Scanresultaten van Farbar Recovery Scan Tool (FRST) (x86) Versie: 23-07-2017 Gestart door Patrick (Beheerder) op PC_VAN_PATRICK (24-07-2017 14:22:50) Gestart vanaf C:\Users\Patrick\Desktop Geladen Profielen: Patrick (Beschikbare Profielen: Patrick) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Taal: Nederlands (Nederland) Internet Explorer Versie 9 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE (AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe (InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (AVAST Software s.r.o.) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sony Corporation) C:\Program Files\Sony\Network Utility\LANUtil.exe (Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6295552 2008-07-03] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584 2007-03-10] (Synaptics, Inc.) HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation) HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-10] (Google) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-03-24] (CANON INC.) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [213832 2017-07-10] (AVAST Software) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-07-03] (Realtek Semiconductor Corp.) HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [1047000 2017-04-06] (DivX, LLC) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2008-07-07] (Sony Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\Run: [NSUFloatingUI] => C:\Program Files\Sony\Network Utility\LANUtil.exe [262144 2008-06-27] (Sony Corporation) HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-03-09] (Google Inc.) HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\Run: [Facebook Update] => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.) HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7658200 2017-06-30] (Piriform Ltd) HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\MountPoints2: {38e91e6e-1176-11de-8015-001dba8af551} - G:\LaunchU3.exe -a HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\MountPoints2: {7e6dd76d-0f3b-11de-bf98-001dba8af551} - G:\LaunchU3.exe -a HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\...\MountPoints2: {ef6b8eeb-433b-11e1-a199-000272ad4c18} - IomegaEncryptionSetup v1.3.exe AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll => c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-08-10] (Google) Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk [2013-05-09] ShortcutTarget: OneNote 2007 Schermopname en Snel starten.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 195.130.130.3 195.130.131.3 Tcpip\..\Interfaces\{6F58BDF9-FBF6-43DD-9C16-C7E475C3C1B3}: [DhcpNameServer] 195.130.130.131 195.130.131.131 Tcpip\..\Interfaces\{7FE441B2-76E8-4ACC-8C0B-75E687D41A42}: [NameServer] 208.67.222.222,8.8.8.8 Tcpip\..\Interfaces\{7FE441B2-76E8-4ACC-8C0B-75E687D41A42}: [DhcpNameServer] 195.130.130.3 195.130.131.3 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2010226127-3141891110-2431163650-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com SearchScopes: HKLM -> DefaultScope {00C0A3CD-F18C-41BE-A4D3-1930E60F9021} URL = hxxp://www.google.nl/search?hl=nl&q={searchTerms}&meta= SearchScopes: HKLM -> {00C0A3CD-F18C-41BE-A4D3-1930E60F9021} URL = hxxp://www.google.nl/search?hl=nl&q={searchTerms}&meta= BHO: Adobe PDF Reader Help bij koppelingen -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30] (Adobe Systems Incorporated) BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader) BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25] (CANON INC.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-15] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-07-10] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-26] (Google Inc.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-10-07] (Google Inc.) BHO: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-26] (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-15] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-26] (Google Inc.) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.) Toolbar: HKU\S-1-5-21-2010226127-3141891110-2431163650-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-26] (Google Inc.) Toolbar: HKU\S-1-5-21-2010226127-3141891110-2431163650-1003 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-26] (Google Inc.) FireFox: ======== FF Extension: (Belgium eID) - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2012-03-12] [niet getekend] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-02] [niet getekend] FF HKLM\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be FF HKLM\...\Firefox\Extensions: [8hffxtbr@Allin1Convert_8h.com] - C:\Program Files\Allin1Convert_8h\bar\1.bin => niet gevonden FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-13] [niet getekend] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.) FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2017-04-06] (DivX, LLC) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll [2010-06-03] (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-15] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-15] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-09-13] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-09-13] (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin HKU\S-1-5-21-2010226127-3141891110-2431163650-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Patrick\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-2010226127-3141891110-2431163650-1003: vasco.com/VascoCardReaderPlugin -> C:\Users\Patrick\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll [2014-10-27] (VASCO Data Security) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default [2017-07-24] CHR Extension: (Google Documenten) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05] CHR Extension: (Google Drive) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Search) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Offline Documenten) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-07-10] CHR Extension: (Avast Online Security) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-07-10] CHR Extension: (RealDownloader) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-10-14] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [5815840 2017-07-10] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [263312 2017-07-10] (AVAST Software) R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [Bestand niet getekend] R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [815104 2008-04-30] (Intel(R) Corporation) [Bestand niet getekend] S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-08-10] (Google) S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] () S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [Bestand niet getekend] S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation) R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [299008 2008-06-27] (Sony Corporation) [Bestand niet getekend] S4 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [Bestand niet getekend] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-04-30] (Intel(R) Corporation) [Bestand niet getekend] S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [Bestand niet getekend] S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation) S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation) S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation) S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [Bestand niet getekend] R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-07] (Sony Corporation) R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-06-19] (Sony Corporation) R2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-12] (Sony Corporation) R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation) R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [Bestand niet getekend] S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [35712 2012-03-12] (Advanced Card Systems Ltd) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [266976 2017-07-10] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157384 2017-07-10] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276704 2017-07-10] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50352 2017-07-10] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42824 2017-07-10] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [123928 2017-07-18] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [70088 2017-07-10] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70840 2017-07-10] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774288 2017-07-10] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [496976 2017-07-10] (AVAST Software) R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [202688 2017-07-10] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296312 2017-07-12] (AVAST Software) S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows (R) Codename Longhorn DDK provider) R1 NetworkX; C:\Windows\system32\ckldrv.sys [19584 2008-03-17] () [Bestand niet getekend] R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Gemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-07-24 14:22 - 2017-07-24 14:24 - 00024431 _____ C:\Users\Patrick\Desktop\FRST.txt 2017-07-23 14:15 - 2017-07-23 14:15 - 00003890 _____ C:\ipconfig.txt 2017-07-21 08:07 - 2017-07-21 08:07 - 00005138 _____ C:\Users\Patrick\Documents\startup.txt 2017-07-19 11:20 - 2017-07-19 11:20 - 00004112 _____ C:\Users\Patrick\Documents\cc_20170719_112036.reg 2017-07-19 11:19 - 2017-07-19 11:19 - 00004112 _____ C:\Users\Patrick\Documents\cc_20170719_111952.reg 2017-07-19 11:17 - 2017-07-19 11:17 - 00004112 _____ C:\Users\Patrick\Documents\cc_20170719_111750.reg 2017-07-19 11:17 - 2017-07-19 11:17 - 00004112 _____ C:\Users\Patrick\Documents\cc_20170719_111705.reg 2017-07-19 11:16 - 2017-07-19 11:16 - 00004112 _____ C:\Users\Patrick\Documents\cc_20170719_111620.reg 2017-07-19 11:15 - 2017-07-19 11:15 - 00005900 _____ C:\Users\Patrick\Documents\cc_20170719_111525.reg 2017-07-19 11:09 - 2017-07-19 11:11 - 01166282 _____ C:\Users\Patrick\Documents\cc_20170719_110920.reg 2017-07-19 11:00 - 2017-07-19 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-07-16 15:10 - 2017-07-17 16:40 - 00000000 ____D C:\AdwCleaner 2017-07-16 15:09 - 2017-07-16 15:09 - 04110280 _____ C:\Users\Patrick\Desktop\adwcleaner_6.047.exe 2017-07-15 13:28 - 2017-07-24 14:22 - 01778176 _____ (Farbar) C:\Users\Patrick\Desktop\FRST.exe 2017-07-15 12:39 - 2017-07-15 12:39 - 00000000 ___HD C:\$AV_ASW 2017-07-15 12:36 - 2017-07-24 14:22 - 00000000 ____D C:\Users\Patrick\Desktop\FRST-OlderVersion 2017-07-15 12:36 - 2017-07-15 13:36 - 00007547 _____ C:\Users\Patrick\Desktop\Fixlog.txt 2017-07-13 19:12 - 2017-07-24 14:22 - 00000000 ____D C:\FRST 2017-07-12 11:14 - 2017-07-10 20:08 - 00303280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-07-24 13:17 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2017-07-24 13:17 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2017-07-24 12:07 - 2012-04-17 17:57 - 00001092 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2010226127-3141891110-2431163650-1003UA.job 2017-07-24 11:17 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-07-24 11:16 - 2009-07-30 16:28 - 00003204 _____ C:\Windows\bthservsdp.dat 2017-07-24 11:16 - 2006-11-02 15:01 - 00032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-07-24 10:29 - 2009-03-17 18:25 - 00002565 _____ C:\Users\Patrick\Desktop\WORD.lnk 2017-07-24 00:35 - 2010-09-27 20:46 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\uTorrent 2017-07-24 00:26 - 2009-05-23 14:30 - 00000000 ____D C:\Users\Patrick\Documents\Film 2017-07-23 23:58 - 2009-03-07 13:12 - 00000000 ____D C:\Users\Patrick 2017-07-23 18:07 - 2012-04-17 17:57 - 00001070 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2010226127-3141891110-2431163650-1003Core.job 2017-07-22 23:55 - 2013-03-26 10:58 - 00000000 ____D C:\Users\Patrick\Download 2017-07-22 20:10 - 2009-05-23 14:31 - 00000000 ____D C:\Users\Patrick\Documents\Lotto 2017-07-22 19:34 - 2009-03-17 18:25 - 00002557 _____ C:\Users\Patrick\Desktop\EXCEL.lnk 2017-07-22 17:13 - 2008-01-21 08:47 - 01804818 _____ C:\Windows\system32\PerfStringBackup.INI 2017-07-22 17:13 - 2008-01-21 08:47 - 00796034 _____ C:\Windows\system32\perfh013.dat 2017-07-22 17:13 - 2008-01-21 08:47 - 00180978 _____ C:\Windows\system32\perfc013.dat 2017-07-22 17:13 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf 2017-07-22 16:07 - 2009-03-10 13:48 - 00216064 _____ C:\Users\Patrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-07-21 11:18 - 2016-02-15 14:20 - 00000000 ____D C:\Users\Patrick\Documents\STERFDATUMS 2017-07-20 23:50 - 2009-06-20 14:50 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Media Player Classic 2017-07-19 11:05 - 2010-02-01 18:58 - 00000000 ____D C:\Users\Patrick\Tracing 2017-07-19 11:00 - 2012-08-13 18:51 - 00000764 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-07-18 13:55 - 2009-03-26 19:14 - 00123928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys 2017-07-15 19:06 - 2017-06-14 09:59 - 00027648 _____ C:\Users\Patrick\Documents\TONY AFREKENING.xls 2017-07-15 13:42 - 2009-12-01 16:46 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-07-15 13:35 - 2009-03-30 19:56 - 00000000 ___SD C:\Users\Patrick\AppData\LocalLow\Temp 2017-07-15 12:37 - 2006-11-02 13:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2017-07-15 11:42 - 2013-09-14 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-07-15 11:42 - 2008-07-09 16:12 - 00000000 ____D C:\Program Files\Java 2017-07-12 11:16 - 2012-01-26 20:37 - 00000000 ____D C:\ProgramData\AVAST Software 2017-07-12 11:15 - 2015-05-02 15:20 - 00001800 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-07-12 11:15 - 2013-03-20 10:21 - 00296312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2017-07-12 10:55 - 2016-08-19 23:39 - 00000000 _____ C:\Windows\system32\last.dump 2017-07-10 20:08 - 2016-07-12 09:12 - 00202688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys 2017-07-10 20:08 - 2014-05-10 19:52 - 00042824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-07-10 20:08 - 2013-03-20 10:21 - 00070840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-07-10 20:08 - 2009-03-26 19:14 - 00496976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-07-10 20:08 - 2009-03-26 19:14 - 00070088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys 2017-07-10 20:07 - 2017-03-18 18:44 - 00276704 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys 2017-07-10 20:07 - 2017-03-18 18:44 - 00266976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys 2017-07-10 20:07 - 2017-03-18 18:44 - 00157384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys 2017-07-10 20:07 - 2017-03-18 18:44 - 00050352 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys 2017-07-10 20:07 - 2011-06-19 08:56 - 00774288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-07-10 19:41 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc 2017-07-10 19:40 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool 2017-07-10 19:40 - 2006-11-02 12:22 - 68943872 _____ C:\Windows\system32\config\software_previous 2017-07-10 19:40 - 2006-11-02 12:22 - 46661632 _____ C:\Windows\system32\config\components_previous 2017-07-10 19:40 - 2006-11-02 12:22 - 37224448 _____ C:\Windows\system32\config\system_previous 2017-07-10 19:40 - 2006-11-02 12:22 - 01572864 _____ C:\Windows\system32\config\default_previous 2017-07-10 19:40 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous 2017-07-10 19:40 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous 2017-07-10 19:39 - 2015-05-02 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2017-07-10 19:39 - 2010-05-24 10:23 - 00000000 ____D C:\ProgramData\DivX 2017-07-10 19:39 - 2009-12-29 11:31 - 00000000 ____D C:\ProgramData\CanonIJ 2017-07-10 19:39 - 2009-08-22 16:37 - 00000000 ____D C:\ProgramData\Real 2017-07-10 19:39 - 2009-06-22 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX 2017-07-10 19:39 - 2009-06-22 13:58 - 00000000 ____D C:\Program Files\DivX 2017-07-10 19:39 - 2009-06-22 13:58 - 00000000 ____D C:\Program Files\Common Files\DivX Shared 2017-07-10 19:39 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration 2017-07-08 11:13 - 2009-05-23 14:31 - 00000000 ____D C:\Users\Patrick\Documents\PDF's 2017-07-03 12:14 - 2016-05-07 11:01 - 00000000 ____D C:\Users\Patrick\Documents\ZOEKERTJES KAPAZA 2017-07-03 10:29 - 2009-10-22 17:20 - 00048640 _____ C:\Users\Patrick\Documents\VERBRUIK.xls 2017-07-01 00:40 - 2009-05-23 14:30 - 00034816 _____ C:\Users\Patrick\Documents\Wedde.xls 2017-06-30 11:00 - 2011-04-09 18:01 - 00000000 ____D C:\Users\Patrick\Documents\ZOEKERTJES 2017-06-28 16:07 - 2009-06-22 13:59 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\DivX 2017-06-26 11:23 - 2017-01-21 13:35 - 00000000 ____D C:\Users\Patrick\Documents\ST DENIJS 2017 ==================== Bestanden in de root van sommige mappen ======= 2009-04-03 07:21 - 2011-07-06 15:44 - 0242605 _____ () C:\Users\Patrick\AppData\Roaming\mdbu.bin 2013-11-07 20:26 - 2013-11-07 20:26 - 0000400 _____ () C:\Users\Patrick\AppData\Roaming\PHOTOWEBSERVICE_state.xml 2009-03-07 13:12 - 2012-10-18 09:46 - 0002032 _____ () C:\Users\Patrick\AppData\Local\d3d9caps.dat 2009-03-10 13:48 - 2017-07-22 16:07 - 0216064 _____ () C:\Users\Patrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-06-10 11:28 - 2015-06-10 11:28 - 0000000 _____ () C:\Users\Patrick\AppData\Local\{B3D982C3-1752-426F-9CA3-F7F7B6B5F0BA} ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\explorer.exe => Bestand is getekend C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-07-24 11:25 ==================== Eind van FRST.txt ============================