Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 29-09-2017 Gestart door ACAER (Beheerder) op LAPTOP-VUKT927G (30-09-2017 12:08:18) Gestart vanaf C:\Users\ACAER\Downloads Geladen Profielen: ACAER (Beschikbare Profielen: ACAER) Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.) (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Digital Care Solutions) C:\Program Files\BDServices\BitDefenderCOM.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Realtek) C:\Program Files (x86)\EnGenius\11n USB Wireless LAN Utility\RtlService.exe (Symantec Corporation) C:\Program Files\Norton 360\Engine\22.10.1.10\N360.exe (TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (EnGenius Technologies.) C:\Program Files (x86)\EnGenius\11n USB Wireless LAN Utility\RtWLan.exe (Symantec Corporation) C:\Program Files\Norton 360\Engine\22.10.1.10\N360.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\System Setting\TCrdMain_Win8.exe (Spotify Ltd) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Mailbird) C:\Program Files (x86)\Mailbird\Mailbird.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWififind.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (The CefSharp Authors) C:\Program Files (x86)\Mailbird\CefSharp.BrowserSubprocess.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Symantec Corporation) C:\Program Files\Norton 360\Engine\22.10.1.10\coNatHst.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1561_none_7ef6e89821f9a6be\TiWorker.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16690424 2016-11-04] (Realtek Semiconductor) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [180016 2015-06-08] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] => C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe [511280 2015-06-24] (TOSHIBA Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-21-1404181309-29018021-2598583116-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe [2022968 2015-10-08] (Spotify Ltd) HKU\S-1-5-21-1404181309-29018021-2598583116-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1986280 2017-08-04] (TomTom) HKU\S-1-5-21-1404181309-29018021-2598583116-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-1404181309-29018021-2598583116-1001\...\Run: [Google Update] => C:\Users\ACAER\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-05-21] (Google Inc.) HKU\S-1-5-21-1404181309-29018021-2598583116-1001\...\Run: [Mailbird] => C:\Program Files (x86)\Mailbird\Mailbird.exe [8489856 2017-08-31] (Mailbird) HKU\S-1-5-21-1404181309-29018021-2598583116-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037984 2017-05-20] (Samsung) HKU\S-1-5-21-1404181309-29018021-2598583116-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd) HKU\S-1-5-21-1404181309-29018021-2598583116-1001\...\MountPoints2: {1242d45d-c696-11e6-9bee-b886879449bd} - "E:\startme.exe" HKU\S-1-5-21-1404181309-29018021-2598583116-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [231936 2016-07-16] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Samsung.PCSync] => "C:\Program Files (x86)\Samsung\Samsung PC Studio 7\PcSync2.exe" /NoDialog Startup: C:\Users\ACAER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch FreeSpell.lnk [2017-01-30] ShortcutTarget: Launch FreeSpell.lnk -> C:\Program Files (x86)\FreeSpell\FreeSpell.exe (HCI Design) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-10-08] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Naar updates zoeken.lnk [2016-12-31] ShortcutTarget: Naar updates zoeken.lnk -> C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe (PCTV Systems) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-10-08] ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.) Tcpip\Parameters: [DhcpNameServer] 203.144.207.29 203.144.207.49 Tcpip\..\Interfaces\{4e93fe71-387c-4062-97e2-32a7bfc45e2c}: [DhcpNameServer] 203.144.207.29 203.144.207.49 Tcpip\..\Interfaces\{d8b2252d-c086-468e-ba9e-b93b6c340633}: [DhcpNameServer] 192.168.93.1 Tcpip\..\Interfaces\{fc8e8ae6-eeda-4a33-a4d3-c25abe843348}: [DhcpNameServer] 203.144.207.29 203.144.207.49 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=N360&pvid=22.10.1.10 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=N360&pvid=22.10.1.10 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=N360&pvid=22.10.1.10 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=N360&pvid=22.10.1.10 HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=N360&pvid=22.10.1.10 HKU\S-1-5-21-1404181309-29018021-2598583116-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1404181309-29018021-2598583116-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.norton.com?prt=NSBU&chn=1000&geo=BE&ver=22.10.1.10&locale=nl_BE&guid=8CD0B613-02F8-4FF5-AC13-9A14494210CC&doi=2017-09-24&o=APN11915 HKU\S-1-5-21-1404181309-29018021-2598583116-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome HKU\S-1-5-21-1404181309-29018021-2598583116-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope waarde ontbreekt SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt SearchScopes: HKU\S-1-5-21-1404181309-29018021-2598583116-1001 -> {5631EFA8-68C3-41A0-8A95-B4E4D979AAC5} URL = SearchScopes: HKU\S-1-5-21-1404181309-29018021-2598583116-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-1404181309-29018021-2598583116-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NSBU&chn=1000&geo=BE&ver=22.10.1.10&locale=nl_BE&guid=8CD0B613-02F8-4FF5-AC13-9A14494210CC&doi=2017-09-24&gct=kwd&qsrc=2869 BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-28] (Microsoft Corporation) BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine\22.10.1.10\coIEPlg.dll [2017-08-24] (Symantec Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-28] (Microsoft Corporation) BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360\Engine32\22.10.1.10\coIEPlg.dll [2017-08-24] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-24] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-24] (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\22.10.1.10\coIEPlg.dll [2017-08-24] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine32\22.10.1.10\coIEPlg.dll [2017-08-24] (Symantec Corporation) Toolbar: HKU\S-1-5-21-1404181309-29018021-2598583116-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\22.10.1.10\coIEPlg.dll [2017-08-24] (Symantec Corporation) Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-04] (Microsoft Corporation) Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-04] (Microsoft Corporation) Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-04] (Microsoft Corporation) Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-04] (Microsoft Corporation) Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-04] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-04] (Microsoft Corporation) Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-04] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-28] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 3ki3queb.default-1491649944452-1505043743191 FF ProfilePath: C:\Users\ACAER\AppData\Roaming\Mozilla\Firefox\Profiles\3ki3queb.default-1491649944452-1505043743191 [2017-09-30] FF Homepage: Mozilla\Firefox\Profiles\3ki3queb.default-1491649944452-1505043743191 -> hxxps://www.voetbalprimeur.be/ FF Extension: (Norton Identity Safe) - C:\Users\ACAER\AppData\Roaming\Mozilla\Firefox\Profiles\3ki3queb.default-1491649944452-1505043743191\Extensions\idsafe@norton.com.xpi [2017-09-20] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.10.1.10\coFFAddon FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.10.1.10\coFFAddon [2017-09-13] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.10.1.10\coFFAddon FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-14] () FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-14] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-28] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll [2010-01-23] (Zeon Corporation) FF Plugin HKU\S-1-5-21-1404181309-29018021-2598583116-1001: @tools.google.com/Google Update;version=3 -> C:\Users\ACAER\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-21] (Google Inc.) FF Plugin HKU\S-1-5-21-1404181309-29018021-2598583116-1001: @tools.google.com/Google Update;version=9 -> C:\Users\ACAER\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-21] (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://be.msn.com/" CHR NewTab: Default -> Not-active:"chrome-extension://gfoabcdjalmeenbjjngidappmppchblc/homePageRedirect.html" CHR Profile: C:\Users\ACAER\AppData\Local\Google\Chrome\User Data\Default [2017-09-29] CHR Extension: (Norton Security Toolbar) - C:\Users\ACAER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-09-14] CHR Extension: (Norton Home Page for Chrome) - C:\Users\ACAER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfoabcdjalmeenbjjngidappmppchblc [2017-09-14] CHR Extension: (Norton Safe) - C:\Users\ACAER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-09-14] CHR Extension: (Norton Identity Safe) - C:\Users\ACAER\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-09-15] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\ACAER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-11] CHR Extension: (Chrome Media Router) - C:\Users\ACAER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-28] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton 360\Engine\22.10.1.10\Exts\Chrome.crx CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton 360\Engine\22.10.1.10\Exts\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-07-07] () [Bestand niet getekend] R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2278152 2015-10-08] (Broadcom Corporation.) R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-11-22] (Digital Care Solutions) [Bestand niet getekend] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761608 2017-09-08] (Microsoft Corporation) R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] () R2 EnGenius11nSU; C:\Program Files (x86)\EnGenius\11n USB Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [Bestand niet getekend] S3 MailbirdUpdater.exe; C:\Program Files (x86)\Mailbird\MailbirdUpdater.exe [573312 2017-08-31] (Mailbird) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 N360; C:\Program Files\Norton 360\Engine\22.10.1.10\N360.exe [326144 2017-08-24] (Symantec Corporation) S3 scan; C:\Program Files\BDServices\scan.dll [627688 2016-11-10] (Bitdefender) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-05] (Synaptics Incorporated) R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-24] (Advanced Micro Devices, Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH) R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH) R2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [326960 2015-06-24] (TOSHIBA) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 AbilisT; C:\WINDOWS\System32\Drivers\AbilisBdaTuner.sys [128264 2010-03-18] (ABILIS Systems) R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [18968 2015-05-12] (Advanced Micro Devices, INC.) S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101104 2015-06-24] (Advanced Micro Devices, Inc. ) R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-05] (Advanced Micro Devices, Inc.) R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [277240 2015-06-24] (Advanced Micro Devices, Inc. ) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-29] (Advanced Micro Devices) R3 azvusb; C:\WINDOWS\System32\drivers\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [199472 2015-10-08] (Broadcom Corporation.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7585280 2016-07-16] (Broadcom Corporation) R1 BHDrvx64; C:\Program Files\Norton 360\NortonData\22.10.1.10\Definitions\BASHDefs\20170927.001\BHDrvx64.sys [1872032 2017-09-08] (Symantec Corporation) R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360x64\160A010.00A\ccSetx64.sys [187520 2017-08-24] (Symantec Corporation) S3 cxbu0x64; C:\WINDOWS\system32\DRIVERS\cxbu0x64.sys [157848 2015-09-08] (HID Global Corporation) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-19] (Samsung Electronics Co., Ltd.) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-06-16] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158336 2017-06-16] (Symantec Corporation) S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2016-12-21] (Sony Mobile Communications) R1 IDSVia64; C:\Program Files\Norton 360\NortonData\22.10.1.10\Definitions\IPSDefs\20170929.001\IDSvia64.sys [1056920 2017-09-12] (Symantec Corporation) R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-09-21] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-02] (Realtek Semiconductor Corp.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-28] (Realtek ) S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation ) S3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [50880 2016-11-03] (Synaptics Incorporated) R3 SRTSP; C:\WINDOWS\system32\drivers\N360x64\160A010.00A\SRTSP64.SYS [810136 2017-08-24] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\N360x64\160A010.00A\SRTSPX64.SYS [49304 2017-08-24] (Symantec Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-19] (Samsung Electronics Co., Ltd.) R0 SymEFASI; C:\WINDOWS\System32\drivers\N360x64\160A010.00A\SYMEFASI64.SYS [1868416 2017-08-24] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\N360x64\160A010.00A\SymELAM.sys [24608 2017-08-24] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102568 2017-09-13] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\N360x64\160A010.00A\Ironx64.SYS [301288 2017-08-24] (Symantec Corporation) R1 SymNetS; C:\WINDOWS\system32\drivers\N360x64\160A010.00A\SYMNETS.SYS [566912 2017-08-24] (Symantec Corporation) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-06-13] (Toshiba Corporation) R1 TosBTFilter; C:\WINDOWS\system32\drivers\TosBTFilter.sys [28432 2015-06-19] (Toshiba Corporation) S3 Trufos; C:\WINDOWS\System32\DRIVERS\Trufos.sys [485512 2016-11-10] (BitDefender S.R.L.) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U0 aswVmm; geen ImagePath S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [X] ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-09-30 12:08 - 2017-09-30 12:11 - 000030749 _____ C:\Users\ACAER\Downloads\FRST.txt 2017-09-30 12:03 - 2017-09-30 12:04 - 002399744 _____ (Farbar) C:\Users\ACAER\Downloads\FRST64(1).exe 2017-09-30 12:02 - 2017-09-30 12:05 - 002399744 _____ (Farbar) C:\Users\ACAER\Downloads\FRST64.exe 2017-09-29 19:05 - 2017-09-29 19:05 - 000000000 ____D C:\Users\ACAER\OneDrive\Documenten\FRST-OlderVersion 2017-09-29 19:05 - 2017-09-27 22:24 - 000005348 _____ C:\Users\ACAER\OneDrive\Documenten\Fixlog.txt 2017-09-29 19:05 - 2017-09-27 10:23 - 000050250 _____ C:\Users\ACAER\OneDrive\Documenten\Addition.txt 2017-09-29 15:58 - 2017-09-29 15:58 - 000000000 ___HD C:\OneDriveTemp 2017-09-28 20:30 - 2017-09-28 20:30 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2017-09-28 20:29 - 2017-09-28 20:29 - 000000000 ____D C:\Program Files\Common Files\AV 2017-09-27 21:23 - 2017-09-27 21:25 - 008636368 _____ (McAfee, Inc.) C:\Users\ACAER\Downloads\MCPR.exe 2017-09-27 19:09 - 2017-09-27 19:10 - 009809688 _____ (Piriform Ltd) C:\Users\ACAER\Downloads\ccsetup535.exe 2017-09-27 09:45 - 2017-09-30 12:08 - 000000000 ____D C:\FRST 2017-09-25 22:17 - 2017-09-25 22:17 - 000002673 _____ C:\Users\ACAER\Downloads\download.csv 2017-09-24 21:33 - 2017-09-24 21:33 - 000000000 ____D C:\Users\ACAER\AppData\Roaming\Sun 2017-09-24 21:33 - 2017-09-24 21:33 - 000000000 ____D C:\Users\ACAER\AppData\LocalLow\Sun 2017-09-24 21:32 - 2017-09-24 21:32 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2017-09-24 21:32 - 2017-09-24 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2017-09-24 21:30 - 2017-09-24 21:30 - 000000000 ____D C:\Program Files (x86)\Java 2017-09-24 21:18 - 2017-09-24 21:19 - 000738880 _____ (Oracle Corporation) C:\Users\ACAER\Downloads\JavaSetup8u144.exe 2017-09-24 21:17 - 2017-09-24 21:20 - 000738880 _____ (Oracle Corporation) C:\Users\ACAER\Downloads\JavaSetup8u144(1).exe 2017-09-22 12:39 - 2017-09-22 12:44 - 000000000 ____D C:\Users\ACAER\Downloads\PDF FORMULIEREN 2017-09-22 12:35 - 2017-09-22 12:36 - 000000000 ____D C:\Users\ACAER\Downloads\kassikorn uitreksels 2017-09-21 18:33 - 2017-09-21 18:33 - 000000000 ____D C:\Users\ACAER\AppData\Local\ElevatedDiagnostics 2017-09-16 14:34 - 2017-09-16 14:34 - 000764632 _____ C:\Users\ACAER\OneDrive\Documenten\test scan hp.pdf 2017-09-16 14:31 - 2017-09-16 14:31 - 000764632 _____ C:\Users\ACAER\OneDrive\Documenten\test scan.pdf 2017-09-16 12:41 - 2017-09-16 12:43 - 094076104 _____ C:\Users\ACAER\Downloads\DJ3630__Full_WebPack_1107.exe 2017-09-16 12:09 - 2017-09-16 12:11 - 000000000 ____D C:\Users\ACAER\Desktop\Nieuwe snelkppelingen 2017-09-16 11:08 - 2017-09-16 11:08 - 000000000 ____D C:\Users\ACAER\OneDrive\Documenten\HpReg_Backup 2017-09-16 00:27 - 2017-09-16 00:27 - 000973579 _____ C:\Users\ACAER\Desktop\reserve bladwijzers van firefox.json 2017-09-15 20:54 - 2017-09-20 08:52 - 000000000 ____D C:\Users\ACAER\AppData\Local\CrashDumps 2017-09-15 13:23 - 2017-09-15 13:23 - 000002260 _____ C:\Users\Public\Desktop\HP DeskJet 3630 series.lnk 2017-09-15 13:23 - 2017-09-15 13:23 - 000001207 _____ C:\Users\Public\Desktop\Benodigdheden kopen - HP DeskJet 3630 series.lnk 2017-09-15 12:51 - 2017-09-15 12:51 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2017-09-15 12:51 - 2017-09-15 12:51 - 000001071 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2017-09-15 12:51 - 2017-09-15 12:51 - 000000000 ____D C:\Users\ACAER\AppData\Roaming\TeamViewer 2017-09-15 12:50 - 2017-09-15 23:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2017-09-15 12:46 - 2017-09-15 12:47 - 015756368 _____ (TeamViewer GmbH) C:\Users\ACAER\Downloads\TeamViewer_Setup (1).exe 2017-09-15 12:41 - 2017-09-15 12:42 - 015756368 _____ (TeamViewer GmbH) C:\Users\ACAER\Downloads\TeamViewer_Setup.exe 2017-09-14 22:20 - 2017-09-14 22:20 - 000002031 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk 2017-09-14 22:20 - 2017-09-14 22:20 - 000000000 ____D C:\ProgramData\HP Photo Creations 2017-09-14 22:20 - 2017-09-14 22:20 - 000000000 ____D C:\Program Files (x86)\HP Photo Creations 2017-09-14 22:18 - 2017-09-15 10:45 - 000003730 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP DeskJet 3630 series 2017-09-13 14:33 - 2017-09-30 12:00 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2017-09-13 13:16 - 2017-09-13 13:16 - 000102568 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS 2017-09-13 13:16 - 2017-09-13 13:16 - 000008309 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT 2017-09-13 13:16 - 2017-09-13 13:16 - 000003366 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2017-09-13 13:16 - 2017-09-13 13:16 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared 2017-09-13 13:15 - 2017-09-13 13:15 - 000002121 _____ C:\Users\Public\Desktop\Norton 360.lnk 2017-09-13 13:10 - 2017-09-13 13:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\N360x64 2017-09-13 13:09 - 2017-09-13 13:16 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2017-09-13 13:09 - 2017-09-13 13:10 - 000000000 ____D C:\Program Files\Norton 360 2017-09-13 13:09 - 2017-09-13 13:09 - 000000000 ____D C:\ProgramData\NortonInstaller 2017-09-13 13:09 - 2017-09-13 13:09 - 000000000 ____D C:\Program Files (x86)\NortonInstaller 2017-09-13 12:54 - 2017-09-29 16:23 - 000000000 ____D C:\ProgramData\Norton 2017-09-13 12:54 - 2017-09-29 16:22 - 000001409 _____ C:\Users\ACAER\Desktop\Norton Installation Files.lnk 2017-09-13 12:54 - 2017-09-13 12:54 - 000000000 ____D C:\Users\Public\Downloads\Norton 2017-09-13 12:51 - 2017-09-13 12:53 - 001112984 _____ (Symantec Corporation) C:\Users\ACAER\Downloads\NortonN360PDownloader.exe 2017-09-12 08:32 - 2017-08-04 12:31 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-09-12 08:32 - 2017-08-04 12:31 - 001214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-09-12 08:32 - 2017-08-04 12:31 - 000629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-09-12 08:32 - 2017-08-04 12:31 - 000544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-09-12 08:32 - 2017-08-04 12:31 - 000335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-09-12 08:32 - 2017-08-04 12:31 - 000334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-09-12 08:32 - 2017-08-04 12:31 - 000233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-09-12 08:32 - 2017-08-04 12:31 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-09-12 08:32 - 2017-08-04 12:31 - 000096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-09-12 08:32 - 2017-08-04 12:31 - 000034656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-09-12 08:32 - 2017-08-04 11:26 - 000192864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-09-11 23:12 - 2017-09-12 00:46 - 000000000 ____D C:\Program Files (x86)\EuroNL.tv 2017-09-10 19:12 - 2017-09-10 19:12 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-09-10 19:11 - 2017-09-27 19:12 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-09-10 19:11 - 2017-09-10 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.) 2017-09-30 11:54 - 2016-11-03 19:39 - 000000000 ___RD C:\Users\ACAER\OneDrive 2017-09-30 11:52 - 2015-10-08 16:50 - 004409945 _____ C:\WINDOWS\SysWOW64\rootpa.e2e 2017-09-30 11:51 - 2016-11-09 04:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-09-30 11:50 - 2016-07-16 13:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2017-09-30 11:50 - 2015-10-08 16:47 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-09-30 11:04 - 2016-11-09 03:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-09-30 10:50 - 2016-07-16 18:36 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-09-30 10:40 - 2016-07-16 18:47 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-09-30 09:11 - 2016-07-16 18:47 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-09-30 06:04 - 2017-07-03 22:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-09-30 06:04 - 2016-12-26 01:59 - 000000000 ____D C:\Program Files (x86)\Mailbird 2017-09-30 05:54 - 2016-11-11 02:51 - 000004196 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2B4DBEF6-C1AB-4944-9BD2-D26DA2D43A98} 2017-09-29 23:12 - 2016-11-08 03:59 - 000000000 ___RD C:\Program Files\Program Files (x86) 2017-09-29 10:27 - 2017-08-05 15:52 - 000000000 ____D C:\Program Files\rempl 2017-09-29 10:13 - 2016-07-16 18:47 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-28 08:53 - 2016-07-16 18:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-09-28 08:48 - 2016-07-16 18:45 - 000000000 ____D C:\WINDOWS\INF 2017-09-28 08:45 - 2016-11-10 01:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2017-09-27 22:24 - 2016-11-24 15:43 - 000000000 ____D C:\Users\ACAER\AppData\LocalLow\Temp 2017-09-27 22:10 - 2016-11-03 19:29 - 000000000 ____D C:\Users\ACAER\AppData\Local\Host App Service 2017-09-27 22:06 - 2015-10-08 17:12 - 000000000 ____D C:\Program Files\Common Files\McAfee 2017-09-26 16:02 - 2016-07-16 13:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2017-09-25 18:59 - 2017-08-15 22:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-09-24 21:39 - 2016-12-21 16:07 - 000000000 ____D C:\ProgramData\Oracle 2017-09-23 20:17 - 2016-11-09 03:35 - 000542936 _____ C:\WINDOWS\system32\perfh010.dat 2017-09-23 20:17 - 2016-11-09 03:35 - 000156704 _____ C:\WINDOWS\system32\perfc010.dat 2017-09-23 20:17 - 2016-11-09 02:41 - 000593472 _____ C:\WINDOWS\system32\perfh00C.dat 2017-09-23 20:17 - 2016-11-09 02:41 - 000168274 _____ C:\WINDOWS\system32\perfc00C.dat 2017-09-23 20:17 - 2016-07-17 05:15 - 000825128 _____ C:\WINDOWS\system32\perfh013.dat 2017-09-23 20:17 - 2016-07-17 05:15 - 000178268 _____ C:\WINDOWS\system32\perfc013.dat 2017-09-23 20:17 - 2015-10-08 16:07 - 003536214 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-09-22 10:24 - 2016-12-04 19:42 - 000000000 ____D C:\Users\ACAER\Desktop\programs herstel helppc 2017-09-22 08:38 - 2016-11-05 22:41 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-21 20:09 - 2017-04-16 07:26 - 000000000 ____D C:\WINDOWS\softwaredistribution.bak 2017-09-21 08:33 - 2016-11-06 04:30 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-09-20 12:04 - 2016-11-06 18:49 - 000000000 ____D C:\Users\ACAER\AppData\Roaming\vlc 2017-09-16 14:25 - 2017-06-09 18:10 - 000002052 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2017-09-16 14:03 - 2016-11-05 22:35 - 000000000 ____D C:\ProgramData\HP 2017-09-15 23:46 - 2016-07-16 18:47 - 000000000 ____D C:\WINDOWS\registration 2017-09-15 14:19 - 2016-11-05 00:11 - 000000000 ____D C:\WINDOWS\system32\MRT 2017-09-15 14:07 - 2016-11-05 00:11 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-09-15 13:42 - 2016-11-09 03:46 - 000370352 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-09-15 13:23 - 2016-11-05 22:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-09-15 13:22 - 2016-11-05 22:38 - 000000000 ____D C:\Program Files (x86)\HP 2017-09-15 08:37 - 2017-07-18 13:56 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1404181309-29018021-2598583116-1001 2017-09-15 08:36 - 2016-11-03 19:39 - 000002440 _____ C:\Users\ACAER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-09-15 08:08 - 2016-07-16 18:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2017-09-15 00:07 - 2016-07-16 18:47 - 000000000 ____D C:\WINDOWS\system32\appraiser 2017-09-14 22:32 - 2016-11-05 22:33 - 000000000 ____D C:\Users\ACAER\AppData\Local\HP 2017-09-14 22:25 - 2016-11-05 22:40 - 000000000 ____D C:\Users\ACAER\AppData\Roaming\HpUpdate 2017-09-14 22:14 - 2016-11-05 22:38 - 000000000 ____D C:\Program Files\HP 2017-09-14 08:26 - 2016-11-09 04:30 - 000004496 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-09-14 08:25 - 2016-07-16 18:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-09-14 08:25 - 2016-07-16 18:47 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-09-14 00:38 - 2016-11-19 15:39 - 000000000 ____D C:\Users\ACAER\AppData\LocalLow\Mozilla 2017-09-13 10:02 - 2016-12-20 18:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2017-09-13 09:57 - 2016-11-18 16:10 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2017-09-12 04:30 - 2016-07-16 18:47 - 000000000 ____D C:\WINDOWS\rescache 2017-09-11 23:53 - 2017-08-21 02:13 - 000000000 ____D C:\AdwCleaner 2017-09-11 08:55 - 2016-11-05 00:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-09-11 08:54 - 2016-11-09 04:09 - 000000000 ____D C:\Users\ACAER 2017-09-11 08:34 - 2016-12-28 00:28 - 000000000 ____D C:\Users\ACAER\AppData\Roaming\Mailbird 2017-09-11 08:34 - 2016-12-26 01:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird 2017-09-10 19:11 - 2016-11-06 03:21 - 000000000 ____D C:\Program Files\CCleaner 2017-09-10 18:28 - 2017-03-21 21:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-09-06 02:01 - 2016-07-16 18:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-09-06 02:01 - 2016-07-16 18:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bestanden in de root van sommige mappen ======= 2016-12-21 16:35 - 2016-12-21 16:37 - 045700992 _____ (Sony) C:\Users\ACAER\AppData\Local\pcc.exe 2016-11-05 22:36 - 2016-11-05 22:36 - 000000057 _____ () C:\ProgramData\Ament.ini 2016-11-09 04:03 - 2016-11-09 04:03 - 000000000 ____H () C:\ProgramData\DP45977C.lfl Bestanden om te verplaatsen of verwijderen: ==================== C:\Users\ACAER\atl100.dll C:\Users\ACAER\msvcp100 - kopie.dll C:\Users\ACAER\msvcp100.dll C:\Users\ACAER\msvcp140.dll C:\Users\ACAER\msvcr100 - kopie.dll C:\Users\ACAER\msvcr100.dll C:\Users\ACAER\vcruntime140.dll ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2017-09-30 10:15 ==================== Eind van FRST.txt ============================