Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-03-2017 Gestart door Gebruiker (Beheerder) op GEBRUIKER-PC (01-04-2017 01:28:52) Gestart vanaf C:\Users\Gebruiker\Downloads Geladen Profielen: Gebruiker (Beschikbare Profielen: Gebruiker) Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AMD) C:\Windows\System32\atieclxx.exe (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (F-Secure Corporation) C:\Program Files (x86)\Vanden Borre My Security\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\Vanden Borre My Security\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\Vanden Borre My Security\apps\CCF_Reputation\fsorsp.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe (F-Secure Corporation) C:\Program Files (x86)\Vanden Borre My Security\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe (F-Secure Corporation) C:\Program Files (x86)\Vanden Borre My Security\fshoster32.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (F-Secure Corporation) C:\Program Files (x86)\Vanden Borre My Security\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\Vanden Borre My Security\apps\ComputerSecurity\Common\FSHDLL64.EXE (Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (F-Secure Corporation) C:\Program Files (x86)\Vanden Borre My Security\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [beid] => "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1519176 2014-04-30] (Seagate Technology LLC) HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [126056 2014-04-30] (Seagate Technology LLC) HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\Run: [GoogleChromeAutoLaunch_5FEA36A39174F28C3634662B2D565CAA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1082472 2016-11-08] (Google Inc.) HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-01-17] (Apple Inc.) HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-01-17] (Apple Inc.) HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-01-17] (Apple Inc.) HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1091384 2016-12-20] (Apple Inc.) HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd) HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\RunOnce: [Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\MountPoints2: {6bdcdb3c-e304-11e1-8503-806e6f6e6963} - D:\Autorun.exe HKU\S-1-5-21-671666405-1082163965-412597196-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-01-11] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.3 195.130.130.3 Tcpip\..\Interfaces\{137582C4-810B-4785-A060-9619DA1F11D2}: [DhcpNameServer] 195.130.131.3 195.130.130.3 Tcpip\..\Interfaces\{407E8454-D7F1-4220-B665-BDED69905B1F}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-671666405-1082163965-412597196-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://be.msn.com/default.aspx?ocid=iehp SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-671666405-1082163965-412597196-1000 -> {53B8F260-18A2-44E7-8D20-5D402A597B7D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYBE&apn_uid=6F5A1478-2141-434F-B25B-E9DBAF6281CD&apn_sauid=00EC6709-B6C6-4708-AFD5-9275403A3441 SearchScopes: HKU\S-1-5-21-671666405-1082163965-412597196-1000 -> {598DF58B-604F-4434-831A-8E7D795E6EEB} URL = hxxp://search.softonic.com/INF00047/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=779 BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Vanden Borre My Security\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2017-03-27] (F-Secure Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Vanden Borre My Security\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2017-03-27] (F-Secure Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-03-17] (Oracle Corporation) BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-03-17] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab FireFox: ======== FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2014-07-03] [ niet getekend] FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Vanden Borre My Security\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: (Browsing Protection by F-Secure) - C:\Program Files (x86)\Vanden Borre My Security\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2017-03-27] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-01-11] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Vanden Borre My Security\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi FF HKU\S-1-5-21-671666405-1082163965-412597196-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] () FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-08-10] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-17] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-08-10] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-23] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-23] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.) Chrome: ======= CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11412&l=dis&pf=V7&p2=%5EBBK%5EOSJ000%5EYY%5EBE&gct=&itbv=12.10.6.48&doi=2014-04-16&apn_uid=F7C8BDDF-C30C-49A7-841A-4F2CCF43349B&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EBE&apn_dbr=cr_34.0.1847.116&psv=&trgb=CR&tbv=&crxv=&q={searchTerms} CHR DefaultSearchKeyword: Default -> ask search CHR DefaultSuggestURL: Default -> hxxp://ss.websearch.ask.com/query?li=ff&sstype=prefix&q={searchTerms} CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default [2017-04-01] CHR Extension: (Adblock Plus) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-26] CHR Extension: (iCloud-bladwijzers) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-25] CHR Extension: (Search by F-Secure) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkmikccifolokanfakbeadbmgchomeli [2016-09-08] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10] CHR Extension: (Chrome Media Router) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-24] CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-671666405-1082163965-412597196-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\Vanden Borre My Security\apps\SafeSearch\Chrome\main.crx CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome.FNTLITIZKZOJA3XVHAOLFULCTE - C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 BlueSoleil Hid Service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BTNtService.exe [166520 2007-12-27] () R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-10-09] (Freemake) [Bestand niet getekend] R2 fshoster; C:\Program Files (x86)\Vanden Borre My Security\fshoster32.exe [181216 2016-10-25] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\Vanden Borre My Security\apps\ComputerSecurity\Common\FSMA32.EXE [218080 2016-10-26] (F-Secure Corporation) R2 fsnethoster; C:\Program Files (x86)\Vanden Borre My Security\fshoster32.exe [181216 2016-10-25] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\Vanden Borre My Security\apps\CCF_Reputation\fsorsp.exe [62432 2016-05-20] (F-Secure Corporation) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Bestand niet getekend] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Bestand niet getekend] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Bestand niet getekend] S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-15] (Electronic Arts) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend] R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-04-30] (Seagate Technology LLC) R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157264 2014-04-30] (Seagate Technology LLC) R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.) R2 Start BT in service; C:\Program Files (x86)\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [51816 2007-12-27] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe [440832 2016-12-15] (Wondershare) [Bestand niet getekend] S2 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for iOS (CPC)\Library\DriverInstaller\DriverInstall.exe [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 A38CCID; C:\Windows\System32\DRIVERS\a38ccid.sys [46720 2013-01-30] (Advanced Card Systems Ltd.) R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [37896 2007-06-24] (IVT Corporation.) R3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [37896 2007-06-24] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [37384 2007-06-24] (IVT Corporation.) R3 BlueletSCOAudio; C:\Windows\SysWOW64\DRIVERS\BlueletSCOAudio.sys [37384 2007-06-24] (IVT Corporation.) R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [25360 2007-03-05] (IVT Corporation.) R3 BT; C:\Windows\SysWOW64\DRIVERS\btnetdrv.sys [25360 2007-03-05] (IVT Corporation.) S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47368 2007-06-24] (IVT Corporation.) S3 Btcsrusb; C:\Windows\SysWOW64\Drivers\btcusb.sys [47368 2007-06-24] (IVT Corporation.) R0 BTHidEnum; C:\Windows\System32\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.) R0 BTHidEnum; C:\Windows\SysWOW64\Drivers\vbtenum.sys [24976 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.) R0 BTHidMgr; C:\Windows\SysWOW64\Drivers\BTHidMgr.sys [49680 2007-03-05] (IVT Corporation.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Vanden Borre My Security\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [229080 2017-02-14] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\Vanden Borre My Security\apps\ComputerSecurity\HIPS\drivers\fshs.sys [106712 2017-02-02] (F-Secure Corporation) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [73928 2016-07-08] () R3 fsni; C:\Program Files (x86)\Vanden Borre My Security\apps\CCF_Scanning\bin\fsni64.sys [120008 2017-03-27] (F-Secure Corporation) R1 fsvista; C:\Program Files (x86)\Vanden Borre My Security\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2015-06-12] () S1 GLogin; geen ImagePath R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.) R3 VComm; C:\Windows\SysWOW64\DRIVERS\VComm.sys [47120 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.) R3 VcommMgr; C:\Windows\SysWOW64\Drivers\VcommMgr.sys [63248 2007-03-05] (IVT Corporation.) S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X] S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-04-01 01:00 - 2017-04-01 01:26 - 00045234 _____ C:\Users\Gebruiker\Downloads\Addition.txt 2017-04-01 00:29 - 2017-04-01 01:46 - 00023234 _____ C:\Users\Gebruiker\Downloads\FRST.txt 2017-04-01 00:27 - 2017-04-01 01:28 - 00000000 ____D C:\FRST 2017-04-01 00:26 - 2017-04-01 00:26 - 02424832 _____ (Farbar) C:\Users\Gebruiker\Downloads\FRST64.exe 2017-03-30 19:47 - 2017-03-30 19:47 - 00157971 _____ C:\Users\Gebruiker\Desktop\Getuigschrift Wet Willems.pdf 2017-03-30 19:45 - 2017-03-30 19:45 - 00148274 _____ C:\Users\Gebruiker\Desktop\Getuigschrift Wet Cauwenberghs .pdf 2017-03-30 19:41 - 2017-03-30 19:41 - 00089873 _____ C:\Users\Gebruiker\Downloads\Flash_1162_compteurs_congé.pdf 2017-03-30 19:41 - 2017-03-30 19:41 - 00089185 _____ C:\Users\Gebruiker\Downloads\Flash_1162_verloftellers.pdf 2017-03-30 19:38 - 2017-03-30 19:38 - 00447739 _____ C:\Users\Gebruiker\Downloads\Flash_1161_Postzegeltarieven_blijven_ongewijzigd_NL.pdf 2017-03-30 17:39 - 2017-03-30 17:39 - 00592310 _____ C:\Users\Gebruiker\Downloads\opdracht storemanagement -1-.pdf 2017-03-26 22:51 - 2017-03-26 22:51 - 00114292 _____ C:\Users\Gebruiker\Documents\Nieuwe bouwplannen .pdf 2017-03-26 20:15 - 2017-03-26 20:15 - 00020644 _____ C:\Users\Gebruiker\Downloads\Scan 001.pdf 2017-03-20 20:01 - 2017-03-21 15:42 - 00159055 ____H C:\Users\Gebruiker\Desktop\~WRL2685.tmp 2017-03-15 00:11 - 2017-03-15 00:11 - 00278327 _____ C:\Users\Gebruiker\Downloads\Estimated tax amount for each branch emission 03-2017.xlsm 2017-03-15 00:10 - 2017-03-15 00:10 - 00055697 _____ C:\Users\Gebruiker\Downloads\Estimated tax emission 29-03-2017.xlsm 2017-03-14 16:54 - 2017-03-14 16:54 - 06847064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2017-03-06 00:50 - 2017-03-06 00:51 - 04235379 _____ C:\Users\Gebruiker\Downloads\Stappenplan (ELE_WA_VPL_VZW_KabelntOK_Afst RL(0_25)).pdf 2017-03-06 00:50 - 2017-03-06 00:50 - 02972224 _____ C:\Users\Gebruiker\Downloads\Stappenplan (RIO_NA_RES_Hergebruik).pdf 2017-03-05 04:07 - 2017-03-05 04:08 - 30748224 _____ (Aiseesoft Studio ) C:\Users\Gebruiker\Downloads\as-ios-data-recovery.exe 2017-03-05 01:45 - 2017-03-05 02:23 - 00000000 ____D C:\Wondershare_DrFone_temp 2017-03-05 01:41 - 2017-03-05 01:41 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2017-03-05 01:41 - 2017-03-05 01:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2017-03-05 01:39 - 2017-03-05 01:39 - 00000000 ____D C:\Program Files\iPod 2017-03-03 02:06 - 2017-03-05 01:41 - 00000000 ____D C:\Program Files\iTunes 2017-03-03 01:50 - 2017-03-03 01:50 - 00000000 ____D C:\Program Files\Bonjour 2017-03-03 01:50 - 2017-03-03 01:50 - 00000000 ____D C:\Program Files (x86)\Bonjour 2017-03-03 01:42 - 2017-03-03 01:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2017-03-03 01:41 - 2017-03-03 01:41 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2017-03-03 01:41 - 2017-03-03 01:41 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2017-03-03 01:27 - 2017-03-03 01:28 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\Wondershare 2017-03-03 01:24 - 2017-03-05 03:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2017-03-03 01:24 - 2016-11-25 11:12 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll 2017-03-03 01:24 - 2016-11-25 11:12 - 00052832 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\Drivers\libusb0.sys 2017-03-03 01:22 - 2016-09-27 17:28 - 00000232 _____ C:\Windows\SysWOW64\dllhost.exe.config 2017-03-03 01:21 - 2017-03-05 03:50 - 00000000 ____D C:\ProgramData\Wondershare 2017-03-03 01:21 - 2017-03-05 03:50 - 00000000 ____D C:\Program Files (x86)\Wondershare 2017-03-03 01:20 - 2017-03-03 01:21 - 00000000 ____D C:\Users\Public\Documents\Wondershare 2017-03-02 01:35 - 2017-03-05 19:52 - 00000000 ____D C:\Program Files\Recuva 2017-03-02 01:35 - 2017-03-02 01:35 - 00002806 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-03-02 01:35 - 2017-03-02 01:35 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-03-02 01:35 - 2017-03-02 01:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-03-02 01:35 - 2017-03-02 01:35 - 00000000 ____D C:\Program Files\CCleaner 2017-03-02 01:04 - 2017-03-02 01:04 - 00000000 ____D C:\MiniToolMobileRecovery_DeviceExport 2017-03-02 01:02 - 2017-03-02 01:02 - 00000000 ____D C:\BackupDataExportTemp ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-04-01 01:04 - 2014-04-08 23:02 - 00001062 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2017-04-01 00:31 - 2009-07-14 06:45 - 00029808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-04-01 00:31 - 2009-07-14 06:45 - 00029808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-04-01 00:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-04-01 00:09 - 2014-04-08 23:02 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2017-04-01 00:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-31 22:59 - 2014-08-16 21:30 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\F-Secure 2017-03-31 21:42 - 2012-08-10 18:11 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A8E05F45-CA0B-4D05-B735-E1923323A292} 2017-03-31 21:19 - 2010-11-21 18:48 - 00746466 _____ C:\Windows\system32\perfh013.dat 2017-03-31 21:19 - 2010-11-21 18:48 - 00154128 _____ C:\Windows\system32\perfc013.dat 2017-03-31 21:19 - 2009-07-14 07:13 - 01672576 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-29 23:36 - 2012-08-10 18:35 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\SoftGrid Client 2017-03-22 21:38 - 2014-11-17 01:53 - 00003436 _____ C:\Windows\System32\Tasks\Apple Diagnostics 2017-03-21 02:58 - 2012-08-10 18:39 - 00059216 _____ C:\Users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT 2017-03-14 16:54 - 2012-08-10 18:39 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-03-14 16:54 - 2012-08-10 18:39 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-14 16:54 - 2012-08-10 18:39 - 00004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-03-14 16:54 - 2012-08-10 18:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-03-14 16:54 - 2012-08-10 18:38 - 00000000 ____D C:\Windows\system32\Macromed 2017-03-06 00:27 - 2017-02-12 15:32 - 00067780 ____H C:\Users\Gebruiker\Desktop\~WRL2358.tmp 2017-03-05 03:21 - 2012-11-18 03:45 - 00000000 ____D C:\Users\Gebruiker\Tracing 2017-03-05 03:15 - 2013-08-17 01:14 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\CrashDumps 2017-03-05 03:15 - 2012-09-05 11:04 - 00000000 ____D C:\Windows\Minidump 2017-03-05 03:15 - 2012-08-10 18:59 - 00000000 ____D C:\Windows\Panther 2017-03-05 01:39 - 2012-08-27 21:15 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-03-05 01:26 - 2009-07-14 06:45 - 00269384 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-03 02:06 - 2015-03-22 19:08 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2017-03-03 02:06 - 2012-08-27 21:17 - 00000000 ____D C:\ProgramData\Apple Computer 2017-03-03 01:43 - 2015-02-22 17:54 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\Apple Inc 2017-03-03 01:41 - 2012-08-27 21:16 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2017-03-02 17:56 - 2015-02-22 17:54 - 00000000 ___RD C:\Users\Gebruiker\iCloudDrive 2017-03-02 01:53 - 2012-08-10 18:07 - 00000000 ____D C:\Users\Gebruiker 2017-03-02 00:19 - 2012-08-11 10:02 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\Google ==================== Bestanden in de root van sommige mappen ======= 2012-08-10 22:20 - 2013-11-02 18:51 - 0012016 _____ () C:\ProgramData\hpzinstall.log ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\SysWOW64\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend