Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 19-04-2017 Gestart door jonas (Beheerder) op DEESISDEFLAPTOP (20-04-2017 19:48:10) Gestart vanaf D:\downloads Geladen Profielen: jonas (Beschikbare Profielen: jonas & Lotje VdR) Platform: Windows 10 Home Versie 1703 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\ns.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Windows\System32\SecurityHealthService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\ns.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxEM.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\CastSrv.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe (Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\bcastdvr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3352808 2015-11-06] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-09-30] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-09-30] (Realtek Semiconductor) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-05-26] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499128 2015-05-26] (CyberLink Corp.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] => C:\Program Files (x86)\National Instruments\Shared\NIUninstaller\InstallValidator.exe -s HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKU\S-1-5-21-1444661948-3188908094-294470660-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2017-03-18] (Microsoft Corporation) HKU\S-1-5-21-1444661948-3188908094-294470660-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-23] (Valve Corporation) HKU\S-1-5-21-1444661948-3188908094-294470660-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google) HKU\S-1-5-21-1444661948-3188908094-294470660-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\jonas\AppData\Local\MEGAsync\ShellExtX64.dll -> Geen bestand ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\jonas\AppData\Local\MEGAsync\ShellExtX64.dll -> Geen bestand ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\jonas\AppData\Local\MEGAsync\ShellExtX64.dll -> Geen bestand ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\jonas\AppData\Local\MEGAsync\ShellExtX32.dll -> Geen bestand ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\jonas\AppData\Local\MEGAsync\ShellExtX32.dll -> Geen bestand ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\jonas\AppData\Local\MEGAsync\ShellExtX32.dll -> Geen bestand ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\buShell.dll [2017-03-16] (Symantec Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-07] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.4 Tcpip\..\Interfaces\{24be85bf-50f1-42a0-9fcd-72efadf9d3fb}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{3706f9e9-24e0-4f79-8538-151e1466d1e4}: [DhcpNameServer] 195.130.131.4 195.130.130.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1444661948-3188908094-294470660-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-1444661948-3188908094-294470660-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE SearchScopes: HKU\S-1-5-21-1444661948-3188908094-294470660-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation) BHO: Geen Naam -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Geen bestand BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.9.1.12\coIEPlg.dll [2017-03-16] (Symantec Corporation) FireFox: ======== FF ProfilePath: C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\xiepoxrq.default-1481050017112 [2017-04-19] FF Extension: (True Key Add-On) - C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\xiepoxrq.default-1481050017112\Extensions\@true-key [2017-02-21] FF Extension: (Woordenboek Nederlands) - C:\Users\jonas\AppData\Roaming\Mozilla\Firefox\Profiles\xiepoxrq.default-1481050017112\Extensions\nl-NL@dictionaries.addons.mozilla.org [2017-03-03] [ niet getekend] FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-19] [ niet getekend] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon [2017-04-03] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => niet gevonden FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-12] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-12] () FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.) FF Plugin HKU\S-1-5-21-1444661948-3188908094-294470660-1001: @nsroblox.roblox.com/launcher -> C:\Users\jonas\AppData\Local\Roblox\Versions\version-88b966c853f84435\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-1444661948-3188908094-294470660-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\jonas\AppData\Local\Roblox\Versions\version-88b966c853f84435\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation) Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.be/" CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default [2017-04-20] CHR Extension: (Google Presentaties) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-10] CHR Extension: (Google Documenten) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-10] CHR Extension: (Google Drive) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-10] CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-10] CHR Extension: (Adblock Plus) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-19] CHR Extension: (Java API Search) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphfngjamcomlehblpblaacingmaojnm [2017-04-11] CHR Extension: (Google Spreadsheets) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-10] CHR Extension: (Offline Documenten) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-10] CHR Extension: (Don't Tap The White Tile - Piano Tiles) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbffnddkpojlhaikfemlpfglhmkckjeg [2017-04-11] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-10] CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-10] CHR Extension: (Chrome Media Router) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-10] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\Exts\Chrome.crx [2017-03-26] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\jonas\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-11-11] CHR HKU\S-1-5-21-1444661948-3188908094-294470660-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\Exts\Chrome.crx [2017-03-26] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3715208 2015-12-14] (Intel Corporation) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated) S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe [301536 2016-11-02] (Intel Corporation) S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe [480224 2016-11-02] (Intel Corporation) S3 DevicesFlowUserSvc; C:\WINDOWS\System32\DevicesFlowBroker.dll [689152 2017-03-18] (Microsoft Corporation) S3 DevicesFlowUserSvc_79843; C:\WINDOWS\system32\svchost.exe [47664 2017-03-18] (Microsoft Corporation) S3 DevicesFlowUserSvc_79843; C:\WINDOWS\SysWOW64\svchost.exe [40904 2017-03-18] (Microsoft Corporation) R2 DusmSvc; C:\WINDOWS\System32\dusmsvc.dll [302592 2017-03-18] (Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2015-11-06] (ELAN Microelectronics Corp.) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Bestand niet getekend] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Bestand niet getekend] R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe [341984 2016-11-02] (Intel Corporation) S3 IpxlatCfgSvc; C:\WINDOWS\System32\IpxlatCfg.dll [64000 2017-03-18] (Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [329480 2017-01-19] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] () S3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [723968 2017-03-18] (Microsoft Corporation) R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.9.1.12\NS.exe [326160 2017-03-16] (Symantec Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 SecurityHealthService; C:\WINDOWS\system32\SecurityHealthService.exe [335808 2017-03-18] (Microsoft Corporation) S3 SEMgrSvc; C:\WINDOWS\system32\SEMgrSvc.dll [1191424 2017-03-18] (Microsoft Corporation) S3 spectrum; C:\WINDOWS\system32\spectrum.exe [891904 2017-03-18] (Microsoft Corporation) S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Bestand niet getekend] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH) R3 TokenBroker; C:\WINDOWS\System32\TokenBroker.dll [1054720 2017-03-18] (Microsoft Corporation) R3 TokenBroker; C:\WINDOWS\SysWOW64\TokenBroker.dll [799232 2017-03-18] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WFDSConMgrSvc; C:\WINDOWS\System32\wfdsconmgrsvc.dll [555008 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) S3 wlpasvc; C:\WINDOWS\System32\lpasvc.dll [1295360 2017-03-18] (Microsoft Corporation) S3 xbgm; C:\WINDOWS\System32\xbgmsvc.dll [301216 2017-03-18] (Microsoft Corporation) S3 XboxGipSvc; C:\WINDOWS\System32\XboxGipSvc.dll [18944 2017-03-18] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\BASHDefs\20170417.001\BHDrvx64.sys [1831064 2017-04-06] (Symantec Corporation) R3 CAD; C:\WINDOWS\System32\drivers\CAD.sys [53664 2017-03-18] (Microsoft Corporation) R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\ccSetx64.sys [174240 2017-02-20] (Symantec Corporation) S2 CldFlt; C:\WINDOWS\System32\drivers\cldflt.sys [12288 2017-03-18] (Microsoft Corporation) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497312 2017-01-26] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156824 2017-01-26] (Symantec Corporation) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [30808 2015-11-06] (ELAN Microelectronic Corp.) R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.) R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.) S3 iaLPSS2i_GPIO2_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [85504 2017-03-18] (Intel Corporation) S3 iaLPSS2i_I2C_BXT_P; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [168448 2017-03-18] (Intel Corporation) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\IPSDefs\20170419.001\IDSvia64.sys [1038024 2017-04-17] (Symantec Corporation) R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igdkmd64.sys [11033056 2016-11-02] (Intel Corporation) R3 Larmkanal; C:\WINDOWS\system32\DRIVERS\Larmkanal.sys [33112 2015-09-02] (Adoriasoft LLC) S3 mausbhost; C:\WINDOWS\System32\drivers\mausbhost.sys [405408 2017-03-18] (Microsoft Corporation) S3 mausbip; C:\WINDOWS\System32\drivers\mausbip.sys [51104 2017-03-18] (Microsoft Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-04-20] (Malwarebytes) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [122368 2017-03-18] (Microsoft Corporation) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7218176 2017-03-18] (Intel Corporation) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-03] (Riverbed Technology, Inc.) S3 nvdimmn; C:\WINDOWS\System32\drivers\nvdimmn.sys [80896 2017-03-18] (Microsoft Corporation) R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [33560 2015-06-05] (Windows (R) Win 7 DDK provider) R3 Phosgene; C:\WINDOWS\system32\DRIVERS\Phosgene.sys [34136 2015-09-02] (Adoriasoft LLC) S3 pmem; C:\WINDOWS\System32\drivers\pmem.sys [101376 2017-03-18] (Microsoft Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-07-17] (Realsil Semiconductor Corporation) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation) S3 SpatialGraphFilter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [40352 2017-03-20] (Microsoft Corporation) R1 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\1609010.00C\SRTSP64.SYS [770200 2017-03-16] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\SRTSPX64.SYS [49312 2017-03-16] (Symantec Corporation) R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\1609010.00C\SYMEFASI64.SYS [1716896 2017-02-20] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\1609010.00C\SymELAM.sys [24616 2017-02-20] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102608 2017-02-26] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\1609010.00C\Ironx64.SYS [291480 2017-02-20] (Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\1609010.00C\SYMNETS.SYS [567512 2017-02-20] (Symantec Corporation) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [Bestand niet getekend] S3 VSPerfDrv110; D:\program files\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) S3 WinNat; C:\WINDOWS\System32\drivers\winnat.sys [217088 2017-03-18] (Microsoft Corporation) S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) NETSVC: NaturalAuthentication -> C:\Windows\System32\NaturalAuth.dll (Microsoft Corporation) NETSVC: xbgm -> C:\Windows\System32\xbgmsvc.dll (Microsoft Corporation) NETSVC: TokenBroker -> C:\Windows\System32\TokenBroker.dll (Microsoft Corporation) NETSVC: XboxGipSvc -> C:\Windows\System32\XboxGipSvc.dll (Microsoft Corporation) NETSVCx32: TokenBroker -> C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-04-20 19:47 - 2017-04-20 19:48 - 00000000 ____D C:\FRST 2017-04-20 17:14 - 2017-04-20 17:14 - 00003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjonas 2017-04-19 14:51 - 2017-04-19 15:20 - 00000000 ____D C:\Users\jonas\Documents\RestreamChat 2017-04-19 14:51 - 2017-04-19 14:51 - 00000324 _____ C:\Users\jonas\Desktop\Restream Chat.appref-ms 2017-04-19 14:51 - 2017-04-19 14:51 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Restream.io 2017-04-19 14:50 - 2017-04-19 15:24 - 00000000 ____D C:\Users\jonas\AppData\Local\Deployment 2017-04-19 14:50 - 2017-04-19 14:50 - 00271072 _____ C:\Users\jonas\Downloads\restreamchatsetup.exe 2017-04-18 18:46 - 2017-04-18 18:46 - 00000000 ____D C:\Users\jonas\AppData\Roaming\sp6_log 2017-04-18 18:45 - 2017-04-20 17:12 - 00004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B6806DBD-D5F3-486F-8498-BBA220FC9311} 2017-04-18 07:23 - 2017-04-18 07:23 - 00003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-04-18 07:23 - 2017-04-18 07:23 - 00002432 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-04-18 07:23 - 2017-04-18 07:23 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2017-04-18 07:21 - 2017-04-18 07:21 - 00000020 ___SH C:\Users\jonas\ntuser.ini 2017-04-17 23:03 - 2017-04-17 23:03 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 23675392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 11869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 08319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-04-17 23:03 - 2017-04-17 23:03 - 08247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 06756920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-04-17 23:03 - 2017-04-17 23:03 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-04-17 23:03 - 2017-04-17 23:03 - 02444184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-04-17 23:03 - 2017-04-17 23:03 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01411640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01323880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-04-17 23:03 - 2017-04-17 23:03 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-04-17 23:03 - 2017-04-17 23:03 - 00986592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-04-17 23:03 - 2017-04-17 23:03 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-04-17 23:03 - 2017-04-17 23:03 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-04-17 23:03 - 2017-04-17 23:03 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-04-17 23:03 - 2017-04-17 23:03 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-04-17 23:03 - 2017-04-17 23:03 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00205728 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-04-17 23:03 - 2017-04-17 23:03 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-04-17 23:03 - 2017-04-17 23:03 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin 2017-04-17 23:03 - 2017-04-17 23:03 - 00000000 ____D C:\Windows.old 2017-04-17 23:01 - 2017-04-17 23:01 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-04-17 23:01 - 2017-04-17 23:01 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2017-04-17 23:01 - 2017-03-17 23:48 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxToolsReportGenerator.dll 2017-04-17 23:01 - 2017-03-17 23:08 - 17777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCaptureReplay.dll 2017-04-17 23:01 - 2017-03-17 23:05 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxToolsReportGenerator.dll 2017-04-17 23:01 - 2017-03-17 23:02 - 00393216 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DXCpl.exe 2017-04-17 23:01 - 2017-03-17 23:00 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll 2017-04-17 23:01 - 2017-03-17 22:59 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll 2017-04-17 23:01 - 2017-03-17 22:59 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsProxyStub.dll 2017-04-17 23:01 - 2017-03-17 22:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll 2017-04-17 23:01 - 2017-03-17 22:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll 2017-04-17 23:01 - 2017-03-17 22:53 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXGIDebug.dll 2017-04-17 23:01 - 2017-03-17 22:52 - 04897280 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe 2017-04-17 23:01 - 2017-03-17 22:51 - 05776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe 2017-04-17 23:01 - 2017-03-17 22:49 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11_3SDKLayers.dll 2017-04-17 23:01 - 2017-03-17 22:49 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1debug3.dll 2017-04-17 23:01 - 2017-03-17 22:48 - 13785600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCaptureReplay.dll 2017-04-17 23:01 - 2017-03-17 22:48 - 06348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll 2017-04-17 23:01 - 2017-03-17 22:47 - 06806016 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll 2017-04-17 23:01 - 2017-03-17 22:46 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll 2017-04-17 23:01 - 2017-03-17 22:46 - 00370176 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DXCpl.exe 2017-04-17 23:01 - 2017-03-17 22:44 - 01977344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll 2017-04-17 23:01 - 2017-03-17 22:44 - 01174528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXCap.exe 2017-04-17 23:01 - 2017-03-17 22:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsExperiment.dll 2017-04-17 23:01 - 2017-03-17 22:44 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsCapture.dll 2017-04-17 23:01 - 2017-03-17 22:43 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll 2017-04-17 23:01 - 2017-03-17 22:43 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsMonitor.dll 2017-04-17 23:01 - 2017-03-17 22:43 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXToolsReporting.dll 2017-04-17 23:01 - 2017-03-17 22:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll 2017-04-17 23:01 - 2017-03-17 22:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsProxyStub.dll 2017-04-17 23:01 - 2017-03-17 22:41 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll 2017-04-17 23:01 - 2017-03-17 22:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXGIDebug.dll 2017-04-17 23:01 - 2017-03-17 22:38 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\perf_gputiming.dll 2017-04-17 23:01 - 2017-03-17 22:36 - 04544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe 2017-04-17 23:01 - 2017-03-17 22:35 - 05484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll 2017-04-17 23:01 - 2017-03-17 22:35 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11_3SDKLayers.dll 2017-04-17 23:01 - 2017-03-17 22:35 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1debug3.dll 2017-04-17 23:01 - 2017-03-17 22:33 - 05141504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll 2017-04-17 23:01 - 2017-03-17 22:33 - 03648000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsRemoteEngine.exe 2017-04-17 23:01 - 2017-03-17 22:32 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll 2017-04-17 23:01 - 2017-03-17 22:30 - 01480704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsOfflineAnalysis.dll 2017-04-17 23:01 - 2017-03-17 22:30 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXCap.exe 2017-04-17 23:01 - 2017-03-17 22:30 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsExperiment.dll 2017-04-17 23:01 - 2017-03-17 22:30 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsCapture.dll 2017-04-17 23:01 - 2017-03-17 22:29 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsMonitor.dll 2017-04-17 23:01 - 2017-03-17 22:29 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DXToolsReporting.dll 2017-04-17 23:01 - 2017-03-17 22:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perf_gputiming.dll 2017-04-17 22:58 - 2017-04-17 22:58 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2017-04-17 22:58 - 2017-04-17 22:06 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2017-04-17 22:57 - 2017-04-17 22:57 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2017-04-17 22:57 - 2017-04-17 22:57 - 00000000 ____D C:\Program Files\Reference Assemblies 2017-04-17 22:57 - 2017-04-17 22:57 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-04-17 22:57 - 2017-04-17 22:20 - 00000000 ____D C:\Program Files\MSBuild 2017-04-17 22:57 - 2017-04-17 22:14 - 00000000 ____D C:\Program Files (x86)\MSBuild 2017-04-17 22:56 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2017-04-17 22:56 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2017-04-17 22:56 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2017-04-17 22:56 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2017-04-17 22:56 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-04-17 22:56 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2017-04-17 22:46 - 2017-04-20 18:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2017-04-17 22:25 - 2017-04-20 17:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security 2017-04-17 22:24 - 2017-04-20 17:13 - 02217376 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-04-17 22:24 - 2017-04-17 22:24 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2017-04-17 22:24 - 2017-04-17 22:24 - 00011433 _____ C:\WINDOWS\diagerr.xml 2017-04-17 22:20 - 2017-04-20 17:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-04-17 22:19 - 2017-04-17 22:19 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2017-04-17 22:17 - 2017-04-17 22:17 - 00000000 ____D C:\ProgramData\USOShared 2017-04-17 22:10 - 2017-04-17 22:20 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2017-04-17 22:08 - 2017-04-20 17:09 - 00000000 ____D C:\Users\jonas 2017-04-17 22:08 - 2017-04-17 22:21 - 00000000 ____D C:\Users\Lotje VdR 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\Sjablonen 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\Netwerkprinteromgeving 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\Mijn documenten 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\Menu Start 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\Documents\Mijn video's 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\Documents\Mijn muziek 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\Documents\Mijn afbeeldingen 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\Lotje VdR\AppData\Local\Geschiedenis 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\Sjablonen 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\Netwerkprinteromgeving 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\Mijn documenten 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\Menu Start 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\Documents\Mijn video's 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\Documents\Mijn muziek 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\Documents\Mijn afbeeldingen 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 _SHDL C:\Users\jonas\AppData\Local\Geschiedenis 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 ____D C:\WINDOWS\system32\DAX2 2017-04-17 22:08 - 2017-04-17 22:08 - 00000000 ____D C:\Program Files\Realtek 2017-04-17 22:07 - 2017-04-17 22:20 - 00000000 ____D C:\Program Files\Elantech 2017-04-17 22:07 - 2017-04-17 22:14 - 00000000 ____D C:\Program Files\Intel 2017-04-17 22:07 - 2017-04-17 22:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETD_01011.Wdf 2017-04-17 22:07 - 2017-04-17 22:07 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2017-04-17 22:07 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-04-17 22:07 - 2016-11-02 00:05 - 00113672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2017-04-17 22:07 - 2016-11-02 00:05 - 00104464 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2017-04-17 22:06 - 2017-04-20 19:45 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-04-17 22:06 - 2017-04-20 17:08 - 00360936 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-04-17 17:20 - 2017-04-18 07:21 - 00000000 ___DC C:\WINDOWS\Panther 2017-04-17 17:20 - 2017-04-17 17:34 - 00000000 ___HD C:\$WINDOWS.~BT 2017-04-17 17:13 - 2017-04-17 17:20 - 00000036 _____ C:\WINDOWS\progress.ini 2017-04-17 16:57 - 2017-04-17 17:13 - 00000000 ___HD C:\$GetCurrent 2017-04-17 16:56 - 2017-04-17 16:56 - 06581904 _____ (Microsoft Corporation) C:\Users\jonas\Downloads\Windows10Upgrade28085.exe 2017-04-17 16:56 - 2017-04-17 16:56 - 00000723 _____ C:\Users\jonas\Desktop\Windows 10-upgradeassistent.lnk 2017-04-16 23:52 - 2017-04-19 18:42 - 00000000 ____D C:\Users\jonas\AppData\LocalLow\Mozilla 2017-04-16 17:32 - 2017-04-16 17:32 - 00002267 _____ C:\Users\jonas\Downloads\Fixlog.txt 2017-04-13 14:04 - 2012-06-14 09:37 - 00018944 _____ (Hewlett-Packard.) C:\WINDOWS\system32\Drivers\HPubA407.sys 2017-04-13 14:04 - 2011-10-31 17:12 - 00025088 _____ (Hewlett-Packard.) C:\WINDOWS\system32\Drivers\HPMoA407.sys 2017-04-13 14:04 - 2010-09-17 13:59 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2017-04-12 17:43 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2017-04-12 17:43 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-04-11 18:43 - 2017-04-11 18:43 - 00000000 ____D C:\Program Files\Common Files\AV 2017-04-11 11:21 - 2017-04-11 11:21 - 01129376 _____ (Google Inc.) C:\Users\jonas\Downloads\ChromeSetup (1).exe 2017-04-11 11:05 - 2017-04-19 15:03 - 00001478 _____ C:\Users\jonas\Desktop\ROBLOX Player.lnk 2017-04-11 11:05 - 2017-04-19 15:03 - 00001293 _____ C:\Users\jonas\Desktop\ROBLOX Studio.lnk 2017-04-11 11:05 - 2017-04-19 15:03 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2017-04-11 11:05 - 2017-04-11 11:05 - 00854584 _____ (ROBLOX Corporation) C:\Users\jonas\Downloads\RobloxPlayerLauncher.exe 2017-04-10 22:19 - 2017-04-17 22:22 - 00002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-04-10 22:19 - 2017-04-17 22:22 - 00002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-04-10 22:18 - 2017-04-10 22:18 - 01129376 _____ (Google Inc.) C:\Users\jonas\Downloads\ChromeSetup.exe 2017-04-10 18:39 - 2017-04-10 18:39 - 00000000 ____D C:\ProgramData\Logitech 2017-04-10 18:38 - 2017-04-10 18:38 - 00000000 ____D C:\Users\Public\Documents\Logishrd 2017-04-10 18:33 - 2017-04-18 18:47 - 00000000 ____D C:\ProgramData\Logishrd 2017-04-10 18:33 - 2017-04-13 14:05 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys 2017-04-10 18:30 - 2017-04-10 18:38 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Logitech 2017-04-10 18:30 - 2017-04-10 18:30 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Logishrd 2017-04-06 12:34 - 2017-04-20 19:27 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-04-06 12:34 - 2017-04-20 19:27 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-04-06 12:34 - 2017-04-17 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-04-06 12:34 - 2017-04-06 12:34 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-04-05 16:05 - 2017-04-17 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune 2017-04-05 16:05 - 2017-04-05 16:05 - 00000000 ____D C:\Program Files (x86)\HD Tune 2017-04-01 23:40 - 2017-04-01 23:40 - 00000000 ____D C:\test 2017-03-28 18:33 - 2017-03-28 18:33 - 00000000 ____D C:\Program Files\NortonInstaller 2017-03-25 12:48 - 2017-03-25 12:49 - 00016484 _____ C:\Users\jonas\Documents\test.xlsm 2017-03-24 19:41 - 2017-03-24 19:41 - 00000000 ____D C:\Users\jonas\Documents\My Cheat Tables ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-04-20 17:14 - 2016-06-27 07:53 - 00000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjonas.job 2017-04-20 17:13 - 2017-03-20 05:54 - 01007740 _____ C:\WINDOWS\system32\perfh013.dat 2017-04-20 17:13 - 2017-03-20 05:54 - 00215754 _____ C:\WINDOWS\system32\perfc013.dat 2017-04-20 17:12 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps 2017-04-20 17:12 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-04-20 17:09 - 2016-04-30 13:23 - 00000000 __SHD C:\Users\jonas\IntelGraphicsProfiles 2017-04-20 07:35 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI 2017-04-19 20:08 - 2016-08-29 19:29 - 00000000 ____D C:\Users\jonas\AppData\Local\Roblox 2017-04-19 19:38 - 2016-12-20 21:56 - 00000000 ____D C:\Users\jonas\AppData\Roaming\obs-studio 2017-04-19 19:05 - 2016-10-30 13:47 - 00000000 ____D C:\Users\jonas\AppData\Roaming\CACHE 2017-04-19 18:44 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF 2017-04-19 18:43 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-04-19 18:42 - 2016-05-12 17:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-04-19 16:35 - 2016-06-11 21:52 - 00000000 ____D C:\Program Files (x86)\Steam 2017-04-19 16:35 - 2016-04-30 13:48 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2017-04-19 16:34 - 2017-02-18 21:10 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Opera Software 2017-04-19 16:34 - 2017-02-18 21:10 - 00000000 ____D C:\Users\jonas\AppData\Local\Opera Software 2017-04-19 16:34 - 2017-02-18 21:09 - 00000000 ____D C:\Program Files\Opera 2017-04-19 16:26 - 2016-01-13 16:55 - 00000000 ____D C:\Program Files (x86)\PHotkey 2017-04-19 16:25 - 2015-11-09 16:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-04-18 20:54 - 2016-05-22 17:56 - 00001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2017-04-18 20:54 - 2016-05-22 17:56 - 00001032 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2017-04-18 20:54 - 2016-05-01 13:33 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-04-18 20:40 - 2016-01-13 16:52 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2017-04-18 20:34 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-04-18 16:53 - 2016-04-30 13:23 - 00000000 ____D C:\Users\jonas\AppData\Local\Packages 2017-04-18 16:48 - 2016-08-18 16:32 - 00000617 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2017-04-18 07:23 - 2016-08-07 20:38 - 00000000 ____D C:\Users\jonas\AppData\Local\ConnectedDevicesPlatform 2017-04-18 07:23 - 2016-04-30 13:25 - 00000000 ___RD C:\Users\jonas\OneDrive 2017-04-18 07:21 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-04-18 07:21 - 2015-11-09 12:53 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-04-17 23:06 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2017-04-17 23:03 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup 2017-04-17 23:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2017-04-17 23:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB 2017-04-17 23:01 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2017-04-17 23:01 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2017-04-17 23:01 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2017-04-17 23:01 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2017-04-17 23:01 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\system32\winrm 2017-04-17 23:01 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\system32\WCN 2017-04-17 23:01 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\system32\slmgr 2017-04-17 23:01 - 2017-03-20 05:54 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\migwiz 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\IME 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Defender 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-04-17 23:01 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-04-17 23:01 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\servicing 2017-04-17 22:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2017-04-17 22:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI 2017-04-17 22:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2017-04-17 22:25 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT 2017-04-17 22:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2017-04-17 22:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration 2017-04-17 22:22 - 2017-03-20 05:56 - 00000000 ____D C:\WINDOWS\HoloShell 2017-04-17 22:22 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries 2017-04-17 22:22 - 2016-08-07 18:24 - 00023076 _____ C:\WINDOWS\system32\emptyregdb.dat 2017-04-17 22:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-17 22:20 - 2017-03-18 13:40 - 00008192 _____ C:\WINDOWS\system32\config\ELAM 2017-04-17 22:20 - 2017-03-17 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2017-04-17 22:20 - 2017-02-16 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO MINDSTORMS EV3 Home Edition 2017-04-17 22:20 - 2017-02-07 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2017-04-17 22:20 - 2017-02-03 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free 2017-04-17 22:20 - 2017-01-21 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MouseMote Server 2017-04-17 22:20 - 2016-12-24 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2017-04-17 22:20 - 2016-12-11 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teach2000 2017-04-17 22:20 - 2016-12-10 12:50 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LMSOFT 2017-04-17 22:20 - 2016-12-01 20:22 - 00000000 ____D C:\WINDOWS\SysWOW64\1033 2017-04-17 22:20 - 2016-12-01 20:19 - 00000000 ____D C:\WINDOWS\system32\1033 2017-04-17 22:20 - 2016-12-01 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 2017-04-17 22:20 - 2016-10-06 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MIT App Inventor Tools 2017-04-17 22:20 - 2016-08-18 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoiLo Game Recorder 2017-04-17 22:20 - 2016-08-01 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2017-04-17 22:20 - 2016-07-22 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-04-17 22:20 - 2016-07-21 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2017-04-17 22:20 - 2016-07-13 22:38 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-04-17 22:20 - 2016-06-26 14:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2017-04-17 22:20 - 2016-06-12 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-04-17 22:20 - 2016-06-11 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2017-04-17 22:20 - 2016-05-14 09:56 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-04-17 22:20 - 2016-05-14 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-04-17 22:20 - 2016-05-09 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2017-04-17 22:20 - 2016-05-08 16:09 - 00000000 ____D C:\WINDOWS\nl 2017-04-17 22:20 - 2016-05-04 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightGear 2016.1.1 2017-04-17 22:20 - 2016-01-21 06:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema 2017-04-17 22:20 - 2016-01-13 16:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2017-04-17 22:20 - 2015-11-09 16:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover 2017-04-17 22:20 - 2015-10-30 11:07 - 00000000 ____D C:\WINDOWS\ShellNew 2017-04-17 22:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate 2017-04-17 22:15 - 2017-03-20 05:55 - 00000000 ____D C:\WINDOWS\OCR 2017-04-17 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2017-04-17 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-04-17 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool 2017-04-17 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-04-17 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-04-17 22:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-04-17 22:15 - 2016-01-13 16:55 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles 2017-04-17 22:14 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-04-17 22:14 - 2017-03-16 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-04-17 22:14 - 2017-02-18 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression 2017-04-17 22:14 - 2016-12-20 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org 2017-04-17 22:14 - 2016-12-01 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK 2017-04-17 22:14 - 2016-12-01 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK 2017-04-17 22:14 - 2016-12-01 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2017-04-17 22:14 - 2016-12-01 20:25 - 00000000 ____D C:\Program Files\IIS 2017-04-17 22:14 - 2016-11-15 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightbot 2017-04-17 22:09 - 2016-09-18 08:40 - 00000000 ____D C:\Users\Lotje VdR\AppData\Local\Packages 2017-04-17 22:08 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2017-04-17 22:07 - 2016-01-13 16:47 - 00000000 ____D C:\Intel 2017-04-17 18:21 - 2016-08-02 12:26 - 00000000 ____D C:\Windows10Upgrade 2017-04-17 16:56 - 2016-08-02 12:26 - 00000735 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-upgradeassistent.lnk 2017-04-13 17:36 - 2016-06-12 16:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-04-13 17:36 - 2016-06-12 16:55 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-04-13 16:59 - 2016-04-30 16:00 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-04-13 16:57 - 2016-04-30 16:00 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-04-13 15:17 - 2016-06-28 19:17 - 00000000 ____D C:\Users\jonas\AppData\Local\CrashDumps 2017-04-13 15:16 - 2016-04-30 15:52 - 00000246 _____ C:\Users\jonas\AppData\LocalLow\rbxcsettings.rbx 2017-04-11 11:08 - 2017-02-07 18:16 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-04-11 11:08 - 2016-08-20 23:19 - 00000000 ____D C:\Program Files\Common Files\McAfee 2017-04-11 11:06 - 2016-01-13 17:45 - 00000000 ____D C:\ProgramData\McAfee 2017-04-10 22:19 - 2016-04-30 13:41 - 00000000 ____D C:\Users\jonas\AppData\Local\Google 2017-04-10 22:18 - 2016-04-30 13:41 - 00000000 ____D C:\Program Files (x86)\Google 2017-04-06 12:34 - 2016-05-12 19:09 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-04-03 18:56 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-04-03 18:56 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-04-02 00:03 - 2016-05-01 08:34 - 00000000 ___RD C:\Users\jonas\Google Drive 2017-03-29 19:46 - 2016-11-11 15:11 - 00001882 _____ C:\Users\jonas\Desktop\Google Drive.lnk 2017-03-27 19:28 - 2016-06-26 14:25 - 00002373 _____ C:\Users\Public\Desktop\Norton Security.lnk 2017-03-27 19:28 - 2016-06-26 14:25 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64 2017-03-27 19:20 - 2017-01-22 21:12 - 00000000 ____D C:\Program Files (x86)\obs-studio 2017-03-27 19:20 - 2016-10-08 12:10 - 00001279 _____ C:\Users\Public\Desktop\OBS Studio.lnk 2017-03-23 19:27 - 2016-05-01 07:40 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Skype 2017-03-23 18:36 - 2016-11-11 15:09 - 00002119 _____ C:\Users\Public\Desktop\Google Slides.lnk 2017-03-23 18:36 - 2016-11-11 15:09 - 00002117 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2017-03-23 18:36 - 2016-11-11 15:09 - 00002107 _____ C:\Users\Public\Desktop\Google Docs.lnk ==================== Bestanden in de root van sommige mappen ======= 2016-12-24 19:31 - 2016-12-24 19:31 - 0000003 _____ () C:\Users\jonas\AppData\Roaming\basic.ini 2016-08-20 17:59 - 2016-08-20 18:16 - 0003061 _____ () C:\Users\jonas\AppData\Roaming\net.telestream.gameshow.xml 2016-08-20 18:16 - 2016-08-20 18:16 - 0000076 _____ () C:\Users\jonas\AppData\Roaming\pc-capture-log.txt 2016-07-15 20:37 - 2016-07-15 20:37 - 0000096 _____ () C:\Users\jonas\AppData\Roaming\settings.xml 2016-07-22 22:34 - 2016-07-22 22:34 - 0001167 _____ () C:\Users\jonas\AppData\Roaming\trace_FilterInstaller.1.txt 2016-07-22 22:34 - 2016-08-01 13:12 - 0000905 _____ () C:\Users\jonas\AppData\Roaming\trace_FilterInstaller.txt 2016-07-22 22:34 - 2016-08-01 13:12 - 0000000 _____ () C:\Users\jonas\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2016-08-20 18:00 - 2016-08-20 18:00 - 0000000 _____ () C:\Users\jonas\AppData\Roaming\wirecast_check_crash.txt 2016-05-01 12:34 - 2016-10-12 20:27 - 0006144 _____ () C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-07-02 15:52 - 2016-07-02 15:52 - 0007605 _____ () C:\Users\jonas\AppData\Local\Resmon.ResmonCfg 2017-04-17 22:08 - 2017-04-17 22:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2016-08-01 16:57 - 2016-08-01 16:57 - 0005116 _____ () C:\ProgramData\rxsmznjf.zcp 2016-01-21 06:31 - 2016-01-21 06:31 - 0000032 _____ () C:\ProgramData\Temp.log 2016-01-13 16:40 - 2016-01-21 06:38 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2016-01-13 16:37 - 2016-01-21 06:36 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2016-01-13 16:40 - 2016-01-21 06:38 - 0000032 _____ () C:\ProgramData\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}.log 2016-01-13 16:39 - 2016-01-21 06:37 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2016-01-13 16:36 - 2016-01-21 06:35 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2016-01-13 16:38 - 2016-01-21 06:37 - 0000032 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log 2016-01-13 16:37 - 2016-01-21 06:36 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-04-17 22:06 ==================== Eind van FRST.txt ============================