Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 24.02.2018 Gestart door Niek (Beheerder) op SCHOOL-PC (25-02-2018 18:46:39) Gestart vanaf C:\Users\Niek\Downloads Geladen Profielen: Niek (Beschikbare Profielen: Niek) Platform: Windows 10 Home Versie 1703 15063.786 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe (HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Niek\Downloads\FRST64 (1).exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-01-25] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [295512 2018-01-14] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-01-25] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2187336 2017-12-26] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKU\S-1-5-21-4169251764-2817220720-793182994-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Niek\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.) HKU\S-1-5-21-4169251764-2817220720-793182994-1001\...\MountPoints2: {8c14d1a7-5a8d-11e7-bf21-20689dc52a09} - "E:\HTC_Sync_Manager_PC.exe" ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.250 Tcpip\..\Interfaces\{2f886bfc-d69e-481d-b4bb-c4e472ee3a25}: [DhcpNameServer] 172.16.10.88 172.16.10.89 Tcpip\..\Interfaces\{6fbfba01-32af-4a04-b122-17ef3d0b9d99}: [DhcpNameServer] 192.168.1.250 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/8 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/8 HKU\S-1-5-21-4169251764-2817220720-793182994-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BB8EBCD61-AA00-4EA5-9B7B-4484B970AB18%7D&mid=ef72c22c85b147cf9d54f121db21c3fa-6df745111d17bed7d3579f9cc6e3d8b5f0b46985&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0516piz&pr=fr&d=2016-10-16%2017:39:07&v=4.3.6.255&pid=wtu&sg=&sap=hp HKU\S-1-5-21-4169251764-2817220720-793182994-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/8 SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-4169251764-2817220720-793182994-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B8EBCD61-AA00-4EA5-9B7B-4484B970AB18}&mid=ef72c22c85b147cf9d54f121db21c3fa-6df745111d17bed7d3579f9cc6e3d8b5f0b46985&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0516piz&pr=fr&d=2016-10-16 17:39:07&v=4.3.9.605&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-4169251764-2817220720-793182994-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4169251764-2817220720-793182994-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={B8EBCD61-AA00-4EA5-9B7B-4484B970AB18}&mid=ef72c22c85b147cf9d54f121db21c3fa-6df745111d17bed7d3579f9cc6e3d8b5f0b46985&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0516piz&pr=fr&d=2016-10-16 17:39:07&v=4.3.9.605&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-4169251764-2817220720-793182994-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll [2017-12-26] (AVG) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-18] (Oracle Corporation) BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll [2017-12-26] (AVG) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-18] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) FireFox: ======== FF ProfilePath: C:\Users\Niek\AppData\Roaming\Mozilla\Firefox\Profiles\TLlS6Kme.default [2017-12-26] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [Geen bestand] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-14] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-14] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxps://www.google.nl/" CHR Profile: C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default [2018-02-25] CHR Extension: (Documenten) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15] CHR Extension: (Google Drive) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28] CHR Extension: (Google Search) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Offline Documenten) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-18] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23] CHR Extension: (Gmail) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR Extension: (Chrome Media Router) - C:\Users\Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-25] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-4169251764-2817220720-793182994-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-07] (Windows (R) Win 7 DDK provider) [Bestand niet getekend] R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [301720 2018-01-14] (AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7589200 2018-01-14] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-01-25] (AVG Technologies CZ, s.r.o.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.) R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-24] (HP Inc.) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Bestand niet getekend] R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Bestand niet getekend] R2 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-09-14] (Intel Corporation) S4 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-09-14] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 osrss; C:\WINDOWS\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5614592 2018-01-22] (AVG Technologies CZ, s.r.o.) R2 vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1365064 2017-12-26] (AVG Secure Search) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-12-26] () ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [177536 2018-01-14] (AVG Technologies CZ, s.r.o.) R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166624 2018-01-14] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [315152 2018-01-14] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [193096 2018-01-14] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [337408 2018-01-14] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51336 2018-01-14] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39424 2018-01-14] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [139112 2018-01-14] (AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [102792 2018-01-14] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76832 2018-01-14] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1017624 2018-01-14] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [450360 2018-01-14] (AVG Technologies CZ, s.r.o.) R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [196904 2018-01-14] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [351128 2018-01-14] (AVG Technologies CZ, s.r.o.) S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-09-11] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-09-11] (Symantec Corporation) R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek ) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2018-02-25 18:46 - 2018-02-25 18:47 - 000021514 _____ C:\Users\Niek\Downloads\FRST.txt 2018-02-25 18:46 - 2018-02-25 18:46 - 000000000 ____D C:\FRST 2018-02-25 18:45 - 2018-02-25 18:46 - 002403328 _____ (Farbar) C:\Users\Niek\Downloads\FRST64 (1).exe 2018-02-25 18:45 - 2018-02-25 18:45 - 002403328 _____ (Farbar) C:\Users\Niek\Downloads\FRST64.exe 2018-02-25 17:28 - 2018-02-25 17:28 - 000000000 ____D C:\WINDOWS\UpdateAssistant 2018-02-21 18:57 - 2018-02-25 17:24 - 000003158 _____ C:\WINDOWS\System32\Tasks\Driver Updater_Logon 2018-02-21 18:57 - 2018-02-21 18:57 - 000000002 _____ C:\Users\Niek\AppData\Roaming\acc.txt 2018-02-21 18:56 - 2018-02-21 18:56 - 000000000 ____D C:\Users\Niek\AppData\Roaming\driverdetails.com 2018-02-21 18:56 - 2018-02-21 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Updater 2018-02-21 18:56 - 2018-02-21 18:56 - 000000000 ____D C:\Program Files\Driver Updater 2018-02-21 18:54 - 2018-02-25 17:24 - 000003200 _____ C:\WINDOWS\System32\Tasks\PC~Fixer~Pro~2018_Logon 2018-02-21 18:54 - 2018-02-21 19:00 - 000000000 ____D C:\ProgramData\PC~Fixer~Pro~2018 for SCHOOL-PC 2018-02-21 18:54 - 2018-02-21 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC~Fixer~Pro~2018 for SCHOOL-PC 2018-02-21 18:54 - 2018-02-21 19:00 - 000000000 ____D C:\Program Files\PC~Fixer~Pro~2018 for SCHOOL-PC 2018-02-21 18:54 - 2018-02-21 18:57 - 000000000 ____D C:\Users\Niek\AppData\Roaming\PC~Fixer~Pro~2018 For SCHOOL-PC 2018-02-21 18:53 - 2018-02-21 18:53 - 005152544 _____ ( ) C:\Users\Niek\Downloads\syssetup.exe 2018-02-20 20:52 - 2018-02-20 20:52 - 000485363 _____ C:\Users\Niek\Downloads\Verkiezingsprogramma D66 Etten-Leur - Energie in vooruitgang.pdf 2018-02-17 13:17 - 2018-02-17 13:18 - 042248016 _____ (Citrix Systems, Inc.) C:\Users\Niek\Downloads\CitrixReceiverWeb (1).exe 2018-02-14 19:26 - 2018-01-18 01:05 - 000108584 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll 2018-02-14 17:24 - 2018-02-14 17:24 - 000021557 _____ C:\Users\Niek\Downloads\T-Mobile_Factuur_20180214.pdf 2018-02-14 17:11 - 2018-02-14 17:11 - 000014277 _____ C:\Users\Niek\Downloads\Salarisstrook-1025541-2018-2 (1).pdf 2018-02-13 17:26 - 2018-02-13 17:26 - 000014277 _____ C:\Users\Niek\Downloads\Salarisstrook-1025541-2018-2.pdf 2018-02-02 17:40 - 2018-01-01 02:41 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2018-02-02 17:40 - 2018-01-01 02:40 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2018-02-02 17:40 - 2018-01-01 02:40 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2018-02-02 17:40 - 2018-01-01 02:39 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2018-02-02 17:40 - 2018-01-01 02:38 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2018-02-02 17:40 - 2018-01-01 02:35 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2018-02-02 17:40 - 2018-01-01 02:30 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2018-01-31 19:08 - 2018-01-31 19:08 - 042248016 _____ (Citrix Systems, Inc.) C:\Users\Niek\Downloads\CitrixReceiverWeb.exe 2018-01-29 17:26 - 2018-01-29 17:26 - 000142414 _____ C:\Users\Niek\Downloads\AANKONDIGING PENSIOENLEEFTIJD 68 (1).pdf 2018-01-29 17:25 - 2018-01-29 17:25 - 000142414 _____ C:\Users\Niek\Downloads\AANKONDIGING PENSIOENLEEFTIJD 68.pdf 2018-01-29 17:23 - 2018-01-29 17:23 - 000085910 _____ C:\Users\Niek\Downloads\Jaaropgave werknemer.pdf ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2018-02-25 18:43 - 2017-08-18 12:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-02-25 18:06 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF 2018-02-25 18:01 - 2017-08-18 12:37 - 000004184 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61A7EC66-F28C-4DF4-904F-A013ED2F7765} 2018-02-25 17:21 - 2015-08-04 20:29 - 000000000 __SHD C:\Users\Niek\IntelGraphicsProfiles 2018-02-25 17:20 - 2017-08-18 12:13 - 000000000 ____D C:\Users\Niek 2018-02-25 17:19 - 2017-08-18 12:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-02-25 15:13 - 2018-01-17 19:43 - 000000000 ____D C:\Program Files\rempl 2018-02-25 15:11 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-02-25 13:38 - 2018-01-17 17:58 - 000000000 ____D C:\Users\Niek\Desktop\HTC one m8s 2018-02-24 18:00 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps 2018-02-24 18:00 - 2013-09-14 19:29 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-24 18:00 - 2013-09-14 19:29 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-02-24 17:51 - 2017-08-18 12:37 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task 2018-02-21 19:17 - 2015-09-12 15:59 - 000000000 ____D C:\Users\Niek\Desktop\Bevers 2018-02-20 21:03 - 2017-09-30 18:32 - 000000000 ___HD C:\$WINDOWS.~BT 2018-02-20 21:03 - 2017-08-11 18:22 - 000000000 ___DC C:\WINDOWS\Panther 2018-02-18 21:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Registration 2018-02-18 21:25 - 2017-08-18 12:48 - 000026673 _____ C:\WINDOWS\diagwrn.xml 2018-02-18 21:25 - 2017-08-18 12:48 - 000026673 _____ C:\WINDOWS\diagerr.xml 2018-02-14 19:49 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2018-02-14 19:30 - 2013-09-22 17:14 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-02-14 19:26 - 2017-10-15 18:44 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-02-14 19:26 - 2013-09-22 17:14 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-02-04 21:16 - 2017-08-18 12:37 - 000004282 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update 2018-02-04 14:15 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache 2018-02-02 17:44 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-01-31 19:19 - 2017-08-18 12:37 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4169251764-2817220720-793182994-1001 2018-01-31 19:19 - 2015-08-04 20:35 - 000002423 _____ C:\Users\Niek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-01-31 19:19 - 2014-01-25 16:49 - 000000000 __RDO C:\Users\Niek\SkyDrive 2018-01-31 19:17 - 2016-10-16 16:11 - 000000000 ____D C:\Program Files (x86)\AVG 2018-01-31 19:17 - 2016-10-16 16:10 - 000000000 ____D C:\ProgramData\Avg ==================== Bestanden in de root van sommige mappen ======= 2013-09-11 18:55 - 2013-09-22 18:16 - 000002213 _____ () C:\Users\Niek\AppData\Roaming\AbsoluteReminder.xml 2018-02-21 18:57 - 2018-02-21 18:57 - 000000002 _____ () C:\Users\Niek\AppData\Roaming\acc.txt ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-02-25 13:28 ==================== Eind van FRST.txt ============================