Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 08.11.2018 Gestart door Richard (Beheerder) op DELL_I2_WIN-PC (09-11-2018 09:43:13) Gestart vanaf C:\Users\Richard\Downloads Geladen Profielen: Richard (Beschikbare Profielen: Richard & DefaultAppPool) Platform: Windows 10 Home Versie 1803 17134.345 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: FF) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe (McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McT920F.tmp (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe (McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe (McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Acer) C:\Users\Richard\AppData\Roaming\Acer\AcerEXTEND\ExImg\ImageRoot\ADLoader.exe (Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Users\Richard\AppData\Roaming\Acer\AcerEXTEND\FunctModules\{01F85638-2B29-4193-8D9F-081F6C20D592}\OtiVolumeLaunchPC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Farbar) C:\Users\Richard\Downloads\FRST64(1).exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [80896 2017-07-18] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-290964387-4162526659-560491130-1001\...\Run: [LaunchList] => C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exe [145496 2007-03-21] (Pinnacle Systems) HKU\S-1-5-21-290964387-4162526659-560491130-1001\...\Run: [AcerEXTENDPkg] => C:\Users\Richard\AppData\Roaming\Acer\AcerEXTEND\ExImg\ImageRoot\ADLoader.exe [558856 2015-04-22] (Acer) HKU\S-1-5-21-290964387-4162526659-560491130-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd) HKU\S-1-5-21-290964387-4162526659-560491130-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1299944 2017-10-25] (Digital Wave Ltd) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-10-03] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 2540 series.lnk [2018-11-09] ShortcutTarget: Inktwaarschuwingen controleren - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5 Tcpip\..\Interfaces\{3f59818c-220e-4ac0-9bbf-313d7fa4a386}: [DhcpNameServer] 195.130.131.5 195.130.130.5 Internet Explorer: ================== HKU\S-1-5-21-290964387-4162526659-560491130-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BBD61989A-A754-4CBF-B8A8-0DC4317DDA94%7D&mid=40faaaf28ddf47ccb383d16c2263183e-ae9253913e94ec8fb2222c10c16ef8393cea85e8&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-12-10%2000:13:16&v=4.1.8.599&pid=wtu&sg=&sap=hp SearchScopes: HKU\S-1-5-21-290964387-4162526659-560491130-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BD61989A-A754-4CBF-B8A8-0DC4317DDA94}&mid=40faaaf28ddf47ccb383d16c2263183e-ae9253913e94ec8fb2222c10c16ef8393cea85e8&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-12-10 00:13:16&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-290964387-4162526659-560491130-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-290964387-4162526659-560491130-1001 -> {12CE918C-8450-4206-8038-79DC70D36DEE} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-290964387-4162526659-560491130-1001 -> {76BB5EF2-BDD4-47B7-BD55-B0ECD11E9D08} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-290964387-4162526659-560491130-1001 -> {780A3A1B-4675-4D92-BD7B-6F9950469A31} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-290964387-4162526659-560491130-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={BD61989A-A754-4CBF-B8A8-0DC4317DDA94}&mid=40faaaf28ddf47ccb383d16c2263183e-ae9253913e94ec8fb2222c10c16ef8393cea85e8&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-12-10 00:13:16&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-290964387-4162526659-560491130-1001 -> {F13C3113-0E8E-4FC3-84BB-67F1ED790432} URL = hxxp://www.bing.com/search?FORM=U221DF&PC=U221&q={searchTerms}&src=IE-SearchBox BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation) BHO: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-20] (Oracle Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-20] (Oracle Corporation) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security) DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.) FireFox: ======== FF DefaultProfile: 4h68uc07.default FF ProfilePath: C:\Users\Richard\AppData\Roaming\TomTom\HOME\Profiles\g0c200zz.default [2018-05-04] FF Extension: (Geen Naam) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [niet gevonden] FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\4h68uc07.default [2018-11-09] FF Homepage: Mozilla\Firefox\Profiles\4h68uc07.default -> hxxps://mysearch.avg.com/?cid={BD61989A-A754-4CBF-B8A8-0DC4317DDA94}&mid=40faaaf28ddf47ccb383d16c2263183e-ae9253913e94ec8fb2222c10c16ef8393cea85e8&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0615pit&pr=fr&d=2015-12-10 00:13:16&v=4.1.8.599&pid=wtu&sg=&sap=hp FF Extension: (eID België) - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\4h68uc07.default\Extensions\belgiumeid@eid.belgium.be.xpi [2018-11-07] FF Extension: (Browser Privacy) - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\4h68uc07.default\Extensions\info@browser-privacy.com.xpi [2018-08-02] FF Extension: (AVG SafePrice) - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\4h68uc07.default\Extensions\sp@avg.com.xpi [2016-11-14] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-18] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-20] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-290964387-4162526659-560491130-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Richard\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-08-19] (RocketLife, LLP) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=C210BE91075D20161215&p={searchTerms} CHR DefaultSearchKeyword: Default -> McAfee CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2018-08-07] CHR Extension: (Google Documenten) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-18] CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-02] CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-18] CHR Extension: (Google Spreadsheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-02] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-09-18] CHR Extension: (Offline Documenten) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-18] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-02] CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-18] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S2 0227191541254654mcinstcleanup; C:\WINDOWS\TEMP\022719~1.EXE [904360 2018-08-12] (McAfee, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-10-25] (Digital Wave Ltd.) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-09-27] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe [405392 2018-09-27] (McAfee, Inc.) S2 PCLEPCI; C:\WINDOWS\SysWOW64\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [Bestand niet getekend] S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [355280 2018-10-10] (McAfee, LLC.) R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [355280 2018-10-10] (McAfee, LLC.) R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [193656 2018-10-10] (McAfee, LLC.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-23] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-23] (Microsoft Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 CMUAC; C:\WINDOWS\system32\DRIVERS\CMUAC.sys [661760 2015-08-30] (C-MEDIA) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek ) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2016-03-06] (SlimWare Utilities, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-10-23] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-10-23] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-23] (Microsoft Corporation) U3 idsvc; geen ImagePath ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-11-09 09:43 - 2018-11-09 09:44 - 000020554 _____ C:\Users\Richard\Downloads\FRST.txt 2018-11-09 09:42 - 2018-11-09 09:43 - 000000000 ____D C:\FRST 2018-11-09 09:42 - 2018-11-09 09:42 - 000000000 ____D C:\Users\Richard\Downloads\FRST-OlderVersion 2018-11-09 09:41 - 2018-11-09 09:42 - 002415616 _____ (Farbar) C:\Users\Richard\Downloads\FRST64(1).exe 2018-11-08 22:06 - 2018-11-08 22:08 - 106859936 _____ C:\Users\Richard\Downloads\DJ2540_188(1).exe 2018-11-08 19:09 - 2018-11-08 19:09 - 004324352 _____ C:\Users\Richard\Downloads\De prinses 11.pps 2018-11-07 20:31 - 2018-11-07 20:31 - 005631858 _____ C:\Users\Richard\Downloads\VID-20180706-WA0004121.mp4 2018-11-07 14:55 - 2018-11-07 14:55 - 007378002 _____ C:\Users\Richard\Downloads\haan1.mp4 2018-11-07 08:10 - 2018-11-07 08:10 - 000068792 _____ C:\Users\Richard\Downloads\afspraakUZGENT35438502(1).pdf 2018-11-07 07:55 - 2018-11-07 07:55 - 006099259 _____ C:\Users\Richard\Downloads\2018-04-24-VIDEO-0000000711.mp4 2018-11-07 07:54 - 2018-11-07 07:54 - 001558803 _____ C:\Users\Richard\Downloads\a voir trop beau (1).MP4 2018-11-07 07:53 - 2018-11-07 07:53 - 000906546 _____ C:\Users\Richard\Downloads\J-adoreeeeeeeeeeeee.mp4 2018-11-07 07:49 - 2018-11-07 07:49 - 007190466 _____ C:\Users\Richard\Downloads\Servietten plooien .mp4 2018-11-07 07:46 - 2018-11-07 07:46 - 004792832 _____ C:\Users\Richard\Downloads\1-De jaren 50.pps 2018-11-07 07:45 - 2018-11-07 07:45 - 004247925 _____ C:\Users\Richard\Downloads\PASTA.mp4 2018-11-07 07:44 - 2018-11-07 07:44 - 004403400 _____ C:\Users\Richard\Downloads\Het kan nog altijd erger11.mp4 2018-11-07 07:40 - 2018-11-07 07:40 - 008175494 _____ C:\Users\Richard\Downloads\VID-20180806-WA00101.mp4 2018-11-06 09:29 - 2018-11-06 09:29 - 002936239 _____ C:\Users\Richard\Downloads\China-samenslapen met snurker VID-20180830-WA0000(C.Bo).mp4 2018-11-05 10:10 - 2018-11-05 10:10 - 008034132 _____ C:\Users\Richard\Downloads\xvideo170108-5+.mp4 2018-11-03 20:27 - 2018-11-03 20:27 - 000068792 _____ C:\Users\Richard\Downloads\afspraakUZGENT35438502.pdf 2018-11-02 05:34 - 2018-11-02 05:34 - 006889184 _____ (Piriform Ltd) C:\Users\Richard\Downloads\spsetup132.exe 2018-11-02 05:34 - 2018-11-02 05:34 - 000000837 _____ C:\Users\Public\Desktop\Speccy.lnk 2018-11-02 05:34 - 2018-11-02 05:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2018-11-02 05:34 - 2018-11-02 05:34 - 000000000 ____D C:\Program Files\Speccy 2018-10-26 07:00 - 2018-10-26 07:00 - 000043700 _____ C:\Users\Richard\Downloads\706966745685.pdf 2018-10-22 16:20 - 2018-10-22 16:20 - 000105044 _____ C:\Users\Richard\Downloads\5257_1540199140_A.pdf 2018-10-17 08:34 - 2018-10-17 08:34 - 000001573 _____ C:\Users\Richard\Downloads\comptes.ofx 2018-10-17 08:32 - 2018-10-17 08:32 - 000090819 _____ C:\Users\Richard\Downloads\Rekeninguittreksels BEOBANK BE55953145158344 tot 2018-10-07.pdf 2018-10-14 09:41 - 2018-10-14 09:41 - 006041949 _____ C:\Users\Richard\Downloads\video-1538252539.mp4 2018-10-14 09:38 - 2018-10-14 09:38 - 004081705 _____ C:\Users\Richard\Downloads\Camion anti nid de poule.mp4 2018-10-14 09:36 - 2018-10-14 09:36 - 002206591 _____ C:\Users\Richard\Downloads\ballon.mp4 ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-11-09 09:38 - 2016-11-16 21:38 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Mozilla 2018-11-09 09:31 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-11-09 08:38 - 2018-05-19 17:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-11-09 07:52 - 2017-02-23 12:20 - 000002421 _____ C:\Users\Richard\Desktop\AcerEXTEND.lnk 2018-11-09 07:47 - 2018-05-19 18:03 - 000004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{99E9234B-AD5A-4D8E-9AE8-FAAFCC0430C4} 2018-11-08 19:11 - 2017-12-12 19:54 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages 2018-11-08 11:31 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-11-08 11:31 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-11-08 08:46 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-11-06 20:22 - 2018-10-03 08:09 - 000000000 ____D C:\ProgramData\McAfee Security Scan 2018-11-06 15:26 - 2018-05-19 18:03 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-290964387-4162526659-560491130-1001 2018-11-06 15:26 - 2018-05-19 17:47 - 000002415 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-11-06 15:26 - 2015-08-11 09:10 - 000000000 ___RD C:\Users\Richard\OneDrive 2018-11-03 15:18 - 2016-08-21 07:31 - 000001193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2018-11-03 15:18 - 2016-08-21 07:31 - 000001179 _____ C:\Users\Public\Desktop\True Key.lnk 2018-11-03 15:17 - 2016-08-21 07:31 - 000000000 ____D C:\Program Files (x86)\McAfee 2018-11-02 05:35 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2018-11-01 10:16 - 2017-06-21 06:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-11-01 10:16 - 2015-08-15 17:12 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-11-01 10:16 - 2015-08-15 17:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-11-01 08:15 - 2017-06-02 15:51 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-11-01 08:15 - 2017-06-02 15:51 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-10-31 17:34 - 2018-05-19 17:43 - 002053526 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-10-31 17:34 - 2018-04-12 17:01 - 000894272 _____ C:\WINDOWS\system32\perfh013.dat 2018-10-31 17:34 - 2018-04-12 17:01 - 000197964 _____ C:\WINDOWS\system32\perfc013.dat 2018-10-31 17:28 - 2018-05-19 18:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-10-31 17:28 - 2016-08-21 07:22 - 000000000 ____D C:\Program Files\TrueKey 2018-10-31 17:27 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-10-31 17:24 - 2016-12-15 17:43 - 000000000 ____D C:\Program Files\McAfee 2018-10-31 17:24 - 2015-08-17 19:20 - 000000000 ____D C:\ProgramData\McAfee 2018-10-26 09:52 - 2015-08-10 19:39 - 000000000 ____D C:\Users\Richard\AppData\Roaming\vlc 2018-10-25 06:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-10-24 22:32 - 2015-08-10 18:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-10-23 07:03 - 2018-02-25 08:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-10-16 08:06 - 2010-11-21 04:27 - 000559880 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-10-15 21:38 - 2018-07-11 09:45 - 000000000 ____D C:\ProgramData\Packages 2018-10-10 06:28 - 2015-08-10 19:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2018-10-10 06:15 - 2017-12-12 20:13 - 000000000 ___RD C:\Users\Richard\3D Objects 2018-10-10 06:15 - 2015-08-11 09:00 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-10-10 06:14 - 2018-05-19 17:40 - 000429064 _____ C:\WINDOWS\system32\FNTCACHE.DAT ==================== Bestanden in de root van sommige mappen ======= 2016-01-31 10:51 - 2016-01-31 10:51 - 000000298 _____ () C:\Users\Richard\AppData\Local\config.ini 2018-08-02 16:44 - 2018-08-02 16:44 - 000003584 _____ () C:\Users\Richard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-31 10:51 - 2016-01-31 10:51 - 000000000 _____ () C:\Users\Richard\AppData\Local\simedit.log ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-05-19 17:40 ==================== Eind van FRST.txt ============================