Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 12.05.2018 Gestart door HP-Pavilion (Beheerder) op HP-A8 (13-05-2018 13:08:44) Gestart vanaf C:\Users\HP-Pavilion\Downloads Geladen Profielen: HP-Pavilion (Beschikbare Profielen: HP-Pavilion) Platform: Windows 10 Home Versie 1709 16299.371 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (AMD) C:\Windows\System32\atiesrxx.exe (HP) C:\Windows\System32\HP3DDGService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (F-Secure Corporation) C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe () C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (F-Secure Corporation) C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe (Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (F-Secure Corporation) C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\ulcore\1525688755\fsorsp64.exe (F-Secure Corporation) C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\ulcore\1525688755\fshoster64.exe (AMD) C:\Windows\System32\atieclxx.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (F-Secure Corporation) C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Wisdom Software Inc. ) C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Nikolay.IT) C:\Users\HP-Pavilion\Desktop\RatioMaster.exe (Nikolay.IT) C:\Users\HP-Pavilion\Desktop\RatioMaster.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2016-01-09] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated) HKU\S-1-5-21-2422316045-3990431493-1933239108-1002\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG) HKU\S-1-5-21-2422316045-3990431493-1933239108-1002\...\Run: [Google Update] => C:\Users\HP-Pavilion\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-15] (Google Inc.) HKU\S-1-5-21-2422316045-3990431493-1933239108-1002\...\MountPoints2: {176a2e32-ea37-11e7-8411-90489a1006c0} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2422316045-3990431493-1933239108-1002\...\MountPoints2: {b4fcbbbe-e801-11e7-8410-90489a1006c0} - "F:\Setup.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-08-14] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\HP-Pavilion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 6.0 Free.lnk [2016-06-07] ShortcutTarget: ScreenHunter 6.0 Free.lnk -> C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe (Wisdom Software Inc. ) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{010abadf-a9f7-46ba-9c9f-674ad74f8051}: [DhcpNameServer] 10.2.0.1 Tcpip\..\Interfaces\{202f19aa-67e8-4317-a6e4-b15f8e19acaa}: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{8c8c6c26-e221-44e1-a0e8-1cc12273bdac}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2422316045-3990431493-1933239108-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/2 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/2 HKU\S-1-5-21-2422316045-3990431493-1933239108-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/2 SearchScopes: HKLM -> {BF2A8AF0-B42C-4F2C-81E3-F87FDB762FCD} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\nif\1520854327\browser\install\fs_ie_https\fs_ie_https64.dll [2018-03-12] (F-Secure Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.) BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\nif\1520854327\browser\install\fs_ie_https\fs_ie_https.dll [2018-03-12] (F-Secure Corporation) BHO-x32: Geen Naam -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> Geen bestand BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-31] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-31] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) Toolbar: HKU\S-1-5-21-2422316045-3990431493-1933239108-1002 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand FireFox: ======== FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\nif\1520854327\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\nif\1520854327\browser\install\fs_firefox_https\fs_firefox_https.xpi [2018-03-12] FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\nif\1520854327\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-31] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems) FF Plugin HKU\S-1-5-21-2422316045-3990431493-1933239108-1002: @tools.google.com/Google Update;version=3 -> C:\Users\HP-Pavilion\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2422316045-3990431493-1933239108-1002: @tools.google.com/Google Update;version=9 -> C:\Users\HP-Pavilion\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://www.google.be/" CHR DefaultSearchKeyword: Default -> safe CHR Profile: C:\Users\HP-Pavilion\AppData\Local\Google\Chrome\User Data\Default [2018-05-13] CHR Extension: (Video Converter) - C:\Users\HP-Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2017-04-07] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\HP-Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05] CHR Extension: (Chrome Media Router) - C:\Users\HP-Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-02] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-03-15] () [Bestand niet getekend] R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-03-15] (Advanced Micro Devices, Inc.) [Bestand niet getekend] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [Bestand niet getekend] R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-11] (Digital Wave Ltd.) [Bestand niet getekend] R2 fshoster; C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe [184800 2017-08-23] (F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\Telenet Security Pack\fshoster32.exe [184800 2017-08-23] (F-Secure Corporation) R2 fsulhoster; C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\ulcore\1525688755\fshoster64.exe [572896 2018-05-07] (F-Secure Corporation) R2 fsulorsp; C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\ulcore\1525688755\fsorsp64.exe [78304 2018-05-07] (F-Secure Corporation) R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.) R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.) S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2014-08-08] () [Bestand niet getekend] R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-02-18] (Nero AG) S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [103424 2015-01-30] (Softex Inc.) [Bestand niet getekend] S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (The OpenVPN Project) R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Bestand niet getekend] S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2016-01-09] (Realtek Semiconductor) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [53760 2017-12-18] (HP) S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [77832 2016-11-28] (Advanced Card Systems Ltd.) R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.) S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. ) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.) R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices, Inc. ) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\ulcore\1525688755\fsulgk.sys [239952 2018-05-07] (F-Secure Corporation) R1 F-Secure UL HIPS; C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\ulcore\1525688755\fshs.sys [102216 2018-05-07] (F-Secure Corporation) R0 fsbts; C:\WINDOWS\System32\drivers\fsbts.sys [73928 2017-11-09] () R3 fsni; C:\Program Files (x86)\Telenet Security Pack\apps\Ultralight\nif\1520854327\fsni64.sys [117576 2018-03-12] (F-Secure Corporation) R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [39936 2017-12-18] (HP) R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-12-19] (Realtek ) R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6804480 2017-05-03] (Realtek Semiconductor Corporation ) R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated) S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [31472 2014-03-13] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [30392 2017-04-25] (HP) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-05-13 13:08 - 2018-05-13 13:11 - 000022336 _____ C:\Users\HP-Pavilion\Downloads\FRST.txt 2018-05-13 11:58 - 2018-05-13 11:58 - 000019324 _____ C:\Users\HP-Pavilion\Downloads\[TR24][OF] Ry Cooder - The Prodigal Son - 2018 (Roots Rock, Blues, Folk, Americana) [rutracker-5560466].torrent 2018-05-13 11:36 - 2018-05-13 11:36 - 004423968 _____ (Microsoft Corporation) C:\Users\HP-Pavilion\Downloads\wordconv2007-kb4018354-fullfile-x86-glb.exe 2018-05-13 11:34 - 2018-05-13 13:08 - 000000000 ____D C:\FRST 2018-05-13 11:24 - 2018-05-13 11:25 - 000087746 _____ C:\Users\HP-Pavilion\Downloads\Van Morrison & Joey DeFrancesco 2017-10-24 San Francisco Jazz Center (AXSTV-HD).torrent 2018-05-13 10:56 - 2018-05-13 10:57 - 002404864 _____ (Farbar) C:\Users\HP-Pavilion\Downloads\FRST64.exe 2018-05-13 10:51 - 2018-05-13 10:51 - 003977944 _____ (PortableApps.com) C:\Users\HP-Pavilion\Downloads\CrystalDiskInfoPortable_6.7.5.paf.exe 2018-05-13 10:51 - 2018-05-13 10:51 - 000000000 ____D C:\Users\HP-Pavilion\Downloads\CrystalDiskInfoPortable ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-05-13 13:05 - 2017-12-12 18:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-05-13 13:00 - 2017-12-12 19:09 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CC1DC21D-57F3-4D7A-9896-3DBBEC03B453} 2018-05-13 12:19 - 2014-08-03 09:24 - 000000000 ____D C:\Users\HP-Pavilion\AppData\Roaming\Azureus 2018-05-13 11:58 - 2014-08-03 09:24 - 000000000 ____D C:\Users\HP-Pavilion\Documents\Vuze Downloads 2018-05-13 11:45 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-05-11 22:22 - 2015-03-07 16:53 - 000000713 _____ C:\Users\HP-Pavilion\AppData\Roaming\Multique.ini 2018-05-11 21:03 - 2018-01-19 19:30 - 000003284 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForHP-Pavilion 2018-05-11 21:03 - 2018-01-19 19:30 - 000000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForHP-Pavilion.job 2018-05-11 12:02 - 2014-08-01 11:17 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-05-11 11:59 - 2014-07-31 17:43 - 000000000 ____D C:\Users\HP-Pavilion\AppData\Local\Adobe 2018-05-11 08:59 - 2014-08-09 14:35 - 000000000 ____D C:\Users\HP-Pavilion\AppData\Roaming\CoreFTP 2018-05-10 10:10 - 2017-10-11 14:13 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-05-10 10:10 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-05-10 10:10 - 2014-08-01 11:17 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-05-03 23:33 - 2008-06-26 21:34 - 000000000 ____D C:\Users\HP-Pavilion\Dirk 2018-05-02 20:02 - 2014-07-31 17:41 - 000002328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-05-01 19:56 - 2017-12-12 19:09 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2422316045-3990431493-1933239108-1002 2018-05-01 19:56 - 2015-12-05 16:47 - 000002412 _____ C:\Users\HP-Pavilion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-05-01 19:56 - 2014-07-31 17:53 - 000000000 ___RD C:\Users\HP-Pavilion\OneDrive 2018-04-30 12:48 - 2014-09-03 17:34 - 000000000 ____D C:\temp ==================== Bestanden in de root van sommige mappen ======= 2016-10-30 10:27 - 2016-10-30 10:27 - 000099384 _____ () C:\Users\HP-Pavilion\AppData\Roaming\inst.exe 2015-03-07 16:53 - 2015-03-07 16:53 - 000001403 _____ () C:\Users\HP-Pavilion\AppData\Roaming\MQPreset.ini 2015-03-07 16:53 - 2018-05-11 22:22 - 000000713 _____ () C:\Users\HP-Pavilion\AppData\Roaming\Multique.ini 2016-10-30 10:27 - 2016-10-30 10:27 - 000007859 _____ () C:\Users\HP-Pavilion\AppData\Roaming\pcouffin.cat 2016-10-30 10:27 - 2016-10-30 10:27 - 000001167 _____ () C:\Users\HP-Pavilion\AppData\Roaming\pcouffin.inf 2016-10-30 10:28 - 2016-10-30 10:28 - 000000034 _____ () C:\Users\HP-Pavilion\AppData\Roaming\pcouffin.log 2016-10-30 10:27 - 2016-10-30 10:27 - 000082816 _____ (VSO Software) C:\Users\HP-Pavilion\AppData\Roaming\pcouffin.sys 2016-11-13 17:37 - 2018-03-31 16:03 - 000001456 _____ () C:\Users\HP-Pavilion\AppData\Local\Adobe Opslaan voor web 13.0 Prefs 2018-02-06 08:31 - 2018-02-06 08:31 - 000004096 ____H () C:\Users\HP-Pavilion\AppData\Local\keyfile3.drm 2015-04-23 17:48 - 2015-04-23 17:48 - 000000000 _____ () C:\Users\HP-Pavilion\AppData\Local\{CBF18755-1206-48B5-BBAA-FE0C7D99D83A} Sommige bestanden in TEMP: ==================== 2018-03-30 12:33 - 2018-05-13 12:19 - 000079904 _____ () C:\Users\HP-Pavilion\AppData\Local\Temp\i4jdel0.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-04-04 14:02 ==================== Eind van FRST.txt ============================