Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 09.01.2019 01 Gestart door Lugy (Beheerder) op LUGY-PC (11-01-2019 10:32:55) Gestart vanaf C:\Users\Lugy\Desktop Geladen Profielen: Lugy (Beschikbare Profielen: Lugy) Platform: Windows 8.1 Pro (Update) (X64) Taal: Dutch (Netherlands) Internet Explorer Versie 11 (Standaardbrowser: "C:\Program Files (x86)\Hotleaf\Application\chrome.exe" "%1") Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (Autodesk, Inc.) D:\INVENTOR Pro 2017\Inventor 2017\Moldflow\bin\mitsijm.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (avast technologies, LLC) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe (AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (Contour Design, Inc.) C:\Program Files (x86)\Contour Shuttle\ShuttleHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Contour Design, Inc.) C:\Program Files (x86)\Contour Shuttle\ShuttleEngine.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Software Security System) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe (Avast Technologies LLC) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\NetFilter\AvastAntiTrackPremiumFilter.exe (Sciensoft Software Security) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Updshl10.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-04-03] (Intel Corporation) HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [1088944 2016-04-14] () HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-04] (AVAST Software) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8521472 2000-01-01] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2306984 2017-04-11] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2017-10-04] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [Contour Shuttle Device Helper] => C:\Program Files (x86)\Contour Shuttle\ShuttleHelper.exe [126464 2015-09-23] (Contour Design, Inc.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2018-12-04] (Adobe Systems Inc.) HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (FileZilla Project) HKLM-x32\...\Run: [BePCSC] => C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe [130560 2007-05-03] () HKLM-x32\...\Run: [SmartMon] => C:\Program Files (x86)\EmvSmartCardReader\SmartMON.exe [234496 2006-12-18] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation) HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] C:\Windows\SysWOW64\1 [45750 2017-06-16] () HKLM\...\Policies\Explorer: [NoActiveDesktop] C:\Windows\SysWOW64\1 [45750 2017-06-16] () HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT HKU\S-1-5-21-1847470664-721107375-2597868997-1002\...\Run: [GoogleChromeAutoLaunch_A49E566B6BA451DB7A155DF45376B91F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.) HKU\S-1-5-21-1847470664-721107375-2597868997-1002\...\Run: [Dropbox Update] => C:\Users\Lugy\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) HKU\S-1-5-21-1847470664-721107375-2597868997-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5928432 2018-12-04] (Adobe Systems Incorporated) HKU\S-1-5-21-1847470664-721107375-2597868997-1002\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1613800 2018-10-01] (Digital Wave Ltd) HKU\S-1-5-21-1847470664-721107375-2597868997-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd) HKU\S-1-5-21-1847470664-721107375-2597868997-1002\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-1847470664-721107375-2597868997-1002\...\MountPoints2: {a1259445-aa57-11e5-835d-448a5ba21f52} - "G:\LaunchU3.exe" -a HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1334784 2016-04-13] (CineForm Inc.) HKLM\...\Drivers32-x32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1119744 2016-04-13] (CineForm Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{28B89EEF-0007-0000-7102-CF3F3A09B77D}] -> msiexec /fus {28B89EEF-0007-0000-7102-CF3F3A09B77D} HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe [2017-05-09] (Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\70.1.973.110\Installer\chrmstp.exe [2019-01-04] (AVAST Software) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level IFEO\Acrobat.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\acrodist.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\AutodeskDesktopApp.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\errorreport.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\expresszip.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\filezilla server interface.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\filezilla server.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\isctmodernui.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\loader.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\nvidia geforce experience.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\softwareupdate.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\super charger.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\taskmgr.exe: [Debugger] IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" IFEO\wdappmanager.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2017-12-15] ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-10-11] ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC) GroupPolicy: Restrictie - Chrome <==== AANDACHT CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) ProxyServer: [S-1-5-21-1847470664-721107375-2597868997-1002] => 127.0.0.1:8118 Tcpip\Parameters: [DhcpNameServer] 195.130.130.5 195.130.131.5 Tcpip\..\Interfaces\{2C192E3F-5139-459E-A3C1-F9FBE92893A7}: [DhcpNameServer] 195.130.130.5 195.130.131.5 Tcpip\..\Interfaces\{83F4857D-2F57-4380-817F-D745BEA7597A}: [NameServer] 77.234.40.79 Internet Explorer: ================== HKU\S-1-5-21-1847470664-721107375-2597868997-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131477182736300706&GUID=7F90E23E-26AD-42DD-AE05-E89FDC32D440 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131477182736304367&GUID=7F90E23E-26AD-42DD-AE05-E89FDC32D440 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492093150&z=bfd24eb42cc6533ddf20fddg9z2t4o0e3tac5g8z5m&from=che0812&uid=ADATAXSP900_2E2820000794&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492093150&z=bfd24eb42cc6533ddf20fddg9z2t4o0e3tac5g8z5m&from=che0812&uid=ADATAXSP900_2E2820000794 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492093150&z=bfd24eb42cc6533ddf20fddg9z2t4o0e3tac5g8z5m&from=che0812&uid=ADATAXSP900_2E2820000794 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1492093150&z=bfd24eb42cc6533ddf20fddg9z2t4o0e3tac5g8z5m&from=che0812&uid=ADATAXSP900_2E2820000794&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1847470664-721107375-2597868997-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1490263805&z=acdb7ec63383438a3c44021g7z9t8efo6q9c3b5e1w&from=che0812&uid=ADATAXSP900_2E2820000794&q={searchTerms} HKU\S-1-5-21-1847470664-721107375-2597868997-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/?gfe_rd=cr&ei=7URcVZXLLOug8weS94DoAQ HKU\S-1-5-21-1847470664-721107375-2597868997-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1492093150&z=bfd24eb42cc6533ddf20fddg9z2t4o0e3tac5g8z5m&from=che0812&uid=ADATAXSP900_2E2820000794 HKU\S-1-5-21-1847470664-721107375-2597868997-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1490263805&z=acdb7ec63383438a3c44021g7z9t8efo6q9c3b5e1w&from=che0812&uid=ADATAXSP900_2E2820000794&q={searchTerms} SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=292&itype=n&ver=14733&tm=551&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKLM-x32 -> {5ac354c8-1129-44a0-917d-cf45f2c0a40f} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3315042&CUI=UN11379035163226023&UM=2 SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=292&itype=n&ver=14733&tm=551&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> {cdfb103c-96fe-4ede-91cd-6b9111f3bcf5} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3315042&CUI=UN11379035163226023&UM=2 SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {606827F4-0CAD-49FE-83AE-9AF7EE0829E1} URL = SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1 SearchScopes: HKU\.DEFAULT -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493979967&z=b755e1766b12ac58aaaabfag5z5t9cat8mft6t1q0w&from=che0812&uid=ADATAXSP900_2E2820000794&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {5ac354c8-1129-44a0-917d-cf45f2c0a40f} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {606827F4-0CAD-49FE-83AE-9AF7EE0829E1} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {B4B120D3-7C12-489B-8395-292EEEF0745F} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {cdfb103c-96fe-4ede-91cd-6b9111f3bcf5} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=ima&utm_campaign=install_ie&utm_content=ds&from=ima&uid=ADATAXSP900_2E2820000794&ts=1425720761&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-28] (Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2018-12-18] (McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-28] (Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16] (Adblock Plus) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-28] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2018-12-18] (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-28] (Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft) Toolbar: HKU\S-1-5-21-1847470664-721107375-2597868997-1002 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll Geen bestand StartMenuInternet: IEXPLORE.EXE - c:\program files\internet explorer\iexplore.exe hxxp://www.ourluckysites.com/?type=sc&ts=1495612286&z=61fc7d93af63575fac05a47g6z6teweq0g9o3ofb9w&from=che0812&uid=ADATAXSP900_2E2820000794 FireFox: ======== FF DefaultProfile: qe41f8u5.default FF ProfilePath: C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default [2019-01-11] FF user.js: detected! => C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\user.js [2015-03-15] FF Homepage: Mozilla\Firefox\Profiles\qe41f8u5.default -> hxxp://search.conduit.com/Results.aspx?ctid=CT3315042&searchsource=55&UM=2& FF NewTab: Mozilla\Firefox\Profiles\qe41f8u5.default -> hxxp://search.conduit.com/Results.aspx?ctid=CT3315042&searchsource=69&UM=2& FF Extension: (Belgium eID) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\belgiumeid@eid.belgium.be.xpi [2014-12-09] [Verouderd] [ niet getekend] FF Extension: (downintabmaxmax) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\downintab@max.max [2014-12-14] [Verouderd] [ niet getekend] FF Extension: (ffext_basicvideoextstartpage24) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\ffext_basicvideoext@startpage24 [2014-12-17] [Verouderd] [ niet getekend] FF Extension: (MEGA) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\firefox@mega.co.nz.xpi [2014-12-06] [Verouderd] [ niet getekend] FF Extension: (jid0GXjLLfbCoAx0LcltEdFrEkQdQPIjetpack) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack [2014-12-14] [Verouderd] [ niet getekend] FF Extension: (TrustedShopper) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\jid1-BKkq2B2E8NPfWg@jetpack.xpi [2014-11-07] [Verouderd] [ niet getekend] FF Extension: (SmileysWeLove: Smileys for use with Facebook, GMail, and more) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-04-07] [Verouderd] [ niet getekend] FF Extension: (savefiletomozdevorg) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\savefileto@mozdev.org [2014-12-17] [Verouderd] [ niet getekend] FF Extension: (c9d3147081c64e3e9a3746eb9237ed3a) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\Extensions\{c9d31470-81c6-4e3e-9a37-46eb9237ed3a} [2014-12-09] [Verouderd] [ niet getekend] FF Extension: (Geen Naam) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\extensions\23fb8bb3-ac21-4230-bbfa-49b94968bc63@gmail.com [niet gevonden] FF Extension: (Geen Naam) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com [niet gevonden] FF Extension: (Geen Naam) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\extensions\b6e4f54065ff48dd97db30ca@c9b45f807bf54a45a4669e51c.com [niet gevonden] FF Extension: (Geen Naam) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\extensions\ROUAILDE73397174@UXGZI17268980.com [niet gevonden] FF Extension: (Geen Naam) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\extensions\sepherdwilbur@aol.com [niet gevonden] FF Extension: (PriceFountain) - C:\Users\Lugy\AppData\Roaming\Mozilla\Firefox\Profiles\qe41f8u5.default\extensions\staged\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2014-10-26] [Verouderd] [ niet getekend] FF ProfilePath: C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default [2017-07-13] <==== AANDACHT FF user.js: detected! => C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\user.js [2015-03-15] FF NewTab: Firefox\Firefox\Profiles\qe41f8u5.default -> hxxp://search.conduit.com/Results.aspx?ctid=CT3315042&searchsource=69&UM=2& FF Extension: (FF Adr) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-03-24] [ niet getekend] FF Extension: (Belgium eID) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\belgiumeid@eid.belgium.be.xpi [2014-12-09] [Verouderd] [ niet getekend] FF Extension: (downintabmaxmax) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\downintab@max.max [2014-12-14] [Verouderd] [ niet getekend] FF Extension: (ffext_basicvideoextstartpage24) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\ffext_basicvideoext@startpage24 [2014-12-17] [Verouderd] [ niet getekend] FF Extension: (MEGA) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\firefox@mega.co.nz.xpi [2017-07-13] [Verouderd] FF Extension: (jid0GXjLLfbCoAx0LcltEdFrEkQdQPIjetpack) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack [2014-12-14] [Verouderd] [ niet getekend] FF Extension: (TrustedShopper) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\jid1-BKkq2B2E8NPfWg@jetpack.xpi [2014-11-07] [Verouderd] [ niet getekend] FF Extension: (SmileysWeLove: Smileys for use with Facebook, GMail, and more) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-04-07] [Verouderd] [ niet getekend] FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\langpack-nl@firefox.mozilla.org.xpi [2017-05-24] [Verouderd] [ niet getekend] FF Extension: (savefiletomozdevorg) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\savefileto@mozdev.org [2014-12-17] [Verouderd] [ niet getekend] FF Extension: (c9d3147081c64e3e9a3746eb9237ed3a) - C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\Extensions\{c9d31470-81c6-4e3e-9a37-46eb9237ed3a} [2014-12-09] [Verouderd] [ niet getekend] FF SearchPlugin: C:\Users\Lugy\AppData\Roaming\Firefox\Firefox\Profiles\qe41f8u5.default\searchplugins\startsearch.xml [2017-05-24] FF HKLM\...\Firefox\Extensions: [{5081D2D4-1637-404c-B74F-50526718257D}] - C:\Program Files\shopperz\Firefox => niet gevonden FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-20] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2018-12-20] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-28] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-28] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-04] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-04] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-28] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-24] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-24] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-12-04] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Geen bestand] Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.luckysearch123.com?type=hp&ts=1489054707&from=5fdc0308&uid=adataxsp900_2e2820000794&z=b76a462f997b10d6409e430g2z3b2tde0w9zam4e9w CHR StartupUrls: Default -> "hxxp://www.luckysearch123.com?type=hp&ts=1489054707&from=5fdc0308&uid=adataxsp900_2e2820000794&z=b76a462f997b10d6409e430g2z3b2tde0w9zam4e9w" CHR NewTab: Default -> "active": false, "entry": "chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/stubby.html" , "active": false, "entry": "chrome-extension://pkcgpaojgnoojenoimmlgfhbddpnmkpc/html/newtab.html" CHR DefaultSearchURL: Default -> hxxp://www.ourluckysites.com/search/?type=ds&ts=1495440532&z=288d0f14bbaa1f54049134eg0zdt9w5zdz2e2w0cco&from=che0812&uid=ADATAXSP900_2E2820000794&q={searchTerms} CHR DefaultSearchKeyword: Default -> ourluckysites CHR Profile: C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default [2019-01-11] CHR Extension: (CookiesOK) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni [2016-08-27] CHR Extension: (Google Drive) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Adblock Plus) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-18] CHR Extension: (Google Search) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Adobe Acrobat) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03] CHR Extension: (Avast Passwords) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-05-18] CHR Extension: (Avast SafePrice) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-05-18] CHR Extension: (Avira Browser Safety) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-20] CHR Extension: (Offline Documenten) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Avast Online Security) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-18] CHR Extension: (FromDocToPDF) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2017-05-18] CHR Extension: (nbcgkdilbhnnoemimofnknocbkpldobi) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbcgkdilbhnnoemimofnknocbkpldobi [2015-03-21] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR Extension: (Movies Tab) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcgpaojgnoojenoimmlgfhbddpnmkpc [2017-01-10] CHR Extension: (Chrome Media Router) - C:\Users\Lugy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-18] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx CHR HKLM-x32\...\Chrome\Extension: [fdjkhamgopgokjmllcmpkiijndjeidcl] - C:\Users\Lugy\AppData\Local\Temp\twsfiles\trustedshopper.crx CHR HKLM-x32\...\Chrome\Extension: [fgbcffenncokfocljomejddmgcpppjom] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fjbbjfdilbioabojmcplalojlmdngbjl] - C:\Users\Lugy\AppData\Local\Temp\swlfiles\smileyswelovetoolbar.crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - c:\program files (x86)\google\chrome\application\chrome.exe hxxp://www.ourluckysites.com/?type=sc&ts=1495612286&z=61fc7d93af63575fac05a47g6z6teweq0g9o3ofb9w&from=che0812&uid=ADATAXSP900_2E2820000794 HKU\S-1-5-21-1847470664-721107375-2597868997-1002\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Hotleaf\Application\chrome.exe (Google Inc.) <==== AANDACHT ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-04] (AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-21] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-04] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [367728 2019-01-04] (AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-21] (AVAST Software) S2 BIT; C:\windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) <==== AANDACHT (geen ServiceDLL) S2 BIT; C:\windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) <==== AANDACHT (geen ServiceDLL) R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9121248 2018-11-02] (AVAST Software) S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-10] (Dropbox, Inc.) S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-10-10] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-12-05] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-10-01] (Digital Wave Ltd.) S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd) S4 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (FileZilla Project) R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-04-14] () R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18504 2017-04-19] (Intel Corporation) S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation) S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-04-03] () S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-04] (Intel Corporation) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905336 2018-12-18] (McAfee, Inc.) R2 mitsijm2017; D:\INVENTOR Pro 2017\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-04] (Autodesk, Inc.) S4 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-24] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764352 2018-06-24] (NVIDIA Corporation) S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [Bestand niet getekend] R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [9037680 2018-02-08] (Reimage®) S4 SNAREA; C:\Users\Lugy\AppData\Local\SNAREA\Snare.dll [826368 2017-05-21] () [Bestand niet getekend] <==== AANDACHT S4 SNARER; C:\Users\Lugy\AppData\Local\SNARER\Snarer.dll [793600 2017-04-23] () [Bestand niet getekend] <==== AANDACHT S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend] S2 VNASRE; C:\Users\Lugy\AppData\Local\VNASRE\Snare.dll [826368 2017-05-21] () [Bestand niet getekend] <==== AANDACHT S4 WANARE; C:\Users\Lugy\AppData\Local\WANARE\Snare.dll [826368 2017-05-21] () [Bestand niet getekend] <==== AANDACHT S4 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [331144 2017-04-11] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) S2 WinSAPSvc; C:\windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) <==== AANDACHT (geen ServiceDLL) S2 WinSAPSvc; C:\windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) <==== AANDACHT (geen ServiceDLL) S2 AMD; geen ImagePath S2 ed2kidle; geen ImagePath S2 FirefoxU; geen ImagePath R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (AnvSoft Inc.) R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [84816 2014-01-28] (Asmedia Technology) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-04] (AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-04] (AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-04] (AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-04] (AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-04] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-04] (AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-04] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166472 2019-01-04] (AVAST Software) R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [512048 2019-01-04] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-04] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-04] (AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-04] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-04] (AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-04] (AVAST Software) S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2015-03-28] (The OpenVPN Project) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-04] (AVAST Software) R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [82608 2014-04-10] (Qualcomm Atheros, Inc.) S3 CYUSB3; C:\Windows\System32\Drivers\CYUSB3.sys [71384 2015-09-10] (Cypress Semiconductor) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (USB Smart Card Reader) R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [53240 2016-12-06] () R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.) [Bestand niet getekend] R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-02-03] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-02-03] () S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] () S3 iSafeKrnlBoot; geen ImagePath <==== AANDACHT S1 iSafeNetFilter; geen ImagePath <==== AANDACHT R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] () S3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.) R3 KillerEth; C:\Windows\system32\DRIVERS\e2xw8x64.sys [162456 2016-11-01] (Qualcomm Atheros, Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [86632 2017-10-30] (Windows (R) Win 7 DDK provider) S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-06-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [67432 2018-06-24] (NVIDIA Corporation) R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) S3 qcfilter; C:\Windows\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (QUALCOMM Incorporated) S3 qcusbnet; C:\Windows\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated) S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [25608 2019-01-11] (SlimWare Utilities, Inc.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) S2 zntport; C:\Windows\SysWOW64\zntport.sys [6080 2001-01-22] (Zeal SoftStudio) [Bestand niet getekend] U1 aswbdisk; geen ImagePath S1 b786bdb3c67d; system32\drivers\b786bdb3c67d.sys [X] S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X] S4 iSafeKrnl; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [X] <==== AANDACHT S1 iSafeKrnlKit; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [X] <==== AANDACHT S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X] <==== AANDACHT S3 MSICDSetup; \??\D:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] S1 ssnfd_1_10_0_5; system32\drivers\ssnfd_1_10_0_5.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2019-01-11 10:32 - 2019-01-11 10:33 - 000052358 _____ C:\Users\Lugy\Desktop\FRST.txt 2019-01-11 10:32 - 2019-01-11 10:32 - 000000000 ___DC C:\FRST 2019-01-11 09:44 - 2019-01-11 09:39 - 002425856 _____ (Farbar) C:\Users\Lugy\Desktop\FRST64.exe 2019-01-11 00:14 - 2019-01-11 00:14 - 000000000 ____D C:\Windows\pss 2019-01-10 00:23 - 2019-01-10 00:25 - 000000000 __HDC C:\$WINDOWS.~BT 2019-01-10 00:08 - 2019-01-10 00:08 - 000000000 __HDC C:\$Windows.~WS 2019-01-09 23:53 - 2019-01-09 23:53 - 000000000 __SHD C:\found.002 2019-01-09 23:47 - 2019-01-09 23:47 - 000000000 _SHDC C:\found.001 2019-01-09 18:18 - 2019-01-09 23:14 - 000000775 _____ C:\Users\Public\Desktop\Speccy.lnk 2019-01-09 18:18 - 2019-01-09 18:18 - 000000000 ___DC C:\Program Files\Speccy 2019-01-09 18:18 - 2019-01-09 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2019-01-09 09:04 - 2018-12-28 03:12 - 000444368 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-01-09 09:04 - 2018-12-28 03:12 - 000178128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-01-09 09:04 - 2018-12-28 01:24 - 000333768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-01-09 09:04 - 2018-12-28 01:01 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-01-09 09:04 - 2018-12-28 00:38 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-01-09 09:04 - 2018-12-28 00:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-01-09 09:04 - 2018-12-28 00:31 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-01-09 09:04 - 2018-12-28 00:25 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-01-09 09:04 - 2018-12-28 00:25 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-01-09 09:04 - 2018-12-28 00:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-01-09 09:04 - 2018-12-28 00:05 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-01-09 09:04 - 2018-12-28 00:02 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-01-09 09:04 - 2018-12-27 23:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2019-01-09 09:04 - 2018-12-27 23:55 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-01-09 09:04 - 2018-12-27 23:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-01-09 09:04 - 2018-12-27 23:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-01-09 09:04 - 2018-12-27 23:48 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-01-09 09:04 - 2018-12-27 23:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-01-09 09:04 - 2018-12-27 23:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-01-09 09:04 - 2018-12-27 23:48 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-01-09 09:04 - 2018-12-27 23:47 - 001441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-01-09 09:04 - 2018-12-27 23:45 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-01-09 09:04 - 2018-12-27 23:41 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-01-09 09:04 - 2018-12-27 23:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2019-01-09 09:04 - 2018-12-27 23:33 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-01-09 09:04 - 2018-12-27 23:33 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-01-09 09:04 - 2018-12-27 23:31 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-01-09 09:04 - 2018-12-27 23:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-01-09 09:04 - 2018-12-27 23:29 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-01-09 09:04 - 2018-12-27 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-01-09 09:04 - 2018-12-27 23:29 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-01-09 09:04 - 2018-12-27 23:24 - 000780800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2019-01-09 09:04 - 2018-12-27 23:22 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-01-09 09:04 - 2018-12-27 23:11 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-01-09 09:04 - 2018-12-27 23:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-01-09 09:04 - 2018-12-27 23:11 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll 2019-01-09 09:04 - 2018-12-27 23:07 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-01-09 09:04 - 2018-12-27 23:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-01-09 09:04 - 2018-12-27 23:05 - 000566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll 2019-01-09 09:04 - 2018-12-08 21:22 - 007371720 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-01-09 09:04 - 2018-12-08 21:22 - 002014152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-01-09 09:04 - 2018-12-08 20:00 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2019-01-09 09:04 - 2018-12-08 12:23 - 000121272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys 2019-01-09 09:04 - 2018-12-08 09:13 - 002534664 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-01-09 09:04 - 2018-12-08 07:25 - 002173040 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2019-01-09 09:04 - 2018-12-08 06:56 - 001901896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2019-01-09 09:04 - 2018-12-08 06:32 - 001563376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2019-01-09 09:04 - 2018-12-08 04:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-01-09 09:04 - 2018-12-07 15:24 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-01-09 09:04 - 2018-11-28 09:34 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll 2019-01-09 09:04 - 2018-11-28 09:17 - 000200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll 2019-01-09 08:49 - 2019-01-09 08:49 - 007187064 _____ C:\Windows\system32\FNTCACHE.DAT 2019-01-09 00:14 - 2019-01-09 00:14 - 000000874 _____ C:\Users\Lugy\Desktop\DataNumen Disk Image.lnk 2019-01-09 00:14 - 2019-01-09 00:14 - 000000000 ____D C:\Users\Lugy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DataNumen Disk Image 2019-01-09 00:14 - 2019-01-09 00:14 - 000000000 ____D C:\Program Files (x86)\DDKI 2019-01-08 10:51 - 2019-01-08 10:51 - 000000000 ___DC C:\Program Files\7-Zip 2019-01-08 10:51 - 2019-01-08 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2019-01-07 18:24 - 2019-01-10 00:23 - 000000000 ___DC C:\ESD 2019-01-06 18:21 - 2019-01-06 18:13 - 000001063 _____ C:\Users\Lugy\Desktop\blender - Copy.lnk 2019-01-06 18:13 - 2019-01-06 18:13 - 000000000 ___DC C:\Program Files\Blender Foundation 2019-01-06 18:13 - 2019-01-06 18:13 - 000000000 ____D C:\Users\Lugy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender 2019-01-04 12:28 - 2019-01-04 12:28 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2019-01-04 12:28 - 2019-01-04 12:28 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys 2019-01-04 12:28 - 2019-01-04 12:28 - 000220688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2019-01-04 12:28 - 2019-01-04 12:28 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2019-01-04 12:28 - 2019-01-04 12:28 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2018-12-25 12:29 - 2018-12-25 12:29 - 000000000 ____D C:\Users\Lugy\AppData\Local\KutoolsforExcel 2018-12-25 12:27 - 2018-12-25 12:27 - 000001089 _____ C:\Users\Lugy\Desktop\Kutools for Excel.lnk 2018-12-25 12:27 - 2018-12-25 12:27 - 000000000 ____D C:\Users\Lugy\AppData\Roaming\Kutools for Excel 2018-12-25 12:27 - 2018-12-25 12:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Excel 2018-12-25 12:27 - 2018-12-25 12:27 - 000000000 ____D C:\Program Files (x86)\Kutools for Excel 2018-12-23 01:01 - 2018-12-23 01:01 - 000001297 _____ C:\Users\Public\Desktop\NCH Suite.lnk 2018-12-23 01:01 - 2018-12-23 01:01 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip File Compression.lnk 2018-12-23 01:01 - 2018-12-23 01:01 - 000001151 _____ C:\Users\Public\Desktop\Express Zip File Compression.lnk 2018-12-20 09:18 - 2018-12-20 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater 2018-12-19 20:06 - 2018-12-19 20:06 - 000001824 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2018-12-13 18:03 - 2018-12-14 16:46 - 000000000 ___DC C:\Program Files\McAfee 2018-12-13 10:12 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-12-13 10:12 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2018-12-13 10:12 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2018-12-13 10:12 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2018-12-13 10:12 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-12-13 10:12 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys 2018-12-13 10:12 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2018-12-13 10:12 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2018-12-13 10:12 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-12-13 10:12 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2018-12-13 10:12 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2018-12-13 10:12 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2018-12-13 10:12 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2018-12-13 10:12 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-12-13 10:12 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2018-12-13 10:12 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2018-12-13 10:12 - 2018-10-05 16:18 - 000513376 _____ C:\Windows\SysWOW64\locale.nls 2018-12-13 10:12 - 2018-10-05 16:18 - 000513376 _____ C:\Windows\system32\locale.nls ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2019-01-11 09:37 - 2014-10-22 08:26 - 000003806 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2A192F3F-A710-487F-9063-850BB91CA174} 2019-01-11 09:34 - 2018-02-10 10:44 - 000025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys 2019-01-11 09:34 - 2018-02-10 10:44 - 000000496 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job 2019-01-11 09:34 - 2014-10-11 00:42 - 000000000 ____D C:\ProgramData\NVIDIA 2019-01-11 01:41 - 2018-01-07 16:46 - 000000000 ____D C:\Users\Lugy\AppData\Local\ClassicShell 2019-01-11 01:38 - 2014-04-07 22:45 - 000800524 _____ C:\Windows\system32\perfh013.dat 2019-01-11 01:38 - 2014-04-07 22:45 - 000159750 _____ C:\Windows\system32\perfc013.dat 2019-01-11 01:38 - 2014-03-18 11:03 - 001819182 _____ C:\Windows\system32\PerfStringBackup.INI 2019-01-11 01:38 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2019-01-11 01:37 - 2018-02-01 13:06 - 000003548 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-Lugy.duville@telenet.be 2019-01-11 01:32 - 2017-07-15 10:41 - 000000000 ____D C:\ProgramData\Reimage Protector 2019-01-11 01:32 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-01-11 01:08 - 2018-11-30 10:20 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-11 01:08 - 2018-11-30 10:20 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-11 01:08 - 2018-11-30 10:20 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-11 01:08 - 2018-11-30 10:20 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-11 01:08 - 2018-11-30 10:20 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-11 01:08 - 2018-11-30 10:20 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-01-11 01:08 - 2018-02-21 09:12 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-01-11 01:08 - 2018-02-10 10:48 - 000003118 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2019-01-11 01:08 - 2018-02-10 10:48 - 000003092 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2019-01-11 01:08 - 2018-02-10 10:48 - 000003090 _____ C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2019-01-11 01:08 - 2018-02-10 10:48 - 000003062 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2019-01-11 01:08 - 2018-02-10 10:48 - 000003060 _____ C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2019-01-11 01:08 - 2017-03-03 12:04 - 000016740 _____ C:\Windows\System32\Tasks\9761R13265d11317Z59040 2019-01-11 01:08 - 2015-12-03 15:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software 2019-01-11 01:08 - 2014-12-25 12:51 - 000001762 _____ C:\Windows\System32\Tasks\{A80A4855-FCE9-4F50-97EE-608A00681C8D} 2019-01-11 01:08 - 2014-12-16 17:15 - 000001888 _____ C:\Windows\System32\Tasks\{54BD6AD8-6F77-419A-97A7-EDA117A45891} 2019-01-11 01:08 - 2014-12-15 14:33 - 000002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2019-01-11 01:08 - 2014-10-22 08:27 - 000003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-01-11 01:08 - 2014-10-22 08:27 - 000003360 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-01-11 01:08 - 2014-10-22 08:04 - 000002438 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1847470664-721107375-2597868997-500 2019-01-11 00:59 - 2016-10-09 11:03 - 000000000 ____D C:\ProgramData\SmartSound Software Inc 2019-01-11 00:59 - 2016-06-15 18:04 - 000000000 ____D C:\ProgramData\SmartSoundEngine 2019-01-10 20:05 - 2014-12-25 11:58 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2019-01-10 16:35 - 2015-02-04 11:08 - 000000000 ___HD C:\Users\Lugy\AppData\Roaming\CDisplayEx 2019-01-10 13:25 - 2014-10-22 08:26 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1847470664-721107375-2597868997-1002 2019-01-10 12:14 - 2014-10-23 17:37 - 000000000 ___HD C:\Users\Lugy\AppData\Local\Adobe 2019-01-10 12:05 - 2014-12-10 16:01 - 000000000 ___HD C:\Users\Lugy\AppData\Local\ElevatedDiagnostics 2019-01-10 11:52 - 2015-08-29 10:03 - 000000000 ___HD C:\Users\Lugy\AppData\Local\SnelNL 2019-01-10 00:27 - 2016-05-09 10:36 - 000001908 _____ C:\Windows\diagwrn.xml 2019-01-10 00:27 - 2016-05-09 10:36 - 000001908 _____ C:\Windows\diagerr.xml 2019-01-10 00:23 - 2014-04-07 21:52 - 000000000 ____D C:\Windows\Panther 2019-01-09 23:49 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness 2019-01-09 23:49 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-01-09 09:25 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2019-01-09 09:22 - 2014-10-11 00:05 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-01-09 09:22 - 2014-10-11 00:05 - 000000000 ____D C:\Windows\system32\MRT 2019-01-08 18:20 - 2017-03-07 17:44 - 000000000 ___HD C:\Users\Lugy\AppData\Roaming\Anvsoft 2019-01-07 16:17 - 2015-04-09 17:44 - 000000000 ___RD C:\Users\Lugy\Creative Cloud Files 2019-01-07 13:02 - 2014-10-22 08:20 - 000000000 ___HD C:\Users\Lugy 2019-01-06 18:54 - 2015-01-03 10:47 - 000000000 ___HD C:\Users\Lugy\AppData\Roaming\vlc 2019-01-06 18:00 - 2015-10-27 16:42 - 000000000 ___HD C:\Users\Lugy\.thumbnails 2019-01-06 11:25 - 2015-01-23 14:44 - 000000000 ___HD C:\Users\Lugy\AppData\Local\CrashDumps 2019-01-06 10:45 - 2017-07-15 11:03 - 000000000 _____ C:\Windows\system32\reimage.rep 2019-01-06 10:33 - 2017-07-15 10:41 - 000000000 ___DC C:\rei 2019-01-06 10:33 - 2015-03-15 10:21 - 000000184 _____ C:\Windows\Reimage.ini 2019-01-06 10:24 - 2017-07-15 10:49 - 000012710 ____C C:\Windows\system32\Native.exe 2019-01-06 10:24 - 2017-07-15 10:49 - 000000000 ___DC C:\ReimageUndo 2019-01-04 17:31 - 2017-07-15 10:41 - 000004272 _____ C:\Windows\System32\Tasks\ReimageUpdater 2019-01-04 16:45 - 2014-10-22 09:07 - 000000000 ___HD C:\Users\Lugy\AppData\Local\Microsoft Help 2019-01-04 12:28 - 2018-10-13 08:36 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2019-01-04 12:28 - 2017-12-15 16:49 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2019-01-04 12:28 - 2017-02-09 08:49 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2019-01-04 12:28 - 2016-02-13 11:20 - 000512048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys 2019-01-04 12:28 - 2015-03-28 12:12 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2019-01-04 12:28 - 2015-03-28 12:12 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2019-01-04 12:28 - 2015-03-28 12:12 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2019-01-04 12:28 - 2015-03-28 12:12 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2019-01-04 12:28 - 2015-03-28 12:12 - 000166472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2019-01-04 12:28 - 2015-03-28 12:12 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2019-01-04 12:28 - 2015-03-28 12:12 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2019-01-04 12:28 - 2015-03-28 12:12 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2019-01-04 12:04 - 2015-07-08 09:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-01-04 10:36 - 2018-01-07 15:53 - 000001824 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk 2019-01-04 09:57 - 2018-06-21 22:02 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2019-01-03 20:18 - 2015-09-28 07:22 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2019-01-02 20:05 - 2017-04-12 09:35 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-01-02 20:05 - 2017-04-12 09:35 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-12-30 10:50 - 2017-06-06 07:57 - 000000000 ___HD C:\Users\Lugy\.fontconfig 2018-12-23 01:01 - 2016-03-17 18:04 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software 2018-12-23 01:01 - 2016-03-17 18:04 - 000000000 ____D C:\ProgramData\NCH Software 2018-12-23 01:01 - 2016-03-17 18:04 - 000000000 ____D C:\Program Files (x86)\NCH Software 2018-12-22 10:53 - 2016-06-23 15:37 - 000000000 __HDC C:\adobeTemp 2018-12-21 09:05 - 2018-10-04 11:52 - 000000000 ____D C:\Program Files (x86)\Belgium Identity Card 2018-12-20 09:18 - 2018-02-10 10:44 - 000002517 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk 2018-12-20 09:18 - 2018-02-10 10:44 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater 2018-12-19 20:06 - 2016-01-10 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2018-12-15 15:37 - 2018-02-19 15:20 - 000000000 ____D C:\Users\Lugy\AppData\Roaming\DVDVideoSoft 2018-12-14 13:05 - 2018-03-07 00:34 - 000000000 ____D C:\ProgramData\McAfee 2018-12-14 09:46 - 2014-12-15 14:33 - 000000000 ____D C:\Program Files\CCleaner 2018-12-12 18:21 - 2015-09-28 07:22 - 000002024 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk ==================== Bestanden in de root van sommige mappen ======= 2015-01-20 09:02 - 2015-05-04 09:49 - 000000112 _____ () C:\ProgramData\118t8K7.dat 2018-09-14 08:48 - 2018-09-14 08:48 - 015438021 _____ (BabelSoft) C:\Users\Lugy\MediaPreviewSetup-1.4.3.429.sfx.exe 2017-06-20 22:43 - 2017-06-20 22:43 - 000000115 _RSHO () C:\Users\Lugy\AppData\Roaming\9d0c8020cc0fba57b7a733fffaab45d8b16ee99c.sys 2014-11-13 19:29 - 2018-10-29 12:27 - 000000033 _____ () C:\Users\Lugy\AppData\Roaming\AdobeWLCMCache.dat 2017-03-03 12:09 - 2018-01-26 14:12 - 000000028 ___RH () C:\Users\Lugy\AppData\Roaming\be046e943fe726861c04b0318e13b2f274b1ec06.sys 2017-03-03 12:09 - 2017-03-03 12:09 - 000000028 _RSHO () C:\Users\Lugy\AppData\Roaming\c54da0d4db72e7476d261013371d583ed5cee3ac.sys 2018-09-18 16:52 - 2018-09-18 16:52 - 000000028 _____ () C:\Users\Lugy\AppData\Roaming\kulerdata.json 2015-03-14 11:05 - 2015-03-14 11:05 - 000000126 ____H () C:\Users\Lugy\AppData\Roaming\Network Monitor II_#0_Traffic.ini 2014-10-23 13:56 - 2014-10-23 13:56 - 000000000 ____H () C:\Users\Lugy\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-11-19 15:51 - 2015-03-18 14:04 - 000000094 ____H () C:\Users\Lugy\AppData\Roaming\WB.CFG 2016-03-20 09:25 - 2017-12-04 15:57 - 000001456 ____H () C:\Users\Lugy\AppData\Local\Adobe Opslaan voor web 13.0 Prefs 2017-11-15 09:50 - 2017-11-15 09:50 - 000000000 ____H () C:\Users\Lugy\AppData\Local\Adobe Opslaan voor web 13_tmp2882 2018-09-27 14:25 - 2018-09-27 14:25 - 000000000 _____ () C:\Users\Lugy\AppData\Local\oobelibMkey.log 2016-04-19 08:42 - 2016-04-19 08:42 - 000000008 ____H () C:\Users\Lugy\AppData\Local\pcdit.dat 2014-12-11 19:18 - 2014-12-11 19:27 - 000000003 ____H () C:\Users\Lugy\AppData\Local\proxy.log 2018-05-15 23:38 - 2018-05-15 23:38 - 000003905 _____ () C:\Users\Lugy\AppData\Local\recently-used.xbel 2016-01-29 16:48 - 2016-01-29 16:48 - 000000017 ____H () C:\Users\Lugy\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-04-15 12:22 ==================== Eind van FRST.txt ============================