Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20.06.2018 Gestart door Gebruiker (Beheerder) op TOSHIBA (16-11-2018 12:21:46) Gestart vanaf C:\Users\Gebruiker\Desktop Geladen Profielen: Gebruiker (Beschikbare Profielen: Gebruiker) Platform: Windows 10 Home Versie 1803 17134.345 (X64) Taal: Nederlands (Nederland) Internet Explorer Versie 11 (Standaardbrowser: Edge) Boot Modus: Normal Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processen (gefilterd) ================= (Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe (McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe (McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe (McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\McCSPServiceHost.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_6\mcapexe.exe (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Register (gefilterd) =========================== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16690424 2016-08-28] (Realtek Semiconductor) HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv.exe [246576 2015-06-23] (TOSHIBA Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3029480 2018-05-09] (Sony Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-4203840771-55088086-1378505996-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-10-01] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe (McAfee, Inc.) GroupPolicy: Restrictie ? <==== AANDACHT ==================== Internet (gefilterd) ==================== (Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{98d21b65-992e-4010-b143-823bb1346cc2}: [DhcpNameServer] 62.238.255.69 212.115.192.100 Tcpip\..\Interfaces\{fe30215c-6136-4637-8ac9-0ad5bcc2a151}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4203840771-55088086-1378505996-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-4203840771-55088086-1378505996-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba15.msn.com/?pc=TBTE HKU\S-1-5-21-4203840771-55088086-1378505996-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_10c SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_bboi_17_28_ssg04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BzzyC0BtBtA0E0DzyyE0CyB0BtAtDyCtN0D0Tzu0StBtDtCzytN1L2XzutAtFtBzytFtAtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0Dzz0AyBtDtDyDtGyEtA0E0FtGtCtC0D0CtGyBtC0F0CtGzztAyByCyEtCyC0F0E0DyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyBzy0A0CyByE0BtG0DzyyC0CtGyEyDyByDtGzztAyByBtG0B0AtB0FyEzytA0Azz0AtBtA2QtN0A0LzuyE%26cr%3D1181667552%26a%3Dwnf_bboi_17_28_ssg04%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_bboi_17_28_ssg04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BzzyC0BtBtA0E0DzyyE0CyB0BtAtDyCtN0D0Tzu0StBtDtCzytN1L2XzutAtFtBzytFtAtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0Dzz0AyBtDtDyDtGyEtA0E0FtGtCtC0D0CtGyBtC0F0CtGzztAyByCyEtCyC0F0E0DyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyBzy0A0CyByE0BtG0DzyyC0CtGyEyDyByDtGzztAyByBtG0B0AtB0FyEzytA0Azz0AtBtA2QtN0A0LzuyE%26cr%3D1181667552%26a%3Dwnf_bboi_17_28_ssg04%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-4203840771-55088086-1378505996-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_bboi_17_28_ssg04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BzzyC0BtBtA0E0DzyyE0CyB0BtAtDyCtN0D0Tzu0StBtDtCzytN1L2XzutAtFtBzytFtAtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0Dzz0AyBtDtDyDtGyEtA0E0FtGtCtC0D0CtGyBtC0F0CtGzztAyByCyEtCyC0F0E0DyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyBzy0A0CyByE0BtG0DzyyC0CtGyEyDyByDtGzztAyByBtG0B0AtB0FyEzytA0Azz0AtBtA2QtN0A0LzuyE%26cr%3D1181667552%26a%3Dwnf_bboi_17_28_ssg04%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-4203840771-55088086-1378505996-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_bboi_17_28_ssg04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BzzyC0BtBtA0E0DzyyE0CyB0BtAtDyCtN0D0Tzu0StBtDtCzytN1L2XzutAtFtBzytFtAtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2StD0Dzz0AyBtDtDyDtGyEtA0E0FtGtCtC0D0CtGyBtC0F0CtGzztAyByCyEtCyC0F0E0DyDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyBzy0A0CyByE0BtG0DzyyC0CtGyEyDyByDtGzztAyByBtG0B0AtB0FyEzytA0Azz0AtBtA2QtN0A0LzuyE%26cr%3D1181667552%26a%3Dwnf_bboi_17_28_ssg04%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} SearchScopes: HKU\S-1-5-21-4203840771-55088086-1378505996-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) BHO: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security) BHO-x32: Geen Naam -> {86a3cdaa-9b25-480e-b73f-c2d359b87966} -> Geen bestand BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.) Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (Intel Security) Toolbar: HKLM-x32 - Geen Naam - {691ca8ec-7205-4aa9-bdd6-15493d16f835} - Geen bestand Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (Intel Security) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-09-27] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-09-27] (McAfee, Inc.) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-10-04] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-10-04] (McAfee, Inc.) FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-10-17] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-10-04] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-10-04] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.protopage.com/interjos CHR StartupUrls: Default -> "hxxp://www.protopage.com/interjos","hxxps://www.youtube.com/watch?v=sXpux_XuOXU&list=PL4LG5UyqUSs9NeHTuhOKjDQNzKjsulp34","hxxps://mail.google.com/mail/u/0/#inbox","hxxps://www.myfreezoo.de/","hxxps://www.youtube.com/watch?v=GqHZNujfHZo&list=PL4LG5UyqUSs82P5vyWtBkouNJc8Rk7wS3","hxxp://www.oon-boersespiel.at/raiffeisen/1160125422843646195-1160306505718178825-NA-1-NA-NA-NA.html","hxxps://www.onlinesoccermanager.nl/PrivacyNotice","hxxp://denken.leukespellen.be/bubbels-2-spelletjes.html" CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default [2018-11-16] CHR Extension: (Presentaties) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16] CHR Extension: (YouTube) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-19] CHR Extension: (Spreadsheets) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-10-16] CHR Extension: (Offline Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (Protopage Start Page) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjgoljmnaepbdpeadpciimeapgjadenc [2018-09-10] CHR Extension: (Cycling the Alps) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh [2016-08-16] CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02] CHR Extension: (Gmail) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-19] CHR Extension: (Chrome Media Router) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17] CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-09-09] CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-09] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx ==================== Services (gefilterd) ==================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc.) R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] () S2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [12171776 2018-04-23] () [Bestand niet getekend] R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-10] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2018-04-17] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-09-27] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_6\McApExe.exe [729320 2018-10-04] (McAfee, Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe [405392 2018-09-27] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.0.127.0\\McCSPServiceHost.exe [2159464 2018-06-29] (McAfee, Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [366968 2018-08-22] (McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [539512 2018-08-22] (McAfee, LLC) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [490360 2018-08-22] (McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1690976 2018-07-27] (McAfee, Inc.) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-11-29] () R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1316024 2018-07-25] (McAfee, Inc.) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [498152 2018-05-09] (Sony Corporation) R2 sedsvc; C:\Program Files\rempl\sedsvc.exe [322712 2018-11-08] (Microsoft Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [287240 2018-03-28] (Synaptics Incorporated) R2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [326960 2015-06-24] (TOSHIBA) R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [355280 2018-10-10] (McAfee, LLC.) R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [355280 2018-10-10] (McAfee, LLC.) R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [193656 2018-10-10] (McAfee, LLC.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-11-29] (Intel® Corporation) ===================== Drivers (gefilterd) ====================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77336 2018-10-03] (McAfee, LLC) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [235784 2018-10-02] (McAfee, Inc.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-10] (Intel Corporation) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-13] (Malwarebytes) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [506384 2018-10-03] (McAfee, LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [367664 2018-10-03] (McAfee, LLC) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85104 2018-10-03] (McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [533520 2018-10-03] (McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [967696 2018-10-03] (McAfee, LLC) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [555824 2018-10-02] (McAfee LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108848 2018-10-02] (McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115728 2018-10-03] (McAfee, LLC) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252952 2018-10-03] (McAfee, LLC) S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [9391896 2015-06-21] (Intel Corporation) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Intel Corporation) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [433912 2016-08-16] (Realsil Semiconductor Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2017-10-24] (SlimWare Utilities, Inc.) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-06-13] (Toshiba Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation) ==================== NetSvcs (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ==================== Een Maand Aangemaakt bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-11-16 12:22 - 2018-11-16 12:22 - 000003511 _____ C:\Users\Gebruiker\Downloads\3142793f-3abd-464d-96bc-e2abaf3e47de.tmp 2018-11-16 12:20 - 2018-11-16 12:20 - 000003511 _____ C:\Users\Gebruiker\Desktop\fixlist.txt 2018-11-16 09:31 - 2018-11-16 09:31 - 000000000 ____D C:\Program Files\rempl 2018-11-15 01:26 - 2018-11-15 01:26 - 000014391 _____ C:\Users\Gebruiker\Downloads\Magalas Adres.odt 2018-11-10 18:40 - 2018-11-16 04:39 - 000003606 _____ C:\WINDOWS\System32\Tasks\McAfee DAT Built in test 2018-11-09 12:59 - 2018-11-09 12:59 - 000018361 _____ C:\Users\Gebruiker\Downloads\Te versturen brief naar ASR brief-opvragen-stukken.odt 2018-11-06 12:35 - 2018-11-06 12:50 - 000016714 _____ C:\Users\Gebruiker\Downloads\J van Kampen.odt 2018-11-06 09:50 - 2018-11-06 09:50 - 000000000 ____D C:\Users\Gebruiker\Downloads\France 2018-11-05 11:14 - 2018-11-05 11:14 - 000037532 _____ C:\Users\Gebruiker\Downloads\A1-Rechnung-20181025 (1).pdf 2018-11-05 11:13 - 2018-11-05 11:13 - 000037532 _____ C:\Users\Gebruiker\Downloads\A1-Rechnung-20181025.pdf 2018-11-05 09:41 - 2018-11-05 09:41 - 000011100 _____ C:\Users\Gebruiker\Downloads\Kündigung.odt 2018-11-02 23:51 - 2018-11-13 10:31 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-11-02 08:17 - 2018-11-12 16:42 - 000000000 ____D C:\Users\Gebruiker\Downloads\Huis Magalas 2018-10-30 23:41 - 2018-10-30 23:41 - 000655395 _____ C:\Users\Gebruiker\Downloads\Magalas 3.pdf 2018-10-30 23:41 - 2018-10-30 23:41 - 000457521 _____ C:\Users\Gebruiker\Downloads\Magalas 2.pdf 2018-10-30 23:41 - 2018-10-30 23:41 - 000429203 _____ C:\Users\Gebruiker\Downloads\Magalas 1.pdf 2018-10-30 23:40 - 2018-10-30 23:40 - 000418579 _____ C:\Users\Gebruiker\Downloads\Magalas.pdf 2018-10-29 20:13 - 2018-09-04 23:36 - 001476904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2018-10-28 06:48 - 2018-10-28 06:48 - 000247072 _____ C:\Users\Gebruiker\Downloads\Kenteken Frankrijk cerfa_13750-05.pdf 2018-10-27 21:21 - 2018-10-28 22:32 - 000019729 _____ C:\Users\Gebruiker\Downloads\Reis Paulhan Maganes Beziers.odt ==================== Een Maand Gewijzigd bestanden en mappen ======== (Als een item is opgenomen in de fixlist, word de map of het bestand verplaatst.) 2018-11-16 12:22 - 2018-07-11 10:01 - 000024751 _____ C:\Users\Gebruiker\Desktop\FRST.txt 2018-11-16 12:21 - 2018-07-11 10:00 - 000000000 ____D C:\FRST 2018-11-16 12:15 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-11-16 07:34 - 2018-05-14 00:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-11-15 22:49 - 2017-10-30 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2018-11-15 20:59 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-11-15 14:27 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2018-11-15 14:27 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-11-14 12:04 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-11-14 12:03 - 2016-07-11 10:24 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-11-14 12:01 - 2016-07-11 10:24 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-11-14 08:32 - 2018-05-14 00:42 - 000004702 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-11-14 08:32 - 2018-05-14 00:42 - 000004532 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2018-11-14 08:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-11-14 08:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-11-13 10:37 - 2018-05-14 00:43 - 001767124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-11-13 10:37 - 2018-04-12 17:01 - 000774914 _____ C:\WINDOWS\system32\perfh013.dat 2018-11-13 10:37 - 2018-04-12 17:01 - 000153504 _____ C:\WINDOWS\system32\perfc013.dat 2018-11-13 10:37 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2018-11-13 10:31 - 2018-05-14 00:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-11-13 10:31 - 2017-08-06 09:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-11-13 10:31 - 2016-07-08 13:35 - 000000000 __SHD C:\Users\Gebruiker\IntelGraphicsProfiles 2018-11-13 00:31 - 2016-07-19 07:12 - 000002332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-11-13 00:31 - 2016-07-19 07:12 - 000002291 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-11-10 10:30 - 2016-08-21 07:18 - 000000000 ____D C:\Users\Gebruiker\Downloads\Foto map 2018-11-06 12:35 - 2016-08-18 08:31 - 000000000 ____D C:\Users\Gebruiker\Documents\Hanjos 2018-11-06 12:11 - 2016-12-09 16:23 - 000000000 ____D C:\Users\Gebruiker\Downloads\Levering en diversen 2018-11-05 08:33 - 2017-05-10 23:41 - 000000000 ____D C:\Program Files (x86)\McAfee 2018-11-04 11:54 - 2017-05-10 23:43 - 000001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2018-11-04 11:54 - 2017-05-10 23:43 - 000001190 _____ C:\Users\Public\Desktop\True Key.lnk 2018-11-02 23:51 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-10-31 08:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-10-30 16:32 - 2018-05-14 00:42 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2018-10-30 08:03 - 2016-01-23 04:27 - 000000000 ____D C:\ProgramData\McAfee 2018-10-30 08:02 - 2017-10-30 10:41 - 000000000 ____D C:\Program Files\McAfee 2018-10-28 19:31 - 2018-09-21 07:35 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-10-24 09:40 - 2018-05-14 00:42 - 000003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon 2018-10-24 09:40 - 2017-05-10 23:41 - 000000000 ____D C:\Program Files\Common Files\McAfee 2018-10-24 09:39 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-10-24 02:21 - 2018-06-05 12:36 - 000000000 ____D C:\WINDOWS\Minidump 2018-10-24 02:17 - 2018-09-21 07:43 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\ElevatedDiagnostics 2018-10-23 15:11 - 2016-08-21 07:17 - 000000000 ____D C:\Users\Gebruiker\Downloads\Kerkdiensten 2018-10-18 09:36 - 2018-10-16 07:05 - 000000000 ____D C:\Users\Gebruiker\Downloads\Camper 2018-10-17 00:38 - 2018-05-14 00:35 - 000000000 ____D C:\Users\Gebruiker ==================== Bamital & volsnap ====================== (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.) C:\WINDOWS\system32\winlogon.exe => Bestand is getekend C:\WINDOWS\system32\wininit.exe => Bestand is getekend C:\WINDOWS\explorer.exe => Bestand is getekend C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend C:\WINDOWS\system32\svchost.exe => Bestand is getekend C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend C:\WINDOWS\system32\services.exe => Bestand is getekend C:\WINDOWS\system32\User32.dll => Bestand is getekend C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend C:\WINDOWS\system32\userinit.exe => Bestand is getekend C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend C:\WINDOWS\system32\rpcss.dll => Bestand is getekend C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend LastRegBack: 2018-05-14 00:33 ==================== Eind van FRST.txt ============================