Kan iemand mij helpen om dit na te kijken aub-

Spyware is software die in het geheim op je computer wordt geplaatst en die persoonlijke gegevens doorstuurt, reclame toont, enz. Stel hier vragen, leer hoe je ervan af kan komen en hoe het te voorkomen.

TWINKY
Lid geworden op: 04 dec 2006, 15:40
Locatie: schoten

30 mei 2017, 18:40

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 28-05-2017
Gestart door Vera (30-05-2017 18:25:12)
Gestart vanaf C:\Users\Vera\Documents
Windows 10 Home Versie 1703 (X64) (2017-05-22 20:42:54)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1719320376-1695447816-3704754131-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1719320376-1695447816-3704754131-503 - Limited - Disabled)
Gast (S-1-5-21-1719320376-1695447816-3704754131-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1719320376-1695447816-3704754131-1009 - Limited - Enabled)
Vera (S-1-5-21-1719320376-1695447816-3704754131-1001 - Administrator - Enabled) => C:\Users\Vera

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Antivirus (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{EA5160BE-7558-2716-01DB-FFE7F316957A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Ares 3.1.9.4045 (HKLM-x32\...\{C9FF844C-02F5-4221-8AD4-0BD823533C6E}_is1) (Version: 3.1.9.4045 - Ares)
AVG (Version: 1.191.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
Belgium e-ID middleware 4.1.20 (build 1779) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71779}) (Version: 4.1.1779 - Belgian Government)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version: - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
CPU Miner (HKLM\...\cpuminer) (Version: 1.1 - Open Source)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.6326 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5723 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DriverDoc (HKLM-x32\...\DriverDoc_is1) (Version: 2.25.1086.16624 - Solvusoft Corporation)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Facebook Gameroom 1.4.1.0 (HKLM-x32\...\{BF83FC65-8072-4850-A4CE-969A5F3570DA}) (Version: 1.4.1.0 - Facebook)
FMW 1 (Version: 1.202.1 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== AANDACHT
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 41.003.55.00.06 - Huawei Technologies Co.,Ltd)
HP 3D DriveGuard (HKLM\...\{8A9B16F0-A84E-4EC5-BDA7-0ACCE79FB043}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{B41C6B3F-F752-46EA-BC46-F26D3AD147B8}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Quick Start (HKLM-x32\...\{BC7CA956-A2A4-4A55-8E6E-50C59B4BDD5C}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.4.14.41 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F283E29B-0B9B-492B-A4BF-5585D996E5AF}) (Version: 12.6.14.19 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.16.112.1 - Intel Security)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kruidvat fotoservice (HKLM-x32\...\Kruidvat fotoservice) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Uw bedrijfsnaam)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.22.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.5.8 - Reimage) <==== AANDACHT
Restore Point Creator version 6.0 (HKLM\...\{CC48DE1C-8EC2-43BC-9201-29701CD9AE13}_is1) (Version: 6.0 - )
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== AANDACHT
SG Miner (HKLM\...\gpuminer) (Version: 5.1 - Open Source)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB)
Stuurprogrammapakket voor Windows - Fedict SmartCard (11/30/2016 4.1.9) (HKLM\...\A9FBB4D4E267FA9BF2CEBF564F02DB39E147B466) (Version: 11/30/2016 4.1.9 - Fedict)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TomTom HOME (HKLM-x32\...\{3C595537-D968-48D5-AAB1-CCB2E90FA59A}) (Version: 2.9.94 - Uw bedrijfsnaam)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TomTom MyDrive Connect 4.1.4.3089 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3089 - TomTom)
Unity Web Player (HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10-upgradeassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {01DFFE6D-75CC-4293-BD81-70856887412F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {0588C18F-24F4-46D9-BE90-55093895EA89} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {05AE9945-6460-4100-A24F-5B19C478343A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {0C4174FB-21C2-4DE4-9429-0860A94FFC28} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {0F9C1F28-2343-4F34-8A82-0DD694740899} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {16CD8370-BE08-4E92-A27E-04264D452E38} - \Advanced System~Protector -> Geen bestand <==== AANDACHT
Task: {1B679A1F-3D14-4588-A1EF-2AE7245C8ED0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {1DEA6340-7BC3-4997-9FAC-E4CFDB168D9C} - \ASP -> Geen bestand <==== AANDACHT
Task: {2B14E30B-EACE-4551-BD52-5BC31257DC7C} - \SuperClick Auto Updater 1.10.0.16 Core -> Geen bestand <==== AANDACHT
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3635C21B-4FD3-42EB-865E-E51452345CF0} - \CSWjSqDMaJKGPpwQiW -> Geen bestand <==== AANDACHT
Task: {3A76F198-B2C2-4543-9151-3061D8B4B800} - System32\Tasks\0116avUpdateInfo => C:\ProgramData\Avg_Update_0116av\0116av_AVG-Secure-Search-Update.exe [2016-01-10] ()
Task: {3A96E45C-94B4-4F00-928E-BD143FE80178} - \RAtlORAVu6r6AUXY0BxL9 -> Geen bestand <==== AANDACHT
Task: {49DD23AB-8498-45E6-91D9-B11FD345F35B} - System32\Tasks\AvgSetup => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [2017-05-25] (AVG Technologies CZ, s.r.o.)
Task: {4A5F24B9-A9F1-4DDE-A113-D0E0D20253B9} - \BYAIAMUF -> Geen bestand <==== AANDACHT
Task: {4C44DDFD-5A32-41D2-9A69-D8A6EC9F420F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {4D4D59D0-346A-43E2-BCF7-269FE5E8FA9A} - System32\Tasks\{5C1F0D12-2783-4991-A232-0CB61D610B7D} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/nl/abandoninstall?page=tsWLM
Task: {5810AD3D-3824-4ED7-9AA1-B7A5CBF0E807} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {5BF9D473-A8D0-4681-8B6D-741F65C40CB3} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Delete old Restore Points) (For User Vera) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2017-02-28] ()
Task: {6082A713-8958-4B67-B1ED-238E447003A2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {617E714F-7459-4CF5-A117-06E2D9D36B52} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {62128F6B-4EF2-45B1-A30F-00351A5C6721} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {62341E6B-900D-4670-A8C9-DEEAAD45FB14} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Custom Restore Point) (For User Vera) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2017-02-28] ()
Task: {65E591B8-4296-4901-83AC-E544B77B37C5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {68F9A67B-27C1-49F0-903C-15E597540E23} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {6B8224D5-2C70-4ABF-965D-4DAA59BD102C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-11] (Google Inc.)
Task: {6D5EE84F-EDE0-4D0A-9A9B-C78476D19D92} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
Task: {71BFD371-5CB9-4645-8636-77357CFA086B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {75B5C766-EF04-4944-82B0-2C70A3D509B4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {76C861DE-FD6D-4702-ACC9-86AB12D55F9E} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {7CF026AD-5EC0-4A48-87AC-39986B1162CD} - System32\Tasks\{8665F138-06AB-4E1A-83E6-7F9A2380EFC3} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
Task: {826F1DBA-D5FF-466A-BA2E-A15C69633BE6} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-05-21] (AVG Technologies CZ, s.r.o.)
Task: {83935B16-BED3-408B-8449-BF2270B39ED8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {877E1C6A-89B5-4274-A060-57FA58C63C9B} - \Only-search -> Geen bestand <==== AANDACHT
Task: {8CE35FB2-415D-4A79-B0ED-BA3A874DC318} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {8E428FEB-18D2-4E8B-BB5E-A2762EFC5634} - \HPGenoobeReminder -> Geen bestand <==== AANDACHT
Task: {946010EF-2225-4B3E-9213-4D9E4136E24A} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe <==== AANDACHT
Task: {950440E8-BE11-43F8-BC0B-6561C18558ED} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Restore Point) (For User Vera) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2017-02-28] ()
Task: {9588F382-3D38-4BA9-81AD-B8FAB009A050} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Keep X Number of Restore Points) (For User Vera) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2017-02-28] ()
Task: {9CC10DB3-87FB-4603-B0D4-B1241B3FF176} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {A3457E72-5DC5-49D5-B290-50E7CA249140} - \Easy Driver Pro Schedule -> Geen bestand <==== AANDACHT
Task: {A37BCAEE-3CC8-4FEB-8381-A62AE5423CA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {A49CA38D-3B5F-4AF7-A8CA-827D7C9E3041} - System32\Tasks\{777C1F85-15AA-4DCB-8574-F72E0D3D4C42} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/nl/go/help.faq.installer?LastError=1603
Task: {A91E5F5C-23E4-4EF1-A3F0-A4BB22D7C745} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {A951B14E-3C2B-4D5F-B682-408CE0C6ECD0} - System32\Tasks\HPCeeScheduleForVera => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {ACF8A210-A3E1-4A34-A5CF-4DB1B4D53C2D} - \Only-search Updater -> Geen bestand <==== AANDACHT
Task: {B0189644-A7CB-4EC9-8A1C-B02024A9F389} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (For User Vera) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2017-02-28] ()
Task: {B175A8CC-6B36-4586-8305-C2DF506DA8C8} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== AANDACHT
Task: {B731D838-7C6E-4690-AE46-8ED1FB17F672} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {BAA43D6E-21CC-4A34-9D1C-53E100972420} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== AANDACHT
Task: {BEDCF7A9-7004-4A67-B715-07A154607F21} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-05-14] (Reimage®) <==== AANDACHT
Task: {CB7A88C6-CDA4-4194-A12B-31ECBAE8E37E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-11] (Google Inc.)
Task: {CE1379FC-643F-42ED-A017-7A88302052B0} - System32\Tasks\{4EFD39A1-84B1-433A-9276-BD34AC9BE5FE} => pcalua.exe -a C:\Users\Vera\AppData\Local\33444335-1435271439-4E31-5934-A0481C1E73CF\Uninstall.exe
Task: {D304E272-1969-4462-9357-1D1AF64EDE29} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {D5E351A4-7D85-4233-9C43-8BBAB6CD62FB} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {DC172916-2D9F-4932-99A6-50B7B0E6CCC1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2013-01-17] (CyberLink)
Task: {DE832088-63CA-42E2-8599-DD3FB0AD400E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {DE8F8570-B3AF-4DE2-854E-FDCE4E6E31FA} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== AANDACHT
Task: {E066348D-300C-4888-A9F0-A9E32DA28377} - \SuperClick Auto Updater 1.10.0.16 Pending Update -> Geen bestand <==== AANDACHT
Task: {E22A97DA-8D38-40CB-95EB-5D6697C24037} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {ECEF4F62-3495-451A-96DC-A3E22DBC15D0} - System32\Tasks\{31E187B8-D18F-4C1D-9A59-D3F9EBF64F7A} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/nl/go/help.faq.installer?LastError=1603
Task: {F1E41F2D-4B6B-4979-A4C0-160ECA20BFEA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {F59F9884-C240-44DB-9035-909E7A9D7C2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {FA3B7DE8-A39E-4D5A-B811-BFA6B6738CB2} - \MyPC Backup Updater -> Geen bestand <==== AANDACHT
Task: {FA678408-6D57-4796-925B-5A5F8510D114} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {FAB6755F-904B-47CA-AE58-432B6CCBD2CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\AvgSetup.job => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
Task: C:\WINDOWS\Tasks\BYAIAMUF.job => C:\Users\Vera\AppData\Roaming\BYAIAMUF.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\CSWjSqDMaJKGPpwQiW.job => C:\Users\Vera\AppData\Roaming\CSWjSqDMaJKGPpwQiW.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\HPCeeScheduleForVera.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\RAtlORAVu6r6AUXY0BxL9.job => C:\Users\Vera\AppData\Roaming\RAtlORAVu6r6AUXY0BxL9.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Pixsta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cijncchffkmlnfdbnkkfclcbnjcoegjc
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d3d53a14ed9e4539\Facebook Lite for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=npmllfhdnjcijofddghkhhknagamimip
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default

==================== Geladen Modules (gefilterd) ==============

2015-07-21 19:08 - 2017-03-31 10:42 - 00981576 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-12-28 14:48 - 2015-05-20 12:40 - 00192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2015-12-28 14:48 - 2015-05-20 12:40 - 00138544 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2015-10-09 13:32 - 2016-11-19 16:56 - 00186760 _____ () C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe
2017-04-18 22:07 - 2017-04-18 22:07 - 00304456 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2017-04-18 22:07 - 2017-04-18 22:07 - 00619848 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 05:56 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-05-27 10:18 - 2017-05-27 10:19 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-27 10:18 - 2017-05-27 10:19 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-27 10:18 - 2017-05-27 10:19 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-27 10:18 - 2017-05-27 10:19 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-19 20:17 - 2017-05-19 20:17 - 00073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll
2017-05-07 20:57 - 2017-04-26 17:05 - 65784544 _____ () C:\Program Files\Intel Security\True Key\Application\libcef.dll
2016-05-25 14:38 - 2016-05-25 14:38 - 00129304 _____ () C:\Program Files\ByteFence\x64\lz4_x64.dll
2017-05-11 09:01 - 2017-05-11 09:01 - 31118328 _____ () C:\WINDOWS\system32\Macromed\Flash\pepflashplayer64_25_0_0_171.dll
2017-03-07 20:18 - 2017-03-07 20:18 - 00582936 _____ () C:\Program Files\ByteFence\rsLggr.exe
2015-08-05 19:29 - 2015-08-05 19:28 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-05-21 09:41 - 2017-05-21 09:41 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-05-21 09:41 - 2017-05-21 09:41 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-05-21 09:41 - 2017-05-21 09:41 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-05-21 09:41 - 2017-05-21 09:41 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-05-21 09:41 - 2017-05-21 09:41 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-05-21 09:41 - 2017-05-21 09:41 - 00685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2017-05-02 18:50 - 2017-05-02 18:50 - 01162752 _____ () C:\Users\Vera\AppData\Local\Facebook\Games\CefSharp.Core.dll
2017-05-02 18:50 - 2017-05-02 18:50 - 67197440 _____ () C:\Users\Vera\AppData\Local\Facebook\Games\libcef.dll
2016-11-28 16:03 - 2016-11-28 16:03 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2015-06-25 12:44 - 2013-08-05 09:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-05-02 18:50 - 2017-05-02 18:50 - 00752640 _____ () C:\Users\Vera\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2017-05-02 18:50 - 2017-05-02 18:50 - 01886208 _____ () C:\Users\Vera\AppData\Local\Facebook\Games\libglesv2.dll
2017-05-02 18:50 - 2017-05-02 18:50 - 00078848 _____ () C:\Users\Vera\AppData\Local\Facebook\Games\libegl.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)

IE trusted site: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\facebook.com -> hxxps://www.facebook.com

==================== Hosts inhoud: ==========================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2013-08-22 15:25 - 2017-05-28 08:56 - 00002024 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Er zijn 4 meer regels.


==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vera\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Bureaubladachtergrond van Photo Gallery.jpg
DNS Servers: 195.130.130.4 - 195.130.131.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\StartupFolder: => "Verzenden naar OneNote.lnk"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "Power2GoExpress8"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "ares"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\StartupApproved\Run: => "AA315297649520DAB623D5163E56B88C63351059._service_run"

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [UDP Query User{B5A856CE-A011-44E8-9026-9FF40F59DDE3}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{CE287BAB-A392-4A53-9CC2-1D0F1E18AAE3}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [{FB58C2B3-1E1D-4CD1-B6A3-E853B8D830AA}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{B086FA37-48B7-4A0C-8619-07459AFFFCC7}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0F52EAA5-64E6-4A7A-8B95-38469D98AC69}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BB50BF30-1F34-4FE8-9C1A-E95C8499F3A4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{7E98482A-ECDD-4D74-9CB1-28DAD3A3BFB7}C:\users\vera\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vera\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{482C4FF3-CFAE-46DE-AAB0-D8479B7EC28C}C:\users\vera\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vera\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C70547ED-F57D-4B3F-88A7-9DBBBA3AE2F5}C:\users\vera\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vera\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{9818F2E8-19CD-4A2C-85FF-A2E6957CF7D5}C:\users\vera\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vera\appdata\roaming\spotify\spotify.exe
FirewallRules: [{85B3D455-687A-42D3-95D8-928551D97B20}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2EE04C1-3212-43D2-A199-46F513AC92BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [UDP Query User{6192D183-F671-4876-88F8-376A4141A105}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{8715D56A-8C3C-4CD6-85DF-BB860E3DC4C8}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{FA9D5F31-E0DF-4BD3-8F2C-F43C9ADD9B24}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{332791A8-2A1A-42B2-BD98-9079D7F9B579}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{FDE95FF2-41A0-48A1-A128-D48DA8C2E3C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{759208DE-B8F4-4053-AB78-70AA173CE9D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Herstelpunten =========================

24-05-2017 19:03:51 Reimage Repair Restore Point

==================== Defecte Apparaatbeheer Apparaten =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (05/30/2017 12:12:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (05/29/2017 08:44:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (05/29/2017 04:11:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: Kruidvat fotoservice.exe, versie: 0.0.0.0, tijdstempel: 0x574698b8
Naam van module met fout: ntdll.dll, versie: 10.0.15063.0, tijdstempel: 0xb79b6ddb
Uitzonderingscode: 0xc0000374
Foutmarge: 0x00000000000f775f
Id van proces met fout: 0x2ccc
Starttijd van toepassing met fout: 0x01d2d87d7c9dbfdc
Pad naar toepassing met fout: C:\Program Files\Fotoservice\Kruidvat fotoservice\Kruidvat fotoservice.exe
Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll
Rapport-id: dfb3945e-5672-4ad8-8b88-af91953b709b
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/29/2017 01:07:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (05/28/2017 07:39:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Het activeren van de app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (05/28/2017 07:39:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: LAPTOP)
Description: App windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel is niet gestart binnen de toegewezen tijd.

Error: (05/28/2017 07:39:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: Facebook Gameroom Browser.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: uitzonderingscode c0000005, uitzonderingsadres 5A9CE236

Error: (05/28/2017 02:06:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (05/28/2017 08:39:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: HPPU.exe, versie: 1.0.0.0, tijdstempel: 0x5092138e
Naam van module met fout: d2d1.dll, versie: 10.0.15063.296, tijdstempel: 0x9f7653da
Uitzonderingscode: 0xc0000005
Foutmarge: 0x002c4bce
Id van proces met fout: 0x25b0
Starttijd van toepassing met fout: 0x01d2d77c7c7bdc34
Pad naar toepassing met fout: C:\Program Files\Hewlett-Packard\HP Utility Center\HPPU.exe
Pad naar module met fout: C:\WINDOWS\SYSTEM32\d2d1.dll
Rapport-id: eff9652f-7888-4dc1-b45b-1814764f724a
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (05/27/2017 03:28:22 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de WmiApRpl-service in DLL-bestand C:\WINDOWS\system32\wbem\wmiaprpl.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.


Systeemfouten:
=============
Error: (05/30/2017 05:55:52 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/30/2017 05:52:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/30/2017 05:52:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/30/2017 04:11:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/30/2017 04:08:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/30/2017 04:08:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (05/30/2017 12:40:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: De server Windows.Media.Capture.Internal.AppCaptureShell heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/30/2017 12:12:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP)
Description: De server Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/30/2017 10:58:41 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (05/30/2017 10:55:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage geheugen in gebruik: 55%
Totaal fysiek RAM-geheugen: 6036.27 MB
Beschikbaar fysiek RAM-geheugen: 2709.57 MB
Totaal Virtueel geheugen: 9334.8 MB
Beschikbaar Virtual geheugen: 5404.91 MB

==================== Schijven ================================

Drive c: (Windows) (Fixed) (Total:442.51 GB) (Free:202.21 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (RECOVERY) (Fixed) (Total:20.83 GB) (Free:2.25 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B8039A80)

Partition: GPT.

==================== Eind van Addition.txt ============================

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

31 mei 2017, 10:48

Hallo,

Zou je in één onderwerp willen blijven dat werkt makkelijker.
Je heb nu Addition.txt netjes geplaatst zou je in dit onderwerp nu ook nog het FRST.txt willen plaatsen (want je eerste onderwerp is verdwenen).
Hierna kan ik je verder helpen.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

TWINKY
Lid geworden op: 04 dec 2006, 15:40
Locatie: schoten

01 jun 2017, 18:57

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 31-05-2017
Gestart door Vera (Beheerder) op LAPTOP (01-06-2017 18:51:01)
Gestart vanaf C:\Users\Vera\Documents\FRST-OlderVersion
Geladen Profielen: Vera (Beschikbare Profielen: Vera & Administrator)
Platform: Windows 10 Home Versie 1703 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files (x86)\Photodex\ProShow Gold\scsiaccess.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Facebook) C:\Users\Vera\AppData\Local\Facebook\Games\FacebookGameroom.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The CefSharp Authors) C:\Users\Vera\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Register (gefilterd) ====================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-09-03] (Realtek Semiconductor)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-23] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-05-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2183752 2017-03-31] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-23] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Run: [BingSvc] => C:\Users\Vera\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-28] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27262432 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [255224 2016-11-29] (TomTom)
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Run: [Spotify Web Helper] => C:\Users\Vera\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1449584 2017-05-28] (Spotify Ltd)
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Run: [Spotify] => C:\Users\Vera\AppData\Roaming\Spotify\Spotify.exe [6997104 2017-05-28] (Spotify Ltd)
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Run: [AA315297649520DAB623D5163E56B88C63351059._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.)
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [886352 2017-04-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\MountPoints2: {23aedb01-a8fe-11e3-be7e-3c77e677f86a} - "F:\iLinker.exe"
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\...\MountPoints2: {e4a688d8-3df6-11e7-bfad-3c77e677f86a} - "F:\HiSuiteDownLoader.exe"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll [2017-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll [2017-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64\FileSyncShell64.dll [2017-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll [2017-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll [2017-05-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Vera\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncShell.dll [2017-05-22] (Microsoft Corporation)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-05-18]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Vera\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)
Startup: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2016-02-29]
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7cee40fe-0539-48d1-a6e3-ba9483f75484}: [DhcpNameServer] 195.130.130.4 195.130.131.4
Tcpip\..\Interfaces\{9c5e3085-7ad8-4d9a-9606-7cd028d7eade}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d9ddf57b-d419-43cc-8434-2e1c3484d045}: [DhcpNameServer] 194.151.228.2 194.151.228.18

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={0F81839F-E90D-4B12-8DF6-D1AE83E4B060}&mid=b3450f7b13e747cd9d3871015afa9a3c-2ea8e6e6e6c3d45a981e7a9c451a703125ba087f&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0317tb&pr=fr&d=2015-07-21 19:08:36&v=4.3.7.452&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://be.bing.com/?setmkt=nl-BE
SearchScopes: HKLM -> {62C37CAD-1432-4F88-B988-4B19CA14B45A} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-29906-12136-18/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {62C37CAD-1432-4F88-B988-4B19CA14B45A} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-29906-12136-18/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> DefaultScope 6e220688-bc63-4337-954f-b1822156b26b URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> 6e220688-bc63-4337-954f-b1822156b26b URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> {4B672EC3-26F2-40CA-B6C7-F400FE499B35} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> {62C37CAD-1432-4F88-B988-4B19CA14B45A} URL =
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0F81839F-E90D-4B12-8DF6-D1AE83E4B060}&mid=b3450f7b13e747cd9d3871015afa9a3c-2ea8e6e6e6c3d45a981e7a9c451a703125ba087f&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0317tb&pr=fr&d=2015-07-21 19:08:36&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> {D5BCD372-11F1-43F8-9583-ACAAF6B1C77F} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> {E59F8BF1-D160-4236-927C-92C69599AFF2} URL = hxxp://www.only-search.com/?babsrc=SP_kms&affI ... Terms}&r=8
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26] (Intel Security)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-03-31] (AVG)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26] (Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-21] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll [2017-03-31] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-21] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26] (Intel Security)
Toolbar: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand
Toolbar: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26] (Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 45uyz4c5.default
FF ProfilePath: C:\Users\Vera\AppData\Roaming\TomTom\HOME\Profiles\s29o7aky.default [2017-01-08]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-12-21] [ niet getekend]
FF ProfilePath: C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\45uyz4c5.default [2017-06-01]
FF Extension: (uBlock Origin) - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\45uyz4c5.default\Extensions\uBlock0@raymondhill.net.xpi [2016-05-27]
FF Extension: (Open With Google Chrome) - C:\Users\Vera\AppData\Roaming\Mozilla\Firefox\Profiles\45uyz4c5.default\Extensions\{3cc6c6ba-654c-417e-a8af-6997ac388ae1}.xpi [2016-05-27]
FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2017-05-09]
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.7\\npsitesafety.dll [Geen bestand]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-05] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-05] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-11-19] ( )
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1719320376-1695447816-3704754131-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Vera\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.be/webhp?ie=UTF-8&rct=j&quot;,&quot;hx ... FBE5&SSPV="
CHR NewTab: Default -> Active:"chrome-extension://opmfkfoinceebmogdlldnmbimhpgakfd/stubby.html", Active:"chrome-extension://moghnflhlcpjkjkpnpgebffcjbmifljk/stubby.html", Active:"chrome-extension://mkpljjicpkgojelabplnenpddcdmjjbe/stubby.html", Active:"chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/stubby.html", Not-active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/stubby.html", Not-active:"chrome-extension://pklkcimcengjbfaigjacidphbendnjga/stubby.html", Not-active:"chrome-extension://lgibdpkffiioagaeobphmnpjicjceaok/stubby.html", Not-active:"chrome-extension://ijnophnbfnanaalpegopfncpgiilggoc/stubby.html", Active:"chrome-extension://mabloidgodmbnmnhoenmhlcjkfelomgp/stubby.html", Not-active:"chrome-extension://hpmnhioacgdjjdfgkkpbkplbfdikcbom/stubby.html", Not-active:"chrome-extension://kgdipifddaiedehdphnflapcinbndgmb/stubby.html", Not-active:"chrome-extension://lifbogajbbkiecdlkbpafpodhdlgacaf/stubby.html", Not-active:"chrome-extension://ijjnmdphpnlnelhbhefnfmimenjgbfcn/stubby.html", Not-active:"chrome-extension://lbapdklahcjljfincdglncfpdgfhckcf/stubby.html", Not-active:"chrome-extension://ceopoaldcnmhechacafgagdkklcogkgd/stubby.html", Not-active:"chrome-extension://npmoikddpdgbhgbkjgjemncoegpojpng/stubby.html", Not-active:"chrome-extension://nffddjoibhjhmidfeflefakdkbhbnhpg/stubby.html", Not-active:"chrome-extension://iocnhkokennibojphbjahdahgplliebk/stubby.html", Not-active:"chrome-extension://llfiafkffigghkooapnbkjgdhnelhbie/stubby.html"
CHR Session Restore: Default -> is ingeschakeld.
CHR Profile: C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default [2017-06-01]
CHR Extension: (Google Presentaties) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-21]
CHR Extension: (Bejeweled) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2015-10-21]
CHR Extension: (Video Downloader) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aobeeghhhohhefmlmbpmkcdndgebpfkf [2016-12-06]
CHR Extension: (Google Documenten) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-21]
CHR Extension: (Google Drive) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Spider Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcopgabdbdohekgeabpbfhledmdahkpe [2015-10-21]
CHR Extension: (TV) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-10-21]
CHR Extension: (Loupe Collage) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeomecgipkc [2015-10-21]
CHR Extension: (Instagram Print) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlbekkdgeckejohldomaobfdcaadjom [2015-10-21]
CHR Extension: (eID Chrome Extension) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2017-01-09]
CHR Extension: (Hidden Objects - House 1) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdeppfcebbaecjpbgjejpdmejgndopo [2015-10-21]
CHR Extension: (Tab Resize - split screen layouts) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkpenclhmiealbebdopglffmfdiilejc [2017-03-03]
CHR Extension: (YouTube) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim [2016-12-15]
CHR Extension: (Mahjong Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\boikbbpnipgdpgickknbdbciblnppoda [2015-10-27]
CHR Extension: (Dominoes) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\bomhoanbpkeifgklbpebekfgblgficjn [2017-02-26]
CHR Extension: (Freecell Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabpjbpfakfhcfidnjahmdophhihafkh [2015-10-21]
CHR Extension: (Muziek Songs Player) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdenlcnfdjepagejpfajlkicggieknab [2015-10-21]
CHR Extension: (OnlineMapFinder) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceopoaldcnmhechacafgagdkklcogkgd [2017-05-16]
CHR Extension: (Pixsta) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cijncchffkmlnfdbnkkfclcbnjcoegjc [2017-04-18]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-10-21]
CHR Extension: (Christmas Mahjong) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coconnhpdpfcoglmhjniaoipnmklkmhf [2017-04-18]
CHR Extension: (Google Search) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Photoshop 4U) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\damhoidgnfbiidoiajljbdpgnojmemlf [2015-10-21]
CHR Extension: (Instagram Zoeken) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbphedbdkhieekdgfancmpecnppeinod [2015-10-21]
CHR Extension: (PiXditor - Foto effecten ) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddfflkeppghppjmfikeachhdbmpjiacj [2016-05-27]
CHR Extension: (Google+) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-12-09]
CHR Extension: (Dropbox voor Gmail) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-02-24]
CHR Extension: (Bubble Shooter Rotatie) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclfcmjimeibidjckfnkpgbgijchepff [2017-04-18]
CHR Extension: (trivago) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\edblomofeadhmkjoelbimgjmhaobnflo [2015-10-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Gmail Offline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-10-21]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2016-09-15]
CHR Extension: (Mahjong Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\eogmadihniohlnmipdhchaoagjhfnohc [2017-03-24]
CHR Extension: (Bing) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-09-15]
CHR Extension: (Google Spreadsheets) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-21]
CHR Extension: (Reloadie) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-10-21]
CHR Extension: (Word Online) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2015-10-21]
CHR Extension: (Ask Web Search) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gddiehhlphkfabhcldibfbfdhidihcgo [2017-05-27]
CHR Extension: (Offline Documenten) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2015-10-21]
CHR Extension: (Pinterest-bewaarknop) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-21]
CHR Extension: (Google Photos) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcglmfcclpfgljeaiahehebeoaiicbko [2016-10-08]
CHR Extension: (TabJump - Intelligent Tab Navigator) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokofmgcicpnjchllaccgedmmmbbnbmf [2016-03-06]
CHR Extension: (PDFConverterHQ) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpmnhioacgdjjdfgkkpbkplbfdikcbom [2017-05-24]
CHR Extension: (Cool Klok) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce [2016-10-25]
CHR Extension: (Google Play Music) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-08]
CHR Extension: (Simple Slideshow) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifjnjbjmhoicgefokkkeclokbphfaeki [2015-10-21]
CHR Extension: (MapsGalaxy) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijjnmdphpnlnelhbhefnfmimenjgbfcn [2017-05-19]
CHR Extension: (Kapaza.be) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijmlcekpfnipcbdknmokfpogbehgcgkn [2015-10-21]
CHR Extension: (TestForSpeed) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijnophnbfnanaalpegopfncpgiilggoc [2016-12-31]
CHR Extension: (MyFormsFinder) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\iocnhkokennibojphbjahdahgplliebk [2016-09-29]
CHR Extension: (Dropbox) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-10-21]
CHR Extension: (Cat) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcoekopocpncikclhpigpkoaadoeejmj [2017-04-13]
CHR Extension: (Duplicate Tab) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac [2015-10-21]
CHR Extension: (Gratis Muziekspeler) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggfhibpenjlkehfankiicgkjngedjml [2015-10-21]
CHR Extension: (HP Network Check Launcher) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2017-01-26]
CHR Extension: (Avalon Spider Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkgfnfnagdnjicmonpfhhdnkdjgjdamo [2015-10-21]
CHR Extension: (Save to Facebook) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2016-12-18]
CHR Extension: (CIM Netpanel) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbidbgoheiddfilfipcobicemncfogno [2017-05-18]
CHR Extension: (FindMeFreebies) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdipifddaiedehdphnflapcinbndgmb [2017-05-12]
CHR Extension: (Movi Kanti Revo) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdkcgeghhfjiglphfppinecpcpnnbne [2017-04-18]
CHR Extension: (The Great Suspender) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-03-05]
CHR Extension: (Google Play) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-10-21]
CHR Extension: (EasyPDFCombine) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2017-05-16]
CHR Extension: (MyScrapNook) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbapdklahcjljfincdglncfpdgfhckcf [2017-05-16]
CHR Extension: (PDFConverterHQ) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgibdpkffiioagaeobphmnpjicjceaok [2017-05-23]
CHR Extension: (Office Applicaties, Tools) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgihphdkmadmphphiokjaoehgpgaiikn [2015-10-21]
CHR Extension: (Skype) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-08]
CHR Extension: (FlightSearch) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbogajbbkiecdlkbpafpodhdlgacaf [2016-11-29]
CHR Extension: (Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2017-04-18]
CHR Extension: (MyImageConverter) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\llfiafkffigghkooapnbkjgdhnelhbie [2017-05-19]
CHR Extension: (Google Maps) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-10-21]
CHR Extension: (EasyDocMerge) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mabloidgodmbnmnhoenmhlcjkfelomgp [2017-05-12]
CHR Extension: (FromDocToPDF) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2017-05-16]
CHR Extension: (Fast Facebook Photos Viewer) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdhjlogffonmdilphcgcgjdicmmahbgd [2015-10-21]
CHR Extension: (Facebook Cover Maker) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfbpohdhflnokmclkbieabhmhbnamcnk [2015-10-21]
CHR Extension: (Google Mail Checker) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-10-21]
CHR Extension: (Pocket) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-10-21]
CHR Extension: (PDFConverterHQ) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkpljjicpkgojelabplnenpddcdmjjbe [2017-05-25]
CHR Extension: (Google Play Books) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2016-04-21]
CHR Extension: (CreateDocsOnline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\moghnflhlcpjkjkpnpgebffcjbmifljk [2017-05-27]
CHR Extension: (Ask Search) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-10-21]
CHR Extension: (iLivid) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-10-21]
CHR Extension: (True Key™ by Intel Security) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbeldjopgciegccabfohnefghfpinncn [2017-05-31]
CHR Extension: (Google Hangouts) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-05-04]
CHR Extension: (Leuke Puppy van de Dag) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenoggmhpdbhlankidnhgmmpbhgdnnai [2017-04-18]
CHR Extension: (Mahjong Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc [2017-04-18]
CHR Extension: (EasyPhotoEdit) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffddjoibhjhmidfeflefakdkbhbnhpg [2017-05-19]
CHR Extension: (Pixiz) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcdijdlpiialofihefoenahjeajamj [2017-04-07]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Facebook Lite for Chrome) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmllfhdnjcijofddghkhhknagamimip [2015-10-21]
CHR Extension: (MyTransitGuide) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmoikddpdgbhgbkjgjemncoegpojpng [2017-05-16]
CHR Extension: (Image Search) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknppepkcnoinenphkbndjnpcfnpjbfl [2016-10-09]
CHR Extension: (Picasa) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-10-21]
CHR Extension: (ConvertDocsOnline) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmfkfoinceebmogdlldnmbimhpgakfd [2017-05-29]
CHR Extension: (Spider Solitaire) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\opmmifamlflphgpapoddpfghobgnagek [2015-10-21]
CHR Extension: (Search People) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-10-21]
CHR Extension: (Outlook.com) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2015-10-21]
CHR Extension: (Facebook Covers) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinjeagflheledfiihhbilplepebhhcn [2016-02-12]
CHR Extension: (Muziekspeler) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjccodhpniphbinlkkfjpffplmognkce [2016-05-21]
CHR Extension: (Gmail) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21]
CHR Extension: (Chrome Media Router) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-12]
CHR Extension: (MyTelevisionHQ) - C:\Users\Vera\AppData\Local\Google\Chrome\User Data\Default\Extensions\pklkcimcengjbfaigjacidphbendnjga [2017-02-23]
CHR HKU\S-1-5-21-1719320376-1695447816-3704754131-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-05-21] (AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [311624 2017-05-21] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-05-21] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-23] (AVG Technologies CZ, s.r.o.)
S2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [147936 2017-04-03] (Byte Technologies LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138544 2015-05-20] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2015-05-20] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-06-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Bestand niet getekend]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2015-08-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2015-08-05] (Intel Corporation)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8515952 2017-05-14] (Reimage®)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-09-03] (Realtek Semiconductor)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [304456 2017-04-18] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe [186760 2016-11-19] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736 2017-04-18] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16160 2017-04-18] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86776 2017-04-18] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-03-31] ()

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [100128 2015-08-01] (Advanced Micro Devices, Inc.)
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166624 2017-05-21] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [314128 2017-05-21] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192584 2017-05-21] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336896 2017-05-21] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [51336 2017-05-21] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39424 2017-05-21] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [129776 2017-05-21] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\WINDOWS\system32\drivers\avgNetSec.sys [509056 2017-05-21] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102280 2017-05-21] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76832 2017-05-21] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1008288 2017-05-21] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [570320 2017-05-21] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [160008 2017-05-21] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [340824 2017-05-21] (AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 cxbu0x64; C:\WINDOWS\system32\DRIVERS\cxbu0x64.sys [157848 2015-10-12] (HID Global Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2016-02-26] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2015-08-05] (Intel Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-03-18] (MediaTek Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2016-03-14] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 RTSPER; C:\WINDOWS\System32\DRIVERS\RtsPer.sys [448072 2013-02-02] (RTS Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-05-03] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [31656 2016-04-14] (HP)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-05-31 21:17 - 2017-06-01 18:51 - 00000000 ____D C:\Users\Vera\Documents\FRST-OlderVersion
2017-05-31 09:59 - 2017-05-31 21:54 - 00002298 _____ C:\Users\Vera\Desktop\FarmVille 2.lnk
2017-05-30 18:25 - 2017-05-31 14:31 - 00049849 _____ C:\Users\Vera\Documents\Addition.txt
2017-05-30 18:23 - 2017-06-01 18:51 - 00000000 ____D C:\FRST
2017-05-30 18:23 - 2017-05-31 14:31 - 00110526 _____ C:\Users\Vera\Documents\FRST.txt
2017-05-30 18:22 - 2017-05-31 21:17 - 02431488 _____ (Farbar) C:\Users\Vera\Documents\FRST64.exe
2017-05-30 18:01 - 2017-05-30 18:01 - 00000000 ___HD C:\$SysReset
2017-05-29 16:16 - 2017-05-29 16:16 - 00454834 _____ C:\Users\Vera\Downloads\invoice-20170529 (1).pdf
2017-05-29 16:15 - 2017-05-29 16:15 - 00454834 _____ C:\Users\Vera\Downloads\invoice-20170529.pdf
2017-05-29 15:14 - 2017-05-29 16:10 - 00000000 ____D C:\ProgramData\tmp
2017-05-29 15:14 - 2017-05-29 15:14 - 00001120 _____ C:\Users\Public\Desktop\Kruidvat fotoservice.lnk
2017-05-29 15:14 - 2017-05-29 15:14 - 00001115 _____ C:\Users\Public\Desktop\Kruidvat Fotoimport.lnk
2017-05-29 15:14 - 2017-05-29 15:14 - 00001105 _____ C:\Users\Public\Desktop\Kruidvat Fotoshow.lnk
2017-05-29 15:14 - 2017-05-29 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kruidvat fotoservice
2017-05-29 15:14 - 2017-05-29 15:14 - 00000000 ____D C:\ProgramData\hps
2017-05-29 15:08 - 2017-05-29 15:08 - 00000000 ____D C:\Program Files\Fotoservice
2017-05-29 15:07 - 2017-05-29 15:07 - 01558736 _____ C:\Users\Vera\Documents\setup_Kruidvat_fotoservice.exe
2017-05-29 09:42 - 2017-05-29 09:42 - 08090909 _____ C:\Users\Vera\Documents\PicMix_570.apk
2017-05-27 14:57 - 2017-05-27 14:58 - 09551280 _____ (Piriform Ltd) C:\Users\Vera\Downloads\ccsetup530 (2).exe
2017-05-26 20:13 - 2017-05-31 09:40 - 00000342 _____ C:\WINDOWS\Tasks\HPCeeScheduleForVera.job
2017-05-26 20:13 - 2017-05-30 20:13 - 00003230 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForVera
2017-05-25 20:45 - 2017-05-25 20:45 - 00000571 _____ C:\Users\Vera\Downloads\DeviceDiagnostic.diagcab
2017-05-25 20:40 - 2017-05-25 20:40 - 09551280 _____ (Piriform Ltd) C:\Users\Vera\Downloads\veraenludo@gmail.com
2017-05-24 22:14 - 2017-05-24 22:14 - 01130328 _____ (Google Inc.) C:\Users\Vera\Documents\ChromeSetup.exe
2017-05-24 21:43 - 2017-05-24 21:43 - 00000384 _____ C:\Users\Vera\Documents\booking.ics
2017-05-24 13:29 - 2017-05-24 13:29 - 00000000 ____D C:\Users\Vera\AppData\Local\DBG
2017-05-23 15:06 - 2017-05-23 15:06 - 00000000 ____D C:\Users\Vera\AppData\Local\Deployment
2017-05-22 22:48 - 2017-05-22 22:48 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-22 22:43 - 2017-05-22 22:43 - 00000020 ___SH C:\Users\Vera\ntuser.ini
2017-05-22 22:08 - 2017-05-25 20:08 - 00000000 ____D C:\Windows.old
2017-05-22 22:07 - 2017-05-22 22:07 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-22 22:07 - 2017-05-22 22:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-22 22:07 - 2017-05-22 22:07 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-22 22:07 - 2017-05-22 22:07 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-22 22:07 - 2017-05-22 22:07 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-22 22:07 - 2017-05-22 22:07 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-22 22:07 - 2017-05-22 22:07 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-22 22:07 - 2017-05-22 22:07 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-22 22:07 - 2017-05-22 22:07 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-22 22:07 - 2017-05-22 22:07 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-22 22:07 - 2

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

01 jun 2017, 19:27

Hallo,

We gaan het in stappen doen:
1. AANDACHT: Systeemherstel is uitgeschakeld, Systeemherstel staat standaard uit in Windows 10 zet die aan: Handleiding <==klik hierop.
2. Gestart vanaf C:\Users\Vera\Documents<== sleep FRST vanuit deze dik gedrukte map naar je bureaublad.

Vertel of deze twee stappen zijn gelukt, hierna gaan we verder.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

TWINKY
Lid geworden op: 04 dec 2006, 15:40
Locatie: schoten

01 jun 2017, 20:43

i denk dat het gelukt is

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

01 jun 2017, 21:02

Hallo,

De volgende stappen (lukt stap 1. niet ga door met stap 2.:

1. Ga links onder naar Vergrootglas > Type daar Configuratiescherm > (Programma's en Onderdelen) en verwijder daar het onderstaand.
  • globalupdate Helper
    Reimage Repair
    Setup

2. Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

Klik Windows knop plus R tegelijk in. Afbeelding
"Uitvoeren" opent vul daar Notepad in en klik daarna op "OK", Kladblok opent.
Kopieer onderstaande dik gedrukte code en plak dat in "Kladblok"


start
CreateRestorePoint:
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
Toolbar: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand
CHR StartupUrls: Default -> "hxxps://www.google.be/webhp?ie=UTF-8&rct=j&quot;,&quot;hx ... FBE5&SSPV="
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8515952 2017-05-14] (Reimage®)
C:\Program Files\Reimage
Task: {01DFFE6D-75CC-4293-BD81-70856887412F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {0588C18F-24F4-46D9-BE90-55093895EA89} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {16CD8370-BE08-4E92-A27E-04264D452E38} - \Advanced System~Protector -> Geen bestand <==== AANDACHT
Task: {1DEA6340-7BC3-4997-9FAC-E4CFDB168D9C} - \ASP -> Geen bestand <==== AANDACHT
Task: {2B14E30B-EACE-4551-BD52-5BC31257DC7C} - \SuperClick Auto Updater 1.10.0.16 Core -> Geen bestand <==== AANDACHT
Task: {3635C21B-4FD3-42EB-865E-E51452345CF0} - \CSWjSqDMaJKGPpwQiW -> Geen bestand <==== AANDACHT
Task: {3A96E45C-94B4-4F00-928E-BD143FE80178} - \RAtlORAVu6r6AUXY0BxL9 -> Geen bestand <==== AANDACHT
Task: {4A5F24B9-A9F1-4DDE-A113-D0E0D20253B9} - \BYAIAMUF -> Geen bestand <==== AANDACHT
Task: {65E591B8-4296-4901-83AC-E544B77B37C5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {68F9A67B-27C1-49F0-903C-15E597540E23} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {6D5EE84F-EDE0-4D0A-9A9B-C78476D19D92} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
Task: {7CF026AD-5EC0-4A48-87AC-39986B1162CD} - System32\Tasks\{8665F138-06AB-4E1A-83E6-7F9A2380EFC3} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
Task: {877E1C6A-89B5-4274-A060-57FA58C63C9B} - \Only-search -> Geen bestand <==== AANDACHT
Task: {8E428FEB-18D2-4E8B-BB5E-A2762EFC5634} - \HPGenoobeReminder -> Geen bestand <==== AANDACHT
Task: {9CC10DB3-87FB-4603-B0D4-B1241B3FF176} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {A3457E72-5DC5-49D5-B290-50E7CA249140} - \Easy Driver Pro Schedule -> Geen bestand <==== AANDACHT
Task: {A37BCAEE-3CC8-4FEB-8381-A62AE5423CA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {A91E5F5C-23E4-4EF1-A3F0-A4BB22D7C745} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {ACF8A210-A3E1-4A34-A5CF-4DB1B4D53C2D} - \Only-search Updater -> Geen bestand <==== AANDACHT
Task: {B175A8CC-6B36-4586-8305-C2DF506DA8C8} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== AANDACHT
Task: {BAA43D6E-21CC-4A34-9D1C-53E100972420} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== AANDACHT
Task: {BEDCF7A9-7004-4A67-B715-07A154607F21} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-05-14] (Reimage®) <==== AANDACHT
Task: {D304E272-1969-4462-9357-1D1AF64EDE29} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {DE8F8570-B3AF-4DE2-854E-FDCE4E6E31FA} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== AANDACHT
Task: {E066348D-300C-4888-A9F0-A9E32DA28377} - \SuperClick Auto Updater 1.10.0.16 Pending Update -> Geen bestand <==== AANDACHT
Task: {E22A97DA-8D38-40CB-95EB-5D6697C24037} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {FA3B7DE8-A39E-4D5A-B811-BFA6B6738CB2} - \MyPC Backup Updater -> Geen bestand <==== AANDACHT
Task: {FAB6755F-904B-47CA-AE58-432B6CCBD2CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: C:\WINDOWS\Tasks\BYAIAMUF.job => C:\Users\Vera\AppData\Roaming\BYAIAMUF.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\CSWjSqDMaJKGPpwQiW.job => C:\Users\Vera\AppData\Roaming\CSWjSqDMaJKGPpwQiW.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\RAtlORAVu6r6AUXY0BxL9.job => C:\Users\Vera\AppData\Roaming\RAtlORAVu6r6AUXY0BxL9.exe <==== AANDACHT
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Pixsta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cijncchffkmlnfdbnkkfclcbnjcoegjc
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d3d53a14ed9e4539\Facebook Lite for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=npmllfhdnjcijofddghkhhknagamimip
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
Hosts:
EmptyTemp:
end

Ga naar Bestand - Opslaan als.
Kies als locatie bureaublad.
Bij "Bestandsnaam" zet je:fixlist.txt.
Bij "Opslaan als type" selecteer je: Alle bestanden.

Als het goed is staat er nu een text bestand op je bureaublad?

Start de Farbar Recovery Scan Tool.
Als het programma is geopend klik Yes (Ja) bij de disclaimer. (indien nodig)
Druk op de Fix knop.
Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Kopieer en plak de inhoud van de logbestanden in je het volgende bericht.(als de inhoud te groot is voor één bericht plaats het in meerdere berichten)
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

01 jun 2017, 21:50

Hallo,

Nu heb je hier logjes geplaatst: http://www.seniorennet.be/forum/viewtopic.php?t=197112

Je moet de stappen van hierboven doen.
Lees alles rustig door aub.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

TWINKY
Lid geworden op: 04 dec 2006, 15:40
Locatie: schoten

01 jun 2017, 21:53

isstart
CreateRestorePoint:
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
Toolbar: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand
CHR StartupUrls: Default -> "hxxps://www.google.be/webhp?ie=UTF-8&rct=j&quot;,&quot;hx ... FBE5&SSPV="
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8515952 2017-05-14] (Reimage®)
C:\Program Files\Reimage
Task: {01DFFE6D-75CC-4293-BD81-70856887412F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {0588C18F-24F4-46D9-BE90-55093895EA89} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {16CD8370-BE08-4E92-A27E-04264D452E38} - \Advanced System~Protector -> Geen bestand <==== AANDACHT
Task: {1DEA6340-7BC3-4997-9FAC-E4CFDB168D9C} - \ASP -> Geen bestand <==== AANDACHT
Task: {2B14E30B-EACE-4551-BD52-5BC31257DC7C} - \SuperClick Auto Updater 1.10.0.16 Core -> Geen bestand <==== AANDACHT
Task: {3635C21B-4FD3-42EB-865E-E51452345CF0} - \CSWjSqDMaJKGPpwQiW -> Geen bestand <==== AANDACHT
Task: {3A96E45C-94B4-4F00-928E-BD143FE80178} - \RAtlORAVu6r6AUXY0BxL9 -> Geen bestand <==== AANDACHT
Task: {4A5F24B9-A9F1-4DDE-A113-D0E0D20253B9} - \BYAIAMUF -> Geen bestand <==== AANDACHT
Task: {65E591B8-4296-4901-83AC-E544B77B37C5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {68F9A67B-27C1-49F0-903C-15E597540E23} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {6D5EE84F-EDE0-4D0A-9A9B-C78476D19D92} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
Task: {7CF026AD-5EC0-4A48-87AC-39986B1162CD} - System32\Tasks\{8665F138-06AB-4E1A-83E6-7F9A2380EFC3} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
Task: {877E1C6A-89B5-4274-A060-57FA58C63C9B} - \Only-search -> Geen bestand <==== AANDACHT
Task: {8E428FEB-18D2-4E8B-BB5E-A2762EFC5634} - \HPGenoobeReminder -> Geen bestand <==== AANDACHT
Task: {9CC10DB3-87FB-4603-B0D4-B1241B3FF176} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {A3457E72-5DC5-49D5-B290-50E7CA249140} - \Easy Driver Pro Schedule -> Geen bestand <==== AANDACHT
Task: {A37BCAEE-3CC8-4FEB-8381-A62AE5423CA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {A91E5F5C-23E4-4EF1-A3F0-A4BB22D7C745} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {ACF8A210-A3E1-4A34-A5CF-4DB1B4D53C2D} - \Only-search Updater -> Geen bestand <==== AANDACHT
Task: {B175A8CC-6B36-4586-8305-C2DF506DA8C8} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== AANDACHT
Task: {BAA43D6E-21CC-4A34-9D1C-53E100972420} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== AANDACHT
Task: {BEDCF7A9-7004-4A67-B715-07A154607F21} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-05-14] (Reimage®) <==== AANDACHT
Task: {D304E272-1969-4462-9357-1D1AF64EDE29} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {DE8F8570-B3AF-4DE2-854E-FDCE4E6E31FA} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== AANDACHT
Task: {E066348D-300C-4888-A9F0-A9E32DA28377} - \SuperClick Auto Updater 1.10.0.16 Pending Update -> Geen bestand <==== AANDACHT
Task: {E22A97DA-8D38-40CB-95EB-5D6697C24037} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {FA3B7DE8-A39E-4D5A-B811-BFA6B6738CB2} - \MyPC Backup Updater -> Geen bestand <==== AANDACHT
Task: {FAB6755F-904B-47CA-AE58-432B6CCBD2CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: C:\WINDOWS\Tasks\BYAIAMUF.job => C:\Users\Vera\AppData\Roaming\BYAIAMUF.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\CSWjSqDMaJKGPpwQiW.job => C:\Users\Vera\AppData\Roaming\CSWjSqDMaJKGPpwQiW.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\RAtlORAVu6r6AUXY0BxL9.job => C:\Users\Vera\AppData\Roaming\RAtlORAVu6r6AUXY0BxL9.exe <==== AANDACHT
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Pixsta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cijncchffkmlnfdbnkkfclcbnjcoegjc
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d3d53a14ed9e4539\Facebook Lite for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=npmllfhdnjcijofddghkhhknagamimip
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
Hosts:
EmptyTemp:
en is dit juist?

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

01 jun 2017, 22:06

Hallo,

Je moet een log bestand maken, het staat precies beschreven hoe.
We doen nu eerst een log bestand maken als dat is gelukt gaan we verder.



Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

Klik Windows knop plus R tegelijk in. Afbeelding
"Uitvoeren" opent vul daar Notepad in en klik daarna op "OK", Kladblok opent.
Kopieer onderstaande dik gedrukte code en plak dat in "Kladblok"


start
CreateRestorePoint:
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
Toolbar: HKU\S-1-5-21-1719320376-1695447816-3704754131-1001 -> Geen Naam - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Geen bestand
CHR StartupUrls: Default -> "hxxps://www.google.be/webhp?ie=UTF-8&rct=j&quot;,&quot;hx ... FBE5&SSPV="
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8515952 2017-05-14] (Reimage®)
C:\Program Files\Reimage
Task: {01DFFE6D-75CC-4293-BD81-70856887412F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {0588C18F-24F4-46D9-BE90-55093895EA89} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {16CD8370-BE08-4E92-A27E-04264D452E38} - \Advanced System~Protector -> Geen bestand <==== AANDACHT
Task: {1DEA6340-7BC3-4997-9FAC-E4CFDB168D9C} - \ASP -> Geen bestand <==== AANDACHT
Task: {2B14E30B-EACE-4551-BD52-5BC31257DC7C} - \SuperClick Auto Updater 1.10.0.16 Core -> Geen bestand <==== AANDACHT
Task: {3635C21B-4FD3-42EB-865E-E51452345CF0} - \CSWjSqDMaJKGPpwQiW -> Geen bestand <==== AANDACHT
Task: {3A96E45C-94B4-4F00-928E-BD143FE80178} - \RAtlORAVu6r6AUXY0BxL9 -> Geen bestand <==== AANDACHT
Task: {4A5F24B9-A9F1-4DDE-A113-D0E0D20253B9} - \BYAIAMUF -> Geen bestand <==== AANDACHT
Task: {65E591B8-4296-4901-83AC-E544B77B37C5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {68F9A67B-27C1-49F0-903C-15E597540E23} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {6D5EE84F-EDE0-4D0A-9A9B-C78476D19D92} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
Task: {7CF026AD-5EC0-4A48-87AC-39986B1162CD} - System32\Tasks\{8665F138-06AB-4E1A-83E6-7F9A2380EFC3} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
Task: {877E1C6A-89B5-4274-A060-57FA58C63C9B} - \Only-search -> Geen bestand <==== AANDACHT
Task: {8E428FEB-18D2-4E8B-BB5E-A2762EFC5634} - \HPGenoobeReminder -> Geen bestand <==== AANDACHT
Task: {9CC10DB3-87FB-4603-B0D4-B1241B3FF176} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {A3457E72-5DC5-49D5-B290-50E7CA249140} - \Easy Driver Pro Schedule -> Geen bestand <==== AANDACHT
Task: {A37BCAEE-3CC8-4FEB-8381-A62AE5423CA9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {A91E5F5C-23E4-4EF1-A3F0-A4BB22D7C745} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {ACF8A210-A3E1-4A34-A5CF-4DB1B4D53C2D} - \Only-search Updater -> Geen bestand <==== AANDACHT
Task: {B175A8CC-6B36-4586-8305-C2DF506DA8C8} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== AANDACHT
Task: {BAA43D6E-21CC-4A34-9D1C-53E100972420} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== AANDACHT
Task: {BEDCF7A9-7004-4A67-B715-07A154607F21} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-05-14] (Reimage®) <==== AANDACHT
Task: {D304E272-1969-4462-9357-1D1AF64EDE29} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {DE8F8570-B3AF-4DE2-854E-FDCE4E6E31FA} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== AANDACHT
Task: {E066348D-300C-4888-A9F0-A9E32DA28377} - \SuperClick Auto Updater 1.10.0.16 Pending Update -> Geen bestand <==== AANDACHT
Task: {E22A97DA-8D38-40CB-95EB-5D6697C24037} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {FA3B7DE8-A39E-4D5A-B811-BFA6B6738CB2} - \MyPC Backup Updater -> Geen bestand <==== AANDACHT
Task: {FAB6755F-904B-47CA-AE58-432B6CCBD2CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: C:\WINDOWS\Tasks\BYAIAMUF.job => C:\Users\Vera\AppData\Roaming\BYAIAMUF.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\CSWjSqDMaJKGPpwQiW.job => C:\Users\Vera\AppData\Roaming\CSWjSqDMaJKGPpwQiW.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\RAtlORAVu6r6AUXY0BxL9.job => C:\Users\Vera\AppData\Roaming\RAtlORAVu6r6AUXY0BxL9.exe <==== AANDACHT
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Pixsta.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cijncchffkmlnfdbnkkfclcbnjcoegjc
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d3d53a14ed9e4539\Facebook Lite for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=npmllfhdnjcijofddghkhhknagamimip
ShortcutWithArgument: C:\Users\Vera\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
Hosts:
EmptyTemp:
end


Ga naar Bestand <== dit staat links boven in kladblok.
Een schermpje opent klik op Opslaan als.
Er opent weer een schermpje, Kies links boven op bureaublad.
Bij "Bestandsnaam" onderop zet je:fixlist.txt.
Bij "Opslaan als" klik je rechts op het v selecteer je: Alle bestanden.
Klik daarna rechts onder op "Opslaan".

Als het goed is staat er nu een text bestand op je bureaublad?
Vertel of dat is gelukt.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

TWINKY
Lid geworden op: 04 dec 2006, 15:40
Locatie: schoten

01 jun 2017, 23:01

ik denk dat het gelukt is.
ik ga nu slapen en doe morgen voort.
alvast bedankt voor de hulp want ik ben echt wel een kluns
TWINKY

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

02 jun 2017, 09:36

Hallo,

Zie je eigen niet als een kluns je bent goed bezig alleen alles is nieuw :)

Nu de volgende stap, als het goed is staat de tool FRST.exe en het bestand fixlist.txt op je bureaublad. Als dat zo is doe het volgende:

Start de Farbar Recovery Scan Tool.
Als het programma is geopend klik Yes (Ja) bij de disclaimer. (indien nodig)
Druk op de Fix knop.
Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Kopieer en plak de inhoud van de logbestanden in je het volgende bericht.(als de inhoud te groot is voor één bericht plaats het in meerdere berichten)
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

TWINKY
Lid geworden op: 04 dec 2006, 15:40
Locatie: schoten

02 jun 2017, 19:50

canresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 31-05-2017
Gestart door Vera (Beheerder) op LAPTOP (01-06-2017 18:51:01)
Gestart vanaf C:\Users\Vera\Documents\FRST-OlderVersion
Geladen Profielen: Vera (Beschikbare Profielen: Vera & Administrator)
Platform: Windows 10 Home Versie 1703 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files (x86)\Photodex\ProShow Gold\scsiaccess.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Facebook) C:\Users\Vera\AppData\Local\Facebook\Games\FacebookGameroom.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The CefSharp Authors) C:\Users\Vera\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Intel Security) C:\Program Files\Intel Security\True Key\application\truekey.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

=====

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

03 jun 2017, 10:13

Hallo,

Niet goed gegaan: als het goed is staat de tool FRST.exe en het bestand fixlist.txt op je bureaublad.

Klopt dit?

Ik heb een handleiding gemaakt: http://www.seniorennet.be/forum/viewtopic.php?t=198568
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

TWINKY
Lid geworden op: 04 dec 2006, 15:40
Locatie: schoten

03 jun 2017, 20:36

Sorry maar het lukt mij niet ik denk dat k beter alles terug verwijder, ik kan er niet meer aan uit.
Ik vond het ander programma HYJAK veel eenvoudiger.
ik krijg vermeldig; geen fixlist.txt gevonden .
Ik vind het jammer voor al de tijd dat U er hebt aan besteed.
Bedankt
Twinky

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

04 jun 2017, 11:02

Hallo,

Het probleem komt omdat FRST niet op je bureaublad staat.
Gestart vanaf C:\Users\Vera\Documents\FRST-OlderVersion

De tool staat in de map Documents open die map en sleep FRST naar je bureaublad.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)