Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15-02-2017 02 Gestart door Michel (Beheerder) op DELL (17-02-2017 11:54:33) Gestart vanaf D:\Downloads Geladen Profielen: Michel (Beschikbare Profielen: Michel) Platform: Windows 10 Pro Versie 1607 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe (Oki Data Corporation) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe (Dropbox, Inc.) C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Firetrust) C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Dropbox, Inc.) C:\Users\Michel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] () HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-06-03] (Dell Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518960 2013-08-21] (Acronis) HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [723936 2011-10-20] (Oki Data Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-06] (Synaptics Incorporated) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7836312 2014-03-05] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1103272 2013-10-10] (Acronis International GmbH) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.) HKU\S-1-5-21-790814905-602635857-4264004509-1001\...\Run: [Dropbox Update] => C:\Users\Michel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => -> Geen bestand ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => -> Geen bestand ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => -> Geen bestand ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] () ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michel\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-03-11] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-03-11] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass) Startup: C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk [2014-02-28] ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-02-08] ShortcutTarget: Dropbox.lnk -> C:\Users\Michel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk [2017-02-11] ShortcutTarget: MailWasherPro.lnk -> C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe (Firetrust) Startup: C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2014-11-23] ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{09351731-ec2e-464c-847f-0d610d7901c1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ae718dd1-c18c-46dd-9f59-9c21c014da12}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-790814905-602635857-4264004509-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/webhp?sourceid=navclient&hl=nl&ie=UTF-8&gws_rd=ssl HKU\S-1-5-21-790814905-602635857-4264004509-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB SearchScopes: HKU\S-1-5-21-790814905-602635857-4264004509-1001 -> {98AF4B82-BFB6-4648-AE1A-C7015C49F278} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-02-26] (Microsoft Corporation) BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-03-11] (LastPass) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-02-26] (Microsoft Corporation) BHO: Geen Naam -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Geen bestand BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation) BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-03-11] (LastPass) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-03-11] (LastPass) Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-03-11] (LastPass) Toolbar: HKU\S-1-5-21-790814905-602635857-4264004509-1001 -> Geen Naam - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Geen bestand Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-02-26] (Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-12-21] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-12-21] (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\10suxazh.default [2017-02-17] FF user.js: detected! => C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\10suxazh.default\user.js [2017-02-09] FF Homepage: Mozilla\Firefox\Profiles\10suxazh.default -> about:home FF Extension: (Belgium eID) - C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\10suxazh.default\Extensions\belgiumeid@eid.belgium.be.xpi [2016-12-15] FF Extension: (Easy Copy) - C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\10suxazh.default\Extensions\easycopy@smokyink.com [2015-07-12] FF Extension: (Print Edit) - C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\10suxazh.default\Extensions\printedit@DW-dev.xpi [2016-12-19] FF Extension: (LastPass) - C:\Users\Michel\AppData\Roaming\Mozilla\Firefox\Profiles\10suxazh.default\Extensions\support@lastpass.com [2016-12-19] FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2016-11-19] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-11] [ niet getekend] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-27] () FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-03-11] (LastPass) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-12-21] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-27] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Geen bestand] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-28] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-28] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2014-03-11] (LastPass) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-12-21] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-26] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-790814905-602635857-4264004509-1001: vasco.com/VascoCardReaderPlugin -> C:\Users\Michel\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll [2014-10-27] (VASCO Data Security) FF Plugin HKU\S-1-5-21-790814905-602635857-4264004509-1001: vasco.com/VascoCardReaderPlugin64 -> C:\Users\Michel\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll [2014-10-27] (VASCO Data Security) Chrome: ======= CHR HKU\S-1-5-21-790814905-602635857-4264004509-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ljcdopdmbcpndfopibbkmijkhmbdgpjj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-01-02] (Microsoft Corporation) R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1701840 2016-12-08] (Intel Security) R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Dell Inc.) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2010-01-11] (Stardock Corporation) [Bestand niet getekend] R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Bestand niet getekend] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-10-15] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-28] (Intel Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-18] (McAfee, Inc.) R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2016-12-15] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.) R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.) R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.2.220\WsAppService.exe [440832 2016-12-15] (Wondershare) [Bestand niet getekend] R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [77832 2016-11-28] (Advanced Card Systems Ltd.) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation) R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2015-09-11] (Dell Computer Corporation) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation) S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-11] (Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251848 2017-02-11] (Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.) R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.) S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896744 2015-08-14] (Realtek ) S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-06] (Synaptics Incorporated) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated) R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2014-02-26] (Acronis International GmbH) S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198432 2014-02-26] (Acronis International GmbH) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-02-17 11:53 - 2017-02-17 11:54 - 00000000 ____D C:\FRST 2017-02-17 10:06 - 2017-02-17 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2017-02-15 10:05 - 2017-02-17 09:49 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse 2017-02-11 15:00 - 2016-08-02 01:03 - 00216704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2017-02-11 14:59 - 2017-02-11 14:59 - 00000000 ____D C:\ProgramData\Intel Security 2017-02-11 14:58 - 2017-02-11 14:58 - 00003142 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2017-02-11 14:56 - 2017-02-16 17:40 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-02-11 14:56 - 2017-02-11 15:01 - 00000000 ____D C:\Program Files\McAfee 2017-02-11 14:56 - 2017-02-11 14:56 - 00000000 ____D C:\Program Files\McAfee.com 2017-02-11 14:56 - 2017-02-11 14:56 - 00000000 ____D C:\Program Files\Common Files\Intel Security 2017-02-11 14:56 - 2017-02-11 14:56 - 00000000 ____D C:\Program Files\Common Files\AV 2017-02-11 14:49 - 2016-11-14 17:41 - 00342768 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe 2017-02-11 14:48 - 2017-02-12 16:47 - 00000000 ____D C:\ProgramData\McAfee 2017-02-11 14:48 - 2017-02-11 14:59 - 00000000 ____D C:\Program Files\Common Files\McAfee 2017-02-11 14:30 - 2017-02-11 14:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2017-02-10 19:27 - 2017-02-13 17:41 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-02-10 19:27 - 2017-02-10 20:04 - 00000000 ____D C:\Users\Michel\AppData\Roaming\TeamViewer 2017-02-10 19:27 - 2017-02-10 19:27 - 00001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-02-10 16:40 - 2017-02-13 17:32 - 00000000 ____D C:\AdwCleaner 2017-02-10 16:36 - 2017-02-10 16:36 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firetrust 2017-02-10 15:51 - 2017-02-11 18:28 - 00000000 ____D C:\Program Files\trend micro 2017-02-10 15:51 - 2017-02-10 15:51 - 00000000 ____D C:\rsit 2017-02-10 12:02 - 2017-02-10 12:02 - 00000000 ____D C:\WINDOWS\LastGood 2017-02-10 09:19 - 2017-02-10 09:19 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2017-02-09 19:28 - 2017-02-09 19:28 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys 2017-02-09 19:27 - 2017-02-11 10:17 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-09 19:27 - 2017-02-11 10:17 - 00110536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2017-02-09 19:27 - 2017-02-11 09:37 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-02-09 19:27 - 2017-02-10 10:43 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2017-02-09 19:25 - 2017-02-09 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-02-09 19:25 - 2017-02-09 19:25 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-02-09 19:25 - 2017-02-09 19:25 - 00000000 ____D C:\Program Files\Malwarebytes 2017-02-09 19:25 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-02-09 18:08 - 2017-02-09 18:08 - 00000000 __HDC C:\ProgramData\{CBCE2F73-24E4-481F-84B2-1A5EB720D187} 2017-02-09 17:29 - 2017-02-09 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-02-09 17:29 - 2017-02-09 17:29 - 00000000 ____D C:\Program Files\VS Revo Group 2017-02-09 17:20 - 2017-02-09 17:20 - 00002850 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-02-09 17:20 - 2017-02-09 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-02-09 17:20 - 2017-02-09 17:20 - 00000000 ____D C:\Program Files\CCleaner 2017-02-09 16:48 - 2017-02-09 16:48 - 00000000 ___HD C:\$Windows.~WS 2017-02-09 16:48 - 2017-02-09 16:48 - 00000000 ____D C:\$WINDOWS.~BT 2017-02-08 09:21 - 2017-02-08 09:21 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-01-31 11:01 - 2017-01-31 11:01 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2017-01-25 10:23 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 10:23 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-02-17 11:51 - 2016-11-20 10:10 - 00000000 ____D C:\Users\Michel\AppData\LocalLow\Mozilla 2017-02-17 11:51 - 2014-03-11 19:32 - 00000000 ____D C:\Users\Michel\AppData\LocalLow\LastPass 2017-02-17 11:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2017-02-17 11:33 - 2016-11-01 11:14 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-17 10:07 - 2016-12-07 10:18 - 00005274 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DELL-Michel dell 2017-02-17 09:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-17 09:43 - 2016-11-01 11:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-17 09:43 - 2016-11-01 11:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-02-17 09:43 - 2016-05-25 11:13 - 00000000 __SHD C:\Users\Michel\IntelGraphicsProfiles 2017-02-17 09:43 - 2016-05-07 08:18 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat 2017-02-16 18:29 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI 2017-02-16 09:04 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-13 17:11 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2017-02-11 18:42 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-11 14:58 - 2016-07-16 12:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2017-02-11 14:28 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated 2017-02-11 14:23 - 2014-02-28 14:34 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Foxit Software 2017-02-11 14:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-02-10 20:11 - 2016-11-01 11:14 - 00241064 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-02-10 18:16 - 2016-11-01 11:25 - 00000000 ____D C:\Users\Michel 2017-02-10 16:36 - 2015-02-22 17:44 - 00000090 _____ C:\WINDOWS\SysWOW64\ftm31.dat 2017-02-10 16:36 - 2014-05-11 19:28 - 00000000 ____D C:\ProgramData\Firetrust 2017-02-10 09:18 - 2016-02-13 14:37 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-02-09 18:32 - 2014-08-31 08:46 - 00000000 ____D C:\Program Files\Google 2017-02-09 18:32 - 2014-06-14 15:22 - 00000000 ____D C:\Program Files (x86)\Google 2017-02-09 18:08 - 2014-02-19 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2017-02-09 18:08 - 2014-02-19 15:52 - 00000000 ____D C:\Program Files\Dell 2017-02-09 18:00 - 2014-06-15 11:01 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Apple Computer 2017-02-09 18:00 - 2014-06-15 10:59 - 00000000 ____D C:\ProgramData\Apple Computer 2017-02-09 17:58 - 2014-06-15 10:59 - 00000000 ____D C:\Program Files\Common Files\Apple 2017-02-09 17:47 - 2014-06-15 10:58 - 00000000 ____D C:\ProgramData\Apple 2017-02-09 17:30 - 2016-11-01 11:13 - 00000000 ___DC C:\WINDOWS\Panther 2017-02-09 17:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-02-09 17:26 - 2015-08-19 18:34 - 00000000 __RHD C:\ESD 2017-02-08 09:52 - 2014-02-19 16:03 - 00000000 ____D C:\ProgramData\PCDr 2017-02-08 09:22 - 2014-03-02 16:43 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Dropbox 2017-01-28 16:38 - 2016-11-19 18:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-01-28 16:38 - 2014-03-02 17:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-01-25 10:45 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-23 15:24 - 2015-12-26 14:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Bestanden in de root van sommige mappen ======= 2014-03-11 19:32 - 2014-03-11 19:32 - 14914048 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2014-03-02 15:41 - 2014-03-02 15:41 - 0000181 _____ () C:\Users\Michel\AppData\Roaming\Opusbext.dat 2016-11-01 11:19 - 2016-11-01 11:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-02-19 16:02 - 2014-02-19 16:03 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log 2014-02-19 15:59 - 2014-02-19 16:00 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log 2014-02-19 16:00 - 2014-02-19 16:01 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log 2014-02-19 16:01 - 2014-02-19 16:02 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log 2014-02-19 15:58 - 2014-02-19 15:58 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-02-15 16:59 ==================== Eind van FRST.txt ============================