Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 02.08.2018 Gestart door BertH (Beheerder) op BERT (13-08-2018 22:42:59) Gestart vanaf C:\Users\BertH\Desktop\FARBAR RST Geladen Profielen: BertH (Beschikbare Profielen: BertH) Platform: Windows 8.1 (Update) (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (AMD) C:\Windows\System32\atiesrxx.exe (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (Garmin Ltd. or its subsidiaries) C:\Users\BertH\Desktop\Garmin\Device Interaction Service\GarminService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (AMD) C:\Windows\System32\atieclxx.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe (TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [] => [X] HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-20] (Realtek Semiconductor) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-04-17] (TOSHIBA Corporation) HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-24] (TOSHIBA) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3754168 2018-07-31] (Dropbox, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-02-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation) HKU\S-1-5-21-2911540654-2082715937-415091947-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd) HKU\S-1-5-21-2911540654-2082715937-415091947-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation) HKU\S-1-5-21-2911540654-2082715937-415091947-1001\...\Run: [GarminExpressTrayApp] => C:\Users\BertH\Desktop\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Users\BertH\Desktop\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries) Startup: C:\Users\BertH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2017-12-02] ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6D93298D-3219-42A0-9B89-D0BB91FB7675}: [DhcpNameServer] 10.0.14.100 10.0.0.40 Tcpip\..\Interfaces\{DFBCB6D8-810C-4B5B-A37E-85AF9287CA04}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-2911540654-2082715937-415091947-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bing.be/ HKU\S-1-5-21-2911540654-2082715937-415091947-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2911540654-2082715937-415091947-1001 -> DefaultScope {4FD324B0-2741-4F0D-89A2-AC3C9E2077F9} URL = SearchScopes: HKU\S-1-5-21-2911540654-2082715937-415091947-1001 -> {4FD324B0-2741-4F0D-89A2-AC3C9E2077F9} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-07] (Oracle Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-07] (Oracle Corporation) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 9b298n0h.default FF ProfilePath: C:\Users\BertH\AppData\Roaming\Mozilla\Firefox\Profiles\9b298n0h.default [2018-08-13] FF Extension: (Webmail Ad Blocker) - C:\Users\BertH\AppData\Roaming\Mozilla\Firefox\Profiles\9b298n0h.default\Extensions\gmailnoads@mywebber.com.xpi [2018-06-28] FF Extension: (Adblock Plus) - C:\Users\BertH\AppData\Roaming\Mozilla\Firefox\Profiles\9b298n0h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-20] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-10] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-10] () FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-07] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-20] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2015-02-14] () [Bestand niet getekend] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522928 2018-06-30] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51392 2018-07-31] (Dropbox, Inc.) R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21328 2014-02-24] () R2 Garmin Device Interaction Service; C:\Users\BertH\Desktop\Garmin\Device Interaction Service\GarminService.exe [1175056 2018-03-27] (Garmin Ltd. or its subsidiaries) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51208 2017-01-10] (Advanced Micro Devices, Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2018-03-01] (TeamViewer GmbH) S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-23] (Advanced Micro Devices, INC.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [100744 2017-01-10] (Advanced Micro Devices, Inc. ) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.) R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [255368 2017-01-10] (Advanced Micro Devices, Inc. ) R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2014-10-28] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices) S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry) S0 iaStorS; C:\Windows\System32\drivers\iaStorS.sys [646616 2012-09-20] (Intel Corporation) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2018-08-09] (Malwarebytes) S0 megasr1; C:\Windows\System32\drivers\megasr1.sys [863056 2013-01-25] (LSI Corporation, Inc.) S0 rcraid; C:\Windows\System32\drivers\rcraid.sys [526000 2013-06-28] (AMD, Inc.) R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-02-11] (Realtek Semiconductor Corp.) R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-03-25] (Synaptics Incorporated) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) S3 cpuz134; \??\C:\Users\BERTHU~1\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== AANDACHT S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-08-13 22:42 - 2018-08-13 22:42 - 000000000 ____D C:\FRST 2018-08-13 22:36 - 2018-08-13 22:42 - 000000000 ____D C:\Users\BertH\Desktop\FARBAR RST 2018-08-12 17:59 - 2018-08-12 18:18 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-08-12 17:59 - 2018-08-12 17:59 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\F345F334.sys 2018-08-12 17:59 - 2018-08-12 17:59 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2018-08-12 17:59 - 2018-08-12 17:59 - 000000000 ____D C:\Users\BertH\MalwareBytes Anti-Rootkit ee 2018-08-12 17:58 - 2018-08-12 17:58 - 014178840 _____ (Malwarebytes Corp.) C:\Users\BertH\Desktop\mbar-1.10.3.1001 (Anti Rootkit van MalwareBytes - door Nico erop gezet moet nog opnieuw VOLLEDIG scannen).exe 2018-08-12 12:52 - 2018-08-12 12:54 - 000000000 ____D C:\Users\BertH\Desktop\Nieuwe preken 2018-08-09 20:39 - 2018-08-09 20:39 - 015989160 _____ (Piriform Ltd) C:\Users\BertH\Desktop\ccsetup544.exe 2018-08-09 20:36 - 2018-08-09 20:36 - 016004240 _____ (Piriform Ltd) C:\Users\BertH\Desktop\ccsetup544pro.exe 2018-08-03 13:01 - 2018-08-03 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-07-31 03:25 - 2018-07-31 03:25 - 000051392 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2018-07-31 03:25 - 2018-07-31 03:25 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2018-07-31 03:25 - 2018-07-31 03:25 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2018-07-31 03:25 - 2018-07-31 03:25 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2018-07-20 22:59 - 2018-07-20 22:59 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2018-07-20 22:56 - 2018-07-20 22:56 - 000002359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-08-13 22:35 - 2015-01-30 17:30 - 000000000 ____D C:\Users\BertH\AppData\Roaming\ClassicShell 2018-08-13 22:31 - 2016-11-21 12:00 - 000000000 ____D C:\Users\BertH\AppData\LocalLow\Mozilla 2018-08-13 22:29 - 2015-08-24 11:00 - 000001028 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2018-08-13 15:55 - 2015-08-24 11:00 - 000001032 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2018-08-13 12:14 - 2015-01-25 16:03 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2911540654-2082715937-415091947-1001 2018-08-13 11:29 - 2017-07-26 14:13 - 000003174 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2911540654-2082715937-415091947-1001 2018-08-13 11:29 - 2016-11-16 17:49 - 000002344 _____ C:\Users\BertH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive voor Bedrijven.lnk 2018-08-12 17:59 - 2017-05-09 20:19 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-08-12 17:59 - 2015-01-25 15:57 - 000000000 ____D C:\Users\BertH 2018-08-12 12:56 - 2014-05-08 23:59 - 001823174 _____ C:\Windows\system32\PerfStringBackup.INI 2018-08-12 12:56 - 2013-08-28 12:25 - 000806704 _____ C:\Windows\system32\perfh013.dat 2018-08-12 12:56 - 2013-08-28 12:25 - 000162170 _____ C:\Windows\system32\perfc013.dat 2018-08-12 12:56 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2018-08-11 21:42 - 2015-06-03 09:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-08-11 21:42 - 2015-03-24 22:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-08-11 21:42 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-08-11 11:12 - 2018-03-28 12:28 - 000000000 ____D C:\Users\BertH\Desktop\preken 2018 2018-08-09 20:41 - 2017-11-22 13:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-08-09 20:40 - 2015-03-25 04:52 - 000000000 ____D C:\Windows\Minidump 2018-08-09 20:18 - 2017-10-14 17:59 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-08-07 14:27 - 2015-12-03 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-08-07 14:27 - 2015-06-04 11:47 - 000000000 ____D C:\Program Files (x86)\Java 2018-08-07 14:25 - 2015-12-03 11:36 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2018-08-03 13:02 - 2015-08-24 11:00 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-07-20 23:00 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-07-20 22:59 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-07-20 22:56 - 2016-11-15 15:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's 2018-07-20 22:56 - 2015-01-30 18:43 - 000000000 ____D C:\Program Files\Microsoft Office 2018-07-20 01:17 - 2016-11-15 14:42 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-07-20 01:15 - 2016-11-15 14:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-07-17 00:02 - 2015-03-01 16:06 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Bestanden in de root van sommige mappen ======= 2017-05-13 20:08 - 2017-10-04 20:34 - 000005632 _____ () C:\Users\BertH\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-05-27 21:21 - 2017-11-13 23:37 - 000007629 _____ () C:\Users\BertH\AppData\Local\Resmon.ResmonCfg Sommige bestanden in TEMP: ==================== 2018-08-12 17:54 - 2014-05-09 01:53 - 007880664 _____ (Spotify Ltd) C:\Users\BertH\AppData\Local\Temp\SpotifyUninstall.exe ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-08-03 15:05 ==================== Eind van FRST.txt ============================