Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 08-10-2017
Gestart door medion (Beheerder) op MEDION-PC (09-10-2017 10:57:22)
Gestart vanaf C:\Users\medion\Desktop
Geladen Profielen: medion (Beschikbare Profielen: medion)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 9 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool:
FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
() C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 84.116.46.20 84.116.46.21
Tcpip\..\Interfaces\{AC1E9CDD-A1E7-4FD7-9488-D45E47AB10D0}: [DhcpNameServer] 84.116.46.20 84.116.46.21
Internet Explorer:
==================
HKU\S-1-5-21-4026612173-1924025479-3315370365-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
HKU\S-1-5-21-4026612173-1924025479-3315370365-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
SearchScopes: HKU\S-1-5-21-4026612173-1924025479-3315370365-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-15] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16] (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-15] (Sun Microsystems, Inc.)
FireFox:
========
FF DefaultProfile: iz7tjorp.default
FF ProfilePath: C:\Users\medion\AppData\Roaming\Mozilla\Firefox\Profiles\iz7tjorp.default [2017-10-09]
FF Homepage: Mozilla\Firefox\Profiles\iz7tjorp.default -> piepcomp.nl
FF Extension: (AdBlock) - C:\Users\medion\AppData\Roaming\Mozilla\Firefox\Profiles\iz7tjorp.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-10-09]
FF Extension: (LastPass: Free Password Manager) - C:\Users\medion\AppData\Roaming\Mozilla\Firefox\Profiles\iz7tjorp.default\Extensions\support@lastpass.com [2017-10-09]
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-03-15] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-03-15] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R2 RepetierServer; C:\Program Files (x86)\Repetier-Server\bin\RepetierServer.exe [6129000 2017-08-07] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-10-09 10:57 - 2017-10-09 10:59 - 000006312 _____ C:\Users\medion\Desktop\FRST.txt
2017-10-09 10:56 - 2017-10-09 10:57 - 000000000 ____D C:\FRST
2017-10-09 10:56 - 2017-10-09 10:55 - 002401792 _____ (Farbar) C:\Users\medion\Desktop\FRST64.exe
2017-10-09 10:55 - 2017-10-09 10:55 - 002401792 _____ (Farbar) C:\Users\medion\Downloads\FRST64.exe
2017-10-09 10:49 - 2017-10-09 10:49 - 000000000 ____D C:\Users\medion\AppData\Roaming\Adobe
2017-10-09 10:49 - 2017-10-09 10:49 - 000000000 ____D C:\Users\medion\AppData\LocalLow\Adobe
2017-10-09 10:49 - 2017-10-09 10:49 - 000000000 ____D C:\Users\medion\AppData\Local\Adobe
2017-10-09 10:34 - 2017-10-09 10:34 - 000000000 __SHD C:\ProgramData\ms-drivers
2017-10-09 10:34 - 2017-10-09 10:34 - 000000000 __SHD C:\ProgramData\icsxml
2017-10-09 10:20 - 2017-10-09 10:21 - 000000000 ____D C:\totalcmd
2017-10-09 10:20 - 2017-10-09 10:20 - 004987672 _____ (Ghisler Software GmbH) C:\Users\medion\Downloads\tcmd900ax64.exe
2017-10-09 10:20 - 2017-10-09 10:20 - 000000650 _____ C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2017-10-09 10:20 - 2017-10-09 10:20 - 000000000 ____D C:\Users\medion\AppData\Roaming\GHISLER
2017-10-09 10:20 - 2017-10-09 10:20 - 000000000 ____D C:\Users\medion\AppData\Local\GHISLER
2017-10-09 10:20 - 2017-10-09 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2017-10-09 10:14 - 2017-10-09 10:14 - 000000000 ____D C:\ProgramData\Repetier-Server
2017-10-09 10:11 - 2017-10-09 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Server
2017-10-09 10:11 - 2017-10-09 10:11 - 000000000 ____D C:\Program Files (x86)\Repetier-Server
2017-10-09 10:09 - 2017-10-09 10:11 - 009611344 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-09 10:03 - 2017-10-09 10:03 - 000000871 _____ C:\Users\Public\Desktop\Repetier-Host.lnk
2017-10-09 10:03 - 2017-10-09 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Host
2017-10-09 10:02 - 2017-10-09 10:17 - 000000000 ____D C:\Users\medion\AppData\Local\RepetierHost
2017-10-09 10:02 - 2017-10-09 10:03 - 000000000 ____D C:\Program Files\Repetier-Host
2017-10-09 10:02 - 2017-10-09 10:02 - 000000000 ____D C:\ProgramData\Google
2017-10-09 10:01 - 2017-10-09 10:02 - 050544928 _____ (repetier ) C:\Users\medion\Downloads\setupRepetierHost_2_0_5.exe
2017-10-09 09:57 - 2017-10-09 09:57 - 000000949 _____ C:\Users\medion\Desktop\Cura.lnk
2017-10-09 09:49 - 2017-10-09 09:49 - 000000000 ____D C:\Users\medion\AppData\Roaming\cura
2017-10-09 09:49 - 2017-10-09 09:49 - 000000000 ____D C:\Users\medion\AppData\Local\cura
2017-10-09 09:48 - 2017-10-09 09:48 - 000000000 ____D C:\Program Files\DIFX
2017-10-09 09:42 - 2015-07-18 15:08 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-10-09 09:42 - 2015-07-18 15:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-10-09 09:39 - 2017-10-09 10:25 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-09 09:37 - 2017-10-09 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cura
2017-10-09 09:37 - 2017-10-09 09:37 - 000000000 ____D C:\Program Files\Cura 2.7
2017-10-09 09:36 - 2017-10-09 09:36 - 101906041 _____ C:\Users\medion\Downloads\Cura-2.7.0-win64.exe
2017-10-09 09:32 - 2017-10-09 10:55 - 000000000 ____D C:\Users\medion\AppData\LocalLow\Mozilla
2017-10-09 09:32 - 2017-10-09 09:36 - 000000000 ____D C:\Users\medion\AppData\Local\Mozilla
2017-10-09 09:32 - 2017-10-09 09:32 - 000000940 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-10-09 09:32 - 2017-10-09 09:32 - 000000928 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-10-09 09:32 - 2017-10-09 09:32 - 000000000 ____D C:\Users\medion\AppData\Roaming\Mozilla
2017-10-09 09:32 - 2017-10-09 09:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-09 09:31 - 2017-10-09 09:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-09 09:23 - 2017-10-09 09:24 - 000000000 ____D C:\Users\medion\AppData\Local\Google
2017-10-09 09:17 - 2014-05-14 18:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-10-09 09:17 - 2014-05-14 18:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-10-09 09:17 - 2014-05-14 18:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-10-09 09:17 - 2014-05-14 18:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-10-09 09:16 - 2014-05-14 18:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-10-09 09:16 - 2014-05-14 18:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-10-09 09:16 - 2014-05-14 18:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-10-09 09:16 - 2014-05-14 18:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-10-09 09:16 - 2014-05-14 18:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-10-09 09:16 - 2014-05-14 18:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-10-09 09:16 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-10-09 09:16 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-10-09 09:16 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-10-09 09:16 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-10-08 10:00 - 2017-10-09 10:16 - 000057560 _____ C:\Users\medion\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-08 10:00 - 2017-10-08 10:00 - 000000000 ___HD C:\ProgramData\Medion Reminder
2017-10-08 09:59 - 2017-10-09 09:23 - 000001252 _____ C:\Users\medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-10-08 09:59 - 2017-10-08 09:59 - 000001405 _____ C:\Users\medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2017-10-08 09:59 - 2017-10-08 09:59 - 000000020 ___SH C:\Users\medion\ntuser.ini
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\Sjablonen
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\Netwerkprinteromgeving
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\Mijn documenten
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\Menu Start
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\Documents\Mijn video's
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\Documents\Mijn muziek
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\Documents\Mijn afbeeldingen
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 _SHDL C:\Users\medion\AppData\Local\Geschiedenis
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 ____D C:\Users\medion\AppData\Local\VirtualStore
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 ____D C:\Users\medion\AppData\Local\Power2Go
2017-10-08 09:59 - 2017-10-08 09:59 - 000000000 ____D C:\Users\medion
2017-10-08 09:59 - 2011-02-10 22:48 - 000000000 ____D C:\Users\medion\AppData\Roaming\Macromedia
2017-10-08 09:59 - 2010-11-21 09:16 - 000000000 ____D C:\Users\medion\AppData\Roaming\Media Center Programs
2017-10-08 09:57 - 2017-10-09 10:02 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-08 09:57 - 2017-10-09 09:26 - 000000000 ____D C:\ProgramData\Partner
2017-10-08 09:57 - 2017-10-09 09:26 - 000000000 ____D C:\Program Files\Google
2017-10-08 09:57 - 2017-10-08 09:57 - 000000000 ____D C:\Program Files\PlayReady
2017-10-08 09:57 - 2011-03-11 15:52 - 000002101 _____ C:\Users\Public\Desktop\Maak uw eigen support dvd.lnk
2017-10-08 09:57 - 2010-10-25 10:24 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-08 09:57 - 2010-08-27 12:47 - 000001185 _____ C:\Users\Public\Desktop\eBay.nl.lnk
2017-10-08 09:55 - 2017-10-08 09:55 - 000000000 _SHDL C:\Documents and Settings
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-10-09 10:37 - 2009-07-14 06:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-09 10:37 - 2009-07-14 06:45 - 000021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-09 10:27 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-09 10:24 - 2011-02-10 22:14 - 000646042 _____ C:\Windows\system32\perfh01F.dat
2017-10-09 10:24 - 2011-02-10 22:14 - 000138252 _____ C:\Windows\system32\perfc01F.dat
2017-10-09 10:24 - 2011-02-10 22:05 - 000718280 _____ C:\Windows\system32\prfh0816.dat
2017-10-09 10:24 - 2011-02-10 22:05 - 000151262 _____ C:\Windows\system32\prfc0816.dat
2017-10-09 10:24 - 2011-02-10 22:00 - 000729282 _____ C:\Windows\system32\perfh015.dat
2017-10-09 10:24 - 2011-02-10 22:00 - 000153974 _____ C:\Windows\system32\perfc015.dat
2017-10-09 10:24 - 2011-02-10 21:55 - 000742790 _____ C:\Windows\system32\perfh013.dat
2017-10-09 10:24 - 2011-02-10 21:55 - 000151906 _____ C:\Windows\system32\perfc013.dat
2017-10-09 10:24 - 2011-02-10 21:49 - 000729280 _____ C:\Windows\system32\perfh010.dat
2017-10-09 10:24 - 2011-02-10 21:49 - 000145162 _____ C:\Windows\system32\perfc010.dat
2017-10-09 10:24 - 2011-02-10 21:44 - 000672766 _____ C:\Windows\system32\perfh00E.dat
2017-10-09 10:24 - 2011-02-10 21:44 - 000169358 _____ C:\Windows\system32\perfc00E.dat
2017-10-09 10:24 - 2011-02-10 21:39 - 000734744 _____ C:\Windows\system32\perfh00C.dat
2017-10-09 10:24 - 2011-02-10 21:39 - 000147666 _____ C:\Windows\system32\perfc00C.dat
2017-10-09 10:24 - 2011-02-10 21:34 - 000734588 _____ C:\Windows\system32\perfh00A.dat
2017-10-09 10:24 - 2011-02-10 21:34 - 000156698 _____ C:\Windows\system32\perfc00A.dat
2017-10-09 10:24 - 2011-02-10 21:29 - 000595964 _____ C:\Windows\system32\perfh008.dat
2017-10-09 10:24 - 2011-02-10 21:29 - 000109366 _____ C:\Windows\system32\perfc008.dat
2017-10-09 10:24 - 2011-02-10 21:25 - 000686028 _____ C:\Windows\system32\perfh007.dat
2017-10-09 10:24 - 2011-02-10 21:25 - 000147156 _____ C:\Windows\system32\perfc007.dat
2017-10-09 10:24 - 2011-02-10 21:21 - 000498586 _____ C:\Windows\system32\perfh006.dat
2017-10-09 10:24 - 2011-02-10 21:21 - 000096846 _____ C:\Windows\system32\perfc006.dat
2017-10-09 10:24 - 2009-07-14 07:13 - 009817334 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-09 10:24 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-09 09:26 - 2009-07-14 06:45 - 000274552 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-09 09:20 - 2011-03-15 00:29 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-10-09 09:19 - 2011-03-15 00:29 - 000000000 ____D C:\Program Files (x86)\CyberLink
2017-10-09 09:18 - 2011-05-05 22:31 - 000000000 ____D C:\ProgramData\CyberLink
2017-10-08 10:50 - 2009-07-14 07:32 - 000032768 _____ C:\Windows\system32\config\BCD-Template
2017-10-08 09:55 - 2011-02-10 20:44 - 000000000 ____D C:\Windows\Panther
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2011-02-10 20:44
==================== Eind van FRST.txt ============================