Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 21.01.2018 Gestart door Eigenaar (Beheerder) op RAY-PC (23-01-2018 11:59:11) Gestart vanaf D:\MIJN DOCUMENTEN\ALLE SNELKOPPELINGEN Geladen Profielen: Eigenaar (Beschikbare Profielen: Eigenaar) Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (AMD) C:\Windows\System32\atiesrxx.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (AMD) C:\Windows\System32\atieclxx.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (M-Audio) C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\ns.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe (AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\ns.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ESET spol. s r.o.) C:\Users\Eigenaar\AppData\Local\ESET\ESETOnlineScanner\esetonlinescanner_enu_upd.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Users\Eigenaar\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\Eigenaar\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\Eigenaar\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\Eigenaar\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Users\Eigenaar\AppData\Local\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor) HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (AimerSoft) HKLM\...\RunOnce: [123_1040980229422] => C:\Program Files (x86)\LMIR0002.tmp_r.bat [520 2018-01-23] () HKU\S-1-5-21-3003377172-2765754124-3774478947-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd) HKU\S-1-5-21-3003377172-2765754124-3774478947-1000\...\RunOnce: [123_1034833229422] => C:\Users\Eigenaar\AppData\Local\LMIR0001.tmp_r.bat [533 2018-01-23] () HKU\S-1-5-21-3003377172-2765754124-3774478947-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-24] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 89.101.251.229 89.101.251.228 Tcpip\..\Interfaces\{A16F021E-37B5-4249-B850-84B7BD664880}: [DhcpNameServer] 89.101.251.229 89.101.251.228 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage HKU\S-1-5-21-3003377172-2765754124-3774478947-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3003377172-2765754124-3774478947-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES007&pc=UE06 HKU\S-1-5-21-3003377172-2765754124-3774478947-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKU\S-1-5-21-3003377172-2765754124-3774478947-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope waarde ontbreekt SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt SearchScopes: HKU\S-1-5-21-3003377172-2765754124-3774478947-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1000&geo=NL&ver=22.11.2.7&locale=nl_NL&guid=B20FC5C1-4E05-43A2-9777-FAD9B4D1D67E&doi=2016-09-01&gct=kwd&qsrc=2869 BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-11] (Symantec Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Geen Naam -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Geen bestand BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-11] (Symantec Corporation) BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-11] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-11] (Symantec Corporation) Toolbar: HKU\S-1-5-21-3003377172-2765754124-3774478947-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-11] (Symantec Corporation) Handler: WSKVAllmytubechrome - Geen CLSID Waarde Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-08-11] (Citrix Systems, Inc.) FireFox: ======== FF DefaultProfile: c5ysnbs8.default-1472642198637-1516555076000 FF ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000 [2018-01-23] FF Homepage: Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000 -> hxxps://www.google.nl/ FF Extension: (Disconnect) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000\Extensions\2.0@disconnect.me.xpi [2018-01-21] FF Extension: (Translate Now) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000\Extensions\@translatenow.xpi [2018-01-21] FF Extension: (Video Downloader Prime) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000\Extensions\jid1-i6dUGvCrz2WZu8@jetpack.xpi [2018-01-21] FF Extension: (I don't care about cookies) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2018-01-21] FF Extension: (Privacy Badger) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2018-01-21] FF Extension: (Google Translator for Firefox) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000\Extensions\translator@zoli.bod.xpi [2018-01-21] FF Extension: (Video DownloadHelper) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-21] FF Extension: (Adblock Plus) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\c5ysnbs8.default-1472642198637-1516555076000\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-21] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-08] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) StartMenuInternet: Firefox-D0279B933562B85B - C:\Users\Eigenaar\AppData\Local\Mozilla Firefox\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default [2018-01-21] CHR Extension: (Google Presentaties) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-09] CHR Extension: (Google Documenten) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-09] CHR Extension: (Google Drive) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-09] CHR Extension: (YouTube) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-09] CHR Extension: (Norton Security Toolbar) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-04-03] CHR Extension: (Google Search) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-09] CHR Extension: (Google Spreadsheets) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-09] CHR Extension: (Offline Documenten) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-03] CHR Extension: (Norton Identity Safe) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-03-09] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-03] CHR Extension: (Gmail) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-09] CHR Extension: (Chrome Media Router) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-03] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKU\S-1-5-21-3003377172-2765754124-3774478947-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-03-30] (Ellora Assets Corp.) [Bestand niet getekend] S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) R2 MIDISPORTAudioDevMon; C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe [1638704 2012-02-24] (M-Audio) R2 NS; C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-11] (Symantec Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-03-07] (Microsoft Corporation) R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [692680 2017-06-29] (Wacom Technology, Corp.) S2 EraserSvc11720; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NS.exe" /h ccCommon [X] S3 WsDrvInst; "C:\Program Files (x86)\Keepvid\KeepVid KeepVid Pro\DriverInstall.exe" [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2015-03-07] (Microsoft Corporation) <==== AANDACHT (geen ServiceDLL) R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\BASHDefs\20180117.007\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation) R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-11] (Symantec Corporation) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [227456 2014-04-08] (Dexetek ) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-01-04] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [152656 2018-01-04] (Symantec Corporation) R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-03-11] (Acronis International GmbH) R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\IPSDefs\20180122.001\IDSvia64.sys [1056920 2017-10-14] (Symantec Corporation) S3 kemper; C:\Windows\System32\DRIVERS\kemper.sys [82640 2017-08-08] (Kemper GmbH) S3 MADFUMIDISPORT2010; C:\Windows\System32\DRIVERS\MAudioMIDISPORT_DFU.sys [30512 2012-02-24] (M-Audio) R3 MAUSBMIDISPORT; C:\Windows\System32\DRIVERS\MAudioMIDISPORT.sys [201008 2012-02-24] (M-Audio) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-21] (Malwarebytes) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [Bestand niet getekend] S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () R1 SRTSP; C:\Windows\System32\Drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-11] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-11] (Symantec Corporation) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) R0 SymEFASI; C:\Windows\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-11] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-11-18] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-11] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-11] (Symantec Corporation) R2 tib; C:\Windows\System32\DRIVERS\tib.sys [1058632 2015-07-21] (Acronis International GmbH) R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248648 2015-07-21] (Acronis International GmbH) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2017-08-07] () S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2016-06-15] (SplitmediaLabs Limited) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz134; \??\C:\Users\Eigenaar\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== AANDACHT S3 gwiopm; \??\C:\Users\Eigenaar\AppData\Local\Temp\HBCD\gwiopm.sys [X] <==== AANDACHT S3 hitmanpro37; \??\C:\windows\system32\drivers\hitmanpro37.sys [X] S3 NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\SDSDefs\20170709.017\NAVENG.SYS [X] S3 NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.3.13\Definitions\SDSDefs\20170709.017\NAVEX15.SYS [X] U4 sr; geen ImagePath S3 utqwotq4; \??\C:\Windows\system32\Drivers\utqwotq4.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2018-01-23 10:50 - 2018-01-23 10:50 - 000000715 _____ C:\Program Files (x86)\LMIR0002.tmp.bat 2018-01-23 10:50 - 2018-01-23 10:50 - 000000533 _____ C:\Users\Eigenaar\AppData\Local\LMIR0001.tmp_r.bat 2018-01-23 10:50 - 2018-01-23 10:50 - 000000520 _____ C:\Program Files (x86)\LMIR0002.tmp_r.bat 2018-01-23 10:02 - 2018-01-23 10:02 - 000000000 ____D C:\Windows\System32\Tasks\Remediation 2018-01-23 09:59 - 2018-01-23 09:59 - 000000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet 2018-01-22 16:24 - 2018-01-22 16:24 - 000003202 _____ C:\Windows\System32\Tasks\{4F85C2E9-BBB2-4B42-B3F7-FDB5AE71EAEB} 2018-01-21 21:03 - 2018-01-21 21:03 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-01-21 21:03 - 2018-01-21 21:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-01-21 21:03 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys 2018-01-21 15:09 - 2018-01-21 15:09 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2018-01-21 15:09 - 2018-01-21 15:09 - 000000000 ____D C:\Program Files (x86)\VS Revo Group 2018-01-21 11:16 - 2018-01-23 11:59 - 000000000 ____D C:\FRST 2018-01-21 10:16 - 2018-01-21 21:01 - 000000000 ____D C:\AdwCleaner 2018-01-21 00:17 - 2018-01-21 00:19 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2018-01-17 23:47 - 2018-01-17 23:47 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\SplitMediaLabs 2018-01-17 23:44 - 2018-01-17 23:44 - 000000000 ____D C:\ProgramData\SplitMediaLabs 2018-01-17 23:44 - 2018-01-17 23:44 - 000000000 ____D C:\Program Files (x86)\SplitmediaLabs 2018-01-17 23:42 - 2018-01-17 23:42 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\SplitmediaLabs 2018-01-17 11:49 - 2018-01-23 11:45 - 000000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2018-01-17 11:49 - 2018-01-17 11:49 - 000796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-01-17 11:49 - 2018-01-17 11:49 - 000142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-01-17 11:49 - 2018-01-17 11:49 - 000003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-01-16 10:00 - 2018-01-16 10:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom-tablet 2018-01-02 14:36 - 2018-01-02 14:36 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\Ant.com 2018-01-02 12:42 - 2018-01-17 23:34 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\Mozilla Firefox 2018-01-02 10:22 - 2018-01-02 10:22 - 000000000 ____D C:\Users\Eigenaar\.cache 2018-01-01 21:37 - 2018-01-01 21:37 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\Keepvid 2018-01-01 21:37 - 2018-01-01 21:37 - 000000000 ____D C:\ProgramData\Aimersoft 2018-01-01 21:36 - 2018-01-01 21:36 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\Aimersoft 2018-01-01 21:35 - 2018-01-01 21:35 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\KeepVid 2018-01-01 21:35 - 2018-01-01 21:35 - 000000000 ____D C:\ProgramData\KeepVid 2017-12-27 16:31 - 2017-12-27 16:31 - 000004096 _____ C:\Users\Eigenaar\AppData\Local\keyfile3.drm 2017-12-25 16:45 - 2017-12-25 16:45 - 007761408 _____ (Mathias Svensson) C:\Program Files (x86)\MultiCommander.exe 2017-12-25 16:41 - 2017-12-25 16:41 - 000821248 _____ (Multi Commander) C:\Program Files (x86)\MultiUpdate.exe 2017-12-25 16:41 - 2017-12-25 16:41 - 000424448 _____ C:\Program Files (x86)\MultiCrashReport.exe 2017-12-25 16:41 - 2017-12-25 16:41 - 000317952 _____ (MultiCommander) C:\Program Files (x86)\MCAdmin.exe 2017-12-25 16:01 - 2017-12-25 16:01 - 000115045 _____ C:\Program Files (x86)\ChangeLog.txt ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2018-01-23 11:46 - 2016-11-17 15:42 - 000000000 ____D C:\Users\Eigenaar\AppData\LocalLow\Mozilla 2018-01-23 11:45 - 2017-07-21 09:30 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\WTablet 2018-01-23 10:44 - 2016-03-04 10:49 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\NPE 2018-01-23 10:27 - 2017-09-03 09:09 - 000000000 ____D C:\Program Files (x86)\ffdshow 2018-01-23 09:26 - 2015-04-04 15:31 - 000001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2018-01-22 16:23 - 2009-07-14 05:45 - 000029120 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-01-22 16:23 - 2009-07-14 05:45 - 000029120 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-01-22 13:28 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-01-22 05:46 - 2010-11-21 17:48 - 000702258 _____ C:\Windows\system32\perfh013.dat 2018-01-22 05:46 - 2010-11-21 17:48 - 000137952 _____ C:\Windows\system32\perfc013.dat 2018-01-22 05:46 - 2009-07-14 06:13 - 001594066 _____ C:\Windows\system32\PerfStringBackup.INI 2018-01-22 05:46 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-01-21 23:13 - 2017-09-25 15:04 - 000000000 ____D C:\ProgramData\Zoom Player 2018-01-21 21:03 - 2017-04-17 10:29 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-01-21 00:52 - 2017-02-23 17:04 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\vlc 2018-01-17 23:09 - 2017-10-25 09:55 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-01-16 09:59 - 2017-07-21 09:30 - 000000000 ____D C:\Program Files\Tablet 2018-01-15 12:47 - 2015-05-12 23:19 - 000084618 _____ (Mathias Svensson) C:\Program Files (x86)\Uninstall MultiCommander.exe 2018-01-15 12:47 - 2015-05-12 23:19 - 000000000 ____D C:\Program Files (x86)\Languages 2018-01-14 16:02 - 2015-03-14 01:31 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\ElevatedDiagnostics 2018-01-14 09:37 - 2015-03-17 13:27 - 000000000 ____D C:\Users\Eigenaar\dwhelper 2018-01-13 11:01 - 2015-11-20 20:15 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\CrashDumps 2018-01-06 07:12 - 2015-04-04 15:31 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-01-03 06:12 - 2015-03-11 13:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-01-02 12:45 - 2015-11-13 23:35 - 000001257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2018-01-02 12:42 - 2016-05-05 22:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-01-02 12:26 - 2015-06-12 09:26 - 000000000 ____D C:\Program Files\Recuva 2018-01-02 10:22 - 2015-03-10 21:38 - 000000000 ____D C:\Users\Eigenaar 2017-12-27 23:30 - 2017-11-15 22:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Directory Lister 64bit 2017-12-27 23:30 - 2017-11-15 22:50 - 000000000 ____D C:\Program Files\Directory Lister ==================== Bestanden in de root van sommige mappen ======= 2017-12-25 16:01 - 2017-12-25 16:01 - 000115045 _____ () C:\Program Files (x86)\ChangeLog.txt 2018-01-23 10:50 - 2018-01-23 10:50 - 000000715 _____ () C:\Program Files (x86)\LMIR0002.tmp.bat 2018-01-23 10:50 - 2018-01-23 10:50 - 000000520 _____ () C:\Program Files (x86)\LMIR0002.tmp_r.bat 2017-12-25 16:41 - 2017-12-25 16:41 - 000317952 _____ (MultiCommander) C:\Program Files (x86)\MCAdmin.exe 2017-11-04 18:02 - 2017-11-04 18:02 - 001161216 _____ () C:\Program Files (x86)\MCIcons.dll 2017-12-25 16:45 - 2017-12-25 16:45 - 007761408 _____ (Mathias Svensson) C:\Program Files (x86)\MultiCommander.exe 2017-12-25 16:41 - 2017-12-25 16:41 - 000424448 _____ () C:\Program Files (x86)\MultiCrashReport.exe 2017-12-25 16:41 - 2017-12-25 16:41 - 000821248 _____ (Multi Commander) C:\Program Files (x86)\MultiUpdate.exe 2015-05-12 23:19 - 2018-01-15 12:47 - 000084618 _____ (Mathias Svensson) C:\Program Files (x86)\Uninstall MultiCommander.exe 2016-11-13 09:32 - 2016-11-13 09:32 - 000000052 _____ () C:\Users\Eigenaar\AppData\Roaming\GPACgpac_pl.m3u 2016-11-07 10:22 - 2016-11-07 10:22 - 000007859 _____ () C:\Users\Eigenaar\AppData\Roaming\pcouffin.cat 2016-11-07 10:22 - 2016-11-07 10:22 - 000001167 _____ () C:\Users\Eigenaar\AppData\Roaming\pcouffin.inf 2016-11-07 10:22 - 2016-11-07 10:22 - 000000055 _____ () C:\Users\Eigenaar\AppData\Roaming\pcouffin.log 2016-11-07 10:22 - 2016-11-07 10:22 - 000082816 _____ (VSO Software) C:\Users\Eigenaar\AppData\Roaming\pcouffin.sys 2015-12-31 14:51 - 2016-01-20 11:51 - 000001181 _____ () C:\Users\Eigenaar\AppData\Roaming\trace_FilterInstaller.1.txt 2015-12-31 14:51 - 2016-01-07 15:07 - 000001181 _____ () C:\Users\Eigenaar\AppData\Roaming\trace_FilterInstaller.2.txt 2015-12-31 14:51 - 2016-01-07 10:07 - 000001181 _____ () C:\Users\Eigenaar\AppData\Roaming\trace_FilterInstaller.3.txt 2015-12-31 14:51 - 2015-12-31 14:58 - 000001181 _____ () C:\Users\Eigenaar\AppData\Roaming\trace_FilterInstaller.4.txt 2015-12-31 14:51 - 2015-12-31 14:51 - 000001181 _____ () C:\Users\Eigenaar\AppData\Roaming\trace_FilterInstaller.5.txt 2015-12-31 14:51 - 2016-02-10 16:23 - 000000919 _____ () C:\Users\Eigenaar\AppData\Roaming\trace_FilterInstaller.txt 2015-12-31 14:51 - 2016-02-10 16:23 - 000000000 _____ () C:\Users\Eigenaar\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2015-03-15 10:08 - 2017-12-19 19:14 - 000050688 _____ () C:\Users\Eigenaar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-12-27 16:31 - 2017-12-27 16:31 - 000004096 _____ () C:\Users\Eigenaar\AppData\Local\keyfile3.drm 2018-01-23 10:50 - 2018-01-23 10:50 - 000000533 _____ () C:\Users\Eigenaar\AppData\Local\LMIR0001.tmp_r.bat 2017-11-07 17:32 - 2017-11-07 17:32 - 000006831 _____ () C:\Users\Eigenaar\AppData\Local\recently-used.xbel 2015-12-15 14:04 - 2015-12-15 14:04 - 000007626 _____ () C:\Users\Eigenaar\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\SysWOW64\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-01-18 11:11 ==================== Eind van FRST.txt ============================