05-05 17:32 - 00000000 ____D C:\ProgramData\MFAData 2017-04-02 12:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2017-04-02 12:00 - 2017-02-24 21:10 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2 2017-04-02 12:00 - 2015-05-19 19:42 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1 2017-04-02 09:41 - 2014-10-29 08:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2017-04-02 09:41 - 2014-10-29 08:26 - 00000000 ____D C:\ProgramData\WildTangent 2017-04-02 09:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2017-04-02 07:58 - 2015-11-01 16:02 - 00000954 _____ C:\Users\Public\Desktop\AVG Protection.lnk 2017-04-02 07:58 - 2015-05-05 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-04-02 07:55 - 2016-09-20 11:38 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-03-31 12:28 - 2016-11-29 23:08 - 00000281 _____ C:\Users\Dimitry\Desktop\Reccord.url 2017-03-31 11:57 - 2015-05-05 17:23 - 00000000 ____D C:\Users\Dimitry\AppData\Local\Packages 2017-03-31 11:37 - 2015-05-05 17:20 - 00000000 ____D C:\Users\Dimitry 2017-03-27 21:37 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-27 21:10 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2017-03-21 22:58 - 2013-08-22 16:44 - 00482464 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-21 22:54 - 2016-04-02 09:50 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-03-21 22:54 - 2016-04-02 09:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-03-19 23:07 - 2015-05-25 22:36 - 00000000 ___SD C:\Windows\system32\CompatTel 2017-03-19 23:07 - 2015-05-25 22:36 - 00000000 ____D C:\Windows\system32\appraiser 2017-03-19 22:40 - 2015-08-19 17:13 - 00162816 ___SH C:\Users\Dimitry\Downloads\Thumbs.db 2017-03-19 21:45 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2017-03-19 21:37 - 2015-05-19 17:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-03-19 21:29 - 2015-05-25 11:33 - 00000000 ____D C:\Windows\system32\MRT 2017-03-19 21:25 - 2015-05-25 11:32 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-03-19 21:23 - 2016-04-02 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-03-10 20:34 - 2017-01-04 15:51 - 02128296 _____ C:\Users\Dimitry\Desktop\verlof 2017.xlsx 2017-03-10 06:34 - 2016-12-11 20:44 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-03-10 06:34 - 2016-12-11 20:44 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-06 17:13 - 2016-06-08 22:19 - 00000000 ____D C:\Users\Dimitry\Desktop\Stambomen 2017-03-06 12:20 - 2015-05-05 17:23 - 00001432 _____ C:\Users\Dimitry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-03-03 08:16 - 2016-12-14 11:18 - 00003174 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-03-03 08:16 - 2016-04-27 19:23 - 00002365 _____ C:\Users\Dimitry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive voor Bedrijven.lnk 2017-03-03 08:16 - 2015-05-08 20:18 - 00003182 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-919706677-2626140902-522991668-1001 ==================== Bestanden in de root van sommige mappen ======= 2015-05-05 17:26 - 2017-04-02 17:57 - 0000081 _____ () C:\Users\Dimitry\AppData\Roaming\sp_data.sys 2015-10-14 16:49 - 2015-10-14 16:49 - 0000057 _____ () C:\ProgramData\Ament.ini 2015-01-14 16:38 - 2015-01-14 16:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS Sommige bestanden in TEMP: ==================== 2016-06-28 20:45 - 2016-05-18 13:03 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dimitry\AppData\Local\Temp\avguirn_081371044950.exe 2016-08-26 11:24 - 2016-07-20 14:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dimitry\AppData\Local\Temp\avguirn_081957917361.exe 2016-06-01 22:12 - 2016-04-22 10:01 - 0186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dimitry\AppData\Local\Temp\avguirn_08210636794.exe 2016-01-26 23:33 - 2014-08-03 12:33 - 6726720 _____ (Foxit Corporation) C:\Users\Dimitry\AppData\Local\Temp\Foxit PhantomPDF Updater.exe 2016-04-14 17:43 - 2016-04-14 17:43 - 4244480 _____ (Igor Pavlov) C:\Users\Dimitry\AppData\Local\Temp\Package_nl_ww.exe 2016-09-16 22:13 - 2016-09-16 22:13 - 50563233 _____ (Popcorn Time ) C:\Users\Dimitry\AppData\Local\Temp\setup_6FB3.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-04-02 10:55 ==================== Eind van FRST.txt ============================