hier de logjes
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20.06.2018
Gestart door petra (Beheerder) op PETRA-PC (24-06-2018 20:58:09)
Gestart vanaf C:\Users\petra\Desktop
Geladen Profielen: petra (Beschikbare Profielen: petra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-19] (AVAST Software)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2015-11-24] (Easybits)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-3037185331-2861149877-865260356-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-06-19] (Piriform Ltd)
HKU\S-1-5-21-3037185331-2861149877-865260356-1001\...\Run: [AvastBrowserAutoLaunch_8B1768473B86749CB8ABB5CBD1C7484B] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1808264 2018-06-12] (AVAST Software)
HKU\S-1-5-21-3037185331-2861149877-865260356-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ezScrSvr.scr
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-02] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-01-22]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-11-22]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\petra\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - .lnk [2018-02-24]
ShortcutTarget: Inktwaarschuwingen controleren - .lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 89.101.251.228 89.101.251.229
Tcpip\..\Interfaces\{0E4F863B-4878-4515-87D1-9B02BEA5C6AF}: [DhcpNameServer] 89.101.251.228 89.101.251.229
Tcpip\..\Interfaces\{24C558B0-D525-41D2-9A19-2B15CD0F207C}: [DhcpNameServer] 212.54.44.54 212.54.40.25
Tcpip\..\Interfaces\{33B1ED06-A44C-4924-AAB2-84F627EEA03B}: [DhcpNameServer] 89.101.251.228 89.101.251.229
Tcpip\..\Interfaces\{FC0F5693-B54F-4B2B-B7CC-25CF955C22FE}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://
www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3037185331-2861149877-865260356-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {2B674302-A1C7-47B1-B3E4-7757FF86CCDF} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {2B674302-A1C7-47B1-B3E4-7757FF86CCDF} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3037185331-2861149877-865260356-1001 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxps://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3037185331-2861149877-865260356-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-19] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-19] (AVAST Software)
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Secrets%20of%20Olympus/Images/stg_drm.ocx
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Farmscapes/Images/armhelper.ocx
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF ProfilePath: C:\Users\petra\AppData\Roaming\TomTom\HOME\Profiles\atrvdw12.default [2013-01-21]
FF ProfilePath: C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\b104e7ey.default [2018-06-24]
FF Homepage: Mozilla\Firefox\Profiles\b104e7ey.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-19] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Geen bestand]
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\FantastiGames\npExentCtl.dll [Geen bestand]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32:
@oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll [Geen bestand]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-19] (Google Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-10-23] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default [2018-06-24]
CHR Extension: (YouTube) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-21]
CHR Extension: (Gmail) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <niet gevonden>
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-06-19] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-06-19] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [428984 2018-06-19] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-19] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [8633072 2018-06-19] (AVAST Software)
S4 EMET_Service; C:\Program Files (x86)\EMET 5.1\EMET_Service.exe [31880 2014-11-09] (Microsoft Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Bestand niet getekend]
S3 lxcy_device; C:\Windows\SysWOW64\lxcycoms.exe [537520 2006-11-29] ( )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== AANDACHT (geen ServiceDLL)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-06-19] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-06-19] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-06-19] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-06-19] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-06-19] (AVAST Software)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [79216 2016-08-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-06-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159120 2018-06-19] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2018-01-22] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [640248 2018-06-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111360 2018-06-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-06-19] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-06-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-06-19] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-06-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381552 2018-06-19] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-05] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-05] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-05] (DT Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-05-24] (Malwarebytes)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [38456 2013-02-11] (GFI Software)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-02] (GFI Software)
S4 LMIRfsClientNP; geen ImagePath
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-24] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112872 2018-06-24] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-24] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94840 2018-06-24] (Malwarebytes)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
R3 radpms; C:\Windows\System32\DRIVERS\radpms.sys [14944 2012-11-29] (LogMeIn, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-03-04] (Duplex Secure Ltd.)
S1 A2DDA; \??\C:\Users\petra\Desktop\Run\a2ddax64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hmpalert; \??\C:\Windows\system32\drivers\hmpalert.sys [X]
S3 hmpnet; \??\C:\Windows\system32\drivers\hmpnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\C9FB.tmp [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)
2018-06-24 20:58 - 2018-06-24 20:58 - 000019336 _____ C:\Users\petra\Desktop\FRST.txt
2018-06-24 20:32 - 2018-06-24 20:32 - 000001506 _____ C:\Users\petra\Desktop\mbam scan.txt
2018-06-24 20:19 - 2018-06-24 20:22 - 000094840 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-06-24 20:19 - 2018-06-24 20:19 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-24 20:19 - 2018-06-24 20:19 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-06-24 20:19 - 2018-06-24 20:19 - 000112872 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-06-24 20:18 - 2018-06-24 20:18 - 000001834 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-24 20:18 - 2018-06-24 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-24 20:18 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-24 14:18 - 2018-06-24 18:18 - 000000000 ____D C:\Users\petra\AppData\Local\ESET
2018-06-24 14:17 - 2018-06-24 14:18 - 006988408 _____ (ESET spol. s r.o.) C:\Users\petra\Downloads\esetonlinescanner_nld.exe
2018-06-23 22:14 - 2018-06-24 20:19 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-23 22:13 - 2018-06-23 22:13 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-23 22:11 - 2018-06-23 22:12 - 072874400 _____ (Malwarebytes ) C:\Users\petra\Desktop\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5597.exe
2018-06-22 22:37 - 2018-06-22 22:37 - 000000000 ____D C:\Program Files\Speccy
2018-06-22 21:16 - 2018-06-24 20:58 - 000000000 ____D C:\FRST
2018-06-22 21:13 - 2018-06-22 21:13 - 002412544 _____ (Farbar) C:\Users\petra\Desktop\FRST64.exe
2018-06-22 00:01 - 2015-09-14 13:03 - 000039672 _____ C:\Windows\system32\Drivers\DasPtct.SYS
2018-06-21 23:55 - 2018-06-21 23:55 - 000003792 _____ C:\Windows\SysWOW64\BroomData.bit
2018-06-21 23:55 - 2013-04-08 15:30 - 000022752 _____ C:\Windows\system32\PCloudBroom64.exe
2018-06-21 23:22 - 2018-06-21 23:22 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-06-21 23:22 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2018-06-21 23:14 - 2018-06-21 23:14 - 038191600 _____ (Panda Security ) C:\Users\petra\Downloads\PandaCloudCleaner.exe
2018-06-21 21:56 - 2018-06-21 21:56 - 000000000 ____D C:\Users\petra\Desktop\afspraak id kaart
2018-06-19 22:10 - 2018-06-19 22:10 - 000004572 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-19 21:57 - 2018-06-19 21:57 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-06-19 21:56 - 2018-06-19 21:56 - 000003532 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA
2018-06-19 21:56 - 2018-06-19 21:56 - 000003404 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore
2018-06-19 21:55 - 2018-06-19 22:15 - 000000000 ____D C:\Users\petra\AppData\Local\AVAST Software
2018-06-19 21:53 - 2017-11-01 07:53 - 000346176 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-19 21:49 - 2018-06-19 21:48 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-06-19 21:35 - 2018-06-19 21:35 - 000000000 ____D C:\Users\petra\AppData\Local\BlueStacks
2018-06-19 20:44 - 2018-06-19 20:44 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-06-19 19:57 - 2018-06-19 19:57 - 020813312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)
2018-06-24 20:18 - 2015-03-10 00:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-24 18:57 - 2009-07-14 06:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-24 18:57 - 2009-07-14 06:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-24 18:46 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-24 18:09 - 2015-05-15 20:14 - 000000000 ____D C:\Users\petra\Desktop\My Shared Folder
2018-06-24 13:28 - 2011-06-19 13:34 - 000000000 ____D C:\Users\petra\AppData\LocalLow\Temp
2018-06-23 23:39 - 2009-09-02 10:43 - 000732646 _____ C:\Windows\system32\perfh013.dat
2018-06-23 23:39 - 2009-09-02 10:43 - 000149874 _____ C:\Windows\system32\perfc013.dat
2018-06-23 23:39 - 2009-07-14 07:13 - 001672576 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-23 23:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-06-23 23:30 - 2015-03-08 14:32 - 000000000 ____D C:\AdwCleaner
2018-06-23 22:11 - 2011-06-01 14:36 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DA22A8B7-AE17-4B29-AE85-E3DDDBA9A113}
2018-06-21 22:29 - 2016-03-05 09:30 - 000000000 ____D C:\Users\petra\AppData\Roaming\DAEMON Tools Lite
2018-06-21 21:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-19 22:10 - 2012-06-29 00:30 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-06-19 22:09 - 2012-06-29 00:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-19 22:09 - 2012-03-26 20:33 - 000000000 ____D C:\Windows\system32\Macromed
2018-06-19 22:09 - 2011-06-19 23:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-19 22:09 - 2009-09-02 01:19 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-06-19 22:05 - 2017-04-23 14:55 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-06-19 22:05 - 2011-05-31 07:08 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-19 21:55 - 2018-01-22 13:46 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-06-19 21:53 - 2011-12-30 11:46 - 000000000 ____D C:\Program Files (x86)\WinRAR
2018-06-19 21:48 - 2018-01-22 13:41 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-06-19 21:48 - 2014-04-30 17:37 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-06-19 21:48 - 2013-12-28 12:37 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000381552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000159120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000111360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-06-19 21:47 - 2017-04-23 14:55 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-06-19 21:47 - 2017-04-23 14:55 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-06-19 21:47 - 2017-04-23 14:55 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-06-19 21:47 - 2017-04-23 14:55 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-06-19 21:47 - 2016-02-13 01:44 - 000640248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-06-19 21:47 - 2013-03-02 10:05 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-06-19 21:41 - 2017-10-16 19:11 - 000000000 ____D C:\Users\petra\Desktop\pasjes
2018-06-19 21:35 - 2016-03-23 23:31 - 000000000 ____D C:\ProgramData\BlueStacksGameManager
2018-06-19 21:35 - 2009-07-14 05:20 - 000000000 ___RD C:\Users\Public\Libraries
2018-06-19 21:26 - 2011-06-19 23:30 - 000000000 ____D C:\Program Files (x86)\Google
2018-06-19 21:24 - 2014-08-23 20:46 - 000000000 ____D C:\Users\petra\AppData\Local\com.gamehouse.acid
2018-06-19 21:24 - 2012-09-01 16:41 - 000000000 ____D C:\Zylom Games
2018-06-19 21:20 - 2016-03-05 09:45 - 000000000 ____D C:\Users\petra\AppData\Roaming\SPORE
2018-06-19 21:19 - 2009-09-02 00:54 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-06-19 21:17 - 2015-03-15 14:27 - 000000000 ____D C:\Program Files (x86)\The Sims 4
2018-06-19 21:17 - 2013-05-29 04:10 - 000000000 ____D C:\Users\petra\AppData\Local\Unity
2018-06-19 20:51 - 2015-03-08 19:26 - 000002142 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-19 20:51 - 2013-01-04 00:08 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-19 20:49 - 2013-05-19 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2018-06-19 20:44 - 2015-06-28 12:30 - 000003622 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 5520 series
2018-06-19 20:44 - 2013-03-02 10:15 - 000000000 ____D C:\Program Files\CCleaner
2018-06-19 20:42 - 2012-10-08 17:46 - 000003490 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-19 20:42 - 2012-10-08 17:46 - 000003362 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-19 20:40 - 2012-11-18 12:56 - 000000000 __HDC C:\ProgramData\{47E1B06E-0207-42C9-8315-F1E24834ED9E}
2018-06-19 20:40 - 2012-09-07 16:33 - 000000000 ____D C:\Users\petra\AppData\Roaming\Skype
2018-06-19 20:40 - 2012-01-09 10:48 - 000000000 ____D C:\Users\petra\Documents\Youcam
2018-06-19 20:40 - 2011-06-25 16:51 - 000000000 ____D C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2018-06-19 20:40 - 2011-05-30 23:37 - 000000000 ____D C:\Users\petra\AppData\Roaming\HpUpdate
2018-06-19 20:40 - 2011-05-30 23:31 - 000000000 ____D C:\Users\petra\AppData\Roaming\hpqlog
2018-06-19 20:40 - 2011-05-30 18:53 - 000000000 ____D C:\Users\petra\AppData\Local\Microsoft Help
2018-06-19 20:40 - 2011-05-30 18:25 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2018-06-19 20:40 - 2009-09-02 02:47 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2018-06-19 20:40 - 2009-07-25 08:11 - 000000000 ____D C:\Windows\Panther
2018-06-19 20:40 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-06-19 20:35 - 2011-05-30 23:32 - 000000274 _____ C:\ProgramData\HPWALog.txt
2018-06-19 20:31 - 2015-12-03 22:39 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-06-19 19:55 - 2018-01-22 13:50 - 000004194 _____ C:\Windows\System32\Tasks\Avast TUNEUP Update
==================== Bestanden in de root van sommige mappen =======
2015-03-02 20:37 - 2015-03-02 20:37 - 006103040 _____ () C:\Program Files (x86)\GUT5013.tmp
2012-05-13 06:51 - 2012-09-01 02:10 - 000000011 _____ () C:\Users\petra\AppData\Roaming\log.txt
2011-07-01 05:49 - 2011-07-01 06:22 - 000000140 _____ () C:\Users\petra\AppData\Roaming\wklnhst.dat
2011-05-30 23:32 - 2011-05-30 23:32 - 000000000 _____ () C:\Users\petra\AppData\Local\AtStart.txt
2011-05-30 23:32 - 2011-05-30 23:32 - 000000000 _____ () C:\Users\petra\AppData\Local\DSwitch.txt
2011-05-30 23:32 - 2011-05-30 23:32 - 000000000 _____ () C:\Users\petra\AppData\Local\QSwitch.txt
2011-07-21 23:19 - 2013-03-20 06:25 - 000007666 _____ () C:\Users\petra\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2018-01-22 14:44
==================== Eind van FRST.txt ============================
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20.06.2018
Gestart door petra (Beheerder) op PETRA-PC (24-06-2018 20:58:09)
Gestart vanaf C:\Users\petra\Desktop
Geladen Profielen: petra (Beschikbare Profielen: petra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-19] (AVAST Software)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [320056 2009-06-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2015-11-24] (Easybits)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-3037185331-2861149877-865260356-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-06-19] (Piriform Ltd)
HKU\S-1-5-21-3037185331-2861149877-865260356-1001\...\Run: [AvastBrowserAutoLaunch_8B1768473B86749CB8ABB5CBD1C7484B] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1808264 2018-06-12] (AVAST Software)
HKU\S-1-5-21-3037185331-2861149877-865260356-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ezScrSvr.scr
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-02] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-01-22]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-11-22]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\petra\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - .lnk [2018-02-24]
ShortcutTarget: Inktwaarschuwingen controleren - .lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 89.101.251.228 89.101.251.229
Tcpip\..\Interfaces\{0E4F863B-4878-4515-87D1-9B02BEA5C6AF}: [DhcpNameServer] 89.101.251.228 89.101.251.229
Tcpip\..\Interfaces\{24C558B0-D525-41D2-9A19-2B15CD0F207C}: [DhcpNameServer] 212.54.44.54 212.54.40.25
Tcpip\..\Interfaces\{33B1ED06-A44C-4924-AAB2-84F627EEA03B}: [DhcpNameServer] 89.101.251.228 89.101.251.229
Tcpip\..\Interfaces\{FC0F5693-B54F-4B2B-B7CC-25CF955C22FE}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://
www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3037185331-2861149877-865260356-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {2B674302-A1C7-47B1-B3E4-7757FF86CCDF} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {2B674302-A1C7-47B1-B3E4-7757FF86CCDF} URL = hxxp://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3037185331-2861149877-865260356-1001 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxps://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3037185331-2861149877-865260356-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-06-19] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-06-19] (AVAST Software)
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Secrets%20of%20Olympus/Images/stg_drm.ocx
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Farmscapes/Images/armhelper.ocx
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF ProfilePath: C:\Users\petra\AppData\Roaming\TomTom\HOME\Profiles\atrvdw12.default [2013-01-21]
FF ProfilePath: C:\Users\petra\AppData\Roaming\Mozilla\Firefox\Profiles\b104e7ey.default [2018-06-24]
FF Homepage: Mozilla\Firefox\Profiles\b104e7ey.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-19] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Geen bestand]
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\FantastiGames\npExentCtl.dll [Geen bestand]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32:
@oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll [Geen bestand]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-19] (Google Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-10-23] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default [2018-06-24]
CHR Extension: (YouTube) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-21]
CHR Extension: (Gmail) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <niet gevonden>
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-06-19] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-06-19] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [428984 2018-06-19] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-19] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [8633072 2018-06-19] (AVAST Software)
S4 EMET_Service; C:\Program Files (x86)\EMET 5.1\EMET_Service.exe [31880 2014-11-09] (Microsoft Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [Bestand niet getekend]
S3 lxcy_device; C:\Windows\SysWOW64\lxcycoms.exe [537520 2006-11-29] ( )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== AANDACHT (geen ServiceDLL)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-06-19] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-06-19] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-06-19] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-06-19] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-06-19] (AVAST Software)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [79216 2016-08-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-06-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159120 2018-06-19] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2018-01-22] (AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [640248 2018-06-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111360 2018-06-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-06-19] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-06-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-06-19] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-06-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381552 2018-06-19] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-05] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-05] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-05] (DT Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-05-24] (Malwarebytes)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [38456 2013-02-11] (GFI Software)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-02] (GFI Software)
S4 LMIRfsClientNP; geen ImagePath
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-24] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112872 2018-06-24] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-24] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94840 2018-06-24] (Malwarebytes)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
R3 radpms; C:\Windows\System32\DRIVERS\radpms.sys [14944 2012-11-29] (LogMeIn, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-03-04] (Duplex Secure Ltd.)
S1 A2DDA; \??\C:\Users\petra\Desktop\Run\a2ddax64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 hmpalert; \??\C:\Windows\system32\drivers\hmpalert.sys [X]
S3 hmpnet; \??\C:\Windows\system32\drivers\hmpnet.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\C9FB.tmp [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)
2018-06-24 20:58 - 2018-06-24 20:58 - 000019336 _____ C:\Users\petra\Desktop\FRST.txt
2018-06-24 20:32 - 2018-06-24 20:32 - 000001506 _____ C:\Users\petra\Desktop\mbam scan.txt
2018-06-24 20:19 - 2018-06-24 20:22 - 000094840 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-06-24 20:19 - 2018-06-24 20:19 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-24 20:19 - 2018-06-24 20:19 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-06-24 20:19 - 2018-06-24 20:19 - 000112872 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-06-24 20:18 - 2018-06-24 20:18 - 000001834 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-24 20:18 - 2018-06-24 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-24 20:18 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-24 14:18 - 2018-06-24 18:18 - 000000000 ____D C:\Users\petra\AppData\Local\ESET
2018-06-24 14:17 - 2018-06-24 14:18 - 006988408 _____ (ESET spol. s r.o.) C:\Users\petra\Downloads\esetonlinescanner_nld.exe
2018-06-23 22:14 - 2018-06-24 20:19 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-23 22:13 - 2018-06-23 22:13 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-23 22:11 - 2018-06-23 22:12 - 072874400 _____ (Malwarebytes ) C:\Users\petra\Desktop\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5597.exe
2018-06-22 22:37 - 2018-06-22 22:37 - 000000000 ____D C:\Program Files\Speccy
2018-06-22 21:16 - 2018-06-24 20:58 - 000000000 ____D C:\FRST
2018-06-22 21:13 - 2018-06-22 21:13 - 002412544 _____ (Farbar) C:\Users\petra\Desktop\FRST64.exe
2018-06-22 00:01 - 2015-09-14 13:03 - 000039672 _____ C:\Windows\system32\Drivers\DasPtct.SYS
2018-06-21 23:55 - 2018-06-21 23:55 - 000003792 _____ C:\Windows\SysWOW64\BroomData.bit
2018-06-21 23:55 - 2013-04-08 15:30 - 000022752 _____ C:\Windows\system32\PCloudBroom64.exe
2018-06-21 23:22 - 2018-06-21 23:22 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-06-21 23:22 - 2015-01-29 18:21 - 000050320 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2018-06-21 23:14 - 2018-06-21 23:14 - 038191600 _____ (Panda Security ) C:\Users\petra\Downloads\PandaCloudCleaner.exe
2018-06-21 21:56 - 2018-06-21 21:56 - 000000000 ____D C:\Users\petra\Desktop\afspraak id kaart
2018-06-19 22:10 - 2018-06-19 22:10 - 000004572 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-19 21:57 - 2018-06-19 21:57 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-06-19 21:56 - 2018-06-19 21:56 - 000003532 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineUA
2018-06-19 21:56 - 2018-06-19 21:56 - 000003404 _____ C:\Windows\System32\Tasks\AvastUpdateTaskMachineCore
2018-06-19 21:55 - 2018-06-19 22:15 - 000000000 ____D C:\Users\petra\AppData\Local\AVAST Software
2018-06-19 21:53 - 2017-11-01 07:53 - 000346176 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-19 21:49 - 2018-06-19 21:48 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-06-19 21:35 - 2018-06-19 21:35 - 000000000 ____D C:\Users\petra\AppData\Local\BlueStacks
2018-06-19 20:44 - 2018-06-19 20:44 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-06-19 19:57 - 2018-06-19 19:57 - 020813312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)
2018-06-24 20:18 - 2015-03-10 00:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-24 18:57 - 2009-07-14 06:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-24 18:57 - 2009-07-14 06:45 - 000023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-24 18:46 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-24 18:09 - 2015-05-15 20:14 - 000000000 ____D C:\Users\petra\Desktop\My Shared Folder
2018-06-24 13:28 - 2011-06-19 13:34 - 000000000 ____D C:\Users\petra\AppData\LocalLow\Temp
2018-06-23 23:39 - 2009-09-02 10:43 - 000732646 _____ C:\Windows\system32\perfh013.dat
2018-06-23 23:39 - 2009-09-02 10:43 - 000149874 _____ C:\Windows\system32\perfc013.dat
2018-06-23 23:39 - 2009-07-14 07:13 - 001672576 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-23 23:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-06-23 23:30 - 2015-03-08 14:32 - 000000000 ____D C:\AdwCleaner
2018-06-23 22:11 - 2011-06-01 14:36 - 000003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DA22A8B7-AE17-4B29-AE85-E3DDDBA9A113}
2018-06-21 22:29 - 2016-03-05 09:30 - 000000000 ____D C:\Users\petra\AppData\Roaming\DAEMON Tools Lite
2018-06-21 21:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-19 22:10 - 2012-06-29 00:30 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-06-19 22:09 - 2012-06-29 00:30 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-19 22:09 - 2012-03-26 20:33 - 000000000 ____D C:\Windows\system32\Macromed
2018-06-19 22:09 - 2011-06-19 23:30 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-19 22:09 - 2009-09-02 01:19 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-06-19 22:05 - 2017-04-23 14:55 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-06-19 22:05 - 2011-05-31 07:08 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-19 21:55 - 2018-01-22 13:46 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-06-19 21:53 - 2011-12-30 11:46 - 000000000 ____D C:\Program Files (x86)\WinRAR
2018-06-19 21:48 - 2018-01-22 13:41 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-06-19 21:48 - 2014-04-30 17:37 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-06-19 21:48 - 2013-12-28 12:37 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000381552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000159120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000111360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-06-19 21:48 - 2013-03-02 10:05 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-06-19 21:47 - 2017-04-23 14:55 - 000343752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-06-19 21:47 - 2017-04-23 14:55 - 000227504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-06-19 21:47 - 2017-04-23 14:55 - 000199440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-06-19 21:47 - 2017-04-23 14:55 - 000057680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-06-19 21:47 - 2016-02-13 01:44 - 000640248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2018-06-19 21:47 - 2013-03-02 10:05 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-06-19 21:41 - 2017-10-16 19:11 - 000000000 ____D C:\Users\petra\Desktop\pasjes
2018-06-19 21:35 - 2016-03-23 23:31 - 000000000 ____D C:\ProgramData\BlueStacksGameManager
2018-06-19 21:35 - 2009-07-14 05:20 - 000000000 ___RD C:\Users\Public\Libraries
2018-06-19 21:26 - 2011-06-19 23:30 - 000000000 ____D C:\Program Files (x86)\Google
2018-06-19 21:24 - 2014-08-23 20:46 - 000000000 ____D C:\Users\petra\AppData\Local\com.gamehouse.acid
2018-06-19 21:24 - 2012-09-01 16:41 - 000000000 ____D C:\Zylom Games
2018-06-19 21:20 - 2016-03-05 09:45 - 000000000 ____D C:\Users\petra\AppData\Roaming\SPORE
2018-06-19 21:19 - 2009-09-02 00:54 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-06-19 21:17 - 2015-03-15 14:27 - 000000000 ____D C:\Program Files (x86)\The Sims 4
2018-06-19 21:17 - 2013-05-29 04:10 - 000000000 ____D C:\Users\petra\AppData\Local\Unity
2018-06-19 20:51 - 2015-03-08 19:26 - 000002142 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-19 20:51 - 2013-01-04 00:08 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-19 20:49 - 2013-05-19 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2018-06-19 20:44 - 2015-06-28 12:30 - 000003622 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 5520 series
2018-06-19 20:44 - 2013-03-02 10:15 - 000000000 ____D C:\Program Files\CCleaner
2018-06-19 20:42 - 2012-10-08 17:46 - 000003490 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-19 20:42 - 2012-10-08 17:46 - 000003362 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-19 20:40 - 2012-11-18 12:56 - 000000000 __HDC C:\ProgramData\{47E1B06E-0207-42C9-8315-F1E24834ED9E}
2018-06-19 20:40 - 2012-09-07 16:33 - 000000000 ____D C:\Users\petra\AppData\Roaming\Skype
2018-06-19 20:40 - 2012-01-09 10:48 - 000000000 ____D C:\Users\petra\Documents\Youcam
2018-06-19 20:40 - 2011-06-25 16:51 - 000000000 ____D C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
2018-06-19 20:40 - 2011-05-30 23:37 - 000000000 ____D C:\Users\petra\AppData\Roaming\HpUpdate
2018-06-19 20:40 - 2011-05-30 23:31 - 000000000 ____D C:\Users\petra\AppData\Roaming\hpqlog
2018-06-19 20:40 - 2011-05-30 18:53 - 000000000 ____D C:\Users\petra\AppData\Local\Microsoft Help
2018-06-19 20:40 - 2011-05-30 18:25 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2018-06-19 20:40 - 2009-09-02 02:47 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
2018-06-19 20:40 - 2009-07-25 08:11 - 000000000 ____D C:\Windows\Panther
2018-06-19 20:40 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-06-19 20:35 - 2011-05-30 23:32 - 000000274 _____ C:\ProgramData\HPWALog.txt
2018-06-19 20:31 - 2015-12-03 22:39 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-06-19 19:55 - 2018-01-22 13:50 - 000004194 _____ C:\Windows\System32\Tasks\Avast TUNEUP Update
==================== Bestanden in de root van sommige mappen =======
2015-03-02 20:37 - 2015-03-02 20:37 - 006103040 _____ () C:\Program Files (x86)\GUT5013.tmp
2012-05-13 06:51 - 2012-09-01 02:10 - 000000011 _____ () C:\Users\petra\AppData\Roaming\log.txt
2011-07-01 05:49 - 2011-07-01 06:22 - 000000140 _____ () C:\Users\petra\AppData\Roaming\wklnhst.dat
2011-05-30 23:32 - 2011-05-30 23:32 - 000000000 _____ () C:\Users\petra\AppData\Local\AtStart.txt
2011-05-30 23:32 - 2011-05-30 23:32 - 000000000 _____ () C:\Users\petra\AppData\Local\DSwitch.txt
2011-05-30 23:32 - 2011-05-30 23:32 - 000000000 _____ () C:\Users\petra\AppData\Local\QSwitch.txt
2011-07-21 23:19 - 2013-03-20 06:25 - 000007666 _____ () C:\Users\petra\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2018-01-22 14:44
==================== Eind van FRST.txt ============================