Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20.06.2018 Gestart door Jürgen (Beheerder) op HOME (20-06-2018 21:59:50) Gestart vanaf C:\Users\Jürgen\Downloads\!TE DOEN Geladen Profielen: Jürgen (Beschikbare Profielen: Jürgen) Platform: Windows 8.1 (Update) (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-07] (Hewlett-Packard ) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-07] (IDT, Inc.) HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-02-07] (Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-02-07] (Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-02-07] (Hewlett-Packard) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-05-15] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-01-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation) HKU\S-1-5-21-3877121255-3291077568-540399961-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-3877121255-3291077568-540399961-1001\...\MountPoints2: {07d89225-3302-11e6-8287-0009dd508852} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3877121255-3291077568-540399961-1001\...\MountPoints2: {1b12f78b-e82e-11e5-8273-0009dd508852} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3877121255-3291077568-540399961-1001\...\MountPoints2: {a07a129f-3fbf-11e6-828b-a0d3c14bd06c} - "H:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3877121255-3291077568-540399961-1001\...\MountPoints2: {a07a12b3-3fbf-11e6-828b-a0d3c14bd06c} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3877121255-3291077568-540399961-1001\...\MountPoints2: {c3fe2946-e0b4-11e7-82d8-0009dd508852} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3877121255-3291077568-540399961-1001\...\MountPoints2: {d6f05520-517e-11e6-8292-0009dd508852} - "F:\HiSuiteDownLoader.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-01-06] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.3 195.130.130.3 Tcpip\..\Interfaces\{E8CF4243-730E-4D1F-ABD8-4C1D53B9D0AB}: [DhcpNameServer] 195.130.131.3 195.130.130.3 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/15 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/15 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/15 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/15 HKU\S-1-5-21-3877121255-3291077568-540399961-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.be/ HKU\S-1-5-21-3877121255-3291077568-540399961-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/15 SearchScopes: HKU\S-1-5-21-3877121255-3291077568-540399961-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3877121255-3291077568-540399961-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3877121255-3291077568-540399961-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D051818-A915F698E57&form=CONBDF&conlogo=CT3335818&q={searchTerms} BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-18] (Oracle Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-01-16] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-18] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) FireFox: ======== FF DefaultProfile: nycpcdgw.default FF ProfilePath: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\nycpcdgw.default [2018-06-20] FF Homepage: Mozilla\Firefox\Profiles\nycpcdgw.default -> about:home FF NewTab: Mozilla\Firefox\Profiles\nycpcdgw.default -> hxxp://www.bing.com/?pc=COSP&ptag=D051818-A915F698E57&form=CONMHP&conlogo=CT3335818 FF Extension: (LavaFox V2) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\nycpcdgw.default\Extensions\info@djzig.com [2017-09-30] [Verouderd] FF Extension: (uBlock Origin) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\nycpcdgw.default\Extensions\uBlock0@raymondhill.net.xpi [2018-06-15] FF Extension: (Bulk Media Downloader) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\nycpcdgw.default\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2018-03-27] FF Extension: (Adblock Plus) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\nycpcdgw.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-16] FF Extension: (DownThemAll!) - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\nycpcdgw.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-30] [Verouderd] FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\nycpcdgw.default\searchplugins\bing-lavasoft-ff59.xml [2018-05-18] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-11-07] [Verouderd] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2016-11-18] [Verouderd] FF HKU\S-1-5-21-3877121255-3291077568-540399961-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-07] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-07] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [318328 2018-05-15] (AVG Technologies CZ, s.r.o.) R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [430032 2018-05-15] (AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-15] (AVG Technologies CZ, s.r.o.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-05-24] (Digital Wave Ltd.) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Bestand niet getekend] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Bestand niet getekend] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.) R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [Bestand niet getekend] R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Bestand niet getekend] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-12] (Intel Corporation) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Bestand niet getekend] R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-02-07] (Softex Inc.) [Bestand niet getekend] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Bestand niet getekend] S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-07] (IDT, Inc.) [Bestand niet getekend] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S0 amdkmafd; C:\windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices) R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [189032 2018-05-15] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdrivera.sys [220600 2018-05-15] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\windows\System32\drivers\avgbidsha.sys [192536 2018-05-15] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\windows\System32\drivers\avgbloga.sys [336848 2018-05-15] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\windows\System32\drivers\avgbuniva.sys [50776 2018-05-15] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\windows\System32\drivers\avgHwid.sys [39352 2018-05-15] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [151504 2018-05-15] (AVG Technologies CZ, s.r.o.) R1 avgNetSec; C:\windows\System32\drivers\avgNetSec.sys [632640 2018-05-15] (AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [103744 2018-05-15] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [78352 2018-05-15] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [1020112 2018-05-15] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\windows\System32\drivers\avgSP.sys [452904 2018-05-15] (AVG Technologies CZ, s.r.o.) R2 avgStm; C:\windows\System32\drivers\avgStm.sys [198368 2018-05-15] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [373944 2018-05-15] (AVG Technologies CZ, s.r.o.) R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 DFX11_1; C:\windows\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Windows (R) Win 7 DDK provider) S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) S3 dot4; C:\windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider) S3 Dot4Print; C:\windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.) R3 MEIx64; C:\windows\System32\drivers\TeeDriverx64.sys [99288 2013-08-12] (Intel Corporation) S3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation ) S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-06-20 21:59 - 2018-06-20 21:59 - 000000000 ____D C:\FRST 2018-06-13 10:34 - 2018-05-25 07:10 - 025742848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2018-06-13 10:34 - 2018-05-25 06:44 - 000578048 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2018-06-13 10:34 - 2018-05-25 06:38 - 005779968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2018-06-13 10:34 - 2018-05-25 06:34 - 020286976 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2018-06-13 10:34 - 2018-05-25 06:32 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2018-06-13 10:34 - 2018-05-25 06:16 - 000499712 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2018-06-13 10:34 - 2018-05-25 06:06 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2018-06-13 10:34 - 2018-05-25 06:03 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll 2018-06-13 10:34 - 2018-05-25 05:56 - 000381440 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2018-06-13 10:34 - 2018-05-25 05:55 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2018-06-13 10:34 - 2018-05-25 05:55 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2018-06-13 10:34 - 2018-05-25 05:53 - 015283200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2018-06-13 10:34 - 2018-05-25 05:53 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2018-06-13 10:34 - 2018-05-25 05:44 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll 2018-06-13 10:34 - 2018-05-25 05:42 - 004496896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2018-06-13 10:34 - 2018-05-25 05:39 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2018-06-13 10:34 - 2018-05-25 05:39 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2018-06-13 10:34 - 2018-05-25 05:38 - 013679616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2018-06-13 10:34 - 2018-05-25 05:38 - 002060288 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2018-06-13 10:34 - 2018-05-25 05:38 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2018-06-13 10:34 - 2018-05-25 05:29 - 001546240 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2018-06-13 10:34 - 2018-05-25 05:19 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2018-06-13 10:34 - 2018-05-25 05:17 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2018-06-13 10:34 - 2018-05-25 05:15 - 001314304 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2018-06-13 10:34 - 2018-05-25 05:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2018-06-13 10:34 - 2018-05-23 07:56 - 007406944 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2018-06-13 10:34 - 2018-05-23 07:45 - 000027480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\uefi.sys 2018-06-13 10:34 - 2018-05-23 07:39 - 001676064 _____ (Microsoft Corporation) C:\windows\system32\winload.efi 2018-06-13 10:34 - 2018-05-23 06:13 - 000251392 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll 2018-06-13 10:34 - 2018-05-15 07:47 - 002334624 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll 2018-06-13 10:34 - 2018-05-15 07:47 - 000244304 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll 2018-06-13 10:34 - 2018-05-15 07:33 - 001308352 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2018-06-13 10:34 - 2018-05-15 06:57 - 002324752 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll 2018-06-13 10:34 - 2018-05-15 06:17 - 000032640 ____C (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys 2018-06-13 10:34 - 2018-05-15 06:04 - 000240128 _____ (Microsoft Corporation) C:\windows\system32\vdsbas.dll 2018-06-13 10:34 - 2018-05-15 05:05 - 000517120 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe 2018-06-13 10:34 - 2018-05-15 04:57 - 000672768 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll 2018-06-13 10:34 - 2018-05-15 04:51 - 000561152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll 2018-06-13 10:34 - 2018-05-12 23:11 - 000532664 _____ (Microsoft Corporation) C:\windows\system32\ci.dll 2018-06-13 10:34 - 2018-05-12 23:06 - 000567152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2018-06-13 10:34 - 2018-05-12 22:51 - 002014040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys 2018-06-13 10:34 - 2018-05-12 22:51 - 000923480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys 2018-06-13 10:34 - 2018-05-12 21:08 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2018-06-13 10:34 - 2018-05-11 05:04 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2018-06-13 10:34 - 2018-05-05 21:05 - 001543800 _____ (Microsoft Corporation) C:\windows\system32\webservices.dll 2018-06-13 10:34 - 2018-05-05 20:15 - 001178136 _____ (Microsoft Corporation) C:\windows\SysWOW64\webservices.dll 2018-06-13 10:34 - 2018-05-05 18:38 - 000358912 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll 2018-06-13 10:34 - 2018-05-05 18:23 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll 2018-06-13 10:34 - 2018-04-07 18:48 - 000685568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys 2018-06-13 10:34 - 2018-04-07 18:47 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys 2018-06-13 10:34 - 2018-04-07 18:43 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll 2018-06-13 10:34 - 2018-04-07 18:09 - 000170496 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll 2018-06-13 10:34 - 2018-04-07 17:34 - 002255360 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll 2018-06-13 10:34 - 2018-04-07 17:15 - 001942016 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll 2018-06-13 10:34 - 2018-04-05 19:47 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netvsc63.sys 2018-06-13 10:34 - 2018-04-05 19:38 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\NetVscCoinstall.dll 2018-06-13 10:34 - 2018-03-29 03:33 - 000070656 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll 2018-06-13 10:34 - 2018-03-29 03:21 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\wsmplpxy.dll 2018-06-13 10:34 - 2018-03-29 03:06 - 002608640 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll 2018-06-13 10:34 - 2018-03-29 03:05 - 000285184 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll 2018-06-13 10:34 - 2018-03-29 02:26 - 002170880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll 2018-06-13 10:34 - 2018-03-29 02:24 - 000236032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll 2018-06-04 11:35 - 2018-06-04 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-06-20 21:59 - 2015-11-05 21:06 - 000000000 ____D C:\Users\Jürgen\Downloads\!TE DOEN 2018-06-20 21:55 - 2016-11-18 14:56 - 000000000 ____D C:\Users\Jürgen\AppData\LocalLow\Mozilla 2018-06-20 20:01 - 2016-09-03 10:56 - 000000000 ____D C:\Users\Jürgen\AppData\Roaming\Mp3tag 2018-06-20 20:00 - 2016-08-24 22:12 - 000000000 ____D C:\Users\Jürgen\Downloads\Verplaatsen Naar Seagate 2018-06-20 19:24 - 2015-11-08 20:22 - 000000000 ____D C:\Users\Jürgen\AppData\Roaming\vlc 2018-06-20 17:41 - 2015-11-05 19:44 - 000003946 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{20AF13F1-8008-467A-BB3B-CCF4D257BF9F} 2018-06-20 15:53 - 2015-11-07 10:15 - 000000000 ____D C:\Users\Jürgen\Downloads\OK 2018-06-20 13:37 - 2015-11-05 21:12 - 000000000 ____D C:\Users\Jürgen\AppData\Roaming\uTorrent 2018-06-20 11:36 - 2014-11-08 02:51 - 000789220 _____ C:\windows\system32\perfh013.dat 2018-06-20 11:36 - 2014-11-08 02:51 - 000176358 _____ C:\windows\system32\perfc013.dat 2018-06-20 11:36 - 2014-03-18 17:32 - 001827360 _____ C:\windows\system32\PerfStringBackup.INI 2018-06-20 11:36 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf 2018-06-20 11:32 - 2015-11-05 19:31 - 000000000 ___DO C:\Users\Jürgen\OneDrive 2018-06-19 11:38 - 2018-01-10 20:47 - 000003162 _____ C:\windows\System32\Tasks\HPCeeScheduleForJürgen 2018-06-19 11:38 - 2017-03-11 14:12 - 000000346 _____ C:\windows\Tasks\HPCeeScheduleForJürgen.job 2018-06-17 18:45 - 2015-11-05 23:29 - 129142784 ___SH C:\Users\Jürgen\Downloads\Thumbs.db 2018-06-14 15:07 - 2017-12-15 22:37 - 000000000 ____D C:\Users\Jürgen\Documents\J 2018-06-14 13:30 - 2015-11-05 20:59 - 000000000 ____D C:\Users\Jürgen\AppData\Local\Avg 2018-06-14 12:54 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache 2018-06-14 12:41 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT 2018-06-14 12:40 - 2016-11-18 14:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-06-14 12:40 - 2016-09-14 11:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-06-13 23:18 - 2013-08-22 15:25 - 000786432 ___SH C:\windows\system32\config\BBI 2018-06-13 10:57 - 2015-11-05 20:20 - 000000000 ____D C:\windows\system32\MRT 2018-06-13 10:55 - 2017-10-11 18:38 - 133315992 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe 2018-06-13 10:54 - 2015-11-05 20:20 - 133315992 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2018-06-13 10:54 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp 2018-06-08 16:53 - 2017-12-15 22:38 - 000000000 ____D C:\Users\Jürgen\Documents\N 2018-06-08 13:00 - 2017-06-08 15:44 - 000000000 ____D C:\Users\Jürgen\Documents\Verzekeringen VOERTUIGEN 2018-06-07 19:54 - 2018-03-14 11:50 - 000004566 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-06-07 19:54 - 2016-10-17 18:44 - 000004398 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2018-06-07 19:54 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed 2018-06-07 19:54 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed 2018-06-07 19:01 - 2015-11-05 19:34 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3877121255-3291077568-540399961-1001 2018-06-07 18:50 - 2016-09-15 20:01 - 000001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-06-05 21:19 - 2018-03-15 12:17 - 000835056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2018-06-05 21:19 - 2018-03-15 12:17 - 000179704 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-06-05 16:02 - 2016-04-20 22:40 - 000000000 ____D C:\Users\Jürgen\AppData\LocalLow\Adblock Plus for IE 2018-06-05 14:57 - 2015-11-05 21:00 - 000000000 ____D C:\ProgramData\Avg 2018-06-05 14:57 - 2015-11-05 21:00 - 000000000 ____D C:\Program Files (x86)\AVG 2018-06-04 11:35 - 2015-11-05 22:50 - 000000000 ____D C:\Program Files (x86)\Mp3tag 2018-05-29 22:09 - 2015-11-10 00:05 - 000000000 ____D C:\Users\Jürgen\AppData\Roaming\DVDVideoSoft 2018-05-29 15:06 - 2013-08-22 17:36 - 000000000 ____D C:\windows\LiveKernelReports 2018-05-28 11:50 - 2018-05-17 10:59 - 000000000 ____D C:\Users\Jürgen\AppData\Roaming\dvdcss ==================== Bestanden in de root van sommige mappen ======= 2015-12-14 21:53 - 2016-11-27 15:52 - 000007602 _____ () C:\Users\Jürgen\AppData\Local\resmon.resmoncfg Sommige bestanden in TEMP: ==================== 2017-07-19 13:13 - 2017-07-19 13:13 - 000739904 _____ (Oracle Corporation) C:\Users\Jürgen\AppData\Local\Temp\jre-8u141-windows-au.exe 2017-10-31 17:25 - 2017-10-31 17:25 - 001856576 _____ (Oracle Corporation) C:\Users\Jürgen\AppData\Local\Temp\jre-8u151-windows-au.exe 2018-01-23 17:32 - 2018-01-23 17:32 - 001864256 _____ (Oracle Corporation) C:\Users\Jürgen\AppData\Local\Temp\jre-8u161-windows-au.exe 2018-04-18 10:33 - 2018-04-18 10:33 - 001884616 _____ (Oracle Corporation) C:\Users\Jürgen\AppData\Local\Temp\jre-8u171-windows-au.exe 2017-11-18 00:51 - 2017-10-17 15:01 - 000927784 _____ () C:\Users\Jürgen\AppData\Local\Temp\TAInstaller.exe 2017-06-21 15:59 - 2017-06-21 16:00 - 030950664 _____ () C:\Users\Jürgen\AppData\Local\Temp\vlc-2.2.6-win32.exe 2018-06-04 12:16 - 2018-06-04 12:17 - 040184976 _____ () C:\Users\Jürgen\AppData\Local\Temp\vlc-3.0.3-win32.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\windows\system32\winlogon.exe => Bestand is getekend C:\windows\system32\wininit.exe => Bestand is getekend C:\windows\explorer.exe => Bestand is getekend C:\windows\SysWOW64\explorer.exe => Bestand is getekend C:\windows\system32\svchost.exe => Bestand is getekend C:\windows\SysWOW64\svchost.exe => Bestand is getekend C:\windows\system32\services.exe => Bestand is getekend C:\windows\system32\User32.dll => Bestand is getekend C:\windows\SysWOW64\User32.dll => Bestand is getekend C:\windows\system32\userinit.exe => Bestand is getekend C:\windows\SysWOW64\userinit.exe => Bestand is getekend C:\windows\system32\rpcss.dll => Bestand is getekend C:\windows\system32\dnsapi.dll => Bestand is getekend C:\windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-06-16 12:54 ==================== Eind van FRST.txt ============================