Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 22-05-2017 Gestart door Jonathan (Beheerder) op POOP-LAPTOP (22-05-2017 23:50:56) Gestart vanaf C:\Users\Jonathan\AppData\Local\Microsoft\Windows\INetCache\IE\0IRE1HQ2 Geladen Profielen: Jonathan (Beschikbare Profielen: Jonathan) Platform: Windows 8.1 Pro (Update) (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe () C:\Program Files\CE\CovenantEyesCommService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (CovenantEyes) C:\Program Files\CE\CovenantEyesProxy.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Insyde Software Corp.) C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (CLEVO CO.) C:\Program Files (x86)\Hotkey\HotkeyService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe () C:\Program Files\CE\authServer.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Farbar) C:\Users\Jonathan\AppData\Local\Microsoft\Windows\INetCache\IE\0IRE1HQ2\FRST64[1].exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-08-27] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation) HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 HKLM\...\Run: [Covenant Eyes] => C:\Program Files\CE\CovenantEyes.exe [13598616 2016-12-09] () HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd) HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [tsnp2uvc] => C:\Windows\tsnp2uvc.exe [331776 2008-01-22] () HKU\S-1-5-21-2616087736-3813733752-4251558300-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd) HKU\S-1-5-21-2616087736-3813733752-4251558300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.) HKU\S-1-5-21-2616087736-3813733752-4251558300-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation) HKU\S-1-5-21-2616087736-3813733752-4251558300-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-11-21] (Microsoft Corporation) HKU\S-1-5-21-2616087736-3813733752-4251558300-1001\...\Run: [background_fault] => C:\Users\Jonathan\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-04] () <===== AANDACHT AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [181280 2017-01-25] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [158392 2017-01-25] (NVIDIA Corporation) IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe ShellExecuteHooks: Geen Naam - {5C88556C-03A1-11E7-ACF2-64006A5CFC23} - -> Geen bestand ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk [2016-03-07] ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\HkeyTray.exe (CLEVO CO.) GroupPolicy: Restrictie <======= AANDACHT GroupPolicy\User: Restrictie <======= AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76 Tcpip\..\Interfaces\{0F408AC6-F678-4666-861D-A50460FF1E83}: [DhcpNameServer] 192.168.2.254 195.121.1.34 195.121.1.66 Tcpip\..\Interfaces\{FC625167-8FB0-4474-8282-B37F31C37FC6}: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-2616087736-3813733752-4251558300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://solismail.uu.nl/ SearchScopes: HKLM -> DefaultScope waarde ontbreekt BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-28] (Oracle Corporation) BHO: Covenant Eyes for Internet Explorer -> {927BD2E1-2287-49D2-AE71-95F492CE662E} -> C:\Program Files\CE\extensions\ie\x64\IEExtension.dll [2016-12-09] (Covenant Eyes) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-28] (Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 2rergwub.default FF ProfilePath: C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\2rergwub.default [2017-05-22] FF Homepage: Mozilla\Firefox\Profiles\2rergwub.default -> google.nl FF Session Restore: Mozilla\Firefox\Profiles\2rergwub.default -> is ingeschakeld. FF Extension: (Adblock Plus) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\2rergwub.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24] FF HKLM-x32\...\Firefox\Extensions: [firefox-integrated-extension@covenanteyes.com] - C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com FF Extension: (Covenant Eyes) - C:\Program Files\CE\extensions\firefox\firefox-integrated-extension@covenanteyes.com [2016-12-28] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] () FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-28] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-28] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-03-07] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2016-03-07] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.mystarting123.com/search/index.php?q={searchTerms} CHR DefaultSearchKeyword: ChromeDefaultData -> mystarting123 CHR Profile: C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-05-18] <==== AANDACHT CHR Extension: (Google Presentaties) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-27] CHR Extension: (Google Documenten) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-27] CHR Extension: (Google Drive) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-27] CHR Extension: (YouTube) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27] CHR Extension: (Google Spreadsheets) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-27] CHR Extension: (Fair Ads (by STANDS)) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gagfkmknmijppikpcikmbbkdkhggcmge [2017-02-27] CHR Extension: (Offline Documenten) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-28] CHR Extension: (Fair AdBlocker (by STANDS)) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2017-05-04] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-13] CHR Extension: (Gmail) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-27] CHR Extension: (Chrome Media Router) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-18] CHR HKLM-x32\...\Chrome\Extension: [bfegkegffcbgpfmemahhkgnbkocmbain] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 Auth Service; C:\Program Files\CE\authServer.exe [6371224 2016-12-09] () S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-03-23] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-03-23] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-03-23] (AVG Technologies CZ, s.r.o.) S2 BIT; C:\ProgramData\BIT\BIT.dll [1857536 2017-05-18] () [Bestand niet getekend] <==== AANDACHT R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation) R2 CovenantEyesCommService; C:\Program Files\CE\CovenantEyesCommService.exe [7082392 2016-12-09] () R2 CovenantEyesProxy; C:\Program Files\CE\CovenantEyesProxy.exe [5242776 2016-11-28] (CovenantEyes) S2 CSHMDR; C:\Users\Jonathan\AppData\Local\CSHMDR\Snare.dll [832000 2017-05-18] () [Bestand niet getekend] <==== AANDACHT S2 CWASRE; C:\Users\Jonathan\AppData\Local\CWASRE\Snare.dll [830464 2017-05-16] () [Bestand niet getekend] <==== AANDACHT R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation) R2 HKClipSvc; C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe [254960 2015-05-27] (Insyde Software Corp.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [333280 2016-12-14] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] () S2 NPASRE; C:\Users\Jonathan\AppData\Local\NPASRE\Snare.dll [830464 2017-05-10] () [Bestand niet getekend] <==== AANDACHT R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation) R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [27136 2015-08-31] (CLEVO CO.) [Bestand niet getekend] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S2 WinAppSvr; C:\ProgramData\Microsoft\AppV\sym\dbg.dll [109056 2017-05-12] () [Bestand niet getekend] <==== AANDACHT S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) S2 WinSAPSvc; C:\Users\Jonathan\AppData\Roaming\WinSAPSvc\WinSAP.dll [1873920 2017-05-18] () [Bestand niet getekend] <==== AANDACHT R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.) R1 cewd64f; C:\Windows\system32\Drivers\cewd64f.sys [44592 2016-11-28] () [Bestand niet getekend] R1 cewd64r; C:\Windows\system32\Drivers\cewd64r.sys [55352 2016-11-28] () [Bestand niet getekend] R2 cewfp; C:\Windows\system32\Drivers\cewfp64.sys [56368 2016-11-28] (CovenantEyes) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-03-24] () R3 HKKbdFltr; C:\Windows\system32\DRIVERS\HKKbdFltr.sys [50392 2015-05-27] (Insyde Software Corp.) R3 HKMouFltr; C:\Windows\system32\DRIVERS\HKMouFltr.sys [48856 2015-05-27] (Insyde Software Corp.) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [734976 2016-11-19] (Intel Corporation) R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [186304 2017-04-11] (Malwarebytes) S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [111544 2017-04-12] (Malwarebytes) S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-04-13] (Malwarebytes) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-22] (Malwarebytes) S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [92096 2017-04-14] (Malwarebytes) R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation) R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [314808 2017-01-25] (NVIDIA Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [751632 2015-05-11] (Realsil Semiconductor Corporation) R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X] S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-05-22 23:45 - 2017-05-22 23:50 - 00000000 ____D C:\FRST 2017-05-18 16:43 - 2017-05-23 00:12 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\WinSAPSvc 2017-05-18 16:43 - 2017-05-23 00:12 - 00000000 ____D C:\Users\Jonathan\AppData\Local\CSHMDR 2017-05-18 16:43 - 2017-05-18 16:43 - 00003610 _____ C:\Windows\System32\Tasks\Milimili 2017-05-18 16:41 - 2017-05-18 16:41 - 00000000 ____D C:\Reimward 2017-05-18 10:24 - 2017-05-18 10:27 - 41701081 _____ C:\Users\Jonathan\Downloads\Boothspraak Front 2.psd 2017-05-17 11:38 - 2017-05-17 11:41 - 00000000 ____D C:\Users\Jonathan\AppData\Local\4kdownload.com 2017-05-17 11:38 - 2017-05-17 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download 2017-05-17 11:38 - 2017-05-17 11:40 - 00000000 ____D C:\Program Files (x86)\4KDownload 2017-05-17 11:37 - 2017-05-17 11:37 - 30931000 _____ (Open Media LLC ) C:\Users\Jonathan\Downloads\4kvideodownloader_4.2.exe 2017-05-17 11:37 - 2017-05-17 11:37 - 30061816 _____ (Open Media LLC ) C:\Users\Jonathan\Downloads\4kyoutubetomp3_3.1.exe 2017-05-17 11:21 - 2017-05-22 20:53 - 00000022 _____ C:\Users\Public\Documents\temp.dat 2017-05-16 11:46 - 2017-05-16 11:46 - 04102600 _____ C:\Users\Jonathan\Downloads\adwcleaner_6.046(1).exe 2017-05-16 11:42 - 2017-05-23 00:12 - 00000000 ____D C:\Users\Jonathan\AppData\Local\CWASRE 2017-05-16 11:42 - 2017-05-23 00:12 - 00000000 ____D C:\ProgramData\BIT 2017-05-15 14:18 - 2017-05-15 14:18 - 00352119 _____ C:\Users\Jonathan\Downloads\chp%3A10.1007%2F978-94-017-7291-4_6.pdf 2017-05-15 14:13 - 2017-05-15 14:13 - 02701904 _____ C:\Users\Jonathan\Downloads\PIIS0092867415016426.pdf 2017-05-15 14:13 - 2017-05-15 14:13 - 01749382 _____ C:\Users\Jonathan\Downloads\1-s2.0-S096098221631257X-main.pdf 2017-05-15 14:13 - 2017-05-15 14:13 - 01344466 _____ C:\Users\Jonathan\Downloads\Plant Cell-2013-Sun-2102-14.pdf 2017-05-15 14:10 - 2017-05-15 14:10 - 00750372 _____ C:\Users\Jonathan\Downloads\plants in their environment presentation.pdf 2017-05-15 14:07 - 2017-05-15 14:07 - 02552091 _____ C:\Users\Jonathan\Downloads\Presentation C3 - Shade Tolerance(1).pdf 2017-05-15 14:07 - 2017-05-15 14:07 - 01978763 _____ C:\Users\Jonathan\Downloads\1 UV-B antagonizes shade avoidance and thermomorphogenesis Lotte Pronk(1).pdf 2017-05-15 14:07 - 2017-05-15 14:07 - 00695514 _____ C:\Users\Jonathan\Downloads\C1 defense(1).pdf 2017-05-15 14:06 - 2017-05-15 14:06 - 01522676 _____ C:\Users\Jonathan\Downloads\886.full-1.pdf 2017-05-15 14:06 - 2017-05-15 14:06 - 01216199 _____ C:\Users\Jonathan\Downloads\897.full-1.pdf 2017-05-15 13:57 - 2017-05-15 13:57 - 02509831 _____ C:\Users\Jonathan\Downloads\Plant Cell-2017-Gommers-331-44(1).pdf 2017-05-15 13:57 - 2017-05-15 13:57 - 01063254 _____ C:\Users\Jonathan\Downloads\art_10.1007_s10059-013-2159-2-1(1).pdf 2017-05-15 13:57 - 2017-05-15 13:57 - 00451806 _____ C:\Users\Jonathan\Downloads\287.full(1).pdf 2017-05-15 13:54 - 2017-05-15 13:54 - 00447743 _____ C:\Users\Jonathan\Downloads\Molecular_and_genetic_control_of_plant_thermomorphogenesis.pdf.part 2017-05-15 13:53 - 2017-05-15 13:53 - 01280103 _____ C:\Users\Jonathan\Downloads\ContentServer.asp.pdf 2017-05-15 13:50 - 2017-05-15 13:50 - 01322682 _____ C:\Users\Jonathan\Downloads\PNAS-2016-Ma-224-9.pdf 2017-05-15 13:50 - 2017-05-15 13:50 - 01264664 _____ C:\Users\Jonathan\Downloads\art%3A10.1186%2Fs12870-015-0566-6.pdf 2017-05-15 13:50 - 2017-05-15 13:50 - 00906153 _____ C:\Users\Jonathan\Downloads\1-s2.0-S0960982214014249-main.pdf 2017-05-15 13:44 - 2017-05-15 13:44 - 01473271 _____ C:\Users\Jonathan\Downloads\pif4 B4.pdf 2017-05-15 13:44 - 2017-05-15 13:44 - 00943949 _____ C:\Users\Jonathan\Downloads\Phytochrome B as thermosensor in Arabidopsis thaliana.pdf 2017-05-15 13:25 - 2017-05-15 13:25 - 02509831 _____ C:\Users\Jonathan\Downloads\Plant Cell-2017-Gommers-331-44.pdf 2017-05-15 13:25 - 2017-05-15 13:25 - 01063254 _____ C:\Users\Jonathan\Downloads\art_10.1007_s10059-013-2159-2-1.pdf 2017-05-15 13:25 - 2017-05-15 13:25 - 00451806 _____ C:\Users\Jonathan\Downloads\287.full.pdf 2017-05-15 13:20 - 2017-05-15 13:20 - 02552091 _____ C:\Users\Jonathan\Downloads\Presentation C3 - Shade Tolerance.pdf 2017-05-15 13:20 - 2017-05-15 13:20 - 01978763 _____ C:\Users\Jonathan\Downloads\1 UV-B antagonizes shade avoidance and thermomorphogenesis Lotte Pronk.pdf 2017-05-15 13:20 - 2017-05-15 13:20 - 00695514 _____ C:\Users\Jonathan\Downloads\C1 defense.pdf 2017-05-12 17:16 - 2017-05-12 17:16 - 04102600 _____ C:\Users\Jonathan\Downloads\adwcleaner_6.046.exe 2017-05-12 17:15 - 2017-05-23 00:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-05-12 15:44 - 2017-05-23 00:12 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Eggper 2017-05-12 15:44 - 2017-05-23 00:12 - 00000000 ____D C:\Program Files (x86)\Eggper 2017-05-12 15:44 - 2017-05-12 15:44 - 00002095 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-05-12 15:42 - 2017-05-17 11:04 - 00000000 _____ C:\Windows\SysWOW64\1111 2017-05-12 10:55 - 2017-04-29 00:44 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-05-12 10:55 - 2017-04-29 00:44 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-05-11 16:51 - 2017-05-11 16:51 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET 2017-05-11 16:51 - 2017-03-30 15:15 - 00678592 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll 2017-05-11 16:51 - 2017-03-30 15:15 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll 2017-05-11 16:50 - 2017-03-30 15:15 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2017-05-11 16:50 - 2017-03-30 15:15 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2017-05-11 09:50 - 2017-05-23 00:12 - 00000000 ____D C:\Users\Jonathan\AppData\Local\NPASRE 2017-05-10 16:37 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2017-05-10 16:37 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2017-05-10 16:37 - 2017-04-16 10:35 - 25741312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-05-10 16:37 - 2017-04-16 09:49 - 20278272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-05-10 16:37 - 2017-04-16 09:10 - 15250944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-05-10 16:36 - 2017-04-28 23:15 - 07444824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-05-10 16:36 - 2017-04-26 16:06 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-05-10 16:36 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2017-05-10 16:36 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-05-10 16:36 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-05-10 16:36 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2017-05-10 16:36 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2017-05-10 16:36 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-05-10 16:36 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2017-05-10 16:36 - 2017-04-16 10:54 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-05-10 16:36 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-05-10 16:36 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-05-10 16:36 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-05-10 16:36 - 2017-04-16 10:36 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-05-10 16:36 - 2017-04-16 10:18 - 05977600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-05-10 16:36 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-05-10 16:36 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-05-10 16:36 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-05-10 16:36 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2017-05-10 16:36 - 2017-04-16 10:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-05-10 16:36 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-05-10 16:36 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-05-10 16:36 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-05-10 16:36 - 2017-04-16 09:52 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-05-10 16:36 - 2017-04-16 09:47 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-05-10 16:36 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-05-10 16:36 - 2017-04-16 09:40 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-05-10 16:36 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-05-10 16:36 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-05-10 16:36 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-05-10 16:36 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-05-10 16:36 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-05-10 16:36 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2017-05-10 16:36 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2017-05-10 16:36 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-05-10 16:36 - 2017-04-16 09:17 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-05-10 16:36 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-05-10 16:36 - 2017-04-16 09:10 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-05-10 16:36 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-05-10 16:36 - 2017-04-16 09:08 - 04548608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-05-10 16:36 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-05-10 16:36 - 2017-04-16 09:04 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-05-10 16:36 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll 2017-05-10 16:36 - 2017-04-16 08:53 - 13661184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-05-10 16:36 - 2017-04-16 08:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-05-10 16:36 - 2017-04-16 08:40 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-05-10 16:36 - 2017-04-16 08:37 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-05-10 16:36 - 2017-04-16 08:34 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-05-10 16:36 - 2017-04-16 08:34 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-05-10 16:36 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-05-10 16:36 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-05-10 16:36 - 2017-04-08 01:20 - 01375960 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-05-10 16:36 - 2017-04-07 15:56 - 01094656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-05-10 16:36 - 2017-04-02 18:41 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-05-10 16:36 - 2017-04-02 18:41 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-05-10 16:36 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2017-05-10 16:36 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2017-05-10 16:36 - 2017-03-13 18:38 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll 2017-05-10 16:36 - 2017-03-13 18:29 - 02609664 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2017-05-10 16:36 - 2017-03-13 18:25 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2017-05-10 16:36 - 2017-03-13 18:13 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll 2017-05-10 16:36 - 2017-03-13 18:07 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2017-05-10 16:36 - 2017-03-13 18:06 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2017-05-10 16:36 - 2017-03-11 21:34 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-05-10 16:36 - 2017-03-11 21:32 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-05-10 16:36 - 2017-03-11 21:32 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-05-10 16:36 - 2017-03-11 20:49 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-05-10 16:36 - 2017-03-11 19:58 - 01437696 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-05-10 16:36 - 2017-03-11 19:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-05-10 16:36 - 2017-03-11 01:38 - 02017624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-05-10 16:36 - 2017-03-11 01:38 - 00275800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2017-05-10 16:36 - 2017-03-09 22:52 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll 2017-05-10 16:36 - 2017-03-09 21:17 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll 2017-05-10 16:36 - 2017-03-08 04:44 - 00448285 _____ C:\Windows\system32\ApnDatabase.xml 2017-05-09 20:47 - 2017-05-09 20:47 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2017-05-09 20:47 - 2017-05-09 20:47 - 00001328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2017-05-09 20:47 - 2017-05-09 20:47 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\WMM 2017-05-09 20:47 - 2017-05-09 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2017-05-09 20:47 - 2017-05-09 20:47 - 00000000 ____D C:\Program Files (x86)\Windows Movie Maker 2017-05-09 20:47 - 2017-05-09 20:47 - 00000000 ____D C:\Program Files (x86)\Windows Live 2017-05-09 20:45 - 2017-05-09 20:46 - 26689458 _____ (videowinsoft.com ) C:\Users\Jonathan\Downloads\windows-movie-maker-2016.exe 2017-05-09 15:04 - 2017-05-09 15:04 - 01942655 _____ C:\Users\Jonathan\Downloads\Plant Cell-2013-González-Grandío-834-50.pdf 2017-05-09 15:04 - 2017-05-09 15:04 - 01210350 _____ C:\Users\Jonathan\Downloads\PNAS-2014-Mason-6092-7-2.pdf 2017-05-09 15:04 - 2017-05-09 15:04 - 01057379 _____ C:\Users\Jonathan\Downloads\Plant Physiol.-2015-Yao-611-26.pdf 2017-05-09 15:04 - 2017-05-09 15:04 - 00484439 _____ C:\Users\Jonathan\Downloads\Plant Physiol.-2014-Krishna Reddy-1542-50.pdf 2017-05-09 12:32 - 2017-05-23 00:12 - 00000000 ____D C:\Users\Jonathan\AppData\Local\VNASRE 2017-05-08 11:29 - 2017-05-08 11:29 - 00074864 _____ C:\Users\Jonathan\Downloads\ND20170508 Evolutiewetenschap verfrist de theologie etc.pdf 2017-05-04 12:06 - 2017-05-04 12:06 - 00000000 ____D C:\Users\Jonathan\AppData\Local\CrashRpt 2017-05-04 12:05 - 2017-05-04 12:05 - 01979944 _____ C:\Users\Jonathan\Downloads\WiperSoft-installer.exe 2017-05-04 11:41 - 2017-05-23 00:12 - 00000000 ____D C:\Users\Jonathan\AppData\Local\background_fault 2017-05-04 11:41 - 2017-05-05 19:30 - 00000000 ____D C:\Program Files (x86)\MIO 2017-05-04 11:12 - 2017-05-17 11:21 - 00001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-05-04 11:10 - 2017-05-04 11:10 - 00246104 _____ (Mozilla) C:\Users\Jonathan\Downloads\Firefox Setup Stub 53.0.exe 2017-05-03 15:53 - 2017-05-05 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato 2017-05-03 15:53 - 2017-05-05 19:30 - 00000000 ____D C:\Program Files (x86)\Serato 2017-05-03 13:27 - 2017-05-05 19:30 - 00000000 ____D C:\Program Files (x86)\IIS 2017-05-03 13:27 - 2017-05-03 13:27 - 00000000 ____D C:\Users\Public\Documents\Google 2017-05-03 11:54 - 2017-05-03 11:54 - 00347670 _____ C:\Users\Jonathan\Downloads\journal.pone.0031945.PDF 2017-05-02 14:24 - 2017-05-02 14:25 - 01130328 _____ (Google Inc.) C:\Users\Jonathan\Downloads\ChromeSetup(1).exe 2017-04-30 15:05 - 2017-04-30 15:05 - 00118728 _____ (GreenTree Applications SRL) C:\Users\Jonathan\Downloads\YTDSetup(2).exe 2017-04-30 14:55 - 2017-04-30 15:00 - 60107896 _____ (Malwarebytes ) C:\Users\Jonathan\Downloads\mb3-setup-consumer-3.0.6.1469-10103.exe 2017-04-28 13:09 - 2017-05-23 00:12 - 00000000 ____D C:\Windows\psgo 2017-04-26 12:01 - 2017-04-26 12:01 - 01701756 _____ C:\Users\Jonathan\Downloads\annurev-arplant-050312-120221.pdf 2017-04-26 12:01 - 2017-04-26 12:01 - 00504263 _____ C:\Users\Jonathan\Downloads\nplants2015190.pdf 2017-04-26 10:19 - 2017-05-18 16:43 - 00000000 ____D C:\Program Files\MK 2017-04-26 10:18 - 2017-05-05 15:41 - 00000000 ____D C:\Insist ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-05-23 00:12 - 2017-03-19 15:31 - 00000000 ____D C:\Program Files (x86)\Shapoly 2017-05-23 00:12 - 2016-03-07 17:52 - 00000000 ___HD C:\Windows\system32\WLANProfiles 2017-05-23 00:12 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2017-05-23 00:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration 2017-05-22 23:50 - 2014-11-21 10:44 - 01826596 _____ C:\Windows\system32\PerfStringBackup.INI 2017-05-22 23:50 - 2014-11-21 10:05 - 00807742 _____ C:\Windows\system32\perfh013.dat 2017-05-22 23:50 - 2014-11-21 10:05 - 00162706 _____ C:\Windows\system32\perfc013.dat 2017-05-22 23:50 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2017-05-22 23:43 - 2017-04-11 12:33 - 00251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-05-22 23:43 - 2016-03-07 17:39 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-22 23:43 - 2016-03-07 16:57 - 00000000 __SHD C:\Users\Jonathan\IntelGraphicsProfiles 2017-05-22 23:43 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-05-22 23:32 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2017-05-22 23:28 - 2016-03-07 18:11 - 00000000 ___RD C:\Users\Jonathan\OneDrive 2017-05-22 23:19 - 2016-11-16 14:47 - 00000000 ____D C:\Users\Jonathan\AppData\LocalLow\Mozilla 2017-05-22 23:16 - 2016-03-08 13:24 - 00000000 ____D C:\ProgramData\MFAData 2017-05-22 23:13 - 2016-03-07 16:36 - 00000000 ____D C:\Users\Jonathan 2017-05-22 21:27 - 2016-03-07 18:16 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\Skype 2017-05-22 20:59 - 2017-03-30 13:57 - 00000000 ____D C:\Program Files (x86)\Steam 2017-05-22 20:57 - 2016-03-07 18:03 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{70CA87D4-C5CF-42F5-BA88-8DF0FDD58C6C} 2017-05-22 20:54 - 2016-12-28 14:15 - 00015200 _____ C:\Windows\SysWOW64\CovenantEyesProxyOff.ini 2017-05-22 20:54 - 2016-12-28 14:15 - 00015200 _____ C:\Windows\system32\CovenantEyesProxyOff.ini 2017-05-18 16:44 - 2016-11-03 17:56 - 00000000 ____D C:\Users\Jonathan\AppData\Local\CrashDumps 2017-05-17 12:53 - 2016-03-07 16:45 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2616087736-3813733752-4251558300-1001 2017-05-17 11:21 - 2017-03-29 11:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-05-17 11:21 - 2016-03-07 18:05 - 00001170 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-05-17 11:20 - 2016-03-08 14:35 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-05-17 11:18 - 2017-03-19 16:29 - 00000000 ____D C:\AdwCleaner 2017-05-16 20:16 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-16 20:14 - 2016-03-07 19:27 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-05-15 19:18 - 2016-03-07 16:36 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Packages 2017-05-12 15:44 - 2017-02-27 22:12 - 00002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-12 14:53 - 2017-04-12 15:23 - 00000000 ____D C:\Users\Jonathan\Documents\REAPER Media 2017-05-12 11:09 - 2016-09-23 16:26 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-05-12 10:58 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2017-05-12 10:55 - 2013-08-22 16:44 - 00482488 _____ C:\Windows\system32\FNTCACHE.DAT 2017-05-11 17:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions 2017-05-11 17:16 - 2016-03-15 17:30 - 156335152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-05-11 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-05-11 16:54 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2017-05-09 12:36 - 2016-03-08 13:17 - 00004398 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-05-09 12:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-05-09 12:36 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed 2017-05-08 11:32 - 2016-03-08 13:16 - 00000000 ____D C:\Users\Jonathan\AppData\Local\Adobe 2017-05-08 11:15 - 2016-03-08 14:52 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-05-05 19:30 - 2017-04-12 15:22 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\REAPER 2017-05-05 19:30 - 2017-04-12 15:20 - 00000000 ____D C:\Program Files\REAPER (x64) 2017-05-05 19:30 - 2017-04-11 12:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-05-05 19:30 - 2017-04-11 12:33 - 00000000 ____D C:\Program Files\Malwarebytes 2017-05-05 19:30 - 2016-03-15 18:35 - 00000000 ____D C:\Windows\system32\appraiser 2017-05-05 19:30 - 2014-11-21 14:58 - 00000000 ___SD C:\Windows\system32\CompatTel 2017-05-05 19:30 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media 2017-05-05 19:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore 2017-05-05 19:30 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender 2017-05-05 19:30 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Sysprep 2017-05-03 16:10 - 2016-03-08 13:27 - 00000000 ____D C:\Users\Jonathan\Documents\Jonathan 2017-04-30 15:02 - 2016-03-08 14:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-04-30 14:49 - 2017-02-27 22:11 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-30 14:49 - 2017-02-27 22:11 - 00003360 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-28 00:05 - 2017-02-28 15:30 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\PhotoFiltre 7 2017-04-28 00:05 - 2016-10-24 17:42 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\vlc 2017-04-28 00:05 - 2016-10-24 17:14 - 00000000 ____D C:\Users\Jonathan\AppData\Roaming\uTorrent 2017-04-28 00:05 - 2016-03-08 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-04-28 00:05 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2017-04-28 00:04 - 2016-03-07 18:43 - 00000000 ____D C:\Windows\Minidump 2017-04-28 00:02 - 2016-03-15 15:46 - 00000000 __RHD C:\MSOCache 2017-04-27 13:03 - 2017-01-23 12:06 - 00000000 ____D C:\Users\Jonathan\Documents\Digital Viewer Bestanden om te verplaatsen of verwijderen: ==================== C:\Users\Jonathan\AppData\Local\background_fault\aswRD.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-05-17 12:53 ==================== Eind van FRST.txt ============================