Scanresultaten van Farbar Recovery Scan Tool (FRST) (x86) Versie: 04.09.2018 Gestart door gebruiker (Beheerder) op GEBRUIKER-PC (06-10-2018 09:49:32) Gestart vanaf C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\45FV98OO Geladen Profielen: gebruiker (Beschikbare Profielen: gebruiker) Platform: Windows 7 Professional Service Pack 1 (X86) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: IE) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe (devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe (Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (NTI Corporation) C:\Program Files\NTI\Acer Backup Manager\IScheduleSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe (Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NTI Corporation) C:\Program Files\NTI\Acer Backup Manager\BackupManagerTray.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Egis Technology Inc. ) C:\Program Files\Acer ProShield\EgisTSR.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp472-kb4054541-x86-x64-enu.exe (Microsoft Corporation) C:\6a51de0cc9991804b1c91b\Setup.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\wbem\mofcomp.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-02-01] (Intel Corporation) HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-23] (NTI Corporation) HKLM\...\Run: [EgisTecPMMUpdate] => C:\Program Files\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.) HKLM\...\Run: [EgisUpdate] => C:\Program Files\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.) HKLM\...\Run: [ProShieldTSR] => C:\Program Files\Acer ProShield\EgisTSR.exe [127536 2012-02-02] (Egis Technology Inc. ) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3780008 2015-10-30] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Run: [] => [X] HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT HKU\S-1-5-21-1657345562-4261169192-2774220942-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-1657345562-4261169192-2774220942-1000\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.) HKU\S-1-5-21-1657345562-4261169192-2774220942-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd) HKU\S-1-5-21-1657345562-4261169192-2774220942-1000\...\MountPoints2: I - I:\LaunchU3.exe -a HKU\S-1-5-21-1657345562-4261169192-2774220942-1000\...\MountPoints2: {5d10e612-b45d-11e1-9f64-00190e02beeb} - I:\LaunchU3.exe -a Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{3F2D85E1-901F-48E7-8A51-C1F591A435AE}: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{B0BA8F31-966D-41F9-A0D7-8CDA062614A6}: [DhcpNameServer] 195.130.130.2 195.130.131.2 Internet Explorer: ================== HKU\S-1-5-21-1657345562-4261169192-2774220942-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/ HKU\S-1-5-21-1657345562-4261169192-2774220942-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) URLSearchHook: HKU\S-1-5-21-1657345562-4261169192-2774220942-1000 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-1657345562-4261169192-2774220942-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0CA185FC-4A87-459A-82AA-683F6AC7C070}&mid=6920b615871b47d0ab2519d59a3786ae-704d480d9e5a9c6942ca9c311358c9c40cb92a9c&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-03-05 15:41:23&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1657345562-4261169192-2774220942-1000 -> {7DF8B7C3-5938-4C12-9DE2-4CA9CAA50A14} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 SearchScopes: HKU\S-1-5-21-1657345562-4261169192-2774220942-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0CA185FC-4A87-459A-82AA-683F6AC7C070}&mid=6920b615871b47d0ab2519d59a3786ae-704d480d9e5a9c6942ca9c311358c9c40cb92a9c&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2015-03-05 15:41:23&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-1657345562-4261169192-2774220942-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = BHO: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files\Acer ProShield\EgisPBIE.dll [2012-02-02] (Egis Technology Inc.) BHO: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll [2011-05-09] (Conduit Ltd.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2018-10-05] (Google Inc.) BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-04-30] (DVDVideoSoft Ltd.) Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll [2011-05-09] (Conduit Ltd.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2018-10-05] (Google Inc.) Toolbar: HKU\S-1-5-21-1657345562-4261169192-2774220942-1000 -> DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll [2011-05-09] (Conduit Ltd.) Toolbar: HKU\S-1-5-21-1657345562-4261169192-2774220942-1000 -> Geen Naam - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Geen bestand Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Geen bestand FireFox: ======== FF HKLM\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt FF Extension: ( Online Accounts Extension ) - C:\Program Files\Acer ProShield\FFExt [2012-04-28] [Verouderd] [niet getekend] FF HKLM\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20 FF Extension: ( Online Accounts Extension ) - C:\Program Files\Acer ProShield\FFExt20 [2012-04-28] [Verouderd] [niet getekend] FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-05] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-05] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx [2012-02-02] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-30] (AVG Technologies CZ, s.r.o.) R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [4113400 2013-02-04] (devolo AG) R2 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [180272 2012-02-02] (Egis Technology Inc. ) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [30080 2011-06-14] () R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated) R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated) R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG) R2 NTI IScheduleSvc; C:\Program Files\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-23] (NTI Corporation) R2 vToolbarUpdater40.2.8; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe [1957448 2016-03-30] (AVG Secure Search) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S2 Winmgmt; C:\PROGRA~2\5961544C.cpp [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-07-23] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [207328 2015-06-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [189872 2015-08-04] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [230832 2015-08-04] (AVG Technologies CZ, s.r.o.) S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [191824 2011-12-27] (© Guillemot R&D, 2010. All rights reserved.) R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [238248 2010-09-21] (Intel Corporation) S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [252752 2011-12-27] (© Guillemot R&D, 2010. All rights reserved.) S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [219984 2011-12-27] (© Guillemot R&D, 2011. All rights reserved.) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation) R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [21600 2012-04-28] (Egis Technology Inc.) R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16936 2012-04-28] (Egis Technology Inc.) R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62240 2012-04-28] (Egis Technology Inc.) R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2012-09-07] (CACE Technologies) [Bestand niet getekend] R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [20640 2007-05-23] (Sonic Solutions) [Bestand niet getekend] R3 vpcbus; C:\Windows\system32\drivers\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation) R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation) R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation) R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [295936 2009-12-31] (Microsoft Corporation) S1 Avgdiskx; system32\DRIVERS\avgdiskx.sys [X] S0 AVGIDSHX; system32\DRIVERS\avgidshx.sys [X] S0 Avglogx; system32\DRIVERS\avglogx.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Gemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-10-06 09:45 - 2018-10-06 09:46 - 000000000 ___DC C:\6a51de0cc9991804b1c91b 2018-10-06 08:42 - 2018-10-06 08:42 - 000000933 ____C C:\Users\Public\Desktop\CCleaner.lnk 2018-10-06 08:42 - 2018-10-06 08:42 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-10-06 08:42 - 2018-10-06 08:42 - 000000000 ___DC C:\Program Files\CCleaner 2018-10-06 08:39 - 2018-10-06 08:39 - 016796856 ____C (Piriform Ltd) C:\Users\gebruiker\Downloads\ccsetup547.exe 2018-10-05 22:04 - 2018-10-05 22:07 - 000000880 ____C C:\Users\gebruiker\Downloads\Addition.txt 2018-10-05 22:03 - 2018-10-05 22:07 - 000022276 ____C C:\Users\gebruiker\Downloads\FRST.txt 2018-10-05 22:03 - 2018-10-05 22:03 - 000000000 ___DC C:\FRST 2018-10-05 16:57 - 2018-10-05 16:57 - 000000000 ___DC C:\ProgramData\Google 2018-10-05 16:56 - 2018-10-06 08:47 - 000000000 ___DC C:\Program Files\Google 2018-10-05 16:56 - 2018-10-06 08:44 - 000000000 ___DC C:\Users\gebruiker\AppData\Local\Google 2018-10-05 16:52 - 2018-10-05 16:52 - 001142064 ____C (Microsoft Corporation) C:\Windows\ucrtbase.dll 2018-10-05 16:52 - 2018-10-05 16:52 - 000000000 ___DC C:\Program Files\Common Files\AVG ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-10-06 09:45 - 2013-08-19 23:03 - 000000000 ___DC C:\Windows\system32\MRT 2018-10-06 09:24 - 2012-04-28 17:48 - 136114104 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-10-06 09:01 - 2009-07-14 04:37 - 000000000 ___DC C:\Windows\ModemLogs 2018-10-06 09:01 - 2009-07-14 04:37 - 000000000 ___DC C:\Windows\inf 2018-10-06 09:01 - 2007-07-12 03:49 - 000000000 ___DC C:\Windows\Panther 2018-10-06 08:41 - 2012-06-12 20:11 - 000000284 ____C C:\Windows\Tasks\AppleSoftwareUpdate.job 2018-10-06 08:37 - 2015-06-18 12:54 - 000000317 ____C C:\Users\gebruiker\Desktop\(3) Facebook.url 2018-10-06 08:28 - 2009-07-14 06:34 - 000027888 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-10-06 08:28 - 2009-07-14 06:34 - 000027888 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-10-06 01:11 - 2016-10-24 17:17 - 000002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-10-06 01:05 - 2013-05-31 18:21 - 000000350 ____C C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2018-10-05 22:09 - 2016-01-12 15:35 - 000000000 ___DC C:\ProgramData\Avg 2018-10-05 22:09 - 2015-10-20 16:16 - 000000000 ___DC C:\Users\gebruiker\AppData\Local\Avg 2018-10-05 22:09 - 2012-04-28 10:07 - 000000000 ___DC C:\Program Files\AVG 2018-10-05 22:09 - 2009-07-14 06:53 - 000000006 ___HC C:\Windows\Tasks\SA.DAT 2018-10-05 18:19 - 2015-03-05 16:41 - 000000000 ___DC C:\Program Files\Common Files\AVG Secure Search 2018-10-05 17:42 - 2012-04-28 09:26 - 000000000 ___DC C:\Users\gebruiker 2018-10-05 10:54 - 2009-07-14 06:53 - 000032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-10-04 10:06 - 2018-04-17 20:27 - 020769792 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2018-10-04 10:06 - 2012-05-15 01:48 - 000842240 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2018-10-04 10:06 - 2011-07-25 14:30 - 000175104 ____C (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2018-10-04 10:06 - 2011-07-25 14:30 - 000000000 ___DC C:\Windows\system32\Macromed ==================== Bestanden in de root van sommige mappen ======= 2017-01-10 01:05 - 2017-01-10 01:05 - 000000416 ____C () C:\Users\gebruiker\AppData\Roaming\.backup.dm ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\explorer.exe => Bestand is getekend C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-10-31 19:07 ==================== Eind van FRST.txt ============================