Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 15.09.2018
Gestart door daved (Beheerder) op DESKTOP-I4E93KF (21-09-2018 21:02:54)
Gestart vanaf D:\downloads
Geladen Profielen: daved (Beschikbare Profielen: daved)
Platform: Windows 10 Pro Versie 1803 17134.228 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe
(McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.281_none_eada712a1d8142be\TiWorker.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8529152 2015-10-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411840 2015-10-06] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4037813400-2005266614-1342265518-1001\...\Run: [Advanced SystemCare Ultimate] => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe [3703568 2018-08-15] (IObit)
HKU\S-1-5-21-4037813400-2005266614-1342265518-1001\...\Run: [GoogleChromeAutoLaunch_9B8D563EF598F7F0779ABE803032589C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1469784 2018-09-15] (Google Inc.)
HKU\S-1-5-21-4037813400-2005266614-1342265518-1001\...\Run: [uTorrent] => C:\Users\daved\AppData\Roaming\uTorrent\uTorrent.exe [1987256 2018-08-24] (BitTorrent Inc.)
Startup: C:\Users\daved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2018-09-04]
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.4
Tcpip\..\Interfaces\{574cbe13-dbf9-4488-b16b-66751a2980a2}: [DhcpNameServer] 195.130.131.4 195.130.130.4
Tcpip\..\Interfaces\{e4f55deb-318b-4c38-9048-7ea2ef669abb}: [DhcpNameServer] 195.130.131.4 195.130.130.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4037813400-2005266614-1342265518-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-4037813400-2005266614-1342265518-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-08] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-08] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-08] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-08] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-08] (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-06-15] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-06-15] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: 0rbsgeh3.default-1535134718115
FF ProfilePath: C:\Users\daved\AppData\Roaming\TomTom\HOME\Profiles\jjea07e9.default [2018-08-22]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2018-08-22] [Verouderd] [ niet getekend]
FF ProfilePath: C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115 [2018-09-21]
FF user.js: detected! => C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115\user.js [2018-08-28]
FF Homepage: Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115 -> hxxps://www.google.be/
FF Extension: (AdBlocker Ultimate) - C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115\Extensions\adblockultimate@adblockultimate.net.xpi [2018-08-30]
FF Extension: (Youtube to MP3 Plugin) - C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115\Extensions\flv2mp3@hotger.com.xpi [2018-08-24]
FF Extension: (Flash Video Player on Facebook™) - C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115\Extensions\{26a41c76-f114-4a91-baa5-5d8f135f1b82}.xpi [2018-08-24]
FF Extension: (Flash Video Player for Facebook™) - C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115\Extensions\{d0bfdcce-52c7-4b32-bb45-948f62db8d3f}.xpi [2018-08-24]
FF Extension: (Adblock Plus) - C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-08-31]
FF Extension: (Firefox Monitor) - C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115\features\{49f3125c-0fae-484c-a995-afd5e0e0fcc1}\fxmonitor@mozilla.org.xpi [2018-09-19]
FF Extension: (Telemetry coverage) - C:\Users\daved\AppData\Roaming\Mozilla\Firefox\Profiles\0rbsgeh3.default-1535134718115\features\{49f3125c-0fae-484c-a995-afd5e0e0fcc1}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-19] [Verouderd]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-15] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-06-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-15] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-06-15] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-24] (Google Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default [2018-09-21]
CHR Extension: (Presentaties) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-24]
CHR Extension: (Documenten) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-24]
CHR Extension: (Google Drive) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-24]
CHR Extension: (YouTube) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-24]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-05]
CHR Extension: (Spreadsheets) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-24]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-08-24]
CHR Extension: (Offline Documenten) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-24]
CHR Extension: (Gmail) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\daved\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AdvancedSystemCareService11; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCService.exe [1066256 2018-03-28] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [1990928 2018-01-18] (IObit)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9659456 2018-08-30] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc.)
R3 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [227472 2015-10-06] (DTS)
S3 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-07-17] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [728808 2018-05-16] () [Bestand niet getekend]
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe [2141912 2018-04-06] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-02-23] (McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-02-23] (McAfee, LLC)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [473040 2018-02-23] (McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1676024 2018-05-01] (McAfee, Inc.)
S4 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-12-15] (Nero AG)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1047448 2018-05-30] (McAfee, Inc.)
S3 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2233320 2018-08-17] (Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 SonosLibraryService; C:\Program Files (x86)\Sonos\SonosLibraryService.exe [26624 2018-07-12] () [Bestand niet getekend]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77224 2018-05-15] (McAfee, LLC)
R3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2018-09-21] (CPUID)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc.)
R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\drivers\Monitor_win10_x64.sys [24056 2017-07-19] (IObit)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [497568 2018-05-15] (McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [360352 2018-05-15] (McAfee, LLC)
U3 mfeavfk02; geen ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83952 2018-05-15] (McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [529312 2018-05-15] (McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [953248 2018-05-15] (McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [543624 2018-04-30] (McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [108432 2018-04-30] (McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115616 2018-05-15] (McAfee, LLC)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252832 2018-05-15] (McAfee, LLC)
R1 MpKsl3a47694e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8DC99B5F-E33C-4FDC-8399-65FC9EFDBE3A}\MpKsl3a47694e.sys [58120 2018-09-21] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [152064 2018-04-12] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 Trufos; C:\WINDOWS\System32\DRIVERS\TRUFOS.sys [520032 2016-11-02] (BitDefender S.R.L.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)
S3 mfeavfk01; \Device\mfeavfk01.sys [X]

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)

2018-09-21 21:02 - 2018-09-21 21:02 - 000000000 ____D C:\FRST
2018-09-21 21:02 - 2018-09-21 21:02 - 000000000 _____ C:\WINDOWS\erunt.exe
2018-09-21 21:02 - 2018-09-21 21:02 - 000000000 _____ C:\WINDOWS\erdntwin.loc
2018-09-21 21:02 - 2018-09-21 21:02 - 000000000 _____ C:\WINDOWS\erdntdos.loc
2018-09-21 21:02 - 2018-09-21 21:02 - 000000000 _____ C:\WINDOWS\erdnt.e_e
2018-09-21 20:55 - 2018-09-21 20:55 - 001236052 _____ C:\WINDOWS\Minidump\092118-24562-01.dmp
2018-09-21 20:44 - 2018-09-21 20:44 - 000003656 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-09-21 20:40 - 2018-09-21 20:44 - 000000415 _____ C:\DelFix.txt
2018-09-21 20:25 - 2018-09-21 20:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-09-21 20:25 - 2018-09-21 20:25 - 000000000 ____D C:\Program Files\Speccy
2018-09-21 20:20 - 2018-09-21 20:20 - 000000000 ____D C:\Users\daved\AppData\Local\ElevatedDiagnostics
2018-09-21 10:21 - 2018-09-21 10:23 - 001112612 _____ C:\WINDOWS\Minidump\092118-28046-01.dmp
2018-09-21 10:12 - 2018-09-21 10:15 - 001065140 _____ C:\WINDOWS\Minidump\092118-36046-01.dmp
2018-09-15 08:05 - 2018-09-15 08:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-09-11 22:32 - 2018-09-11 22:32 - 000001374 _____ C:\Users\daved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee WebAdvisor.lnk
2018-09-11 22:27 - 2018-09-05 01:04 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-11 22:27 - 2018-09-05 01:04 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-10 23:10 - 2018-09-10 23:10 - 000000000 ____D C:\Users\daved\AppData\Local\MediaHuman
2018-09-10 23:08 - 2018-09-10 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
2018-09-10 23:08 - 2018-09-10 23:08 - 000000000 ____D C:\Program Files (x86)\MediaHuman
2018-09-08 11:48 - 2018-09-08 11:48 - 000002521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-08 11:48 - 2018-09-08 11:48 - 000002514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-08 11:48 - 2018-09-08 11:48 - 000002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-08 11:48 - 2018-09-08 11:48 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-08 11:48 - 2018-09-08 11:48 - 000002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-08 11:48 - 2018-09-08 11:48 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-08 11:48 - 2018-09-08 11:48 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-08 11:48 - 2018-09-08 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office-hulpprogramma's
2018-09-04 21:07 - 2018-09-04 21:07 - 000000000 ____D C:\Users\daved\Documents\OneNote-notitieblokken
2018-09-04 10:10 - 2018-09-04 10:10 - 005214208 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2018-09-04 10:10 - 2018-09-04 10:10 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2018-09-04 10:10 - 2018-09-04 10:10 - 000036864 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2018-09-04 10:10 - 2018-09-04 10:10 - 000036864 _____ C:\WINDOWS\system32\config\SAM.iobit
2018-09-04 10:09 - 2018-09-04 10:10 - 098516992 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2018-08-31 21:43 - 2018-08-31 21:43 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4037813400-2005266614-1342265518-1001
2018-08-31 21:43 - 2018-08-31 21:43 - 000002387 _____ C:\Users\daved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-28 22:42 - 2018-09-21 20:34 - 000000000 ____D C:\Users\daved\AppData\LocalLow\IObit
2018-08-28 22:42 - 2018-09-21 09:28 - 000000000 ____D C:\ProgramData\ProductData
2018-08-28 22:42 - 2018-08-28 22:42 - 000003134 _____ C:\WINDOWS\System32\Tasks\ASCU11_PerformanceMonitor
2018-08-28 22:42 - 2018-08-28 22:42 - 000002924 _____ C:\WINDOWS\System32\Tasks\ASCU11_SkipUac_daved
2018-08-28 22:42 - 2018-08-28 22:42 - 000000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2018-08-28 22:42 - 2018-08-28 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Ultimate
2018-08-28 22:42 - 2018-08-28 22:42 - 000000000 ____D C:\ProgramData\BDLogging
2018-08-28 22:42 - 2018-08-28 22:42 - 000000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2018-08-28 22:42 - 2018-08-28 22:42 - 000000000 ____D C:\ProgramData\{7F40DE3E-8294-4E24-B2EA-80F6C6BB173C}
2018-08-28 22:42 - 2016-11-02 19:11 - 000520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2018-08-28 22:41 - 2018-09-21 20:34 - 000000000 ____D C:\Users\daved\AppData\Roaming\IObit
2018-08-28 22:41 - 2018-09-21 20:34 - 000000000 ____D C:\ProgramData\IObit
2018-08-28 22:41 - 2018-08-28 22:41 - 000000000 ____D C:\Program Files (x86)\IObit
2018-08-27 23:26 - 2018-08-27 23:26 - 000675984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000457512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000386712 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000343192 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000274072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000248624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000089248 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000087352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000031896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_1.dll
2018-08-27 23:26 - 2018-08-27 23:26 - 000028472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_1.dll
2018-08-24 20:06 - 2018-08-24 20:10 - 000000000 ____D C:\Users\daved\AppData\Local\Plex Media Server
2018-08-24 20:05 - 2018-08-24 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2018-08-24 20:04 - 2018-08-24 20:04 - 000000000 ____D C:\Program Files (x86)\Plex
2018-08-24 19:54 - 2018-08-24 19:54 - 000000000 ____D C:\Users\daved\AppData\Roaming\Google
2018-08-24 19:53 - 2018-08-24 19:53 - 000000000 ____D C:\Users\daved\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2018-08-24 19:45 - 2018-09-21 09:29 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-24 19:44 - 2018-08-28 23:02 - 000004532 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-24 19:44 - 2018-08-28 23:02 - 000004300 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-24 19:44 - 2018-08-24 19:44 - 000000000 ____D C:\Program Files (x86)\Google
2018-08-24 19:41 - 2018-08-24 19:42 - 000000000 ____D C:\Users\daved\AppData\Local\Nero
2018-08-24 19:41 - 2018-08-24 19:41 - 000000000 ____D C:\Users\daved\AppData\Local\Nero_AG
2018-08-24 19:29 - 2018-08-28 23:01 - 000003048 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-08-24 19:29 - 2018-08-24 19:35 - 000002280 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-08-24 19:29 - 2018-08-24 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-08-24 19:29 - 2018-08-24 19:29 - 000000000 ____D C:\Program Files\CCleaner
2018-08-22 21:31 - 2018-08-22 21:31 - 000000000 ____D C:\Users\daved\Documents\TomTom
2018-08-22 21:31 - 2018-08-22 21:31 - 000000000 ____D C:\Users\daved\AppData\Roaming\TomTom
2018-08-22 21:31 - 2018-08-22 21:31 - 000000000 ____D C:\ProgramData\TomTom
2018-08-22 21:30 - 2018-08-22 21:30 - 000000000 ____D C:\Program Files (x86)\TomTom HOME 2
2018-08-22 21:22 - 2018-08-22 21:22 - 000000000 ____D C:\Users\daved\AppData\Local\NVIDIA
2018-08-22 21:22 - 2018-08-22 21:22 - 000000000 ____D C:\Users\daved\AppData\Local\cache
2018-08-22 21:21 - 2018-08-22 21:31 - 000000000 ____D C:\Users\daved\AppData\Local\TomTom
2018-08-22 21:21 - 2018-08-22 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2018-08-22 21:21 - 2018-08-22 21:21 - 000000000 ____D C:\Program Files (x86)\MyDrive Connect

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.)

2018-09-21 21:02 - 2018-06-28 22:51 - 001767124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-21 21:02 - 2018-04-12 18:02 - 000784122 _____ C:\WINDOWS\system32\perfh013.dat
2018-09-21 21:02 - 2018-04-12 18:02 - 000153476 _____ C:\WINDOWS\system32\perfc013.dat
2018-09-21 21:02 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-09-21 21:01 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-21 20:58 - 2018-05-24 22:11 - 000000000 ____D C:\Users\daved\AppData\LocalLow\Mozilla
2018-09-21 20:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-21 20:55 - 2018-07-20 10:34 - 000000000 ____D C:\WINDOWS\Minidump
2018-09-21 20:55 - 2018-06-28 22:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-21 20:55 - 2018-06-28 22:44 - 000000000 ____D C:\Users\daved
2018-09-21 20:55 - 2018-06-28 22:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-09-21 20:55 - 2018-05-24 21:46 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-21 20:55 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-21 20:37 - 2018-05-26 18:39 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-09-21 20:33 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-09-21 20:21 - 2018-05-26 22:15 - 000000000 ____D C:\Users\daved\AppData\Local\ClassicShell
2018-09-21 19:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-09-21 19:57 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-21 10:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-09-19 09:24 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-09-15 08:18 - 2018-05-24 22:05 - 000000000 ____D C:\Users\daved\AppData\Local\Packages
2018-09-11 22:31 - 2018-05-26 18:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-11 22:28 - 2018-05-26 18:37 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-10 23:16 - 2018-06-02 20:33 - 000000000 ____D C:\Users\daved\AppData\Roaming\uTorrent
2018-09-10 23:10 - 2018-05-24 22:05 - 000000000 ____D C:\Users\daved\AppData\Local\VirtualStore
2018-09-10 23:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\schemas
2018-09-10 23:04 - 2018-08-10 11:02 - 000000000 ____D C:\Users\daved\AppData\LocalLow\uTorrent
2018-09-09 22:32 - 2018-08-09 22:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-09 22:32 - 2018-05-24 22:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-09 09:53 - 2018-05-24 22:11 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-08 11:48 - 2018-05-26 18:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-03 13:43 - 2018-08-01 20:53 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2018-08-31 21:43 - 2018-05-24 22:07 - 000000000 ___RD C:\Users\daved\OneDrive
2018-08-29 10:13 - 2018-06-02 20:43 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-08-28 22:59 - 2018-05-26 22:15 - 000000000 ____D C:\Program Files\Classic Shell
2018-08-28 22:55 - 2018-06-23 22:57 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-24 20:04 - 2018-06-02 22:09 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-24 19:54 - 2018-08-01 21:55 - 000000000 ____D C:\Users\daved\AppData\Local\Google
2018-08-24 19:41 - 2018-06-05 18:11 - 000000000 ____D C:\Users\daved\AppData\Roaming\Nero
2018-08-24 19:37 - 2018-06-28 22:35 - 000401056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-24 19:35 - 2018-06-29 09:09 - 000002546 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2018-08-24 19:35 - 2018-06-28 22:52 - 000003922 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-24 19:35 - 2018-06-28 22:52 - 000003616 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-08-22 21:29 - 2018-08-01 20:51 - 000000000 ____D C:\Users\daved\AppData\Local\Downloaded Installations

Sommige nul byte grootte bestanden/mappen:
==========================
C:\Windows\erunt.exe

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend

LastRegBack: 2018-06-28 22:34

==================== Eind van FRST.txt ============================