Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 11-06-2017 Gestart door Godelieve (Beheerder) op GODELIEVE-PC (11-06-2017 19:53:52) Gestart vanaf C:\Users\Godelieve\Downloads Geladen Profielen: Godelieve (Beschikbare Profielen: Godelieve) Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [322312 2017-04-20] (Bitdefender) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-875980909-594486171-3482057321-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7956384 2017-05-31] (SUPERAntiSpyware) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F70754E5-5970-45BD-9898-001FC4595223}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-875980909-594486171-3482057321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/ HKU\S-1-5-21-875980909-594486171-3482057321-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://be.msn.com/default.aspx?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-875980909-594486171-3482057321-1000 -> DefaultScope {42CE7D95-2859-4D6E-8AC5-2D504868298F} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-875980909-594486171-3482057321-1000 -> {42CE7D95-2859-4D6E-8AC5-2D504868298F} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-20] (Bitdefender) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-20] (Bitdefender) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-06-09] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-09] (Oracle Corporation) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-20] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-20] (Bitdefender) FireFox: ======== FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-25] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-05-25] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-09] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand] FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-875980909-594486171-3482057321-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Godelieve\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxps://www.google.be/ CHR StartupUrls: Default -> "hxxps://www.google.be/" CHR Profile: C:\Users\Godelieve\AppData\Local\Google\Chrome\User Data\Default [2017-06-11] CHR Extension: (Adblock Plus) - C:\Users\Godelieve\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21] CHR Extension: (Bitdefender Wallet) - C:\Users\Godelieve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2017-06-09] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Godelieve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Chrome Media Router) - C:\Users\Godelieve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-21] CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com) S2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [104096 2017-05-18] (Bitdefender) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-04] (Synaptics Incorporated) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-20] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1442896 2017-05-25] (Bitdefender) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1612648 2017-04-19] (BitDefender) S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [879600 2017-04-19] (BitDefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [119696 2016-06-15] (BitDefender LLC) R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender) R3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC) R0 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [305120 2017-03-15] (Bitdefender) R3 LHidFilt; C:\Windows\System32\DRIVERS\LHidFilt.Sys [54800 2008-02-29] (Logicool, Inc.) R3 LMouFilt; C:\Windows\System32\DRIVERS\LMouFilt.Sys [57360 2008-02-29] (Logicool, Inc.) R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [41488 2008-02-29] (Logicool, Inc.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-04] (Synaptics Incorporated) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799552 2009-05-06] () R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-06-11 19:53 - 2017-06-11 19:55 - 00012114 _____ C:\Users\Godelieve\Downloads\FRST.txt 2017-06-11 19:53 - 2017-06-11 19:53 - 02438656 _____ (Farbar) C:\Users\Godelieve\Downloads\FRST64.exe 2017-06-11 19:53 - 2017-06-11 19:53 - 00000000 ____D C:\FRST 2017-06-09 22:40 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2017-06-09 22:40 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2017-06-09 22:09 - 2017-06-09 22:10 - 00342104 _____ C:\Windows\system32\FNTCACHE.DAT 2017-06-09 21:56 - 2017-06-09 21:56 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2017-06-09 21:56 - 2017-06-09 21:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2017-06-09 21:56 - 2017-06-09 21:56 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2017-06-09 21:50 - 2017-06-09 21:50 - 00056884 _____ C:\ProgramData\dm.1497037512.bdinstall.bin 2017-06-09 21:49 - 2017-06-09 21:49 - 00000000 ____D C:\ProgramData\Bitdefender Device Management 2017-06-09 21:44 - 2017-06-09 21:44 - 00086160 _____ C:\Users\Godelieve\AppData\Local\GDIPFONTCACHEV1.DAT 2017-06-09 21:39 - 2017-06-09 21:39 - 00002226 _____ C:\Users\Public\Desktop\Bitdefender 2017.lnk 2017-06-09 21:39 - 2017-06-09 21:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017 2017-06-09 21:36 - 2017-04-19 07:19 - 01612648 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys 2017-06-09 21:36 - 2017-04-19 07:19 - 00879600 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys 2017-06-09 21:36 - 2017-03-15 08:03 - 00305120 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys 2017-06-09 21:36 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys 2017-06-09 21:34 - 2017-06-09 21:34 - 00002321 _____ C:\ProgramData\cl.1497036152.2740.bin 2017-06-09 21:26 - 2016-10-29 09:54 - 00182944 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys 2017-06-09 21:25 - 2017-06-09 21:45 - 00000000 ____D C:\Program Files\Bitdefender 2017-06-09 21:25 - 2017-06-09 21:43 - 00045699 _____ C:\ProgramData\cl.1497036152.3264.bin 2017-06-09 21:25 - 2017-06-09 21:40 - 00276458 _____ C:\ProgramData\cl.1497036152.3036.bin 2017-06-09 21:25 - 2017-06-09 21:40 - 00012214 _____ C:\ProgramData\cl.1497036152.3868.bin 2017-06-09 21:25 - 2017-06-09 21:34 - 00017942 _____ C:\ProgramData\cl.1497036152.2716.bin 2017-06-09 21:25 - 2017-06-09 21:26 - 00014096 _____ C:\ProgramData\cl.1497036152.3628.bin 2017-06-09 21:25 - 2017-06-09 21:26 - 00001090 _____ C:\ProgramData\cl.1497036152.3780.bin 2017-06-09 21:25 - 2016-06-22 15:40 - 00520032 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys 2017-06-09 21:24 - 2017-06-09 21:24 - 00000000 ____D C:\Users\Godelieve\Downloads\wumt 2017-06-09 21:22 - 2017-06-09 21:43 - 00107737 _____ C:\ProgramData\cl.1497036152.2992.bin 2017-06-09 21:19 - 2017-06-09 21:19 - 00003644 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2017-06-09 21:17 - 2017-06-09 21:17 - 00031121 _____ C:\ProgramData\agent.update.1497035832.bdinstall.bin 2017-06-09 21:16 - 2017-06-09 21:16 - 00049777 _____ C:\ProgramData\agent.1497035749.bdinstall.bin 2017-06-09 21:11 - 2017-06-09 22:31 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-06-09 21:10 - 2017-06-09 22:31 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-06-09 21:10 - 2017-06-09 22:31 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2017-06-09 21:10 - 2017-06-09 22:31 - 00084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-06-09 21:10 - 2017-06-09 22:31 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-06-09 21:10 - 2017-06-09 21:10 - 00000000 ____D C:\Users\Godelieve\AppData\Roaming\SUPERAntiSpyware.com 2017-06-09 21:10 - 2017-06-09 21:10 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2017-06-09 21:10 - 2017-06-09 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2017-06-09 21:10 - 2017-06-09 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-06-09 21:10 - 2017-06-09 21:10 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-06-09 21:10 - 2017-06-09 21:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2017-06-09 21:10 - 2017-06-09 21:10 - 00000000 ____D C:\Program Files\Malwarebytes 2017-06-09 21:10 - 2017-05-25 11:58 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-06-09 21:09 - 2017-06-09 21:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Godelieve\Downloads\HijackThis.exe 2017-05-18 11:24 - 2017-05-18 11:24 - 00000000 ____D C:\Users\Godelieve\AppData\Roaming\Google ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-06-11 16:39 - 2009-07-14 06:45 - 00029600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-06-11 16:39 - 2009-07-14 06:45 - 00029600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-06-09 23:27 - 2014-04-14 20:57 - 00000000 ____D C:\Windows\system32\MRT 2017-06-09 23:24 - 2014-04-14 20:57 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-06-09 23:07 - 2014-04-14 19:20 - 01645556 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-06-09 23:07 - 2010-11-21 18:48 - 00745998 _____ C:\Windows\system32\perfh013.dat 2017-06-09 23:07 - 2010-11-21 18:48 - 00153918 _____ C:\Windows\system32\perfc013.dat 2017-06-09 23:07 - 2009-07-14 07:13 - 01645556 _____ C:\Windows\system32\PerfStringBackup.INI 2017-06-09 23:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-06-09 22:27 - 2016-04-10 18:07 - 00000000 ____D C:\ProgramData\Bitdefender 2017-06-09 22:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-06-09 22:08 - 2014-04-14 19:22 - 00060672 _____ C:\bdlog.txt 2017-06-09 22:01 - 2017-01-01 18:32 - 00000940 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk 2017-06-09 22:01 - 2017-01-01 18:32 - 00000928 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk 2017-06-09 22:01 - 2017-01-01 18:32 - 00000000 ____D C:\Program Files\FreeFileSync 2017-06-09 21:50 - 2016-04-10 18:03 - 00000000 ____D C:\Program Files\Bitdefender Agent 2017-06-09 21:49 - 2017-01-01 19:11 - 00000000 ____D C:\Users\Godelieve\AppData\Roaming\Bitdefender 2017-06-09 21:49 - 2016-07-08 20:16 - 00002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-06-09 21:45 - 2014-12-12 21:45 - 00002048 _____ C:\Users\Godelieve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk 2017-06-09 21:45 - 2014-04-15 09:57 - 00000000 ____D C:\Program Files (x86)\FileHippo.com 2017-06-09 21:34 - 2014-12-12 21:52 - 00000000 ____D C:\ProgramData\Oracle 2017-06-09 21:33 - 2014-04-14 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-06-09 21:31 - 2017-01-01 18:45 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2017-06-09 21:30 - 2017-01-01 18:43 - 00000000 ____D C:\Program Files (x86)\Java 2017-06-09 21:26 - 2014-04-14 18:37 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2017-06-09 21:25 - 2016-04-10 20:13 - 00000000 ____D C:\Users\Godelieve\Documents\CCleaner registerback-ups 2017-05-24 15:50 - 2014-10-03 17:49 - 00000000 ____D C:\Users\Godelieve\Desktop\Eva 2017-05-16 11:34 - 2014-04-14 18:55 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-16 11:34 - 2014-04-14 18:55 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk ==================== Bestanden in de root van sommige mappen ======= 2017-01-01 19:11 - 2017-01-01 19:11 - 0212565 _____ () C:\ProgramData\1483290331.bdinstall.bin 2017-04-25 10:22 - 2017-04-25 10:22 - 0094107 _____ () C:\ProgramData\1493108319.bdinstall.bin 2017-06-09 21:16 - 2017-06-09 21:16 - 0049777 _____ () C:\ProgramData\agent.1497035749.bdinstall.bin 2017-06-09 21:17 - 2017-06-09 21:17 - 0031121 _____ () C:\ProgramData\agent.update.1497035832.bdinstall.bin 2017-06-09 21:25 - 2017-06-09 21:34 - 0017942 _____ () C:\ProgramData\cl.1497036152.2716.bin 2017-06-09 21:34 - 2017-06-09 21:34 - 0002321 _____ () C:\ProgramData\cl.1497036152.2740.bin 2017-06-09 21:22 - 2017-06-09 21:43 - 0107737 _____ () C:\ProgramData\cl.1497036152.2992.bin 2017-06-09 21:25 - 2017-06-09 21:40 - 0276458 _____ () C:\ProgramData\cl.1497036152.3036.bin 2017-06-09 21:25 - 2017-06-09 21:43 - 0045699 _____ () C:\ProgramData\cl.1497036152.3264.bin 2017-06-09 21:25 - 2017-06-09 21:26 - 0014096 _____ () C:\ProgramData\cl.1497036152.3628.bin 2017-06-09 21:25 - 2017-06-09 21:26 - 0001090 _____ () C:\ProgramData\cl.1497036152.3780.bin 2017-06-09 21:25 - 2017-06-09 21:40 - 0012214 _____ () C:\ProgramData\cl.1497036152.3868.bin 2017-06-09 21:50 - 2017-06-09 21:50 - 0056884 _____ () C:\ProgramData\dm.1497037512.bdinstall.bin Sommige bestanden in TEMP: ==================== 2017-06-09 21:29 - 2017-06-09 21:29 - 0739904 _____ (Oracle Corporation) C:\Users\Godelieve\AppData\Local\Temp\jre-8u131-windows-au.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\SysWOW64\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-05-17 17:39 ==================== Eind van FRST.txt ============================