Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 25-06-2017 01 Gestart door User (Beheerder) op USER-PC (27-06-2017 16:26:37) Gestart vanaf C:\Users\User\Downloads Geladen Profielen: UpdatusUser & User (Beschikbare Profielen: UpdatusUser & User & DefaultAppPool) Platform: Windows 10 Home Versie 1511 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: IE) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe () C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor) HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKU\S-1-5-21-3071799481-3423892318-2758715461-1001\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-21-3071799481-3423892318-2758715461-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation) HKU\S-1-5-21-3071799481-3423892318-2758715461-1002\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun HKU\S-1-5-21-3071799481-3423892318-2758715461-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk [2012-03-21] ShortcutTarget: Scanner Finder.lnk -> C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe () Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk [2015-12-09] ShortcutTarget: OneNote 2007 Schermopname en Snel starten.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{9a2696a0-d8a7-4e96-a694-eee26b37e0f4}: [DhcpNameServer] 195.130.131.5 195.130.130.5 Internet Explorer: ================== HKU\S-1-5-21-3071799481-3423892318-2758715461-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3071799481-3423892318-2758715461-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-06-27] (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-08-12] (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-27] (Google Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2011-08-12] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-06-27] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-06-27] (Google Inc.) FireFox: ======== FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2011-08-12] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2011-08-11] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Geen bestand] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll [2011-08-12] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-08] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE" CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-05-29] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-03] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-24] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-09-09] (Foxit Software Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 MpKsl50fd4a67; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4186DAB0-292C-4BF1-BF2E-41D6523FF2EE}\MpKsl50fd4a67.sys [44928 2017-06-26] (Microsoft Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; geen ImagePath U3 wpcsvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-06-27 16:26 - 2017-06-27 16:27 - 00012009 _____ C:\Users\User\Downloads\FRST.txt 2017-06-27 16:24 - 2017-06-27 16:26 - 00000000 ____D C:\FRST 2017-06-27 16:22 - 2017-06-27 16:23 - 02441216 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2017-06-27 16:19 - 2017-06-27 16:19 - 00002624 _____ C:\Users\User\Documents\FSS.txt 2017-06-27 16:18 - 2017-06-27 16:18 - 00002624 _____ C:\Users\User\Desktop\FSS.txt 2017-06-27 16:16 - 2017-06-27 16:16 - 00899584 _____ (Farbar) C:\Users\User\Desktop\FSS.exe 2017-06-27 12:27 - 2017-06-27 12:27 - 00000841 _____ C:\Users\Public\Desktop\Speccy.lnk 2017-06-27 12:27 - 2017-06-27 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2017-06-27 12:27 - 2017-06-27 12:27 - 00000000 ____D C:\Program Files\Speccy 2017-06-27 12:26 - 2017-06-27 12:27 - 00000000 ____D C:\ProgramData\Google 2017-06-27 12:22 - 2017-06-27 12:22 - 06293184 _____ (Piriform Ltd) C:\Users\User\Downloads\spsetup130.exe 2017-06-27 07:01 - 2017-06-27 07:01 - 00000000 ____D C:\Users\User\AppData\Local\{D27499FC-4538-4619-AA58-0A5C4E8FC8F3} 2017-06-26 11:38 - 2017-06-26 11:38 - 00000000 ____D C:\Users\User\AppData\Local\{82E3C5F8-E2AF-4686-A034-84E64C0B6036} 2017-06-25 21:57 - 2017-06-25 21:57 - 00000000 ____D C:\Users\User\AppData\Local\{F5DFEDC7-E5F2-4636-B2C2-67F48E79A81E} 2017-06-25 06:58 - 2017-06-25 06:59 - 00000000 ____D C:\Users\User\AppData\Local\{2041A784-171D-48DF-9CF8-8FEBA4356577} 2017-06-24 18:21 - 2017-06-24 18:21 - 00000000 ____D C:\Users\User\AppData\Local\{4699BD06-3335-4C23-A0E9-ABE9398C66EB} 2017-06-24 10:41 - 2017-06-24 10:41 - 00000000 ____D C:\Users\User\AppData\Local\{4F4309E5-DC61-4059-8667-227D814CA426} 2017-06-24 08:32 - 2017-06-26 11:53 - 00000000 ____D C:\Users\User\Documents\Materiaal 16 (kendra claerhout) 2017-06-24 08:04 - 2017-06-24 08:04 - 00000000 ____D C:\Users\User\AppData\Local\{E7F8641C-B8BC-4532-B714-A87835FA29A9} 2017-06-23 12:10 - 2017-06-23 12:10 - 00000000 ____D C:\Users\User\AppData\Local\{D25868B7-7B22-4160-930D-2D5AA12D299C} 2017-06-23 00:05 - 2017-06-23 00:05 - 00000000 ____D C:\Users\User\AppData\Local\{94BAAA8B-EA14-4BBC-99A3-1D91CE9CBBA8} 2017-06-22 09:47 - 2017-06-22 09:47 - 00000000 ____D C:\Users\User\AppData\Local\{B281F311-C141-4DAD-8DD8-5CC7924A7D3F} 2017-06-21 23:30 - 2017-06-21 23:30 - 00000000 ____D C:\Users\User\AppData\Local\{974D6532-7089-47B4-A65E-0181701ADE1A} 2017-06-21 23:21 - 2017-06-21 23:21 - 00000000 ____D C:\Users\User\AppData\Local\{20DEC4DC-05A9-458C-ACF4-1601DC5CFAA6} 2017-06-21 23:12 - 2017-06-21 23:12 - 00000000 ____D C:\Users\User\AppData\Local\{D83017FA-93C1-40B1-A8E7-522A7691F00E} 2017-06-21 22:40 - 2017-06-21 22:40 - 00000000 ____D C:\Users\User\AppData\Local\{9F482934-5B40-439B-A6C9-4A71325B725E} 2017-06-21 09:56 - 2017-06-21 09:56 - 00000000 ____D C:\Users\User\AppData\Local\{00BF786F-2BF4-4BFA-A908-5C12CC30ACCD} 2017-06-20 13:10 - 2017-06-20 13:10 - 00000000 ____D C:\Users\User\AppData\Local\{24DFCAA6-E26D-4FFD-9625-13DADD04E88F} 2017-06-20 10:15 - 2017-06-20 10:14 - 00907642 _____ C:\Users\User\Documents\ZOEKTOCHT VELT 2017 Beitem - Ledegem.pdf 2017-06-20 07:54 - 2017-06-20 07:54 - 00000000 ____D C:\Users\User\AppData\Local\{7FAD1BCD-31CC-4E5B-B2E2-1B592DB14B55} 2017-06-19 18:06 - 2017-06-19 18:06 - 00000000 ____D C:\Users\User\AppData\Local\{C5605C86-2EDE-4E26-A2D8-F14412520471} 2017-06-19 14:17 - 2017-06-19 14:17 - 00000000 ____D C:\Users\User\AppData\Local\{24966626-8B1C-46FC-B508-BBD32C1FC41B} 2017-06-19 12:42 - 2017-06-19 12:42 - 00000000 ____D C:\Users\User\AppData\Local\{3AAC8E4E-6C63-4A9D-95B2-10F7267A0D87} 2017-06-19 08:14 - 2017-06-19 08:14 - 00000000 ____D C:\Users\User\AppData\Local\{A628D7C5-4562-467B-BB38-CD4787CA69E6} 2017-06-18 22:19 - 2017-06-18 22:19 - 00000000 ____D C:\Users\User\AppData\Local\{4D50BC19-76B3-41C8-8F38-C38BD746A995} 2017-06-18 07:37 - 2017-06-18 07:37 - 00000000 ____D C:\Users\User\AppData\Local\{54B5BDE4-9C91-4F79-87E9-7F2730D282E8} 2017-06-18 07:31 - 2017-06-18 07:31 - 00000000 ____D C:\Users\User\AppData\Local\{310AA01A-727C-4B5D-B944-15AD4845F5EE} 2017-06-17 22:30 - 2017-06-17 22:30 - 00000000 ____D C:\Users\User\AppData\Local\{C04D5B87-E57F-4CDB-BE32-E1D7DD85E498} 2017-06-17 22:05 - 2017-06-17 22:05 - 00000000 ____D C:\Users\User\AppData\Local\{EC476557-399B-448F-96FF-982844F3DEE3} 2017-06-15 23:17 - 2017-06-15 23:17 - 00000000 ____D C:\Users\User\AppData\Local\{55A2348C-F789-4FD6-96EE-57E5B6CFA74F} 2017-06-15 08:40 - 2017-06-15 08:40 - 00000000 ____D C:\Users\User\AppData\Local\{F838BC67-7C27-4F28-9D2B-03142B2D7831} 2017-06-15 08:33 - 2017-06-15 08:33 - 00000000 ____D C:\Users\User\AppData\Local\{76545554-2D1D-4020-A697-11144A2B6D8D} 2017-06-14 23:02 - 2017-06-14 23:02 - 00000000 ____D C:\Users\User\AppData\Local\{6CA435F2-D160-4287-B18F-CE83188766EE} 2017-06-14 22:19 - 2017-06-14 22:19 - 00000000 ____D C:\Users\User\AppData\Local\{6C7B6442-A9DF-4826-A7AD-21308DFF0722} 2017-06-14 08:23 - 2017-06-14 08:23 - 27021672 _____ C:\Users\User\Downloads\DeThiennes_7_04.tif 2017-06-14 08:23 - 2017-06-14 08:23 - 27021672 _____ C:\Users\User\Downloads\DeThiennes_7_03.tif 2017-06-14 08:23 - 2017-06-14 08:23 - 27021672 _____ C:\Users\User\Downloads\DeThiennes_7_02.tif 2017-06-14 08:23 - 2017-06-14 08:23 - 26391312 _____ C:\Users\User\Downloads\DeThiennes_7_06.tif 2017-06-14 08:23 - 2017-06-14 08:23 - 26391312 _____ C:\Users\User\Downloads\DeThiennes_7_05.tif 2017-06-14 08:23 - 2017-06-14 08:23 - 26257650 _____ C:\Users\User\Downloads\DeThiennes_7_01.tif 2017-06-14 08:23 - 2017-06-14 08:23 - 26160180 _____ C:\Users\User\Downloads\DeThiennes_7_08.tif 2017-06-14 08:23 - 2017-06-14 08:23 - 26160180 _____ C:\Users\User\Downloads\DeThiennes_7_07.tif 2017-06-14 06:41 - 2017-06-14 06:41 - 00000000 ____D C:\Users\User\AppData\Local\{40216E35-D7CC-4794-A491-1C54D7B85A88} 2017-06-13 08:11 - 2017-06-13 08:11 - 00000000 ____D C:\Users\User\AppData\Local\{A9F82B0C-0029-440D-8887-9B8F017B71C5} 2017-06-12 08:55 - 2017-06-12 08:55 - 00000000 ____D C:\Users\User\AppData\Local\{BBC81083-EE98-4113-820C-1E01FE2546BA} 2017-06-11 23:26 - 2017-06-11 23:26 - 00000000 ____D C:\Users\User\AppData\Local\{B22548F3-563E-48AF-90C7-8DF1ED264EFC} 2017-06-11 23:07 - 2017-06-11 23:07 - 00000000 ____D C:\Users\User\AppData\Local\{952EFEDF-4C2C-4BE0-BD02-585C0EE4265C} 2017-06-10 22:48 - 2017-06-10 22:48 - 00000000 ____D C:\Users\User\AppData\Local\{AA28D138-75EB-4740-AE52-E7A447B1BEF8} 2017-06-09 13:10 - 2017-06-09 13:10 - 00002138 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2017-06-09 13:10 - 2017-06-09 13:10 - 00000000 ____D C:\Users\User\AppData\Local\{EB268B17-3F80-4714-94A2-576A42E39730} 2017-06-09 13:10 - 2017-06-09 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2017-06-09 13:09 - 2017-06-09 13:09 - 00000000 ____D C:\Users\User\AppData\Local\NVIDIA 2017-06-09 13:05 - 2016-12-09 11:53 - 00091832 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2017-06-09 13:05 - 2016-12-09 11:53 - 00076864 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2017-06-09 13:05 - 2016-11-14 11:45 - 00615992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-06-09 13:04 - 2017-06-09 13:06 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-06-06 23:09 - 2017-06-06 23:11 - 00000000 ____D C:\Users\User\AppData\Local\{BF22F642-0931-42B2-9BF3-4E7F57149F58} 2017-06-06 20:59 - 2017-06-06 20:59 - 00000000 ____D C:\Users\User\AppData\Local\{FDACCC0E-C29D-457E-8563-B76D38B3756D} 2017-06-06 12:04 - 2017-06-06 12:04 - 00000000 ____D C:\Users\User\AppData\Local\{455C1D38-8563-4EB2-841A-79D987A984D8} 2017-06-06 08:10 - 2017-06-06 08:10 - 00000000 ____D C:\Users\User\AppData\Local\{18BB85F9-63DB-4968-B8F0-E424C2A5374B} 2017-06-06 08:04 - 2017-06-06 08:04 - 00000000 ____D C:\Users\User\AppData\Local\{1E18D598-315D-4FFC-A373-E22008413227} 2017-06-05 20:04 - 2017-06-05 20:04 - 00000000 ____D C:\Users\User\AppData\Local\{369B0BBF-74C0-4C15-9AA2-41DD361E9995} 2017-06-05 08:53 - 2017-06-27 08:36 - 00000000 ____D C:\Users\User\Documents\Materiaal 15 2017-06-04 22:12 - 2017-06-04 22:12 - 00000000 ____D C:\Users\User\AppData\Local\{02562C1A-857E-437D-AE81-0FA1F9F39582} 2017-06-03 19:03 - 2017-06-03 19:03 - 00000000 ____D C:\Users\User\AppData\Local\{03B9A218-0E0C-4636-96DA-97E6902B0259} 2017-06-03 09:26 - 2017-06-03 09:26 - 00000000 ____D C:\Users\User\AppData\Local\{9D067C60-C601-4377-9396-BDCAC24B20DF} 2017-06-03 08:30 - 2017-06-03 08:30 - 00000000 ____D C:\Users\User\AppData\Local\{4DB35ACC-6835-4EBE-9D00-81906374900E} 2017-06-02 19:37 - 2017-06-02 19:37 - 00000000 ____D C:\Users\User\AppData\Local\{04944E35-FFC5-4ED2-B759-FC2B0A21A2EF} 2017-06-01 22:31 - 2017-06-01 22:31 - 00000000 ____D C:\Users\User\AppData\Local\{F6134807-E71E-40B1-B972-D1230495F3F7} 2017-05-31 22:26 - 2017-05-31 22:26 - 00000000 ____D C:\Users\User\AppData\Local\{722D188B-AFE4-42B8-BD4E-3913C3498428} 2017-05-30 22:22 - 2017-05-30 22:24 - 00000000 ____D C:\Users\User\AppData\Local\{66FF559C-0ACA-46EC-A87B-AE1DC9CA5969} 2017-05-29 11:11 - 2017-05-29 11:11 - 00000000 ____D C:\Users\User\AppData\Local\{C3E58CCA-FECA-4292-92EF-72BEF581F697} 2017-05-28 22:09 - 2017-05-28 22:09 - 00000000 ____D C:\Users\User\AppData\Local\{ADEFD192-4E3F-4C68-9FB2-0FE08E133577} ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-06-27 12:27 - 2012-03-14 09:49 - 00000000 ____D C:\Program Files\Google 2017-06-27 12:27 - 2012-03-14 09:49 - 00000000 ____D C:\Program Files (x86)\Google 2017-06-27 12:09 - 2012-03-19 14:15 - 00000000 ____D C:\Users\User\Documents\e-mails 2017-06-27 08:47 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\Materiaal 5 2017-06-27 08:46 - 2012-03-19 14:18 - 00000000 ____D C:\Users\User\Documents\mijn foto's voor ebay (2) 2017-06-27 08:36 - 2016-05-09 21:55 - 00000000 ____D C:\Users\User\Documents\foto's cactussen 4 (vanaf 2016) 2017-06-27 08:35 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\foto's cactussen voor picasa 2017-06-27 08:33 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\Materiaal 6 2017-06-27 07:49 - 2017-01-20 11:50 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics 2017-06-27 07:09 - 2012-03-19 14:15 - 00000000 ____D C:\Users\User\Documents\ebay 2017-06-26 11:52 - 2015-12-25 19:24 - 00000000 ____D C:\Aldfaer 2017-06-26 00:04 - 2017-05-18 21:29 - 00000000 ____D C:\Users\User\Documents\Materiaal Rumbeke de Thiennes 2017-06-25 23:48 - 2012-03-19 14:15 - 00000000 ____D C:\Users\User\Documents\computeren 2017-06-25 23:48 - 2012-03-19 14:08 - 00000000 ____D C:\Users\User\Documents\cactussen 2017-06-24 10:19 - 2017-03-24 22:56 - 00000000 ____D C:\Users\User\Documents\Materiaal 11 (pareit) 2017-06-24 10:19 - 2012-03-19 14:05 - 00000000 ____D C:\Users\User\Documents\Natuur en tuin (2) 2017-06-24 08:57 - 2016-07-05 21:22 - 02136558 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-06-24 08:57 - 2016-04-27 08:05 - 00928666 _____ C:\WINDOWS\system32\perfh013.dat 2017-06-24 08:57 - 2016-04-27 08:05 - 00203836 _____ C:\WINDOWS\system32\perfc013.dat 2017-06-24 08:57 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2017-06-24 08:52 - 2016-07-05 21:19 - 00000000 ____D C:\ProgramData\NVIDIA 2017-06-24 08:52 - 2016-04-27 08:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-06-24 08:51 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2017-06-24 08:30 - 2015-04-03 09:56 - 00000000 ____D C:\Users\User\Documents\kleinfruit 2017-06-24 08:06 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2017-06-24 08:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-06-23 12:15 - 2016-12-30 23:48 - 00003272 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-06-23 12:15 - 2016-07-05 21:58 - 00002425 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-06-23 12:15 - 2016-07-05 21:58 - 00000000 ___RD C:\Users\User\OneDrive 2017-06-19 13:32 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\huishouden 2017-06-15 08:39 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\foto's cactussen ziekten en problemen 2017-06-14 13:38 - 2012-03-19 14:16 - 00000000 ____D C:\Users\User\Documents\fietsen en wandelen 2017-06-14 13:01 - 2012-03-19 14:16 - 00000000 ____D C:\Users\User\Documents\foto's cactussen 2017-06-12 17:07 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\Materiaal 4 2017-06-10 23:14 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\Materiaal 3 2017-06-10 23:07 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\Materiaal 2 2017-06-09 13:06 - 2016-07-05 21:19 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-06-09 13:06 - 2016-07-05 21:19 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-06-09 13:06 - 2011-08-11 23:24 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-06-08 23:34 - 2012-06-26 21:44 - 00000000 ____D C:\Users\User\Documents\Materiaal Menen 2017-06-07 09:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-06-03 19:21 - 2016-07-05 21:55 - 00000000 ____D C:\Users\User\AppData\Local\Packages 2017-06-02 19:58 - 2012-03-19 14:05 - 00000000 ____D C:\Users\User\Documents\politiek 2017-05-31 09:29 - 2012-03-14 09:49 - 00002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-31 09:29 - 2012-03-14 09:49 - 00002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-31 08:50 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\Materiaal 8 2017-05-30 22:45 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-05-29 22:59 - 2017-04-18 14:25 - 00000000 ____D C:\Users\User\Documents\Materiaal 13 2017-05-29 22:55 - 2012-03-19 14:17 - 00000000 ____D C:\Users\User\Documents\Map met losse documenten 2017-05-29 12:20 - 2012-03-19 14:18 - 00000000 ____D C:\Users\User\Documents\mijn foto's voor ebay (1) ==================== Bestanden in de root van sommige mappen ======= 2015-09-08 08:09 - 2015-09-08 08:09 - 6420480 _____ () C:\Program Files (x86)\GUT2128.tmp ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-06-22 17:36 ==================== Eind van FRST.txt ============================