Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 21-12-2016 Gestart door Maurice (Beheerder) op MAURICE-PC (27-12-2016 11:14:04) Gestart vanaf D:\Users\Maurice\Downloads Geladen Profielen: Maurice (Beschikbare Profielen: Frank & Mieke & Maurice) Platform: Windows 10 Home Versie 1511 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Chrome) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Malwarebytes) D:\Programs\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes) D:\Programs\Malwarebytes Anti-Malware\mbamscheduler.exe (Razer Inc.) D:\Programs\Razer Cortex\RzKLService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Scarlet.Crush Productions) D:\Programs\PS3\ScpService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Cybereason) C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFree.exe (Malwarebytes) D:\Programs\Malwarebytes Anti-Malware\mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Apple Inc.) D:\Programs\iTunes\iTunesHelper.exe () D:\Programs\Puush\puush.exe (Valve Corporation) D:\Programs\Steam\Steam.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Flux Software LLC) C:\Users\Maurice\AppData\Local\FluxSoftware\Flux\flux.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Scarlet.Crush Productions) D:\Programs\PS3\ScpTrayApp.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe () D:\Programs\Cherryfile\cherryfile.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) D:\Programs\CCleaner\CCleaner64.exe (Valve Corporation) D:\Programs\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) D:\Programs\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16102.10341.0_x64__8wekyb3d8bbwe\Music.UI.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Andy Koppe / Thomas Wolff) D:\Programs\Git\usr\bin\mintty.exe () D:\Programs\Git\usr\bin\bash.exe (Google) D:\Programs\Android\bin\studio64.exe (JetBrains s.r.o.) D:\Programs\Android\bin\fsnotifier64.exe (JetBrains s.r.o.) D:\Programs\IntelliJ IDEA 2016.3\bin\idea.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files\Java\jdk1.8.0_66\bin\java.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe (JetBrains s.r.o.) D:\Programs\IntelliJ IDEA 2016.3\bin\fsnotifier.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe () C:\Users\Maurice\AppData\Local\Android\android-sdk\build-tools\24.0.3\aapt.exe ==================== Register (gefilterd) ==================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => D:\Programs\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation) HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [puush] => D:\Programs\Puush\puush.exe [568904 2015-12-06] () HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [Steam] => D:\Programs\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation) HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3582240 2016-06-02] (Nota Inc.) HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [f.lux] => C:\Users\Maurice\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC) HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [Hyperdesktop] => C:\Users\Maurice\AppData\Roaming\Hyperdesktop\hyperdesktop.exe [188880 2016-04-08] (Hyperdesktop) HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [CCleaner Monitoring] => D:\Programs\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd) HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [6540616 2016-04-04] (Plex, Inc.) HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2016-10-25] (Microsoft Corporation) HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\RunOnce: [Uninstall C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\RunOnce: [Uninstall C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\RunOnce: [Uninstall C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\RunOnce: [Uninstall C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\RunOnce: [Uninstall C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-1273716226-284855160-150349079-1007\...\RunOnce: [Uninstall C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Maurice\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellIconOverlayIdentifiers: [ CherryFileCheck] -> {9F42155F-81E7-47CC-8B92-219EFE3AEC88} => C:\Program Files\CherryFile\check.dll [2016-11-01] (IrisCall) ShellIconOverlayIdentifiers: [ CherryFileSync] -> {94307101-4506-457A-A01D-446ED01C3858} => C:\Program Files\CherryFile\sync.dll [2016-11-01] (IrisCall) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2016-12-20] ShortcutTarget: ScpToolkit Tray Notifications.lnk -> D:\Programs\PS3\ScpTrayApp.exe (Scarlet.Crush Productions) Startup: C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CherryFile.lnk [2016-12-06] ShortcutTarget: CherryFile.lnk -> D:\Programs\Cherryfile\cherryfile.exe () GroupPolicy: Restrictie <======= AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{41355816-c2c5-477d-83a0-f92f4e5c0b39}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{41355816-c2c5-477d-83a0-f92f4e5c0b39}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9012d403-7963-4163-be3c-19718871153f}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{9012d403-7963-4163-be3c-19718871153f}: [DhcpNameServer] 195.130.131.3 195.130.130.3 Internet Explorer: ================== HKU\S-1-5-21-1273716226-284855160-150349079-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/nl-be/?ocid=iehp BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-11-30] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-16] (Oracle Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-11-30] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-16] (Oracle Corporation) BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-30] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-30] (Microsoft Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-30] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-30] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-30] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-30] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-30] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-30] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-30] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-30] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: zduv6ap2.default FF ProfilePath: C:\Users\Maurice\AppData\Roaming\Mozilla\Firefox\Profiles\zduv6ap2.default [2016-12-27] FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2015-12-17] [ niet getekend] FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-12-20] [ niet getekend] FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-16] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-16] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-30] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-30] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-30] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> D:\Programs\VLC\npvlc.dll [2016-01-21] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems) FF Plugin HKU\S-1-5-21-1273716226-284855160-150349079-1007: @citrixonline.com/appdetectorplugin -> C:\Users\Maurice\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-10-18] (Citrix Online) StartMenuInternet: FIREFOX.EXE - D:\Programs\Firefox\firefox.exe Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.be/","hxxp://www.youtube.com/","hxxp://hbvl.be/","hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF" CHR Profile: C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default [2016-12-27] CHR Extension: (Google Presentaties) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-06] CHR Extension: (BetterTTV) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-10-04] CHR Extension: (Simple Blocker) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\akfbkbiialncppkngofjpglbbobjoeoe [2016-11-28] CHR Extension: (Forge of Empires) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaphblkfplenhkephgneolhnmjminjg [2016-06-16] CHR Extension: (Google Documenten) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-06] CHR Extension: (Google Drive) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-06] CHR Extension: (YouTube) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-06] CHR Extension: (Honey) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2016-12-23] CHR Extension: (OneTab) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-11-28] CHR Extension: (Google Search) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-06] CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2016-11-28] CHR Extension: (uBlock) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2015-12-06] CHR Extension: (PanicButton) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2015-12-10] CHR Extension: (Google Spreadsheets) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-06] CHR Extension: (Postman) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2016-12-14] CHR Extension: (Offline Documenten) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Eye Dropper) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2016-10-06] CHR Extension: (Emoji Input by EmojiStuff.com) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\immhpnclomdloikkpcefncmfgjbkojmh [2016-11-21] CHR Extension: (Grammarly for Chrome) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2016-12-22] CHR Extension: (SparkChess 9) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2016-10-15] CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2016-05-03] CHR Extension: (Grepolis) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog [2016-06-16] CHR Extension: (The Great Suspender) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-12-09] CHR Extension: (All-in-One Messenger) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lainlkmlgipednloilifbppmhdocjbda [2016-11-28] CHR Extension: (Ghostery) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-10-28] CHR Extension: (My Study Life) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjdjjiobjicmlhnjlogfgbibihjhkeo [2016-12-01] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (RocketReach) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiecklaabeielolbliiddlbokpfnmhba [2016-12-22] CHR Extension: (better Browser - for Chrome) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbegekjleoplkhibgbmkmnnfffcpfanh [2016-06-09] CHR Extension: (Gmail) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-06] CHR Extension: (Chrome Media Router) - C:\Users\Maurice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-15] ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation) R2 CybereasonRansomFree; C:\Program Files (x86)\Cybereason\RansomFree\CybereasonRansomFreeServiceHost.exe [18368 2016-12-22] (Cybereason) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-06] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-06] (Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.) R2 Ds3Service; D:\Programs\PS3\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [Bestand niet getekend] S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-06] (EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation) R2 MBAMScheduler; D:\Programs\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; D:\Programs\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) S3 PAExec; C:\Windows\PAExec.exe [189112 2016-06-08] (Power Admin LLC) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-12-12] () R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] () R2 RzKLService; D:\Programs\Razer Cortex\RzKLService.exe [133376 2016-08-01] (Razer Inc.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend] S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2015-11-19] (Microsoft Corporation) [Bestand niet getekend] S3 updater; D:\Programs\PS3\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [Bestand niet getekend] S3 VSStandardCollectorService140; D:\Programs\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 ACSSCR; C:\Windows\system32\DRIVERS\a38usb.sys [82480 2015-08-19] (Advanced Card Systems Ltd.) S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2016-06-29] (Sony Mobile Communications) R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [96776 2015-11-16] (Intel Corporation) S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2016-12-20] (hxxp://libusb-win32.sourceforge.net) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-27] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-06-03] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3764736 2015-10-30] (Realtek Semiconductor Corporation ) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-06] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-08-10] (Razer, Inc.) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation) R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) S3 xhunter1; C:\Windows\xhunter1.sys [36808 2016-11-15] (Wellbia.com Co., Ltd.) S3 dbx; system32\DRIVERS\dbx.sys [X] S1 inonxirz; \??\C:\Windows\system32\drivers\inonxirz.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2016-12-27 11:13 - 2016-12-27 11:14 - 00000000 ____D C:\FRST 2016-12-26 19:22 - 2016-12-26 19:23 - 00000000 ____D C:\rsit 2016-12-26 19:22 - 2016-12-26 19:23 - 00000000 ____D C:\Program Files\trend micro 2016-12-26 18:22 - 2016-12-26 18:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\4DB74609.sys 2016-12-26 17:20 - 2016-12-26 17:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\07F31692.sys 2016-12-26 15:27 - 2016-12-26 15:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\37114023.sys 2016-12-26 12:35 - 2016-12-26 12:35 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\43A03CC6.sys 2016-12-26 12:14 - 2016-12-26 12:14 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\55982C72.sys 2016-12-25 09:58 - 2016-12-25 09:58 - 00000000 __SHD C:\Users\Mieke\Desktop\ This directory is here to help protect you! Simply leave it here 2016-12-24 15:52 - 2016-12-24 15:52 - 00419840 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll 2016-12-24 15:52 - 2016-12-24 15:52 - 00413696 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll 2016-12-24 15:52 - 2016-12-24 15:52 - 00133632 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll 2016-12-24 15:52 - 2016-12-24 15:52 - 00110592 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll 2016-12-24 15:52 - 2016-12-24 15:52 - 00000000 ____D C:\ProgramData\Codemasters 2016-12-24 15:52 - 2016-12-24 15:52 - 00000000 ____D C:\Program Files (x86)\OpenAL 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\~IRImfAYo\brfyL0cTK.mdb 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\~IRImfAYo\bKG.pem 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\~IRImfAYo\bjiqki15v.sql 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\~IRImfAYo\biqB.xls 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\~IRImfAYo\bEVlOq.txt 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\~IRImfAYo\bax.xlsx 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\# 5Ox5Bt\bWs00q.txt 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\# 5Ox5Bt\bqJI.xlsx 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\# 5Ox5Bt\bq8Z9p.pem 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\# 5Ox5Bt\bNGo.sql 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\# 5Ox5Bt\bhw4y.mdb 2016-12-24 13:47 - 2016-12-24 13:47 - 20973596 _____ C:\Users\# 5Ox5Bt\be1PW9Ng.xls 2016-12-24 13:47 - 2016-12-24 13:47 - 00288332 _____ C:\Users\~IRImfAYo\afnauzPc.xlsx 2016-12-24 13:47 - 2016-12-24 13:47 - 00287322 _____ C:\Users\~IRImfAYo\aF7E.pem 2016-12-24 13:47 - 2016-12-24 13:47 - 00281224 _____ C:\Users\# 5Ox5Bt\aLLy4q4W.mdb 2016-12-24 13:47 - 2016-12-24 13:47 - 00279883 _____ C:\Users\# 5Ox5Bt\ahvk.xls 2016-12-24 13:47 - 2016-12-24 13:47 - 00277882 _____ C:\Users\# 5Ox5Bt\atWGgM2O.sql 2016-12-24 13:47 - 2016-12-24 13:47 - 00277316 _____ C:\Users\~IRImfAYo\adQs.xls 2016-12-24 13:47 - 2016-12-24 13:47 - 00267488 _____ C:\Users\~IRImfAYo\ah8n.mdb 2016-12-24 13:47 - 2016-12-24 13:47 - 00265774 _____ C:\Users\# 5Ox5Bt\aUHaG5RQ6.txt 2016-12-24 13:47 - 2016-12-24 13:47 - 00263953 _____ C:\Users\# 5Ox5Bt\aBxc2la.xlsx 2016-12-24 13:47 - 2016-12-24 13:47 - 00263619 _____ C:\Users\~IRImfAYo\a54L6YEpr.sql 2016-12-24 13:47 - 2016-12-24 13:47 - 00263442 _____ C:\Users\# 5Ox5Bt\abShFF.pem 2016-12-24 13:47 - 2016-12-24 13:47 - 00263209 _____ C:\Users\~IRImfAYo\azEsop.txt 2016-12-24 13:47 - 2016-12-24 13:47 - 00000000 __SHD C:\Users\Frank\Desktop\ This directory is here to help protect you! Simply leave it here 2016-12-24 13:47 - 2016-12-24 13:47 - 00000000 __SHD C:\Users\~IRImfAYo 2016-12-24 13:47 - 2016-12-24 13:47 - 00000000 __SHD C:\Users\# 5Ox5Bt 2016-12-24 13:47 - 2016-12-24 13:47 - 00000000 __SHD C:\~Upbu 2016-12-24 13:47 - 2016-12-24 13:47 - 00000000 __SHD C:\# N6PN9 2016-12-24 10:01 - 2016-12-24 10:01 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Cybereason 2016-12-24 10:01 - 2016-12-24 10:01 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Apple Computer 2016-12-24 10:01 - 2016-12-24 10:01 - 00000000 ____D C:\Users\Frank\AppData\Local\Cybereason 2016-12-23 17:31 - 2016-12-23 17:31 - 00000000 ____D C:\Users\Mieke\AppData\Local\Apple 2016-12-23 13:36 - 2016-12-23 13:36 - 00056000 _____ C:\Users\Mieke\Downloads\De uitgavenstaat van uw kredietkaart (46).pdf 2016-12-22 19:13 - 2016-12-22 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cybereason RansomFree 2016-12-22 18:10 - 2016-12-22 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2016-12-21 19:15 - 2016-12-21 19:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2016-12-21 19:15 - 2016-12-21 19:15 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2016-12-20 19:09 - 2016-12-24 10:01 - 00000262 __RSH C:\ProgramData\ntuser.pol 2016-12-20 19:09 - 2016-12-20 19:09 - 00098400 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll 2016-12-20 19:09 - 2016-12-20 19:09 - 00083552 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusbK.dll 2016-12-20 19:09 - 2016-12-20 19:09 - 00076384 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll 2016-12-20 19:09 - 2016-12-20 19:09 - 00067680 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\SysWOW64\libusb0.dll 2016-12-20 19:09 - 2016-12-20 19:09 - 00047200 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys 2016-12-20 19:08 - 2016-12-20 19:08 - 00003784 _____ C:\Windows\System32\Tasks\updater 2016-12-20 19:08 - 2016-12-20 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit 2016-12-20 19:07 - 2016-12-20 19:07 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Nefarius Software Solutions 2016-12-20 13:12 - 2016-12-20 13:12 - 00000000 ____D C:\Users\Mieke\AppData\Roaming\Apple Computer 2016-12-20 13:11 - 2016-12-20 13:11 - 00000000 ____D C:\Users\Mieke\AppData\Roaming\Cybereason 2016-12-20 13:11 - 2016-12-20 13:11 - 00000000 ____D C:\Users\Mieke\AppData\Local\Cybereason 2016-12-20 09:46 - 2016-12-22 19:13 - 00004090 _____ C:\Windows\System32\Tasks\Cybereason RansomFree Keepalive 2016-12-20 09:46 - 2016-12-22 19:13 - 00003196 _____ C:\Windows\System32\Tasks\Cybereason RansomFree Autostart 2016-12-20 09:46 - 2016-12-20 09:46 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Cybereason 2016-12-20 09:46 - 2016-12-20 09:46 - 00000000 ____D C:\Users\Maurice\AppData\Local\Cybereason 2016-12-20 09:46 - 2016-12-20 09:46 - 00000000 ____D C:\ProgramData\Cybereason 2016-12-20 09:46 - 2016-12-20 09:46 - 00000000 ____D C:\Program Files (x86)\Cybereason 2016-12-19 18:23 - 2016-12-19 18:23 - 00000254 _____ C:\Users\Maurice\.gitconfig 2016-12-19 18:22 - 2016-12-19 18:26 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\GitHub 2016-12-19 18:22 - 2016-12-19 18:26 - 00000000 ____D C:\Users\Maurice\AppData\Local\GitHub 2016-12-19 18:22 - 2016-12-19 18:23 - 00000000 ____D C:\Users\Maurice\AppData\Local\Deployment 2016-12-19 18:22 - 2016-12-19 18:22 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2016-12-19 18:22 - 2016-12-19 18:22 - 00000000 ____D C:\Users\Maurice\AppData\Local\Apps\2.0 2016-12-19 17:07 - 2016-12-19 17:08 - 285088390 _____ C:\Users\Mieke\Desktop\1600RECZAK_Zakenrecht_12-14-2016.mp4 2016-12-19 10:06 - 2016-12-19 10:06 - 00000000 ____D C:\Users\Maurice\AppData\Local\Apple Computer 2016-12-19 10:06 - 2016-12-19 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-12-19 10:06 - 2016-12-19 10:06 - 00000000 ____D C:\ProgramData\Apple Computer 2016-12-19 10:06 - 2016-12-19 10:06 - 00000000 ____D C:\Program Files\iPod 2016-12-19 10:05 - 2016-12-19 10:06 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-12-19 10:05 - 2016-12-19 10:05 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-12-19 10:05 - 2016-12-19 10:05 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2016-12-19 10:05 - 2016-12-19 10:05 - 00000000 ____D C:\Users\Maurice\AppData\Local\Apple 2016-12-19 10:05 - 2016-12-19 10:05 - 00000000 ____D C:\Program Files\Bonjour 2016-12-19 10:05 - 2016-12-19 10:05 - 00000000 ____D C:\Program Files (x86)\Bonjour 2016-12-19 10:05 - 2016-12-19 10:05 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-12-19 10:04 - 2016-12-19 10:05 - 00000000 ____D C:\ProgramData\Apple 2016-12-17 19:11 - 2016-12-06 17:06 - 00395024 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe 2016-12-17 15:40 - 2016-12-17 15:40 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\396C0B28.sys 2016-12-17 12:27 - 2016-12-17 12:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\2DF67774.sys 2016-12-17 11:57 - 2016-12-17 11:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\0FBC6008.sys 2016-12-16 07:26 - 2016-12-16 07:26 - 00373498 _____ C:\Users\Mieke\Downloads\Ma1.Eth.Rech.C10.vrijewil(3).pptx 2016-12-15 10:52 - 2016-12-15 10:52 - 00136000 _____ C:\Users\Mieke\Downloads\Uitgavenstaat (1).pdf 2016-12-15 10:48 - 2016-12-15 10:48 - 00003743 _____ C:\Users\Mieke\Downloads\export_BE24735201163638_20161215_1048.pdf 2016-12-15 10:35 - 2016-12-15 10:35 - 00111057 _____ C:\Users\Mieke\Downloads\08396321116.pdf 2016-12-14 20:32 - 2016-12-14 20:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\5A04003F.sys 2016-12-14 20:18 - 2016-12-14 20:18 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\28307530.sys 2016-12-14 19:37 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2016-12-14 19:37 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-12-14 19:37 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2016-12-14 19:37 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2016-12-14 19:37 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2016-12-14 19:37 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-12-14 19:37 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-12-14 19:37 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2016-12-14 19:37 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-12-14 19:37 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-12-14 19:37 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-12-14 19:37 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2016-12-14 19:37 - 2016-11-22 10:30 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARP12Debug.dll 2016-12-14 19:37 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-12-14 19:37 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-12-14 19:37 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2016-12-14 19:37 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-12-14 19:37 - 2016-11-22 10:15 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\VSD3DWARPDebug.dll 2016-12-14 19:37 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-12-14 19:37 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-12-14 19:37 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-12-14 19:37 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe 2016-12-14 19:37 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-12-14 19:37 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe 2016-12-14 19:37 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2016-12-14 19:37 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-12-14 19:37 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-12-14 19:37 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2016-12-14 19:37 - 2016-11-22 09:35 - 03293696 _____ (Microsoft Corporation) C:\Windows\system32\d3d12warp.dll 2016-12-14 19:37 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-12-14 19:37 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2016-12-14 19:37 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-12-14 19:37 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll 2016-12-14 19:37 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2016-12-14 19:37 - 2016-11-22 09:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARP12Debug.dll 2016-12-14 19:37 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-12-14 19:37 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-12-14 19:37 - 2016-11-22 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSD3DWARPDebug.dll 2016-12-14 19:37 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll 2016-12-14 19:37 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-12-14 19:37 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe 2016-12-14 19:37 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe 2016-12-14 19:37 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2016-12-14 19:37 - 2016-11-22 08:26 - 02470912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d12warp.dll 2016-12-14 19:37 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-12-14 19:37 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-12-14 19:37 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-12-14 19:37 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-12-14 19:37 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-12-14 19:37 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-12-14 19:37 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-12-14 19:37 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2016-12-14 19:37 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-12-14 19:37 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-12-14 19:37 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-12-14 19:37 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-12-14 19:37 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-12-14 19:37 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-12-14 19:37 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-12-14 19:31 - 2016-12-14 19:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\57E3511D.sys 2016-12-14 18:26 - 2016-12-14 18:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\2E771F84.sys 2016-12-14 18:12 - 2016-12-14 18:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\2FEF1518.sys 2016-12-13 19:28 - 2016-12-13 19:57 - 00000000 ____D C:\Users\Maurice\AppData\Local\Genymobile 2016-12-13 18:57 - 2016-12-13 18:57 - 00003280 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2016-12-13 17:46 - 2016-12-13 17:46 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk 2016-12-13 10:23 - 2016-12-13 20:22 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\MongoDB Compass 2016-12-13 10:23 - 2016-12-13 10:24 - 00000002 _____ C:\Users\Maurice\.babel.json 2016-12-13 10:23 - 2016-12-13 10:23 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MongoDB Inc 2016-12-13 10:22 - 2016-12-13 10:23 - 00000000 ____D C:\Users\Maurice\AppData\Local\MongoDBCompass 2016-12-13 08:20 - 2016-12-13 08:20 - 00000000 ____D C:\Users\Maurice\AppData\Local\Chromium 2016-12-12 22:06 - 2016-12-12 22:06 - 00000031 _____ C:\Users\Maurice\.dbshell 2016-12-12 17:03 - 2016-12-19 15:25 - 00000033 _____ C:\Users\Maurice\AppData\Roaming\AdobeWLCMCache.dat 2016-12-12 17:02 - 2016-12-12 17:02 - 00001263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk 2016-12-12 17:02 - 2016-12-12 17:02 - 00000000 ____D C:\ProgramData\ALM 2016-12-12 16:07 - 2016-12-12 16:07 - 00000000 ____D C:\Users\Maurice\.AndroidStudio2.2 2016-12-12 14:25 - 2016-12-17 19:15 - 00281392 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2016-12-12 14:24 - 2016-12-17 19:15 - 00281392 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2016-12-12 14:24 - 2016-12-17 16:22 - 00281392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2016-12-12 14:24 - 2016-12-12 14:24 - 00912744 _____ C:\Windows\SysWOW64\pbsvc.exe 2016-12-12 14:24 - 2016-12-12 14:24 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2016-12-12 14:15 - 2016-12-12 14:15 - 00000000 ____D C:\Users\Maurice\AppData\Local\PunkBuster 2016-12-12 10:20 - 2016-12-12 10:20 - 00191750 _____ C:\Users\Mieke\Downloads\mieke_vlassak_512904819330 (1).pdf 2016-12-11 20:31 - 2016-12-11 20:31 - 01088764 _____ C:\Windows\Minidump\121116-15781-01.dmp 2016-12-11 20:31 - 2016-12-11 20:31 - 00000000 ____D C:\ProgramData\LHService 2016-12-11 20:30 - 2016-12-11 20:30 - 1680870749 _____ C:\Windows\MEMORY.DMP 2016-12-11 10:08 - 2016-12-11 10:08 - 00132436 _____ C:\Users\Mieke\Downloads\120127.pdf 2016-12-11 10:03 - 2016-12-11 10:03 - 00114600 _____ C:\Users\Mieke\Downloads\121850.pdf 2016-12-11 09:56 - 2016-12-11 09:56 - 00132158 _____ C:\Users\Mieke\Downloads\105196.pdf 2016-12-09 21:33 - 2016-12-09 21:33 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\48BC2862.sys 2016-12-09 20:42 - 2016-12-09 20:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\3989017D.sys 2016-12-09 20:21 - 2016-12-09 20:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\7B9D710F.sys 2016-12-09 18:59 - 2016-12-09 18:59 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Ubisoft 2016-12-09 18:59 - 2016-12-09 18:59 - 00000000 ____D C:\ProgramData\Ubisoft 2016-12-09 18:36 - 2016-12-09 18:36 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\7A752053.sys 2016-12-09 18:17 - 2016-12-09 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git 2016-12-09 18:15 - 2016-12-09 18:15 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\1DE81078.sys 2016-12-09 18:11 - 2016-12-09 18:11 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\41470D69.sys 2016-12-07 10:34 - 2016-12-07 10:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\73C31378.sys 2016-12-07 07:42 - 2016-12-07 07:42 - 00827504 _____ C:\Users\Mieke\Downloads\afvalkalender-2016.pdf 2016-12-06 12:21 - 2016-12-06 12:21 - 00000000 _____ C:\Users\Maurice\.mongorc.js 2016-12-06 12:03 - 2016-12-06 12:03 - 00000000 ____D C:\Users\Maurice\.IntelliJIdea2016.3 2016-12-06 11:50 - 2016-12-06 11:50 - 00000000 ____D C:\data 2016-12-05 18:14 - 2016-12-05 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-12-05 15:00 - 2016-12-05 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion 2016-12-05 11:59 - 2016-12-27 09:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-05 11:56 - 2016-12-05 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-12-05 11:56 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-12-05 11:56 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-12-05 11:56 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-12-05 10:39 - 2016-12-05 10:39 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Code 2016-12-05 10:39 - 2016-12-05 10:39 - 00000000 ____D C:\Users\Maurice\.vscode 2016-12-05 10:39 - 2016-12-05 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2016-12-03 19:53 - 2016-12-03 19:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-12-03 19:51 - 2016-12-06 08:57 - 00000772 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2016-12-03 19:51 - 2016-12-03 19:51 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Canneverbe Limited 2016-12-03 19:51 - 2016-12-03 19:51 - 00000000 ____D C:\ProgramData\Canneverbe Limited 2016-12-02 11:08 - 2016-12-02 11:08 - 00191750 _____ C:\Users\Mieke\Downloads\mieke_vlassak_512904819330.pdf 2016-11-30 18:45 - 2016-12-06 08:57 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive voor Bedrijven.lnk 2016-11-30 18:45 - 2016-12-06 08:57 - 00002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype voor Bedrijven 2016.lnk 2016-11-30 18:45 - 2016-11-30 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's 2016-11-30 11:30 - 2016-11-30 11:30 - 00009468 _____ C:\Users\Maurice\.v8flags.5.1.281.84.Maurice.json 2016-11-30 09:52 - 2016-11-30 09:52 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2016-11-29 20:55 - 2016-12-06 08:57 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-11-29 20:55 - 2016-12-06 08:57 - 00002475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk 2016-11-29 20:55 - 2016-12-06 08:57 - 00002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 2016.lnk 2016-11-29 20:55 - 2016-12-06 08:57 - 00002472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-11-29 20:55 - 2016-12-06 08:57 - 00002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-11-29 20:55 - 2016-12-06 08:57 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-11-29 20:55 - 2016-12-06 08:57 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-11-29 20:55 - 2016-12-06 08:57 - 00002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-11-29 20:55 - 2016-12-06 08:57 - 00002391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-11-29 20:54 - 2016-11-30 18:45 - 00000000 ____D C:\Program Files\Microsoft Office 2016-11-29 20:54 - 2016-11-29 20:54 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-11-29 17:16 - 2016-11-29 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js 2016-11-29 16:54 - 2016-11-29 16:54 - 00000000 ____D C:\Users\Maurice\.WebStorm2016.3 2016-11-29 12:25 - 2016-12-13 10:23 - 00000000 ____D C:\Users\Maurice\AppData\Local\SquirrelTemp 2016-11-29 12:25 - 2016-12-05 11:28 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alexandru Rosianu 2016-11-29 12:25 - 2016-12-05 11:28 - 00000000 ____D C:\Users\Maurice\AppData\Local\messengerfordesktop ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2016-12-27 11:12 - 2015-12-06 14:01 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Skype 2016-12-27 11:10 - 2016-10-18 12:45 - 00000596 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1273716226-284855160-150349079-1007.job 2016-12-27 11:09 - 2015-12-06 15:46 - 00001038 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2016-12-27 10:09 - 2015-12-06 15:46 - 00001034 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2016-12-27 09:23 - 2016-10-18 12:45 - 00000692 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1273716226-284855160-150349079-1007.job 2016-12-27 09:08 - 2016-10-18 13:37 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\CherryFile 2016-12-26 16:03 - 2015-12-04 17:13 - 01965024 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-26 16:03 - 2015-10-30 19:05 - 00860776 _____ C:\Windows\system32\perfh013.dat 2016-12-26 16:03 - 2015-10-30 19:05 - 00178420 _____ C:\Windows\system32\perfc013.dat 2016-12-26 16:03 - 2015-10-30 08:21 - 00000000 ____D C:\Windows\INF 2016-12-26 15:40 - 2016-01-23 12:00 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\vlc 2016-12-26 15:27 - 2016-01-03 14:14 - 00000000 ____D C:\Users\Maurice\AppData\Local\CrashDumps 2016-12-26 12:14 - 2015-12-09 14:32 - 00000000 ____D C:\Users\Maurice\AppData\Local\Adobe 2016-12-26 11:37 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\AppReadiness 2016-12-26 11:27 - 2016-03-08 09:18 - 00000000 ____D C:\Users\Mieke\AppData\Local\CrashDumps 2016-12-25 13:47 - 2016-01-22 19:27 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps 2016-12-25 10:14 - 2015-12-06 14:00 - 00000000 ____D C:\Users\Maurice 2016-12-24 19:36 - 2016-10-18 12:45 - 00003852 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1273716226-284855160-150349079-1007 2016-12-24 19:36 - 2016-10-18 12:45 - 00003756 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1273716226-284855160-150349079-1007 2016-12-24 13:53 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-12-24 13:47 - 2016-06-29 15:52 - 00000000 ____D C:\ProgramData\VMware 2016-12-24 13:47 - 2016-06-08 08:28 - 00000000 ____D C:\ProgramData\NVIDIA 2016-12-24 13:47 - 2016-03-25 16:48 - 00000093 _____ C:\HaxLogs.txt 2016-12-24 13:47 - 2015-12-04 17:05 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-24 13:46 - 2015-10-30 07:28 - 01310720 ___SH C:\Windows\system32\config\BBI 2016-12-23 19:59 - 2016-09-14 19:28 - 00000000 ____D C:\Users\Maurice\AppData\Local\Ubisoft Game Launcher 2016-12-23 19:50 - 2016-08-05 12:29 - 00541432 _____ C:\Windows\system32\Drivers\EasyAntiCheat.sys 2016-12-22 18:10 - 2015-12-06 15:46 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-12-21 21:51 - 2015-12-06 14:00 - 00000000 ____D C:\Users\Maurice\AppData\Local\Packages 2016-12-20 19:09 - 2015-10-30 08:24 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2016-12-19 21:39 - 2015-12-09 21:26 - 00013081 _____ C:\Users\Maurice\.bash_history 2016-12-19 18:23 - 2016-01-28 19:49 - 00000000 ____D C:\Users\Maurice\.ssh 2016-12-19 10:08 - 2016-08-29 09:46 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Apple Computer 2016-12-17 08:41 - 2015-12-04 17:19 - 00003574 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 08:41 - 2015-12-04 17:19 - 00003450 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-16 07:26 - 2015-12-06 15:35 - 00000000 ____D C:\Users\Mieke\AppData\Local\Packages 2016-12-15 08:50 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\rescache 2016-12-15 06:43 - 2015-12-04 17:04 - 05052696 _____ C:\Windows\system32\FNTCACHE.DAT 2016-12-15 05:49 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\oobe 2016-12-15 05:48 - 2015-10-30 08:11 - 00000000 ____D C:\Windows\CbsTemp 2016-12-15 05:47 - 2015-12-08 20:05 - 00000000 ____D C:\Windows\system32\MRT 2016-12-15 05:44 - 2015-12-08 20:05 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-12-14 21:41 - 2015-12-04 17:19 - 00002292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-14 16:31 - 2015-12-06 13:55 - 00002383 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-14 16:31 - 2015-12-06 13:55 - 00000000 ___RD C:\Users\Frank\OneDrive 2016-12-13 20:31 - 2015-12-06 14:00 - 00002389 _____ C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-13 20:31 - 2015-12-06 14:00 - 00000000 ___RD C:\Users\Maurice\OneDrive 2016-12-13 19:40 - 2016-04-09 13:34 - 00000000 ____D C:\Users\Maurice\.android 2016-12-13 19:35 - 2016-01-28 19:49 - 00000000 ____D C:\Users\Maurice\.VirtualBox 2016-12-13 18:57 - 2015-12-06 15:36 - 00002383 _____ C:\Users\Mieke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-13 18:57 - 2015-12-06 15:36 - 00000000 ___RD C:\Users\Mieke\OneDrive 2016-12-13 08:20 - 2015-12-09 09:12 - 00000000 ____D C:\Users\Maurice\AppData\Local\Steam 2016-12-12 17:04 - 2015-12-06 14:00 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Adobe 2016-12-12 17:02 - 2016-02-11 20:02 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2016-12-12 17:02 - 2016-02-11 19:59 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-12-12 17:00 - 2016-02-11 19:58 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk 2016-12-12 17:00 - 2015-12-04 17:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-12 16:57 - 2016-01-06 15:07 - 00000000 ____D C:\xampp 2016-12-12 16:56 - 2015-12-10 15:04 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\uTorrent 2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-11 20:31 - 2016-06-07 20:36 - 00000000 ____D C:\Windows\Minidump 2016-12-09 18:17 - 2015-12-09 14:15 - 00000000 ____D C:\ProgramData\Git 2016-12-09 18:14 - 2016-04-18 14:48 - 00000000 ____D C:\ProgramData\LockHunter 2016-12-07 19:25 - 2015-10-30 08:24 - 00000000 ____D C:\Windows\system32\NDF 2016-12-06 11:59 - 2015-12-16 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains 2016-12-06 11:17 - 2015-12-12 16:32 - 00000000 ____D C:\Java 2016-12-06 08:57 - 2016-05-27 15:00 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler4.lnk 2016-12-06 08:57 - 2016-05-24 12:18 - 00000788 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-12-06 08:57 - 2016-03-28 19:46 - 00000992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk 2016-12-06 08:57 - 2016-03-28 19:45 - 00000966 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk 2016-12-06 08:57 - 2016-03-28 19:45 - 00000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk 2016-12-06 08:57 - 2016-03-28 19:44 - 00000921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk 2016-12-06 08:57 - 2016-03-28 19:43 - 00001596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk 2016-12-06 08:57 - 2016-03-28 19:43 - 00001041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk 2016-12-06 08:57 - 2016-03-16 14:10 - 00000819 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Balsamiq Mockups 3.lnk 2016-12-06 08:57 - 2016-02-11 20:02 - 00001315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk 2016-12-06 08:57 - 2016-02-11 20:00 - 00001421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk 2016-12-06 08:57 - 2016-01-17 13:15 - 00002763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft AutoRoute.lnk 2016-12-06 08:57 - 2015-12-27 14:50 - 00001126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2016-12-06 08:57 - 2015-12-27 14:46 - 00001133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2016-12-06 08:57 - 2015-12-06 13:33 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-12-06 08:55 - 2016-10-18 13:37 - 00001795 _____ C:\Users\Maurice\Desktop\CherryFile.lnk 2016-12-06 08:55 - 2016-04-11 15:52 - 00000702 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk 2016-12-06 08:55 - 2016-01-14 14:08 - 00002987 _____ C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xamarin Studio.lnk 2016-12-06 08:55 - 2016-01-05 21:31 - 00001312 _____ C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Messenger for Desktop.lnk 2016-12-06 08:55 - 2016-01-05 21:31 - 00001311 _____ C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messenger.lnk 2016-12-06 08:55 - 2015-12-10 15:04 - 00002646 _____ C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-12-06 08:55 - 2015-12-06 14:25 - 00000730 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk 2016-12-05 17:05 - 2016-03-23 11:48 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\npm-cache 2016-12-05 11:51 - 2016-06-16 16:31 - 00000000 ____D C:\AdwCleaner 2016-12-05 11:33 - 2016-06-29 17:57 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile 2016-12-05 11:33 - 2016-06-29 17:57 - 00000000 ____D C:\Program Files (x86)\Sony Mobile 2016-12-05 10:59 - 2016-03-23 11:46 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\npm 2016-12-03 21:40 - 2016-01-05 21:31 - 00000000 ____D C:\Users\Maurice\AppData\Local\Messenger 2016-12-03 19:55 - 2016-01-17 20:58 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\DVDVideoSoft 2016-12-03 19:54 - 2016-01-17 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-12-02 18:11 - 2015-12-06 13:54 - 00000000 ____D C:\Users\Frank\AppData\Local\Packages 2016-11-30 18:48 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-11-30 09:52 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-11-29 20:52 - 2015-12-10 15:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-11-29 19:33 - 2015-12-10 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-11-29 19:33 - 2015-10-30 19:08 - 00000000 ____D C:\Windows\ShellNew 2016-11-29 19:31 - 2015-10-30 08:24 - 00000076 _____ C:\Windows\win.ini 2016-11-29 19:31 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\System 2016-11-29 13:29 - 2016-10-18 13:37 - 00003650 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask 2016-11-29 11:23 - 2016-11-05 15:30 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\NVIDIA 2016-11-29 10:04 - 2015-12-06 15:46 - 00004098 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA 2016-11-29 10:04 - 2015-12-06 15:46 - 00003866 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore 2016-11-28 12:13 - 2016-06-08 14:57 - 00000000 ____D C:\Users\Maurice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps ==================== Bestanden in de root van sommige mappen ======= 2016-12-12 17:03 - 2016-12-19 15:25 - 0000033 _____ () C:\Users\Maurice\AppData\Roaming\AdobeWLCMCache.dat 2016-07-28 17:00 - 2016-07-28 17:00 - 0000098 _____ () C:\Users\Maurice\AppData\Roaming\settings.xml 2016-07-21 13:03 - 2016-07-21 13:03 - 0001456 _____ () C:\Users\Maurice\AppData\Local\Adobe Save for Web 13.0 Prefs 2016-11-03 11:29 - 2016-11-03 11:29 - 0000016 _____ () C:\ProgramData\mntemp Bestanden om te verplaatsen of verwijderen: ==================== C:\Users\Maurice\.mongorc.js Sommige bestanden in TEMP: ==================== C:\Users\Maurice\AppData\Local\Temp\Fiddlerv4Setup.exe C:\Users\Maurice\AppData\Local\Temp\libeay32.dll C:\Users\Maurice\AppData\Local\Temp\msvcr120.dll C:\Users\Maurice\AppData\Local\Temp\proxy_vole1943629260627834549.dll C:\Users\Maurice\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\Windows\system32\winlogon.exe => Bestand is getekend C:\Windows\system32\wininit.exe => Bestand is getekend C:\Windows\explorer.exe => Bestand is getekend C:\Windows\SysWOW64\explorer.exe => Bestand is getekend C:\Windows\system32\svchost.exe => Bestand is getekend C:\Windows\SysWOW64\svchost.exe => Bestand is getekend C:\Windows\system32\services.exe => Bestand is getekend C:\Windows\system32\User32.dll => Bestand is getekend C:\Windows\SysWOW64\User32.dll => Bestand is getekend C:\Windows\system32\userinit.exe => Bestand is getekend C:\Windows\SysWOW64\userinit.exe => Bestand is getekend C:\Windows\system32\rpcss.dll => Bestand is getekend C:\Windows\system32\dnsapi.dll => Bestand is getekend C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2016-12-26 11:55 ==================== Eind van FRST.txt ============================