Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 12-08-2017 Gestart door computer (Beheerder) op PC (14-08-2017 22:47:55) Gestart vanaf C:\Users\computer\Desktop Geladen Profielen: computer (Beschikbare Profielen: computer & hfm32) Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe () C:\Windows\SysWOW64\spdsvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe (SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Users\computer\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [706440 2015-10-04] (Alps Electric Co., Ltd.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] () HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-08-01] (Adobe Systems Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-08-10] (Dropbox, Inc.) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2871391618-1465616402-3070090435-1001\...\Run: [Google Update] => C:\Users\computer\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.) HKU\S-1-5-21-2871391618-1465616402-3070090435-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd) HKU\S-1-5-21-2871391618-1465616402-3070090435-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-08-01] (Adobe Systems Incorporated) HKU\S-1-5-21-2871391618-1465616402-3070090435-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2871391618-1465616402-3070090435-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 84.116.46.21 84.116.46.20 Tcpip\..\Interfaces\{789f5081-101e-4cee-b37d-7ebeb6f37bc2}: [DhcpNameServer] 84.116.46.21 84.116.46.20 Tcpip\..\Interfaces\{83d3c778-9d52-4490-bc98-c9e81627f536}: [DhcpNameServer] 84.116.46.21 84.116.46.20 Tcpip\..\Interfaces\{9389800e-d906-41c9-946b-5b7520d2d551}: [DhcpNameServer] 84.116.46.21 84.116.46.20 Internet Explorer: ================== HKU\S-1-5-21-2871391618-1465616402-3070090435-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/nl-nl/?ocid=iehp SearchScopes: HKU\S-1-5-21-2871391618-1465616402-3070090435-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2871391618-1465616402-3070090435-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-2871391618-1465616402-3070090435-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated) DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1476302396259 Edge: ====== Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-02-24] Edge Extension: (Office Online) -> 2016_MicrosoftOfficeOnline_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OfficeOnline_1.5.1.0_neutral__8wekyb3d8bbwe [2017-05-17] Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.12.0.0_neutral__c1wakc4j0nefm [2017-05-02] Edge Extension: (Pin It Button) -> EdgeExtension_PinterestPinItButton_xnkra2w3aecd0 => C:\Program Files\WindowsApps\Pinterest.PinItButton_1.39.5.0_neutral__xnkra2w3aecd0 [2017-02-24] Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2017-02-24] Edge Extension: (Geen Naam) -> MouseGestures_MicrosoftMouseGestures_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.MouseGestures_0.6.17136.0_neutral__8wekyb3d8bbwe [2017-05-17] FireFox: ======== FF ProfilePath: C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\i3oZQO46.default [2017-05-26] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-04-14] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems) FF Plugin HKU\S-1-5-21-2871391618-1465616402-3070090435-1001: @tools.google.com/Google Update;version=3 -> C:\Users\computer\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin HKU\S-1-5-21-2871391618-1465616402-3070090435-1001: @tools.google.com/Google Update;version=9 -> C:\Users\computer\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) Chrome: ======= CHR NewTab: Default -> Not-active:"chrome-extension://ejbdobdndcjhdmljipngpeoekdinlohe/homePageRedirect.html" CHR Profile: C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default [2017-08-14] CHR Extension: (Google Presentaties) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-20] CHR Extension: (Google Documenten) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-20] CHR Extension: (Google Drive) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-20] CHR Extension: (YouTube) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-20] CHR Extension: (Norton Home Page for Chrome) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-03-30] CHR Extension: (Google Spreadsheets) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-20] CHR Extension: (Offline Documenten) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20] CHR Extension: (AdBlock) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-11] CHR Extension: (Office Online) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2017-05-10] CHR Extension: (Norton Safe) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-09-06] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-20] CHR Extension: (Chrome Media Router) - C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-05] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2871391618-1465616402-3070090435-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated) R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [104840 2015-10-04] (Alps Electric Co., Ltd.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-29] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-29] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-08-10] (Dropbox, Inc.) S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries) S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-06-29] (SurfRight B.V.) R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4853384 2017-06-29] (SurfRight B.V.) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2340336 2017-06-27] (IBM Corp.) R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [506680 2017-01-19] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [253048 2017-06-29] (SurfRight B.V.) R3 hmpnet; C:\WINDOWS\system32\drivers\hmpnet.sys [93800 2017-06-29] (SurfRight B.V.) R1 MpKsl1d56c55e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70319F42-3FB2-487E-ACCC-BAC48201983A}\MpKsl1d56c55e.sys [44928 2017-08-08] (Microsoft Corporation) R1 MpKsl7ff1a83d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{411C1BFB-19F1-4CBA-BB39-FB086D899B3E}\MpKsl7ff1a83d.sys [44928 2017-08-14] (Microsoft Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.) R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-22] (Dritek System Inc.) R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [384288 2017-06-27] (IBM Corp.) R1 RapportCerberus_1804063; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804063.sys [1271264 2017-07-13] (IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [585408 2017-06-27] (IBM Corp.) R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [253880 2017-06-27] (IBM Corp.) R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [507936 2017-06-27] (IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [610592 2017-06-27] (IBM Corp.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-08-14 22:47 - 2017-08-14 22:49 - 000019094 _____ C:\Users\computer\Desktop\FRST.txt 2017-08-14 22:44 - 2017-08-14 22:45 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3 2017-08-14 22:44 - 2017-08-14 22:44 - 000001136 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk 2017-08-14 22:38 - 2017-08-14 22:38 - 001193660 _____ C:\Users\computer\PicStream\Documents\Woonenergieaanmeldingaug.17 (1).pdf 2017-08-14 22:36 - 2017-08-14 22:47 - 000000000 ____D C:\FRST 2017-08-14 22:26 - 2017-08-14 22:27 - 002395648 _____ (Farbar) C:\Users\computer\Desktop\FRST64.exe 2017-08-14 22:22 - 2017-08-14 22:22 - 000000000 ____D C:\Users\computer\Desktop\OpenOffice 4.1.3 (nl) Installation Files 2017-08-14 22:21 - 2017-08-14 22:21 - 000000000 ___HD C:\$WINDOWS.~BT 2017-08-14 21:55 - 2017-08-14 21:55 - 000000000 ___HD C:\OneDriveTemp 2017-08-11 07:04 - 2017-08-11 07:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-08-10 19:03 - 2017-08-10 19:03 - 000049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-08-10 19:03 - 2017-08-10 19:03 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-08-10 19:03 - 2017-08-10 19:03 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-08-10 19:03 - 2017-08-10 19:03 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-08-08 12:38 - 2017-08-08 12:38 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2017-08-01 09:30 - 2017-08-01 09:30 - 004039247 _____ C:\Users\computer\PicStream\Documents\Consumentenbond_Testrapport_Televisies_20170731[1].pdf 2017-08-01 00:31 - 2017-08-01 00:31 - 000065096 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll 2017-08-01 00:31 - 2017-08-01 00:31 - 000035912 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll 2017-08-01 00:21 - 2017-08-01 00:21 - 000024688 _____ C:\Users\computer\PicStream\Documents\iDEAL - Mijn ING.html 2017-08-01 00:21 - 2017-08-01 00:21 - 000000000 ____D C:\Users\computer\PicStream\Documents\iDEAL - Mijn ING_files 2017-07-29 14:16 - 2017-07-29 14:16 - 000508298 _____ C:\Users\computer\PicStream\Documents\retouretiket.pdf 2017-07-27 16:41 - 2017-07-27 16:41 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2871391618-1465616402-3070090435-1001 ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-08-14 22:49 - 2017-06-29 09:57 - 000000000 ____D C:\WINDOWS\CryptoGuard 2017-08-14 22:45 - 2016-03-20 16:03 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2017-08-14 22:40 - 2015-06-30 21:55 - 000000000 ____D C:\Users\computer\PicStream\Documents\Woonenergie2017 2017-08-14 22:34 - 2017-02-24 02:26 - 000000000 ___DC C:\WINDOWS\Panther 2017-08-14 22:23 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-08-14 22:20 - 2016-01-14 11:28 - 000000000 ____D C:\Users\computer\Downloads\Programma's 2017-08-14 21:55 - 2015-07-08 15:50 - 000000000 __RDO C:\Users\computer\OneDrive 2017-08-14 21:54 - 2017-02-24 02:37 - 000000000 ____D C:\Users\computer 2017-08-14 15:01 - 2016-03-04 19:15 - 000000000 ____D C:\Users\computer\PicStream\Documents\Even Doc 2017-08-14 14:24 - 2016-11-21 04:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-08-13 23:27 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-08-13 23:18 - 2016-05-26 14:17 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2017-08-13 22:24 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-08-12 13:33 - 2015-06-30 21:54 - 000000000 ____D C:\Users\computer\PicStream\Documents\PNOZorgverz 2017-08-12 13:23 - 2016-05-19 12:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-08-11 13:40 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-08-11 07:06 - 2016-09-29 08:33 - 000000000 ____D C:\Program Files (x86)\Dropbox 2017-08-10 14:49 - 2017-02-27 17:45 - 000013284 _____ C:\Users\computer\Desktop\Sollicitatieactiviteite Aug .ods 2017-08-10 14:27 - 2015-08-06 16:39 - 000000000 ____D C:\Users\computer\PicStream\Documents\Bonnen 2017-08-10 14:25 - 2015-06-30 21:55 - 000000000 ____D C:\Users\computer\PicStream\Documents\Scan 2017-08-10 14:19 - 2016-03-24 15:08 - 000000000 ____D C:\ProgramData\boost_interprocess 2017-08-10 12:44 - 2017-02-24 02:57 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-08-10 12:43 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF 2017-08-10 12:42 - 2016-05-26 14:17 - 000002118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2017-08-10 12:31 - 2016-03-20 16:28 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-08-10 12:24 - 2016-03-20 16:28 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-08-09 08:15 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-08-09 08:15 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-08-08 17:11 - 2017-06-29 09:57 - 000000000 ____D C:\ProgramData\HitmanPro.Alert 2017-08-08 17:11 - 2016-11-21 13:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-08-08 17:10 - 2016-07-16 08:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-08-08 17:09 - 2017-02-24 02:57 - 000004712 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-08-08 17:09 - 2016-03-20 20:10 - 000000000 ____D C:\Users\computer\AppData\Local\Adobe 2017-08-08 13:39 - 2017-06-18 12:40 - 000000000 ____D C:\ProgramData\HitmanPro 2017-08-08 10:28 - 2016-01-31 16:17 - 000000000 ____D C:\Users\computer\PicStream\Documents\Medischedocu 2017-08-06 20:53 - 2017-03-11 19:20 - 000000000 ____D C:\Users\computer\PicStream\Documents\Lezing 2017-08-04 21:55 - 2016-03-20 16:30 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-08-01 13:28 - 2016-11-21 13:49 - 002037212 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-08-01 13:28 - 2016-11-21 13:06 - 000808962 _____ C:\WINDOWS\system32\perfh013.dat 2017-08-01 13:28 - 2016-11-21 13:06 - 000173602 _____ C:\WINDOWS\system32\perfc013.dat 2017-07-31 23:30 - 2016-03-20 14:56 - 000000000 ____D C:\Users\computer\AppData\Local\Packages 2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-07-27 16:51 - 2017-04-22 15:06 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-07-27 16:40 - 2016-03-20 15:03 - 000002400 _____ C:\Users\computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-07-22 13:40 - 2017-02-24 02:57 - 000004496 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-07-18 10:13 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache ==================== Bestanden in de root van sommige mappen ======= 2016-03-20 15:03 - 2016-03-20 15:03 - 000000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-08-06 20:44 ==================== Eind van FRST.txt ============================