Last van een virus, malware, spam of storende pop-ups tijdens het internetten? HijackThis helpt je graag verder.

Welkom op HijackThis, op dit forum kan je terecht voor gratis hulp bij het verwijderen van virussen, malware en andere schadelijke software. Als gast kan je alleen het forum bekijken en meelezen met de verschillende discussies. Klik op de onderstaande link om geheel gratis een gebruikersaccount op ons forum te registreren.

Klik hier om een gratis account te registreren!

Donaties

Ben je tevreden over de manier waarop onze medewerkers je geholpen hebben op HijackThis.nl? Of wil je HijackThis.nl een hart onder de riem steken om dit vrijwilligerswerk verder te kunnen blijven doen? Overweeg dan eens of je een (vrijblijvende) donatie aan ons forum kan doen. Met dank bij voorbaat voor de donatie die je aan HijackThis.nl hebt gedaan!

donaties

toch maar eens vragen aan de specialisten, hijjack logje ...

Plaats hier uw logfile(s) en omschrijf zo goed mogelijk uw problemen.
Plaats reactie
vins
Lid
Berichten: 6
Lid geworden op: 10 okt 2008 07:42

toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door vins » 07 apr 2017 01:04

laptop van mijn vader is in de soep gevallen en werkt niet goed meer ;) ... OS: windows 7 32/bit dacht ik. avast antivirus betalend en mailwarebyte niet betalend. reeds veilige modus uitgeprobeerd met mailarebytes, maar niets gevonden. daarom vraag ik eens hulp aan jullie specialisten :)



logje: Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 0:43:23, on 7/04/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18618)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\user\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5EA13312-8764-496F-B4AB-F7A872B51E14} (ooVooWebCtrl Class) - http://static-www3.cdn.oovoo.com/oovoom ... VooWeb.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - Unknown owner - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinZipSmartMonitorService - Unknown owner - C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitorService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9779 bytes




thanks :)

Gebruikersavatar
Eric
Site Admin
Berichten: 14845
Lid geworden op: 13 apr 2005 15:54
Besturingssysteem: Windows 10
Bescherming: Malwarebytes pro
Locatie: Kotje aan de kust.
Contacteer:

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door Eric » 07 apr 2017 09:39

Download de Afbeelding Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

Farbar Recovery Scan Tool uitvoeren
  • Dubbelklik op FRST.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
  • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
  • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
  • Voeg beide logbestanden als bijlage toe aan het volgende bericht.
****Afbeelding****
Doneren kan hier :wink:
traagheidtips
Dit is geen link, erop klikken is zinloos.
Hitmanpro"Alert"

vins
Lid
Berichten: 6
Lid geworden op: 10 okt 2008 07:42

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door vins » 07 apr 2017 11:02

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-03-2017
Gestart door user (Beheerder) op USER-PC (07-04-2017 10:41:36)
Gestart vanaf C:\Users\user\Downloads
Geladen Profielen: user (Beschikbare Profielen: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitorService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(WinZip International LLC) C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Farbar) C:\Users\user\Downloads\FRST64 (3).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Register (gefilterd) ====================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-04] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-730420348-928841526-1892792260-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-730420348-928841526-1892792260-1000\...\MountPoints2: {d3c8da22-69c0-11e4-9997-e840f260e9cb} - F:\SETUP.EXE
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 195.130.131.2 195.130.130.2
Tcpip\..\Interfaces\{B3B039CC-D616-45CD-843D-83418B5668B1}: [DhcpNameServer] 195.130.131.2 195.130.130.2
Tcpip\..\Interfaces\{F46F5C1C-E53F-4F42-806E-7E1A6E206A03}: [DhcpNameServer] 195.130.131.2 195.130.130.2

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-730420348-928841526-1892792260-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=nl-be
HKU\S-1-5-21-730420348-928841526-1892792260-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}
HKU\S-1-5-21-730420348-928841526-1892792260-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-730420348-928841526-1892792260-1000 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-04] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-04] (AVAST Software)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-18] (Oracle Corporation)
DPF: HKLM {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {5EA13312-8764-496F-B4AB-F7A872B51E14} hxxp://static-www3.cdn.oovoo.com/oovoomelink/oovoome/webvc/ooVooWeb.dll
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\TomTom\HOME\Profiles\o9m9mxqg.default [2016-06-26]
FF Extension: (Geen Naam) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [niet gevonden]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-02]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Geen bestand]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Geen bestand]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-730420348-928841526-1892792260-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-04-07]
CHR Extension: (Google Documenten) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-30]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Offline Documenten) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-01]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15]
CHR HKU\S-1-5-21-730420348-928841526-1892792260-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bbhgoadfgiandmaieopaphefbhcdpfaf] - C:\Users\user\AppData\Local\Deals Plugin Extension\Chrome\Deals Plugin Extension.crx <niet gevonden>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <niet gevonden>

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-04] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-04] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [310496 2017-04-04] (AVAST Software)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinZipSmartMonitorService; C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitorService.exe [492032 2016-08-16] ()
S2 TomTomHOMEService; "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" [X]

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-04-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-04-04] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-04-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-04-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-04-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-04-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-04-04] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [29432 2017-02-14] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [505880 2017-04-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-04-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-04-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-04-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-04-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-04-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-04-04] (AVAST Software)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-04-06] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-11-11] () [Bestand niet getekend]
U3 a69wt6ra; C:\Windows\System32\Drivers\a69wt6ra.sys [0 ] (Microsoft Corporation) <==== AANDACHT (nul byte bestand/map)
S3 cpuz134; \??\C:\Users\user\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== AANDACHT

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-04-07 10:41 - 2017-04-07 10:42 - 00017437 _____ C:\Users\user\Downloads\FRST.txt
2017-04-07 10:41 - 2017-04-07 10:41 - 02424832 _____ (Farbar) C:\Users\user\Downloads\FRST64 (3).exe
2017-04-07 10:41 - 2017-04-07 10:41 - 00000000 ____D C:\FRST
2017-04-07 10:40 - 2017-04-07 10:40 - 02424832 _____ (Farbar) C:\Users\user\Downloads\FRST64 (2).exe
2017-04-07 10:40 - 2017-04-07 10:40 - 01766912 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2017-04-07 10:40 - 2017-04-07 10:40 - 01766912 _____ (Farbar) C:\Users\user\Downloads\FRST (1).exe
2017-04-07 10:39 - 2017-04-07 10:39 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-07 10:38 - 2017-04-07 10:39 - 02424832 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2017-04-07 10:38 - 2017-04-07 10:39 - 02424832 _____ (Farbar) C:\Users\user\Downloads\FRST64 (1).exe
2017-04-07 00:51 - 2017-04-07 00:51 - 00000000 ____D C:\rsit
2017-04-07 00:51 - 2017-04-07 00:51 - 00000000 ____D C:\Program Files (x86)\trend micro
2017-04-07 00:50 - 2017-04-07 00:51 - 01107968 _____ C:\Users\user\Downloads\RSIT.exe
2017-04-07 00:32 - 2017-04-07 00:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\user\Downloads\HijackThis.exe
2017-04-07 00:26 - 2017-04-07 00:26 - 00000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2017-04-06 23:27 - 2017-04-07 00:26 - 00187604 _____ C:\Windows\ntbtlog.txt
2017-04-04 20:21 - 2017-04-04 20:19 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-04-03 20:40 - 2017-04-03 20:40 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2017-03-31 19:58 - 2017-03-31 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-03-29 21:54 - 2017-03-29 21:54 - 02786824 _____ (DLL-Files.com Client ) C:\Users\user\Downloads\clientsetup_d-0.exe
2017-03-29 21:50 - 2017-03-29 21:50 - 00034496 _____ C:\Users\user\Downloads\avastIP.zip
2017-03-29 21:50 - 2017-03-29 21:50 - 00034496 _____ C:\Users\user\Downloads\avastIP (1).zip
2017-03-29 21:47 - 2017-03-30 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2017-03-29 21:47 - 2017-03-29 21:47 - 00000000 ____D C:\Program Files\WinZip Smart Monitor
2017-03-29 21:46 - 2017-03-29 21:46 - 14600624 _____ (WinZip) C:\Users\user\Downloads\wzdu34.exe
2017-03-14 22:10 - 2017-03-04 19:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-14 22:10 - 2017-03-04 18:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-14 22:10 - 2017-03-04 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-14 22:10 - 2017-03-04 10:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-14 22:10 - 2017-03-04 10:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-14 22:10 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-14 22:10 - 2017-03-04 10:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-14 22:10 - 2017-03-04 10:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-14 22:10 - 2017-03-04 10:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-14 22:10 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-14 22:10 - 2017-03-04 09:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-14 22:10 - 2017-03-04 09:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-14 22:10 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-14 22:10 - 2017-03-04 09:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-14 22:10 - 2017-03-04 09:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-14 22:10 - 2017-03-04 09:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-14 22:10 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-14 22:10 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-14 22:10 - 2017-03-04 09:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-14 22:10 - 2017-03-04 09:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-14 22:10 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-14 22:10 - 2017-03-04 09:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-14 22:10 - 2017-03-04 09:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-14 22:10 - 2017-03-04 09:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-14 22:10 - 2017-03-04 09:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-14 22:10 - 2017-03-04 09:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-14 22:10 - 2017-03-04 09:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-14 22:10 - 2017-03-04 08:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-14 22:10 - 2017-03-04 08:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-14 22:10 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-14 22:10 - 2017-03-04 08:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-14 22:10 - 2017-03-04 08:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-14 22:10 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-14 22:10 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-14 22:10 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-14 22:10 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-14 22:10 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-14 22:10 - 2017-03-02 20:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-14 22:10 - 2017-03-02 20:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-14 22:10 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-14 22:10 - 2017-03-02 20:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-14 22:10 - 2017-03-02 20:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-14 22:10 - 2017-03-02 20:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-14 22:10 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-14 22:10 - 2017-03-02 19:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-14 22:10 - 2017-03-02 19:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-14 22:10 - 2017-03-02 19:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-14 22:10 - 2017-03-02 19:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-14 22:10 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-14 22:10 - 2017-03-02 19:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-14 22:10 - 2017-03-02 19:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-14 22:10 - 2017-03-02 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-14 22:10 - 2017-03-02 19:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-14 22:10 - 2017-03-02 19:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-14 22:10 - 2017-03-02 19:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-14 22:10 - 2017-03-02 19:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-14 22:10 - 2017-03-02 19:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-14 22:10 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-14 22:10 - 2017-03-02 19:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-14 22:10 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-14 22:10 - 2017-03-02 19:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-14 22:10 - 2017-03-02 19:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-14 22:10 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-14 22:10 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-14 22:10 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-14 22:10 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-14 22:10 - 2017-02-10 16:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-14 22:10 - 2017-02-09 18:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-14 22:10 - 2017-02-09 18:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-14 22:10 - 2017-02-09 18:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-14 22:10 - 2017-02-09 18:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-14 22:10 - 2017-02-09 18:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-14 22:10 - 2017-02-09 18:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-14 22:10 - 2017-02-09 18:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-14 22:10 - 2017-02-09 18:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-14 22:10 - 2017-02-09 18:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-14 22:10 - 2017-02-09 18:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-14 22:10 - 2017-02-09 18:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-14 22:10 - 2017-02-09 18:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-14 22:10 - 2017-02-09 18:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-14 22:10 - 2017-02-09 18:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-14 22:10 - 2017-02-09 18:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-14 22:10 - 2017-02-09 18:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-14 22:10 - 2017-02-09 18:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-14 22:10 - 2017-02-09 16:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-14 22:10 - 2017-01-11 20:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-14 22:09 - 2017-02-11 17:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-14 22:09 - 2017-02-11 17:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-14 22:09 - 2017-02-11 17:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-14 22:09 - 2017-02-10 18:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-14 22:09 - 2017-02-10 18:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-14 22:09 - 2017-02-10 18:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-14 22:09 - 2017-02-10 18:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-14 22:09 - 2017-02-09 18:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-14 22:09 - 2017-02-09 18:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-14 22:09 - 2017-02-09 18:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-14 22:09 - 2017-02-09 18:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 18:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-14 22:09 - 2017-02-09 18:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-14 22:09 - 2017-02-09 18:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-14 22:09 - 2017-02-09 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-14 22:09 - 2017-02-09 17:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-14 22:09 - 2017-02-09 17:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-14 22:09 - 2017-02-09 17:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-14 22:09 - 2017-02-09 17:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-14 22:09 - 2017-02-09 17:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-14 22:09 - 2017-02-09 17:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-14 22:09 - 2017-02-09 17:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-14 22:09 - 2017-02-09 17:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-14 22:09 - 2017-02-09 17:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-14 22:09 - 2017-02-09 17:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-14 22:09 - 2017-02-09 17:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-14 22:09 - 2017-02-09 17:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-14 22:09 - 2017-02-09 17:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-14 22:09 - 2017-02-09 17:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-14 22:09 - 2017-02-09 17:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 17:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 17:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 17:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-14 22:09 - 2017-02-09 16:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-14 22:09 - 2017-02-06 18:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-14 22:09 - 2017-01-13 20:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-14 22:09 - 2017-01-13 20:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-14 22:09 - 2017-01-13 19:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-14 22:09 - 2017-01-13 19:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-14 22:09 - 2017-01-11 20:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-14 22:09 - 2017-01-11 19:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-14 22:09 - 2017-01-11 19:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-14 22:09 - 2017-01-06 20:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-14 22:09 - 2017-01-06 19:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-14 22:08 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-14 22:08 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-14 22:08 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-14 22:08 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-14 22:08 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-14 22:08 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-14 22:08 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-14 22:08 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-14 22:08 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-11 23:29 - 2017-03-11 23:29 - 00000000 ____D C:\Users\user\AppData\Roaming\Solvusoft
2017-03-11 23:29 - 2017-03-11 23:29 - 00000000 ____D C:\ProgramData\Solvusoft
2017-03-11 23:25 - 2017-03-21 19:53 - 00000000 ____D C:\Users\user\AppData\Local\IIIQF
2017-03-11 23:25 - 2017-03-11 23:25 - 08932000 _____ (Solvusoft Corporation ) C:\Users\user\Downloads\Setup_WinThruster_2016.exe

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-04-07 10:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-07 00:38 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-07 00:38 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-07 00:33 - 2012-06-19 15:29 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2017-04-07 00:31 - 2012-08-02 18:26 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-730420348-928841526-1892792260-1000UA.job
2017-04-06 23:28 - 2016-01-27 08:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-04-06 23:14 - 2017-02-14 17:53 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-04-04 20:24 - 2015-11-16 18:57 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1447693025
2017-04-04 20:19 - 2014-05-01 20:47 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-04-04 20:19 - 2013-12-30 19:56 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-04-04 20:19 - 2013-03-05 23:34 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-04-04 20:19 - 2013-03-05 23:34 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-04-04 20:19 - 2012-06-21 12:41 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-04-04 20:19 - 2012-06-21 12:41 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-04-04 20:19 - 2012-06-21 12:41 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-04-04 20:18 - 2012-06-21 12:41 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-04-04 20:18 - 2012-06-21 12:41 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-04-04 20:17 - 2017-02-14 17:53 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-04-04 20:17 - 2017-02-14 17:53 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-04-04 20:17 - 2017-02-14 17:53 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-04-04 20:17 - 2017-02-14 17:53 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-04-04 20:17 - 2016-03-01 22:23 - 00505880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-04-03 20:33 - 2012-07-01 10:42 - 00000000 ____D C:\Users\user\Documents\muziek
2017-04-03 20:30 - 2012-08-13 18:20 - 00000000 ____D C:\ProgramData\Soulseek
2017-04-03 19:58 - 2009-07-14 07:08 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-04-01 18:31 - 2012-08-02 18:26 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-730420348-928841526-1892792260-1000Core.job
2017-03-31 20:07 - 2012-02-28 12:13 - 00746014 _____ C:\Windows\system32\perfh013.dat
2017-03-31 20:07 - 2012-02-28 12:13 - 00153934 _____ C:\Windows\system32\perfc013.dat
2017-03-31 20:07 - 2009-07-14 07:13 - 01670960 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-31 20:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-03-31 19:58 - 2014-11-28 21:00 - 00001886 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2017-03-31 19:21 - 2015-11-28 17:00 - 00000000 ____D C:\ProgramData\WinZip
2017-03-31 19:21 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2017-03-19 21:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-03-15 21:53 - 2012-08-11 09:44 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-15 21:53 - 2012-08-11 09:44 - 00004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 21:53 - 2011-10-27 14:12 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 21:53 - 2011-10-27 14:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-15 21:53 - 2011-10-27 14:12 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-15 21:07 - 2009-07-14 06:45 - 00436112 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-15 21:04 - 2014-12-11 15:25 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-15 21:04 - 2014-04-30 22:23 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-15 21:04 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-14 22:23 - 2013-08-07 17:22 - 00000000 ____D C:\Windows\system32\MRT
2017-03-14 22:20 - 2012-06-19 17:31 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-14 22:18 - 2013-03-13 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-14 22:17 - 2013-03-13 19:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-14 22:17 - 2013-03-13 19:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

==================== Bestanden in de root van sommige mappen =======

2012-09-09 10:31 - 2015-03-05 19:24 - 0005120 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-08 16:44 - 2016-08-08 16:44 - 0000000 _____ () C:\Users\user\AppData\Local\{B26151A7-2125-4186-87CC-C73B3560EA21}
2012-02-28 11:40 - 2012-02-28 11:42 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log
2012-09-08 17:32 - 2012-09-08 17:34 - 0000032 _____ () C:\ProgramData\PS.log

Sommige bestanden in TEMP:
====================
2017-01-18 12:12 - 2017-01-18 12:12 - 0739904 _____ (Oracle Corporation) C:\Users\user\AppData\Local\Temp\jre-8u121-windows-au.exe

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend

LastRegBack: 2017-04-05 21:03

==================== Eind van FRST.txt ============================

Gebruikersavatar
Eric
Site Admin
Berichten: 14845
Lid geworden op: 13 apr 2005 15:54
Besturingssysteem: Windows 10
Bescherming: Malwarebytes pro
Locatie: Kotje aan de kust.
Contacteer:

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door Eric » 07 apr 2017 11:48

U heeft maar 1 van de 2 logjes geplaatst ( en niet als bijlage).

Start de Afbeelding Farbar Recovery Scan Tool nogmaals.
  • Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
  • Dubbelklik op FRST.exe om de tool te starten.
  • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
  • Druk op de Fix knop
  • Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
  • Voeg dit logbestand als bijlage toe aan het volgende bericht..
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.
****Afbeelding****
Doneren kan hier :wink:
traagheidtips
Dit is geen link, erop klikken is zinloos.
Hitmanpro"Alert"

vins
Lid
Berichten: 6
Lid geworden op: 10 okt 2008 07:42

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door vins » 07 apr 2017 21:31

Ik hoop dat ik het goed heb nu :)
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.

Gebruikersavatar
Eric
Site Admin
Berichten: 14845
Lid geworden op: 13 apr 2005 15:54
Besturingssysteem: Windows 10
Bescherming: Malwarebytes pro
Locatie: Kotje aan de kust.
Contacteer:

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door Eric » 08 apr 2017 14:15

-.- had je de fix ook gedaan
****Afbeelding****
Doneren kan hier :wink:
traagheidtips
Dit is geen link, erop klikken is zinloos.
Hitmanpro"Alert"

vins
Lid
Berichten: 6
Lid geworden op: 10 okt 2008 07:42

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door vins » 08 apr 2017 15:36

eerst scannen dan fixen. maar als je daar op drukt zegt hij geen txt te vinden, waarschijnlijk staat die in dezelfde map of van waar je het exe programma gestart bent... ik heb 2 logbestanden, meer niet ?
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.

Gebruikersavatar
Eric
Site Admin
Berichten: 14845
Lid geworden op: 13 apr 2005 15:54
Besturingssysteem: Windows 10
Bescherming: Malwarebytes pro
Locatie: Kotje aan de kust.
Contacteer:

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door Eric » 10 apr 2017 09:36

Start de Afbeelding Farbar Recovery Scan Tool nogmaals.
  • Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
  • Dubbelklik op FRST.exe om de tool te starten.
  • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
  • Druk op de Fix knop
  • Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
  • Voeg dit logbestand als bijlage toe aan het volgende bericht..
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.
****Afbeelding****
Doneren kan hier :wink:
traagheidtips
Dit is geen link, erop klikken is zinloos.
Hitmanpro"Alert"

vins
Lid
Berichten: 6
Lid geworden op: 10 okt 2008 07:42

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door vins » 10 apr 2017 16:51

in bijlage het log bestand, sorry voor het geklungel :p
Je hebt niet voldoende permissies om de bijlagen van dit bericht te bekijken.

Gebruikersavatar
Eric
Site Admin
Berichten: 14845
Lid geworden op: 13 apr 2005 15:54
Besturingssysteem: Windows 10
Bescherming: Malwarebytes pro
Locatie: Kotje aan de kust.
Contacteer:

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door Eric » 11 apr 2017 09:58

Toch goed zo hoor, verder nog klachten?
****Afbeelding****
Doneren kan hier :wink:
traagheidtips
Dit is geen link, erop klikken is zinloos.
Hitmanpro"Alert"

vins
Lid
Berichten: 6
Lid geworden op: 10 okt 2008 07:42

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door vins » 11 apr 2017 18:16

internet en de laptop in zijn geheel lopen nog steeds even traag, ik kan eens een andere browser proberen, zoals opera ?

Gebruikersavatar
Eric
Site Admin
Berichten: 14845
Lid geworden op: 13 apr 2005 15:54
Besturingssysteem: Windows 10
Bescherming: Malwarebytes pro
Locatie: Kotje aan de kust.
Contacteer:

Re: toch maar eens vragen aan de specialisten, hijjack logje ...

Bericht door Eric » 12 apr 2017 12:50

Probeer dit eens.

Ga naar Start > Configuratiescherm > Software "Programma's en Onderdelen".
Selecteer Google Chrome en verwijder deze geheel van de computer.

Download vervolgens Afbeelding Old Chrome Remover naat bijvoorbeeld het bureaublad.
  • Klik met de rechtermuisknop op OldChromeRemover-0.5 en kies voor de optie uitvoeren als administrator.
  • Er verschijnt nu een zwart commandprompt scherm, wacht vervolgens tot de onderstaande melding verschijnt.
Afbeelding
  • Druk vervolgens op de toets Y om de verouderde versie(s) van Google Chrome te verwijderen.
  • Wanneer dit gereed is klikt u op een willekeurige toets, b.v. de spatiebalk om het programma te sluiten.
  • Herstart de computer en download Google Chrome en installeer deze opnieuw.
****Afbeelding****
Doneren kan hier :wink:
traagheidtips
Dit is geen link, erop klikken is zinloos.
Hitmanpro"Alert"

Plaats reactie