Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 16-09-2017 Gestart door Gebruiker (Beheerder) op GEBRUIKER-PC (16-09-2017 21:20:22) Gestart vanaf C:\Users\Gebruiker\Desktop Geladen Profielen: Gebruiker (Beschikbare Profielen: Gebruiker) Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (CyberLink Corp.) C:\Program Files (x86)\Hp\QuickPlay\QPService.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-15] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-22] (IDT, Inc.) HKLM-x32\...\Run: [QPService] => C:\Program Files (x86)\HP\QuickPlay\QPService.exe [468264 2009-08-05] (CyberLink Corp.) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.) HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\Easybits For Kids\ezRecover.exe [156720 2017-04-06] (Easybits) HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2015-11-22] (Easybits) HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard) HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation) HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-05-06] (Google Inc.) HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\\Phone\Skype.exe [26192168 2010-05-13] (Skype Technologies S.A.) HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Policies\system: [WallpaperStyle] 2 HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-18\...\Policies\system: [WallpaperStyle] 2** ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-02] (EasyBits Software Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010-06-29] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.4 Tcpip\..\Interfaces\{10231506-B313-4B8E-9DB9-1A03BA7CD5EB}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{BC057B17-6808-434D-9CE5-A5F68F9A4FBB}: [DhcpNameServer] 195.130.131.4 195.130.130.4 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3706400944-551749234-3625771537-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_BE&c=94&bd=Presario&pf=cnnb HKU\S-1-5-21-3706400944-551749234-3625771537-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie URLSearchHook: HKU\S-1-5-21-3706400944-551749234-3625771537-1000 - (Geen Naam) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - Geen bestand SearchScopes: HKLM -> {56DD55F4-8EDB-4FA9-B0AF-EBA5BE84D7BC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 SearchScopes: HKLM -> {613DEF1C-4E7E-4269-85EE-D2759BB7431B} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1547&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-be SearchScopes: HKLM -> {EC7D6491-42D1-4B7B-BF6E-03A6570A02CE} URL = hxxp://nb.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913938 SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt SearchScopes: HKLM-x32 -> {56DD55F4-8EDB-4FA9-B0AF-EBA5BE84D7BC} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 SearchScopes: HKLM-x32 -> {613DEF1C-4E7E-4269-85EE-D2759BB7431B} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1547&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-be SearchScopes: HKLM-x32 -> {EC7D6491-42D1-4B7B-BF6E-03A6570A02CE} URL = hxxp://nb.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913938 SearchScopes: HKU\S-1-5-21-3706400944-551749234-3625771537-1000 -> DefaultScope {613DEF1C-4E7E-4269-85EE-D2759BB7431B} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1547&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-be SearchScopes: HKU\S-1-5-21-3706400944-551749234-3625771537-1000 -> {56DD55F4-8EDB-4FA9-B0AF-EBA5BE84D7BC} URL = SearchScopes: HKU\S-1-5-21-3706400944-551749234-3625771537-1000 -> {613DEF1C-4E7E-4269-85EE-D2759BB7431B} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1547&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-be SearchScopes: HKU\S-1-5-21-3706400944-551749234-3625771537-1000 -> {EC7D6491-42D1-4B7B-BF6E-03A6570A02CE} URL = BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.) BHO: Geen Naam -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Geen bestand BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll [2011-07-13] (Symantec Corporation) BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL [2010-05-14] (Symantec Corporation) BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation) BHO-x32: Aanmeldhulp voor Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-12] (Sun Microsystems, Inc.) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll [2011-07-13] (Symantec Corporation) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.) Toolbar: HKU\S-1-5-21-3706400944-551749234-3625771537-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.) Toolbar: HKU\S-1-5-21-3706400944-551749234-3625771537-1000 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand Toolbar: HKU\S-1-5-21-3706400944-551749234-3625771537-1000 -> Geen Naam - {95324E44-4B0A-47A9-8F77-9C6415E51C29} - Geen bestand FireFox: ======== FF DefaultProfile: p3itguix.default FF ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\p3itguix.default [2017-09-16] FF Homepage: Mozilla\Firefox\Profiles\p3itguix.default -> hxxps://www.google.be FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn FF Extension: (Norton IPS) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn [2011-07-20] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2017-09-16] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-29] [ niet getekend] FF HKU\S-1-5-21-3706400944-551749234-3625771537-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Geen bestand] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.google.com CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR NewTab: Default -> Not-active:"chrome-extension://pbomnbnapmjffaeeihoanmijifjokegi/stubby.html" CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default [2017-09-16] CHR Extension: (Z-PRICE) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgmhnnmfhpbpckeegpggnhmkgfjnpoo [2017-09-12] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24] CHR Extension: (EasyDocMerge) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbomnbnapmjffaeeihoanmijifjokegi [2017-09-16] CHR Extension: (Chrome Media Router) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-04] CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-16] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Bestand niet getekend] R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [Bestand niet getekend] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Bestand niet getekend] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Bestand niet getekend] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [Bestand niet getekend] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Bestand niet getekend] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Bestand niet getekend] R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [126400 2011-08-04] (Symantec Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4359360 2017-06-02] (Symantec Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Bestand niet getekend] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] () R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe [240128 2009-07-22] (IDT, Inc.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20170906.001\BHDrvx64.sys [1862816 2017-08-02] (Symantec Corporation) R1 ccHP; C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [593544 2011-08-04] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-08-23] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158336 2017-06-29] (Symantec Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20170915.001\IDSvia64.sys [1056920 2017-07-29] (Symantec Corporation) S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-16] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-16] (Malwarebytes) R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20170915.007\ENG64.SYS [138880 2017-09-16] (Symantec Corporation) R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20170915.007\EX64.SYS [2152064 2017-09-16] (Symantec Corporation) R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS [505392 2010-04-22] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS [32304 2010-04-22] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMDS64.SYS [433200 2009-08-30] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [221304 2011-08-22] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [173104 2010-06-11] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [150064 2010-04-29] (Symantec Corporation) R1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [451704 2011-08-22] (Symantec Corporation) S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-09-16 21:20 - 2017-09-16 21:21 - 000023320 _____ C:\Users\Gebruiker\Desktop\FRST.txt 2017-09-16 21:19 - 2017-09-16 21:20 - 000000000 ____D C:\FRST 2017-09-16 21:15 - 2017-09-16 21:15 - 002398720 _____ (Farbar) C:\Users\Gebruiker\Desktop\FRST64.exe 2017-09-16 20:52 - 2017-09-16 20:46 - 000000924 _____ C:\Users\Gebruiker\Desktop\Google en Facebook !!!!!.lnk 2017-09-16 20:47 - 2017-09-16 21:20 - 000000000 ____D C:\Users\Gebruiker\AppData\LocalLow\Mozilla 2017-09-16 20:47 - 2017-09-16 20:47 - 000000000 ____D C:\Users\Gebruiker\AppData\Roaming\Mozilla 2017-09-16 20:46 - 2017-09-16 20:49 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\Mozilla 2017-09-16 20:46 - 2017-09-16 20:46 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-09-16 20:46 - 2017-09-16 20:46 - 000000924 _____ C:\Users\Public\Desktop\Facebook (via Firefox).lnk 2017-09-16 20:46 - 2017-09-16 20:46 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-09-16 20:46 - 2017-09-16 20:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-09-16 20:44 - 2017-09-16 20:44 - 000245928 _____ (Mozilla) C:\Users\Gebruiker\Downloads\Firefox Installer.exe 2017-09-16 20:40 - 2017-09-16 20:40 - 011313360 _____ (Microsoft Corporation) C:\Users\Gebruiker\Downloads\windowsupdateagent-7.6-x64.exe 2017-09-16 17:06 - 2017-09-16 17:07 - 000000122 _____ C:\Users\Gebruiker\Desktop\Startpagina Google zoeken.url 2017-09-16 17:05 - 2013-03-04 11:17 - 000000179 _____ C:\Users\Gebruiker\Desktop\Startpagina My Edenred.url 2017-09-16 17:02 - 2017-09-16 17:02 - 000000051 _____ C:\Users\Gebruiker\Desktop\Facebook (via Chrome).url 2017-09-16 16:47 - 2017-09-16 16:47 - 059087056 _____ (Microsoft Corporation) C:\Users\Gebruiker\Downloads\IE11-Windows6.1-x64-nl-nl.exe 2017-09-16 16:44 - 2017-09-16 16:44 - 000000000 ____D C:\ProgramData\LightScribe 2017-09-16 16:18 - 2017-09-16 16:20 - 000000000 ____D C:\Users\Gebruiker\AppData\LocalLow\HPAppData 2017-09-16 16:14 - 2014-05-14 18:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2017-09-16 16:14 - 2014-05-14 18:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-09-16 16:14 - 2014-05-14 18:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-09-16 16:14 - 2014-05-14 18:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2017-09-16 16:14 - 2014-05-14 18:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2017-09-16 16:14 - 2014-05-14 18:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2017-09-16 16:14 - 2014-05-14 18:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2017-09-16 16:14 - 2014-05-14 18:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2017-09-16 16:14 - 2014-05-14 18:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2017-09-16 16:14 - 2014-05-14 18:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2017-09-16 16:14 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2017-09-16 16:14 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2017-09-16 16:14 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2017-09-16 16:14 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2017-09-16 16:02 - 2017-09-16 16:06 - 000000000 ____D C:\AdwCleaner 2017-09-16 16:01 - 2017-09-16 16:01 - 008182736 _____ (Malwarebytes) C:\Users\Gebruiker\Desktop\adwcleaner_7.0.2.1 (1).exe 2017-09-16 15:50 - 2017-09-16 15:50 - 000194194 _____ C:\Users\Gebruiker\Documents\cc_20170916_155004.reg 2017-09-16 13:44 - 2017-09-16 13:44 - 000002078 _____ C:\Users\Gebruiker\Documents\sleutelkopie.reg 2017-09-16 13:43 - 2017-09-16 13:43 - 000000520 _____ C:\Users\Gebruiker\Documents\kopie.reg 2017-09-16 13:11 - 2017-09-16 13:11 - 000002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-09-16 13:11 - 2017-09-16 13:11 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-09-16 13:11 - 2017-09-16 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-09-16 13:10 - 2017-09-16 13:11 - 000000000 ____D C:\Program Files\CCleaner 2017-09-16 12:56 - 2017-09-16 12:56 - 024917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 019607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 014404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 012829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 006026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 004305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 002885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-09-16 12:56 - 2017-09-16 12:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-09-16 12:56 - 2017-09-16 12:56 - 002426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 002278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 002125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-09-16 12:56 - 2017-09-16 12:56 - 002052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-09-16 12:56 - 2017-09-16 12:56 - 001950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 001309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2017-09-16 12:56 - 2017-09-16 12:56 - 000616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2017-09-16 12:56 - 2017-09-16 12:56 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-09-16 12:56 - 2017-09-16 12:56 - 000389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-09-16 12:56 - 2017-09-16 12:56 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-09-16 12:56 - 2017-09-16 12:56 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-09-16 12:56 - 2017-09-16 12:56 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2017-09-16 12:56 - 2017-09-16 12:56 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2017-09-16 12:56 - 2017-09-16 12:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-09-16 12:54 - 2017-09-16 12:54 - 000000000 ___HD C:\Windows\msdownld.tmp 2017-09-16 12:50 - 2017-09-16 12:51 - 061555088 _____ (Microsoft Corporation) C:\Users\Gebruiker\Downloads\EIE11_NL-NL_WOL_WIN764.EXE 2017-09-16 12:48 - 2017-09-16 12:48 - 000000000 ____D C:\Users\Gebruiker\Documents\Rainbow 2017-09-16 12:48 - 2017-09-16 12:48 - 000000000 ____D C:\Users\Gebruiker\AppData\Roaming\ezMagicMail 2017-09-16 12:47 - 2017-09-16 12:48 - 000000000 ____D C:\ProgramData\Easybits 2017-09-16 12:42 - 2017-09-16 12:42 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{A9FF76B9-01DC-4BD1-A280-F1B469A7F560} 2017-09-16 12:31 - 2017-09-16 12:31 - 008182736 _____ (Malwarebytes) C:\Users\Gebruiker\Downloads\adwcleaner_7.0.2.1.exe 2017-09-16 12:30 - 2017-09-16 12:31 - 009826968 _____ (Piriform Ltd) C:\Users\Gebruiker\Downloads\ccsetup534 (5).exe 2017-09-16 12:30 - 2017-09-16 12:30 - 009826968 _____ (Piriform Ltd) C:\Users\Gebruiker\Downloads\Niet bevestigd 657736.crdownload 2017-09-16 12:07 - 2017-09-16 12:07 - 000001881 _____ C:\Users\Public\Desktop\Magic Desktop.lnk 2017-09-16 12:00 - 2017-01-19 12:00 - 000505392 _____ (Easybits) C:\Windows\SysWOW64\ezSharedSvcHost.exe 2017-09-16 11:59 - 2017-09-16 11:59 - 000774192 _____ C:\Windows\SysWOW64\ezUPBHook64.dll 2017-09-16 11:59 - 2017-09-16 11:59 - 000485936 _____ C:\Windows\SysWOW64\ezUPBHook32.dll 2017-09-16 11:53 - 2017-09-16 12:49 - 000000000 ____D C:\Program Files (x86)\EasyBits For Kids 2017-09-16 11:52 - 2017-09-16 11:52 - 000013786 _____ C:\Users\Gebruiker\Documents\Magic Desktop Coupon.htm 2017-09-16 11:32 - 2017-09-16 11:32 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys 2017-09-16 11:31 - 2017-09-16 16:28 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2017-09-16 11:31 - 2017-09-16 16:28 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-09-16 11:30 - 2017-09-16 16:28 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-09-16 11:30 - 2017-09-16 11:30 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-09-16 11:30 - 2017-09-16 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-09-16 11:30 - 2017-09-16 11:30 - 000000000 ____D C:\Program Files\Malwarebytes 2017-09-16 11:30 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-09-16 11:29 - 2017-09-16 11:29 - 068408664 _____ (Malwarebytes ) C:\Users\Gebruiker\Downloads\mb3-setup-consumer-3.2.2.2029.exe 2017-09-16 11:23 - 2017-09-16 11:23 - 000001093 _____ C:\Users\Gebruiker\Desktop\explorer.lnk 2017-09-16 11:14 - 2017-09-16 11:15 - 000313366 _____ C:\Users\Gebruiker\Downloads\WindowsUpdate.diagcab 2017-09-16 11:02 - 2017-09-16 11:02 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-09-16 10:55 - 2017-09-16 10:55 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{D8A2C5B9-67C3-446F-A55E-CECC53B49E42} 2017-09-15 21:35 - 2017-09-15 21:35 - 009826968 _____ (Piriform Ltd) C:\Users\Gebruiker\Downloads\ccsetup534 (3).exe 2017-09-15 21:35 - 2017-09-15 21:35 - 009826968 _____ (Piriform Ltd) C:\Users\Gebruiker\Downloads\ccsetup534 (2).exe 2017-09-15 21:34 - 2017-09-15 21:35 - 009826968 _____ (Piriform Ltd) C:\Users\Gebruiker\Downloads\ccsetup534 (1).exe 2017-09-15 21:34 - 2017-09-15 21:34 - 009826968 _____ (Piriform Ltd) C:\Users\Gebruiker\Downloads\ccsetup534.exe 2017-09-15 19:36 - 2017-09-15 19:36 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{6B8E1DCB-6361-4CA4-AC6C-B011FD9C9F43} 2017-09-14 15:46 - 2017-09-14 15:46 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{60D93DD7-3F64-4490-AE23-10C4CC4A1244} 2017-09-13 18:34 - 2017-09-13 18:34 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{FBDA4D38-9386-4530-AE79-788F0335F44F} 2017-09-12 20:06 - 2017-09-12 20:06 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{A6AA8941-1864-4A08-8F04-A571DE02DB98} 2017-09-12 08:05 - 2017-09-12 08:05 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{C7DD6FFC-26CE-4DDD-AA8E-FAF2136B09A8} 2017-09-11 17:51 - 2017-09-11 17:51 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{A97958DF-21E1-44D8-8285-19BD00EE6593} 2017-09-10 18:04 - 2017-09-10 18:04 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{2FD2CC55-C0E7-4F7B-AA2B-168D7EED5A7C} 2017-09-09 09:26 - 2017-09-09 21:27 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{B4A14915-3DFC-412B-84EC-F08971DC0138} 2017-09-08 19:53 - 2017-09-08 19:53 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{F2B20181-56FE-427D-9C50-30244A79D3B3} 2017-09-07 11:26 - 2017-09-07 11:26 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{C285C870-0945-4CAD-B584-4F984958444F} 2017-09-05 20:21 - 2017-09-05 20:21 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{1E47E72D-8F9A-4A0C-BA81-3A42EF6F25B9} 2017-09-04 20:19 - 2017-09-04 20:19 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{25B426CE-6E13-4B91-AD1C-59042FA84F56} 2017-09-03 18:03 - 2017-09-03 18:03 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{B607F056-12B8-44AE-AF7B-F4C70CC6D195} 2017-09-01 20:17 - 2017-09-01 20:17 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{9DF01060-938F-4DA0-9A97-1486ACAF90DF} 2017-08-31 11:21 - 2017-08-31 11:21 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{669D6924-BEAB-41A7-A8B3-9CA6A5BDB6E4} 2017-08-29 18:57 - 2017-08-29 18:57 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{4D06807F-31E3-41C3-A667-1FDB50096BC7} 2017-08-28 22:38 - 2017-08-28 22:39 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{DCE2DDFA-C49E-41E1-BDE4-E5D5235511D7} 2017-08-27 17:33 - 2017-08-27 17:34 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{5525772A-3317-4AFC-924D-D2E25D5CD08D} 2017-08-26 20:13 - 2017-08-26 20:14 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{AA597B0B-8460-4086-8D15-B8D08D698276} 2017-08-25 13:09 - 2017-08-25 13:10 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{D796A918-DB95-458A-8F40-39578ADD9097} 2017-08-24 19:59 - 2017-08-24 19:59 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{BBF0443B-240E-483F-B3E9-04FA376E95C7} 2017-08-23 18:13 - 2017-08-23 18:13 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{F48A33ED-7483-438F-B160-A0D475425891} 2017-08-21 10:27 - 2017-08-21 10:28 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{53FF51AE-8B0D-420D-BD7C-283AC69E83D7} 2017-08-20 12:20 - 2017-08-20 12:20 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{A54A7D07-B497-48FF-B204-65EE0E288807} 2017-08-18 20:49 - 2017-08-18 20:49 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{F93E2551-62A3-4F0D-8AF7-B0BC09B607B2} 2017-08-18 08:48 - 2017-08-18 08:48 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{12E6A9FC-BAE8-4240-8408-8E88F879A457} 2017-08-17 18:55 - 2017-08-17 18:56 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{12B82473-B3FE-4E8F-958B-EE39C1CF2BA4} ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-09-16 21:10 - 2010-05-06 09:23 - 000000000 ____D C:\Users\Gebruiker\Tracing 2017-09-16 20:55 - 2014-04-27 18:01 - 000000346 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job 2017-09-16 20:20 - 2009-07-14 06:45 - 000023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-09-16 20:20 - 2009-07-14 06:45 - 000023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-09-16 20:15 - 2011-12-17 22:28 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-09-16 20:14 - 2010-05-05 12:06 - 000000188 _____ C:\ProgramData\HPWALog.txt 2017-09-16 20:13 - 2009-10-15 01:58 - 000004027 _____ C:\ProgramData\hpqp.ini 2017-09-16 20:12 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-09-16 16:37 - 2009-07-25 08:11 - 000000000 ____D C:\Windows\Panther 2017-09-16 15:57 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2017-09-16 15:54 - 2010-05-05 11:48 - 000117144 _____ C:\Users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT 2017-09-16 15:53 - 2009-07-14 06:45 - 000434048 _____ C:\Windows\system32\FNTCACHE.DAT 2017-09-16 15:48 - 2012-02-04 14:14 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\CrashDumps 2017-09-16 13:36 - 2009-09-02 11:07 - 000745258 _____ C:\Windows\system32\perfh013.dat 2017-09-16 13:36 - 2009-09-02 11:07 - 000153178 _____ C:\Windows\system32\perfc013.dat 2017-09-16 13:36 - 2009-07-14 07:13 - 001668596 _____ C:\Windows\system32\PerfStringBackup.INI 2017-09-16 13:30 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF 2017-09-16 13:00 - 2010-05-05 11:38 - 000000000 ____D C:\Users\Gebruiker 2017-09-16 12:58 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\PolicyDefinitions 2017-09-16 12:07 - 2009-09-02 02:47 - 000001893 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Desktop.lnk 2017-09-16 11:59 - 2009-09-02 02:46 - 000322096 _____ (Easybits Software AS) C:\Windows\SysWOW64\ezseng.exe 2017-09-16 11:59 - 2009-09-02 02:46 - 000130096 _____ (EasyBits Software Corp.) C:\Windows\SysWOW64\ezUninst.exe 2017-09-16 11:57 - 2014-01-27 21:03 - 000000000 ____D C:\Windows\Minidump 2017-09-16 11:52 - 2015-11-22 09:21 - 000000000 ____D C:\ProgramData\Easybits Magic Desktop for HP 2017-09-16 11:30 - 2014-06-03 11:58 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-09-16 11:18 - 2011-08-26 12:33 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\ElevatedDiagnostics 2017-09-13 18:43 - 2012-05-16 22:34 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-09-13 18:42 - 2012-07-11 23:08 - 000000000 ____D C:\Windows\system32\Macromed 2017-09-13 18:42 - 2012-05-16 22:34 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-09-13 18:42 - 2012-05-16 22:34 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-09-13 18:42 - 2009-09-02 01:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-09-12 08:38 - 2009-07-14 07:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-09-12 08:36 - 2013-08-02 08:27 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk ==================== Bestanden in de root van sommige mappen ======= 2010-06-16 09:03 - 2010-09-28 13:51 - 000000090 _____ () C:\Users\Gebruiker\AppData\Roaming\wklnhst.dat 2010-05-05 12:06 - 2010-05-05 12:06 - 000000000 _____ () C:\Users\Gebruiker\AppData\Local\AtStart.txt 2012-02-02 09:56 - 2012-03-08 12:38 - 000040448 _____ () C:\Users\Gebruiker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-05-05 12:06 - 2010-05-05 12:06 - 000000000 _____ () C:\Users\Gebruiker\AppData\Local\DSwitch.txt 2010-07-30 12:36 - 2010-07-30 12:36 - 000004096 ____H () C:\Users\Gebruiker\AppData\Local\keyfile3.drm 2010-05-05 12:06 - 2010-05-05 12:06 - 000000000 _____ () C:\Users\Gebruiker\AppData\Local\QSwitch.txt 2014-02-23 17:50 - 2014-02-23 17:50 - 000000057 _____ () C:\ProgramData\Ament.ini 2009-10-15 01:58 - 2017-09-16 20:13 - 000004027 _____ () C:\ProgramData\hpqp.ini 2011-06-04 11:44 - 2016-10-26 12:54 - 000000021 _____ () C:\ProgramData\hpqp.txt 2010-05-05 12:06 - 2017-09-16 20:14 - 000000188 _____ () C:\ProgramData\HPWALog.txt 2010-06-29 19:06 - 2010-09-17 11:56 - 000001613 _____ () C:\ProgramData\hpzinstall.log 2009-10-15 02:00 - 2009-10-15 02:00 - 000000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log 2009-09-02 02:35 - 2009-09-02 02:36 - 000000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2009-10-15 01:59 - 2009-10-15 01:59 - 000000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log 2009-09-02 02:30 - 2009-09-02 02:31 - 000000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2009-10-15 01:58 - 2009-10-15 01:58 - 000000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log 2009-10-15 02:00 - 2009-10-15 02:00 - 000000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log 2009-09-02 02:29 - 2009-09-02 02:29 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2009-09-02 02:31 - 2009-09-02 02:35 - 000000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2009-10-15 02:00 - 2009-10-15 02:00 - 000000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\SysWOW64\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-09-10 18:55 ==================== Eind van FRST.txt ============================