Hjt log-opgelost

Spyware is software die in het geheim op je computer wordt geplaatst en die persoonlijke gegevens doorstuurt, reclame toont, enz. Stel hier vragen, leer hoe je ervan af kan komen en hoe het te voorkomen.

ghislaine*
Lid geworden op: 27 jan 2005, 13:39
Locatie: Menen

22 dec 2017, 16:44

Geachte,.
Ik krijg regelmatig bericht van AVG: computer opnieuw opstarten.  Tot tweemaal per dag

Ik weet niet of het daardoor komt maar het opstarten duurt steeds langer.

Ik heb een Hjt log genomen. Kan iemand nazien


Hartelijk dank bij voorbaat,
grtjes

ghis

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:39:17, on 22-12-2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)

Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\nicole\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\nicole\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: The Amazon Assistant for Internet Explorer - {0ddcea2a-7b00-4349-8acb-af7ba6da251f} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [CAHeadless] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\nicole\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3769809095-3783424619-1328341166-1003\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3769809095-3783424619-1328341166-1003\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'DefaultAppPool')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'DefaultAppPool')
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} (IlosoftMultipleImageCtrl Class) - http://iloapp.fotoclub-kiknu-wervik.be/ ... Upload.dll
O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} (ExtraFilm Uploader Control) - http://www.extrafilm.be/ExtraFilmUploader6.cab
O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} - http://www.photodex.com/pxplay.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Version Cue CS3 {nl_NL}  (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Amazon Assistant Service - Unknown owner - C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WinZip Smart Monitor Service - Unknown owner - C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14738 bytes

Sony
Lid geworden op: 19 feb 2005, 13:45
Locatie: Boom

22 dec 2017, 18:13

ghislaine*,

HijackThis is verouderd en wordt best niet meer gebruikt.
Gebruik inplaats daarvan FRST zie op onderstaande link
voor de nodige uitleg:
https://www.seniorennet.be/forum/viewtopic.php?t=197112


CCleaner Monitoring moet uitgeschakeld worden:
CCleaner openen (niet laten kuisen)
Klik op Opties
Klik op Bewaking/Monitoring
Verwijder alle vinkjes (het progrmma zal protesteren toch verwijderen).
Herstart de computer en maak de FRST logs ter attentie van abbs.

Klik Hier Voor prettige feestdagen
druk daarna op F11

Sony
I Afbeelding SeniorenNet

ghislaine*
Lid geworden op: 27 jan 2005, 13:39
Locatie: Menen

23 dec 2017, 13:36

Sony,
 Hierbij de scan resultaten,

ghis

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 23-12-2017
Gestart door nicole (Beheerder) op NICOLE-PC (23-12-2017 13:26:47)
Gestart vanaf C:\Users\nicole\Desktop
Geladen Profielen: nicole & UpdatusUser & DefaultAppPool (Beschikbare Profielen: nicole & UpdatusUser & DefaultAppPool)
Platform: Windows 10 Home Versie 1703 15063.786 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Edge)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Corel Corporation) C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-02] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-22] (WinZip)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [124360 2017-04-22] (WinZip Computing, S.L.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-26] (Google Inc.)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [425984 2009-08-05] ()
HKU\S-1-5-21-3769809095-3783424619-1328341166-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [425984 2009-08-05] ()
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
Startup: C:\Users\nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk [2010-07-12]
ShortcutTarget: OneNote 2007 Schermopname en Snel starten.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{447b939a-f47a-43ec-af75-c5156ba64658}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.be/search?sourceid=ie7&q={se ... BE386BE388
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {A8011874-C91C-4B1F-9A52-0B2C192C7B07} URL = hxxp://www.tntcit.be/tools/searchengines/reftr ... earchTerms}
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-23] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-23] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> Geen Naam - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Geen bestand
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {19D6A3D5-EA50-4C3B-88F0-79627C325570} hxxp://iloapp.fotoclub-kiknu-wervik.be/gallery/executable/IlosoftMultipleImageUpload.dll
DPF: HKLM-x32 {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} hxxp://www.extrafilm.be/ExtraFilmUploader6.cab
DPF: HKLM-x32 {CB50428B-657F-47DF-9B32-671F82AA73F7} hxxp://www.photodex.com/pxplay.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Geen bestand
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2017-03-23] [Verouderd]
FF HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Firefox\Extensions: [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}] - C:\Program Files (x86)\ViewPassword\134.xpi => niet gevonden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default ->  Not-active:"chrome-extension://moghnflhlcpjkjkpnpgebffcjbmifljk/stubby.html"
CHR DefaultSearchURL: Default -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&redirect=CPC
CHR DefaultSearchKeyword: Default -> askwebsearch
CHR DefaultSuggestURL: Default -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}
CHR Profile: C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default [2017-12-22]
CHR Extension: (Ask Web Search) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgadloddempmemeinnpmhfopklhiaedh [2017-11-02]
CHR Extension: (CreateDocsOnline) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\moghnflhlcpjkjkpnpgebffcjbmifljk [2017-12-17]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-18]
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2017-10-04] ()
S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Bestand niet getekend]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Bestand niet getekend]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Bestand niet getekend]
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend]
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-14] (Microsoft Corporation)
R2 WinZip Smart Monitor Service; C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe [495616 2017-04-11] () [Bestand niet getekend]
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-03] (AVG Technologies)
R1 MpKsla795c94b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{95BFC00B-947E-4A1E-BA02-4DFD891FCB09}\MpKsla795c94b.sys [58120 2017-12-22] (Microsoft Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R2 TurboB; C:\WINDOWS\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; geen ImagePath
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-12-23 13:26 - 2017-12-23 13:27 - 000017807 _____ C:\Users\nicole\Desktop\FRST.txt
2017-12-23 13:23 - 2017-12-23 13:23 - 002392064 _____ (Farbar) C:\Users\nicole\Desktop\FRST64.exe
2017-12-23 12:43 - 2017-12-23 12:43 - 000000000 ___HD C:\OneDriveTemp
2017-12-21 13:59 - 2017-12-21 13:59 - 000000000 ____D C:\Program Files\Common Files\AVG
2017-12-18 17:35 - 2017-12-18 17:35 - 000000000 ___HD C:\$WINDOWS.~BT
2017-12-18 11:35 - 2017-12-18 11:35 - 000001886 _____ C:\Users\nicole\Desktop\IMGfotosneeuw1_1304 - Snelkoppeling.lnk
2017-12-18 11:35 - 2017-12-18 11:35 - 000001654 _____ C:\Users\nicole\Desktop\IMG_5881sneeuw2 - Snelkoppeling.lnk
2017-12-18 11:16 - 2017-11-30 04:33 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-18 11:16 - 2017-11-30 04:33 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-18 11:16 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-12-18 11:16 - 2017-11-30 04:29 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-18 11:16 - 2017-11-30 04:26 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-18 11:16 - 2017-11-30 04:24 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-18 11:16 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-18 11:16 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-12-18 11:16 - 2017-11-30 04:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-18 11:16 - 2017-11-30 03:59 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-18 11:16 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-18 11:16 - 2017-11-30 03:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-18 11:16 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-12-18 11:16 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-12-18 11:16 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-18 11:16 - 2017-11-30 03:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-18 11:16 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-18 11:16 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-12-18 11:16 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-18 11:16 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-18 11:16 - 2017-11-30 03:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-12-18 11:16 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-18 11:16 - 2017-11-30 03:40 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-18 11:16 - 2017-11-30 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 008195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-18 11:16 - 2017-11-30 03:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-18 11:16 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-12-16 14:25 - 2017-12-16 16:18 - 000000000 ____D C:\Program Files\WinZip Driver Updater
2017-12-16 14:22 - 2017-12-16 14:28 - 000012828 _____ C:\Users\nicole\Downloads\FRST.txt
2017-12-16 14:21 - 2017-12-16 14:22 - 000000000 ____D C:\FRST
2017-12-16 14:20 - 2017-12-16 14:20 - 000000000 ____D C:\Users\nicole\AppData\Roaming\Opera Software
2017-12-16 14:20 - 2017-12-16 14:20 - 000000000 ____D C:\Users\nicole\AppData\Local\Opera Software
2017-12-05 09:15 - 2017-12-22 09:32 - 000177536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswc5ed4f31c7962768.tmp
2017-11-24 10:08 - 2017-11-17 10:00 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-24 10:07 - 2017-11-17 10:31 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-24 10:01 - 2017-11-17 10:03 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-24 10:01 - 2017-11-17 09:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-24 10:00 - 2017-11-17 10:37 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-24 09:59 - 2017-11-17 10:39 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-24 09:59 - 2017-11-17 09:56 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-24 09:58 - 2017-11-17 10:46 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-24 09:58 - 2017-11-17 10:46 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-24 09:58 - 2017-11-17 10:46 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-24 09:58 - 2017-11-17 10:46 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-24 09:58 - 2017-11-17 10:46 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-24 09:58 - 2017-11-17 10:46 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-24 09:58 - 2017-11-17 10:39 - 000643200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-24 09:57 - 2017-11-17 10:46 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-24 09:57 - 2017-11-17 10:46 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-24 09:57 - 2017-11-17 10:46 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-24 09:57 - 2017-11-17 10:46 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-24 09:57 - 2017-11-17 10:46 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-24 09:57 - 2017-11-17 10:46 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-24 09:57 - 2017-11-17 10:41 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-24 09:56 - 2017-11-17 10:46 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-12-23 12:45 - 2017-07-14 09:36 - 000004708 _____ C:\WINDOWS\System32\Tasks\DistromaticSearchProtect-hourly
2017-12-23 12:44 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-23 12:43 - 2016-06-05 14:14 - 000000000 ___RD C:\Users\nicole\OneDrive
2017-12-23 12:41 - 2017-07-14 09:09 - 000000000 ____D C:\Users\nicole
2017-12-22 16:37 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-22 16:30 - 2010-07-08 11:06 - 000000000 ____D C:\Program Files (x86)\AVG
2017-12-22 16:28 - 2015-10-29 12:58 - 000000000 ____D C:\ProgramData\Avg
2017-12-22 16:28 - 2015-10-29 12:57 - 000000000 ____D C:\Users\nicole\AppData\Local\AvgSetupLog
2017-12-22 16:26 - 2010-07-03 17:05 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-22 16:17 - 2017-07-14 09:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-22 16:16 - 2017-03-18 12:40 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2017-12-22 09:34 - 2017-07-14 09:36 - 000004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5855ED69-F1FF-41AA-BDB6-617C2AB1B7C1}
2017-12-22 09:32 - 2017-03-03 10:35 - 001017624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswaa64330da15414ff.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000449848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw734010a48e67b268.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000351128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw8818ce13d8d09db3.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000196904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswdeccf11d5315aaa3.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswefaab614b1d3f05f.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw 405556e156fad4a.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw 486ee43613bd467.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswd5423a4cced207aa.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw3fab90b68a102190.tmp
2017-12-22 09:32 - 2017-03-03 10:34 - 000337408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw2ddefef13201d83d.tmp
2017-12-22 09:32 - 2017-03-03 10:34 - 000315152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw9fa7506127d55e51.tmp
2017-12-22 09:32 - 2017-03-03 10:34 - 000193096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswe6f18778f1bdd4bf.tmp
2017-12-22 09:32 - 2017-03-03 10:34 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw 10c539cbbf8ec7c.tmp
2017-12-20 17:35 - 2017-06-15 10:13 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-20 17:35 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-20 17:35 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-20 16:16 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-20 16:08 - 2017-07-13 12:05 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-20 10:51 - 2017-07-14 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-18 17:52 - 2016-06-05 14:00 - 000000000 ____D C:\Users\nicole\AppData\Local\Packages
2017-12-18 17:35 - 2017-07-14 09:58 - 000000000 ____D C:\Windows.old
2017-12-18 10:24 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-12-18 09:19 - 2013-08-14 10:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-17 13:46 - 2017-10-11 11:55 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-17 13:46 - 2010-07-04 12:15 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-17 13:20 - 2015-08-23 13:17 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-17 13:20 - 2015-08-23 13:17 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-16 16:31 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-16 16:31 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-16 16:19 - 2017-07-14 09:09 - 000000000 ____D C:\Users\UpdatusUser
2017-12-16 16:19 - 2017-07-14 09:09 - 000000000 ____D C:\Users\DefaultAppPool
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-12-16 16:19 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-16 16:19 - 2016-09-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-16 16:19 - 2015-04-08 14:58 - 000000000 ____D C:\WINDOWS\SysWOW64\beidpp
2017-12-16 16:19 - 2012-08-24 12:16 - 000000000 ____D C:\WINDOWS\system32\SPReview
2017-12-16 16:19 - 2012-08-24 12:15 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2017-12-16 16:19 - 2011-08-22 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-12-16 16:19 - 2011-01-17 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
2017-12-16 16:19 - 2009-11-26 18:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2017-12-16 16:19 - 2009-11-26 18:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-12-16 16:19 - 2009-11-26 18:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-12-16 16:19 - 2007-10-10 22:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
2017-12-16 16:18 - 2017-10-11 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.5
2017-12-16 16:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-16 16:18 - 2016-12-22 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-12-16 16:18 - 2016-10-22 08:40 - 000000000 ____D C:\Program Files (x86)\Amazon Browser Settings
2017-12-16 16:18 - 2016-02-29 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-12-16 16:18 - 2015-10-30 19:08 - 000000000 ____D C:\WINDOWS\ShellNew
2017-12-16 16:18 - 2015-05-14 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-16 16:18 - 2015-04-08 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
2017-12-16 16:18 - 2013-03-16 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-16 16:18 - 2012-01-05 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-12-16 16:18 - 2011-07-27 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-12-16 16:18 - 2010-10-07 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS3
2017-12-16 16:18 - 2010-07-23 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-16 16:18 - 2010-07-23 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Roaming\SoftDMA
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Roaming\PowerCinema
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Local\PlayMovie
2017-12-16 16:18 - 2010-06-30 14:17 - 000000000 ____D C:\ProgramData\FLEXnet
2017-12-16 16:18 - 2010-06-29 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2017-12-16 16:18 - 2010-06-29 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2017-12-16 16:18 - 2010-06-29 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-12-16 16:18 - 2009-11-26 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2017-12-16 16:18 - 2009-11-26 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2017-12-16 16:18 - 2009-11-26 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2017-12-16 16:18 - 2009-11-26 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2017-12-16 16:18 - 2007-10-10 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-16 16:01 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\registration
2017-12-16 15:58 - 2017-07-14 09:33 - 000000000 ____D C:\WINDOWS\system32\msmq
2017-12-16 15:47 - 2016-09-27 13:32 - 000000000 ____D C:\ProgramData\WinZip
2017-12-13 16:48 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-08 10:39 - 2017-07-28 09:29 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3769809095-3783424619-1328341166-1000
2017-12-08 10:39 - 2016-06-05 14:14 - 000002433 _____ C:\Users\nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-05 09:14 - 2017-03-03 10:35 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.151246172218702
2017-12-02 03:25 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-02 03:25 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-30 10:56 - 2016-04-07 12:20 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-25 16:56 - 2017-07-14 09:07 - 002316558 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-25 16:56 - 2017-03-20 04:54 - 001018582 _____ C:\WINDOWS\system32\perfh013.dat
2017-11-25 16:56 - 2017-03-20 04:54 - 000231652 _____ C:\WINDOWS\system32\perfc013.dat
2017-11-25 16:54 - 2016-06-05 14:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-25 16:51 - 2017-07-14 09:02 - 005243400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Bestanden in de root van sommige mappen =======
2009-11-26 18:31 - 2009-02-10 21:23 - 000192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2010-07-12 15:36 - 2016-09-05 18:29 - 000000778 _____ () C:\Users\nicole\AppData\Roaming\wklnhst.dat
2011-01-17 17:08 - 2012-08-17 09:46 - 000026624 _____ () C:\Users\nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-03 09:53 - 2015-07-03 09:53 - 000000000 _____ () C:\Users\nicole\AppData\Local\{F6678F8A-6392-4475-B946-B2518DE34657}
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2017-12-17 13:38
==================== Eind van FRST.txt ============================
Laatst gewijzigd door ghislaine* op 23 dec 2017, 16:13, 1 keer totaal gewijzigd.

Sony
Lid geworden op: 19 feb 2005, 13:45
Locatie: Boom

23 dec 2017, 14:54

ghislaine* ,

het gedeelte Extra scanresultaten is niet volledig,
verwijderd het onvolledige gedeelte uit je bericht en plaats
het volledige gedeelte in een nieuw antwoord aub

Voor het nazicht van de logs zal je toch moeten wachten op abbs
Er is inderdaad werk aan.

Sony
I Afbeelding SeniorenNet

ghislaine*
Lid geworden op: 27 jan 2005, 13:39
Locatie: Menen

23 dec 2017, 16:19

Sony,

Hierbij de extra...

grtjes

ghis

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 23-12-2017
Gestart door nicole (23-12-2017 13:28:17)
Gestart vanaf C:\Users\nicole\Desktop
Windows 10 Home Versie 1703 15063.786 (X64) (2017-07-14 08:51:43)
Boot Modus: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-3769809095-3783424619-1328341166-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3769809095-3783424619-1328341166-503 - Limited - Disabled)
Gast (S-1-5-21-3769809095-3783424619-1328341166-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3769809095-3783424619-1328341166-1002 - Limited - Enabled)
nicole (S-1-5-21-3769809095-3783424619-1328341166-1000 - Administrator - Enabled) => C:\Users\nicole
UpdatusUser (S-1-5-21-3769809095-3783424619-1328341166-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Geïnstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Arcade Deluxe (HKLM-x32\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.7110 - CyberLink Corp.) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.7110 - CyberLink Corp.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0812 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 3 Design Premium toevoegen of verwijderen (HKLM-x32\...\Adobe_4f447996d55a2562c006714721fae31) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorportated)
Adobe Premiere Elements 8.0 Templates (HKLM-x32\...\PremElem80Templates) (Version: 8.0 - Adobe Systems Incorportated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.2 - Nero AG) Hidden
AHV content for Acrobat and Flash (HKLM-x32\...\{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}) (Version: 1 - Adobe Systems Incorporated) Hidden
Amazon Assistant (HKLM-x32\...\{EDA2A064-F600-47BA-9EBA-58BE807BF6D2}) (Version: 10.17.0926 - Amazon) <==== AANDACHT
Amazon Search (HKLM-x32\...\Amazon Assistant) (Version: 2.3.4 - Amazon)
Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.9.726 - AVG Technologies)
Backup Manager Advance (HKLM-x32\...\{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems) Hidden
Belgium e-ID middleware 4.1.20 (build 1779) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A71779}) (Version: 4.1.1779 - Belgian Government)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Compatibiliteitspakket voor het 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
eSobi v2 (HKLM-x32\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HL-L2340D series (HKLM-x32\...\{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{26257879-B20D-4D30-A429-B387A4890929}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Dutch/Nederlands (HKLM-x32\...\OMUI.nl-nl) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Dutch) (HKLM-x32\...\{95120000-00AF-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{5158F1F5-FA1B-4D49-B546-55A5004B89BD}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{9d5299f9-f94e-43ed-9632-a5e045b51f7d}) (Version:  - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Patient HealthViewer  6.0.0 (HKLM-x32\...\2683-5993-8159-9128) (Version: 6.0.0 - Nationaal Intermutualistisch College)
PDF Settings (HKLM-x32\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems)
Pinnacle videodriver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5930 - Realtek Semiconductor Corp.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc) Hidden
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
Stuurprogrammapakket voor Windows - Fedict SmartCard  (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
Stuurprogrammapakket voor Windows - Fedict SmartCard  (11/30/2016 4.1.9) (HKLM\...\A9FBB4D4E267FA9BF2CEBF564F02DB39E147B466) (Version: 11/30/2016 4.1.9 - Fedict)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live - Hulpprogramma voor uploaden (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live aanmeldhulp (HKLM-x32\...\{1BD6AE96-4742-4498-9D03-9451C7E5A214}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{CD19EDD9-1632-4002-9212-7478E4BA0423}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinZip 21.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410F}) (Version: 21.5.12480 - WinZip Computing, S.L. )
==================== Aangepaste CLSID (gefilterd): ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
CustomCLSID: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov)
ContextMenuHandlers1-x32-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems Inc.)
ContextMenuHandlers1-x32-x32: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (Egis Technology Inc.)
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers1-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers1-x32-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov)
ContextMenuHandlers4-x32: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\mwlshellext.dll [2009-09-10] (Egis Technology Inc.)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers4-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Geen bestand
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll [2006-10-22] (Adobe Systems Inc.)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2011-05-28] ()
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers6-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.)
==================== Geplande Taken (gefilterd) =============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {00D17A48-7788-41F9-9022-96E29BEDC4CC} - System32\Tasks\{36B041E7-988C-4F36-AD18-EF894323E852} => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe [2009-08-21] (Pinnacle Systems)
Task: {01AB1B67-1DD6-4EA8-BD20-58E370685969} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0362D4C4-3B87-4053-BCC1-A4F56F7738A3} - \Microsoft\Windows\Setup\gwx\rundetector -> Geen bestand <==== AANDACHT
Task: {051E977F-74DC-4B5A-8728-C915616A0402} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd
Task: {0701ACDB-F157-49C2-82B8-D6DF242DAFDF} - System32\Tasks\{D612CEE9-4E6C-40B8-A816-B6FEE6463A8E} => C:\Program Files (x86)\Adobe\Adobe Device Central CS3\DeviceCentral.exe [2007-03-15] (Adobe Systems)
Task: {078A4F64-A6C0-4B6B-997F-3375E217DD9D} - System32\Tasks\{8BE9F449-AEA0-40BB-B321-CD7585C4B767} => C:\Windows\system32\pcalua.exe -a E:\PinnacleStudio14Trial.exe -d E:\
Task: {082D21D3-0030-4FE1-B987-ACB2D7D5149D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F957004-5C55-4E5E-84C6-6491C80FBEAC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {10DE46E4-840D-4AA2-AD56-4EB962C819A0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT
Task: {12FA3FA5-A6C6-4178-82C1-6CE1D11C073B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {13E39BD7-1881-4551-B479-43840082EBF5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {152092DD-ADA7-45B5-A59A-27C401C273C5} - System32\Tasks\{98A4F20F-FE40-418B-8A94-7E2E18EAD2A5} => C:\Windows\system32\pcalua.exe -a C:\Users\nicole\Desktop\epson374914eu.exe -d C:\Users\nicole\Desktop
Task: {2475B949-6CC8-4AA2-A0A8-B9AA9EFB56FC} - System32\Tasks\{2D7E4B9C-D68B-44A2-82DC-D22EA34F8010} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {26C78E5C-BD1E-4852-A799-AD5A39A99745} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {2B3EE7D4-DB8D-4C8A-83ED-919FA6DFAE6E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {2FF76091-E83B-41D6-B21E-0FE0B91135DE} - System32\Tasks\{52A6A0FB-9A0B-449D-BEB6-5A440FB604AD} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe"
Task: {316D2E03-9C3C-4A32-8334-0408CC8C65D3} - System32\Tasks\{1A614664-DDCA-438B-9A28-1E3232C4CAC0} => C:\Program Files (x86)\Adobe\Adobe Premiere Elements 8.0\Adobe Premiere Elements 8.0.exe [2009-09-29] (Adobe Systems Incorporated)
Task: {3DBBFC91-710F-419F-A0D3-7F7382893CD4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3EBF1322-0F76-490B-ADB2-08F46F502191} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {43210CD7-5230-40D8-88F0-31C33D72F408} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {47E418AE-5B69-44D3-81EC-02609B702B09} - System32\Tasks\DistromaticUpdater-periodic => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-10-22] (Distromatic) <==== AANDACHT
Task: {49E5B5A0-C65B-4CC6-ABAF-6B591FF1E934} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4D3FE8B8-E339-482E-B811-CF56C63B32B5} - System32\Tasks\DistromaticSearchProtect-logon => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-10-22] (Distromatic) <==== AANDACHT
Task: {4D7FC715-47C4-41D0-AF72-AD18486F0AC0} - System32\Tasks\DistromaticUpdater-logon => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-10-22] (Distromatic) <==== AANDACHT
Task: {5277650C-E68D-45E3-A0E8-8629D3B56303} - System32\Tasks\{2F0AB8A7-45D0-4B6B-857E-73605627F760} => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe [2009-08-21] (Pinnacle Systems)
Task: {53CB8B79-A35F-4F75-BFDC-D7144D2E7331} - System32\Tasks\{59339676-663C-4A70-8883-B45E71A66C4A} => C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe [2009-08-21] (Pinnacle Systems)
Task: {55F7108B-8A75-41DD-9D8A-88B4B91D8FF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-16] (Adobe Systems Incorporated)
Task: {5CF0CE5F-00FA-4909-AD11-E777D9C40272} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Geen bestand <==== AANDACHT
Task: {5FC2B69A-3444-4B62-B6F6-E1D0864F2A89} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {6DD3A0F8-F6DC-4DF4-AD46-E01D2F97848A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {71FC42AA-ACC5-46A2-A972-9325A1C82C78} - System32\Tasks\AdobeAAMUpdater-1.0-nicole-PC-nicole => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {737E90C9-AEAF-41A6-BEAF-90FFCD97BBAC} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Geen bestand <==== AANDACHT
Task: {7967719A-7D77-48E0-BD09-DC482DEAC72F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {7C6CD29B-2C44-4E6C-81D4-DB6BC63C7489} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E384493-954D-47DA-A2BA-C475A05A23E7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {7F65C149-CC07-450F-AD07-A280DEBB3068} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F980F14-BC4D-4469-869A-7971067F7B0A} - System32\Tasks\{27F3A3EF-631F-4549-B377-A83672459BC7} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {8090AE2E-7335-4A37-A7B1-5D12C371AAC7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {818F0D74-0B40-4104-A52D-1678B10B42AF} - System32\Tasks\{1B54A708-90A1-4957-888F-8E4B6954721D} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {83B53F84-20EF-4804-8876-0D3B8DED72F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {83BF024F-EDCE-438F-A526-6EA63B096687} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {89249CE9-649C-4D1A-A0FB-FA2F75E88D15} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8A15571A-C617-4288-AAB5-07D23E3F6537} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8C03F78A-15C3-4966-B97D-2D02C033DE68} - System32\Tasks\{50936F96-FCF2-4ED7-86ED-C43579AFBFB2} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {907F5957-970F-4829-8281-967052295C13} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-22] (WinZip)
Task: {97C50787-CDB1-4DD2-8A2C-39D99326EC13} - System32\Tasks\{E93DE1B1-F16F-4ABE-BC2F-CF6941928359} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {9D4B160A-567A-4273-9941-9D08392A0A62} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ACB3944A-0220-4C3D-9A04-3BF6AE3290B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {B380560B-77A7-47C2-9A0F-98ACA33219AB} - System32\Tasks\{EF1B8A57-8CDA-4170-997B-4B77A1C4E7F1} => C:\Windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {B391E347-0766-4C77-85F2-BCF618DCFF67} - System32\Tasks\{93A498AB-B596-447A-A779-7A5BCCF8C8B3} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{3868A8EE-5051-4DB0-8DF6-4F4B8A98D083} /l1043
Task: {B8D3DD26-F965-417A-A672-1E48D62BABB1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {BCA732EB-B0B3-49B1-91EB-1548D5767CDB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {BF0A7F5A-F1BA-47CD-BF7F-A7ED3EC7A3C8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BF7648FD-00C8-405C-BB5D-919EFC2862EB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {C41248BD-9C29-4644-99D9-84466F64D1EA} - System32\Tasks\DistromaticSearchProtect-hourly => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-10-22] (Distromatic) <==== AANDACHT
Task: {C5CE9110-7E29-46E7-A0E5-C5E04058B640} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {CA4DF9C3-3230-473E-A30D-02777F2F9547} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CCD22A47-10F7-46F3-9488-FDA16D6D957F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D3616CDA-4E47-427E-BDFF-E35650FF649E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-vaneenoonicole@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {D499C78F-FDAF-4FFC-B7AA-1B2CF5BCE8F8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {DF3EF9D1-44F8-4442-ADCC-40BBB8830744} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {E02C0DDD-D28D-4931-8F7D-8E76714C1677} - System32\Tasks\{20DF6538-4649-4AED-8F16-8A5B503380A8} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {E5B14D36-9B4B-4AD8-AE90-61339EB5CBCD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E84707A9-4FB5-46F5-8ED8-0397C372B61D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT
Task: {E864D643-EAFF-4C50-B3F0-212D012A0B5B} - System32\Tasks\{83846223-9E34-4ABA-AC24-22397489AB4A} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {E8E4F11C-317E-4467-85D4-5D3DEE6F6C2B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EB2A509B-9215-425C-8DA9-53451944F6F1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {F106B0F3-D195-438B-8F36-B8432022BD0C} - System32\Tasks\{A136735F-85BC-4226-9CE2-4C3C7DDF4A52} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {F1C04BAB-038A-4BBF-B2E1-F346226D38D1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: {F9F403B3-ED90-4820-BAE0-69861A7958AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {FC6A4088-BA8D-4E4C-8B95-F56C1AC39295} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

==================== Snelkoppelingen & WMI ========================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

ShortcutWithArgument: C:\Users\Public\Desktop\Acer Store.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/be?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal
==================== Geladen Modules (gefilterd) ==============
2017-10-04 12:06 - 2017-10-04 12:06 - 000105136 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-10-04 12:07 - 2017-10-04 12:07 - 000159408 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll
2017-04-11 15:08 - 2017-04-11 15:08 - 000495616 _____ () C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
2009-12-14 03:19 - 2009-12-09 10:24 - 000076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2017-07-14 09:07 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-22 19:12 - 2011-05-28 21:05 - 000164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 04:56 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-12 08:58 - 2017-10-12 08:58 - 000349696 _____ () C:\Program Files\WinZip Smart Monitor\Plugins\7BC0E678-C2D8-43A4-B694-A458734AEF6D.2.1.0.10\7BC0E678-C2D8-43A4-B694-A458734AEF6D.2.1.0.10.dll
2017-12-17 13:25 - 2017-12-18 13:29 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-12-17 13:25 - 2017-12-18 13:29 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-12-17 13:25 - 2017-12-18 13:29 - 024735744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-12-17 13:25 - 2017-12-18 13:29 - 002551808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\skypert.dll
2017-12-17 13:25 - 2017-12-18 09:11 - 000671744 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2009-08-18 08:27 - 2009-08-18 08:27 - 000629280 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2009-02-03 02:33 - 2009-02-03 02:33 - 000460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 001076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2016-12-22 16:24 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-12-08 10:38 - 2017-12-08 10:38 - 000102088 _____ () C:\Users\nicole\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2009-08-18 08:31 - 2009-08-18 08:31 - 000163840 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
==================== Alternate Data Streams (gefilterd) =========
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [118]
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [124]
==================== Veilige Modus (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)

==================== Bestandskoppeling (gefilterd) ===============
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.exe:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.scr:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.bat:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.com:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.cmd:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.reg:  =>  <==== AANDACHT
==================== Internet Explorer vertrouwde/beperkte toegang ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)

==================== Hosts inhoud: ===============================
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
2009-07-14 03:34 - 2016-03-07 10:17 - 000000834 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Andere gebieden ============================
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-3769809095-3783424619-1328341166-1003\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Snelle start.lnk => C:\Windows\pss\Adobe Acrobat Snelle start.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk => C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^nicole^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0EYTHM => C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: CAHeadless => C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: EPSON Stylus Photo R265 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNE.EXE /FU "C:\Windows\TEMP\E_S72A1.tmp" /EF "HKCU"
MSCONFIG\startupreg: Picasa Media Detector => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Firewall regels (gefilterd) ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [{36216A61-E996-4726-945E-23690E71CEB4}] => (Allow) C:\Users\nicole\AppData\Local\Temp\7zS66E7\HPDiagnosticCoreUI.exe
FirewallRules: [{E3A7448B-D5D6-465D-AACF-472ACA606655}] => (Allow) C:\Users\nicole\AppData\Local\Temp\7zS66E7\HPDiagnosticCoreUI.exe
FirewallRules: [{C3F5FF4C-7CEE-4E42-A04D-66FC64DDED4C}] => (Allow) C:\Users\nicole\AppData\Local\Temp\7zS6ED0\HPDiagnosticCoreUI.exe
FirewallRules: [{D49AE53D-2EA3-4A29-A17D-EEA6A55B81A5}] => (Allow) C:\Users\nicole\AppData\Local\Temp\7zS6ED0\HPDiagnosticCoreUI.exe
FirewallRules: [{08ECBEAA-1D73-4336-85D8-281119BC3C48}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B4F8F240-ABE3-4861-9F7E-4D8466E4E3ED}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6030C793-C05B-44DC-838A-155294A8B464}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{EA0A7891-8D9F-4B11-9D2E-DD6C753E5016}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{9BEC82C4-2867-4756-958A-3E80E9075440}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{37C9361A-38CB-4EAE-929F-C6889B73402E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{9D7F70D9-E79E-469C-8852-2FBF307642CC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{86C74C46-A17C-4B8C-9FEB-39B439A4765D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A16D73F4-7AA0-4B79-B295-8EBFC681C5B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{6FBB9971-C7C0-49BF-A134-3BF812274416}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{77E2B6E0-4AE4-4756-8FF3-E633E742932C}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{D6531B2D-7C1D-4D1B-9463-7EC9C2860ABD}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{00BE18DE-6418-4D0D-B520-42C42E343093}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{923726E8-F625-4C73-9232-775519FCFF5F}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{8A8E1CFE-56F5-40EA-AFD9-13B87EB199BE}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{43F1AB6F-E64D-43B4-BAA9-A41BBA9B4BBF}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{F6A94683-B969-4E44-A5FB-58F96224F72F}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [{77C44936-C5AD-494F-8E2D-CE3628830093}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{C43F6424-ED77-457E-91EB-410ADAD0D2AF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\umi.exe
FirewallRules: [{FED179B5-7EAD-4100-9322-CC5F7B3D1713}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{8BA8804E-F59E-4582-8B55-3DD8B863007D}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\Studio.exe
FirewallRules: [{8299561E-B11F-4C9E-8AE5-8251797C2423}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{B97016A2-0664-4815-8CC9-42AF90DFCB71}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 14\Programs\RM.exe
FirewallRules: [{118980FF-E5E9-4F21-9F65-EB2D8FA1E61E}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{BE6E107B-57BD-4A13-9FF5-07154F653D47}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{2A0C3D0C-30E9-4927-B4E2-4EE3A312577F}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [{0D068798-617B-4580-8AA2-A0FC0DDBE234}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
FirewallRules: [{2DCF2A47-11B2-4614-88C7-0AAC86948046}] => (Allow) LPort=50901
FirewallRules: [{3CB19343-D17C-409C-9B9A-D108469F5264}] => (Allow) LPort=50900
FirewallRules: [{E1A46DBB-865C-4DE4-B3A3-FE4A3CC42D88}] => (Allow) LPort=3704
FirewallRules: [{7DF3F2EB-C827-4E5A-9E91-3E399AF48430}] => (Allow) LPort=3703
FirewallRules: [{4C21630E-6EA0-4C95-8C05-63E71B84088A}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{B67DDDB4-2E5A-4F80-A728-3BCDA162242C}] => (Allow) svchost.exe
FirewallRules: [{A8BAA8AE-8FDA-4AB0-AA55-7AE9109E9196}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{07F7E510-3F4D-49AC-A2A5-E67F065A60C8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{FF80E58E-D05D-4DEC-8F39-DD9E1B0D3FDE}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
FirewallRules: [{025F9F33-DD69-4900-A491-6EC1A5F6A701}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
FirewallRules: [{4B5B6C86-05ED-48F8-A967-C4A0702976CD}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
FirewallRules: [{AE4990C5-1B97-44CB-A61E-A6BF7FC4A23C}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
FirewallRules: [{2999B480-04BC-4CC7-A7D4-5073AD5AB579}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{7917895B-F374-4F23-BA21-28BB645E49A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Herstelpunten =========================
17-12-2017 13:40:09 Windows Update
20-12-2017 16:10:06 Windows Update
==================== Defecte Apparaatbeheer Apparaten =============
Name: Microsoft-muis (PS/2)
Description: Microsoft-muis (PS/2)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standaard PS/2-toetsenbord
Description: Standaard PS/2-toetsenbord
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (standaardtoetsenbord)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Eventlog fouten: =========================
Applicatiefouten:
==================
Error: (12/23/2017 12:54:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NICOLE-PC)
Description: Het pakket Microsoft.Windows.ShellExperienceHost_10.0.15063.675_neutral_neutral_cw5n1h2txyewy+App is beëindigd omdat het onderbreken te lang duurde.
Error: (12/23/2017 12:53:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NICOLE-PC)
Description: Het pakket Microsoft.MicrosoftEdge_40.15063.674.0_neutral__8wekyb3d8bbwe+ContentProcess#{00051403-0079-0000-14ff-610400000000} is beëindigd omdat het onderbreken te lang duurde.
Error: (12/23/2017 12:53:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NICOLE-PC)
Description: Het pakket Microsoft.MicrosoftEdge_40.15063.674.0_neutral__8wekyb3d8bbwe+MicrosoftEdge is beëindigd omdat het onderbreken te lang duurde.
Error: (12/22/2017 04:26:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICOLE-PC)
Description: Het activeren van de app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.
Error: (12/21/2017 01:55:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: NICOLE-PC)
Description: Het activeren van de app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess is mislukt door de fout -2144927142. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.
Error: (12/20/2017 10:53:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NICOLE-PC)
Description: Het pakket Microsoft.MicrosoftEdge_40.15063.674.0_neutral__8wekyb3d8bbwe+MicrosoftEdge is beëindigd omdat het onderbreken te lang duurde.
Error: (12/18/2017 05:24:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NICOLE-PC)
Description: Het pakket Microsoft.MicrosoftMahjong_3.6.9061.0_x64__8wekyb3d8bbwe+App is beëindigd omdat het onderbreken te lang duurde.
Error: (12/18/2017 05:13:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NICOLE-PC)
Description: Het pakket Microsoft.MicrosoftMahjong_3.6.9061.0_x64__8wekyb3d8bbwe+App is beëindigd omdat het onderbreken te lang duurde.
Error: (12/18/2017 05:02:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Kan activeringscontext voor 'C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL op regel 8.
Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel.
Verwijzing is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definitie is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Gebruik sxstrace.exe voor gedetailleerde diagnose.
Error: (12/18/2017 05:01:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: NICOLE-PC)
Description: Het pakket Microsoft.MicrosoftSolitaireCollection_3.18.11201.0_x64__8wekyb3d8bbwe+App is beëindigd omdat het onderbreken te lang duurde.

Systeemfouten:
=============
Error: (12/23/2017 12:54:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De AppX Deployment Service (AppXSVC)-service kan vanwege de volgende fout niet worden gestart:
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.
Error: (12/23/2017 12:54:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: AppX Deployment Service (AppXSVC).
Error: (12/22/2017 04:21:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart:
De service is niet gestart vanwege een aanmeldingsfout.
Error: (12/22/2017 04:21:23 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: De nvUpdatusService-service kan niet als .\UpdatusUser met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout:
Het wachtwoord voor dit account is verlopen.

Gebruik de module Services in de Microsoft Management Console (MMC) om te controleren of de service juist is geconfigureerd.
Error: (12/22/2017 04:19:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (12/22/2017 04:19:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (12/22/2017 04:17:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De NetTcpActivator-service is afhankelijk van de NetTcpPortSharing-service, die vanwege de volgende fout niet kan worden gestart:
Kan de service niet starten omdat deze is uitgeschakeld of omdat
het geen ingeschakelde apparaten met zich heeft verbonden.
Error: (12/22/2017 04:17:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De CldFlt-service kan vanwege de volgende fout niet worden gestart:
De aanvraag wordt niet ondersteund.
Error: (12/21/2017 01:55:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Windows Search-service is bij het starten vastgelopen.
Error: (12/21/2017 01:52:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De NVIDIA Update Service Daemon-service kan vanwege de volgende fout niet worden gestart:
De service is niet gestart vanwege een aanmeldingsfout.

CodeIntegrity:
===================================
  Date: 2017-12-18 09:26:47.407
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-18 09:26:47.386
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-18 09:26:47.354
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-18 09:26:47.208
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-18 09:26:47.139
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-18 09:26:47.045
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-18 09:26:42.497
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-18 09:26:40.054
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-17 13:53:50.652
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
  Date: 2017-12-17 13:53:50.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

==================== Geheugen info ===========================
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz
Percentage geheugen in gebruik: 42%
Totaal fysiek RAM-geheugen: 3959.09 MB
Beschikbaar fysiek RAM-geheugen: 2283.21 MB
Totaal Virtueel geheugen: 7927.09 MB
Beschikbaar Virtual geheugen: 5927.3 MB
==================== Schijven ================================
Drive c: (Acer) (Fixed) (Total:458.87 GB) (Free:373.85 GB) NTFS
Drive d: (Data) (Fixed) (Total:458.87 GB) (Free:457.87 GB) NTFS
==================== MBR & Partitietabel ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F467897B)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
==================== Eind van Addition.txt ============================

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

23 dec 2017, 18:54

Hallo,

Ik ga je logjes even doornemen, maar heb nog een paar vragen:
1. Had je AVG berwijderd?
2. AVG Web TuneUp <== is deze gekocht?
3. Gebruik je ares nog, ik zie restanten?
34 Waarom gebruik je 3 zip/rar programma's?
7-Zip 4.65
WinRAR 4.01
WinZip 21.5


Voor ik een fix maak graag antwoord op bovenstaande vragen.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

ghislaine*
Lid geworden op: 27 jan 2005, 13:39
Locatie: Menen

24 dec 2017, 09:26

Hallo Abbs,


Nee, AVG krijg ik echt niet van de PC.  
De web tune-up in niet aangekocht.
Ares: weet zelfs niet wat het is...
En die verschillende zip-progs kan het dat die worden meegestuurd om een of andere bijlage te openen?
Met een heb ik inderdaad genoeg.

Hartelijke groeten,

ghis

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

24 dec 2017, 11:08

Hallo,

Ik heb alles in twee berichten ge plaatst dan staat het niet door elkaar:

Stap 1.
Weg gaan naar Programma's en onderdelen:
  • Klik Windows knop plus R tegelijk in. Afbeelding.
  • Type appwiz.cpl in en klik OK.
  • Zoek de volgende programma's, klik met je rechtermuis knop erop en kies Verwijderen.
    • Amazon Assistant
    • AVG Web TuneUp
    • WinZip 21.5
    • WinRAR 4.01
  • Volg de de-installatie instructies van het programma zelf op.
  • Start indien nodig opnieuw op.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

24 dec 2017, 11:37

Hallo,

Ik  kan de code niet plaatsen hier dus doe het even zo.
Klik op de volgende link: http://www.filedropper.com/fixlist

Voer de code in die als voorbeeld staat (denk aan hoofdletters).
Klik dan op "Download Now" en sla het fixlist.txt op je bureaublad op.

Doe dan het volgende:

Start de Farbar Recovery Scan Tool.
Als het programma is geopend klik Yes (Ja) bij de disclaimer. (indien nodig)
Druk op de Fix knop.
Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Kopieer en plak de inhoud van de logbestanden in je het volgende bericht.(als de inhoud te groot is voor één bericht plaats het in meerdere berichten)
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

ghislaine*
Lid geworden op: 27 jan 2005, 13:39
Locatie: Menen

24 dec 2017, 15:41

abbs,

bij stap 1:  3 progr. verwijderd,
AVG Web TuneUp - krijg bericht systeem kan bestand niet vinden

grtjes

ghis

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

24 dec 2017, 15:46

Hallo,

Ga dan verder met de fix die je moet downloaden en uitvoeren.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

ghislaine*
Lid geworden op: 27 jan 2005, 13:39
Locatie: Menen

24 dec 2017, 16:10

Abbs,

Hierbij de fixlog

grtjes

ghis

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 23-12-2017 01
Gestart door nicole (24-12-2017 15:52:04) Run:1
Gestart vanaf C:\Users\nicole\Desktop
Geladen Profielen: nicole & UpdatusUser & DefaultAppPool (Beschikbare Profielen: nicole & UpdatusUser & DefaultAppPool)
Boot Modus: Normal
==============================================
fixlist inhoud:
*****************

Code: Selecteer alles

start
CreateRestorePoint:
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
() C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
(Corel Corporation) C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
2017-12-16 14:25 - 2017-12-16 16:18 - 000000000 ____D C:\Program Files\WinZip Driver Updater
2017-12-16 14:20 - 2017-12-16 14:20 - 000000000 ____D C:\Users\nicole\AppData\Roaming\Opera Software
2017-12-16 14:20 - 2017-12-16 14:20 - 000000000 ____D C:\Users\nicole\AppData\Local\Opera Software
2017-12-05 09:15 - 2017-12-22 09:32 - 000177536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswc5ed4f31c7962768.tmp
2017-12-22 16:30 - 2010-07-08 11:06 - 000000000 ____D C:\Program Files (x86)\AVG
2017-12-22 16:28 - 2015-10-29 12:58 - 000000000 ____D C:\ProgramData\Avg
2017-12-22 16:28 - 2015-10-29 12:57 - 000000000 ____D C:\Users\nicole\AppData\Local\AvgSetupLog
2017-12-22 09:32 - 2017-03-03 10:35 - 001017624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswaa64330da15414ff.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000449848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw734010a48e67b268.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000351128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw8818ce13d8d09db3.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000196904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswdeccf11d5315aaa3.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswefaab614b1d3f05f.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw 405556e156fad4a.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw 486ee43613bd467.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswd5423a4cced207aa.tmp
2017-12-22 09:32 - 2017-03-03 10:35 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw3fab90b68a102190.tmp
2017-12-22 09:32 - 2017-03-03 10:34 - 000337408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw2ddefef13201d83d.tmp
2017-12-22 09:32 - 2017-03-03 10:34 - 000315152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw9fa7506127d55e51.tmp
2017-12-22 09:32 - 2017-03-03 10:34 - 000193096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\aswe6f18778f1bdd4bf.tmp
2017-12-22 09:32 - 2017-03-03 10:34 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\asw 10c539cbbf8ec7c.tmp
2017-12-16 16:18 - 2017-10-11 12:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.5
2017-12-16 15:47 - 2016-09-27 13:32 - 000000000 ____D C:\ProgramData\WinZip
CustomCLSID: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Geen bestand
ContextMenuHandlers1-x32-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.)
ContextMenuHandlers6-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.)
Task: {907F5957-970F-4829-8281-967052295C13} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-04-22] (WinZip)
Task: {0362D4C4-3B87-4053-BCC1-A4F56F7738A3} - \Microsoft\Windows\Setup\gwx\rundetector -> Geen bestand <==== AANDACHT
Task: {051E977F-74DC-4B5A-8728-C915616A0402} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd
Task: {10DE46E4-840D-4AA2-AD56-4EB962C819A0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT
Task: {2475B949-6CC8-4AA2-A0A8-B9AA9EFB56FC} - System32\Tasks\{2D7E4B9C-D68B-44A2-82DC-D22EA34F8010} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {26C78E5C-BD1E-4852-A799-AD5A39A99745} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {2B3EE7D4-DB8D-4C8A-83ED-919FA6DFAE6E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {47E418AE-5B69-44D3-81EC-02609B702B09} - System32\Tasks\DistromaticUpdater-periodic => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-10-22] (Distromatic) <==== AANDACHT
Task: {4D3FE8B8-E339-482E-B811-CF56C63B32B5} - System32\Tasks\DistromaticSearchProtect-logon => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-10-22] (Distromatic) <==== AANDACHT
Task: {4D7FC715-47C4-41D0-AF72-AD18486F0AC0} - System32\Tasks\DistromaticUpdater-logon => C:\Program Files (x86)\Amazon Browser Settings\updater.exe [2016-10-22] (Distromatic) <==== AANDACHT
Task: {5CF0CE5F-00FA-4909-AD11-E777D9C40272} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Geen bestand <==== AANDACHT
Task: {737E90C9-AEAF-41A6-BEAF-90FFCD97BBAC} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Geen bestand <==== AANDACHT
Task: {7967719A-7D77-48E0-BD09-DC482DEAC72F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {818F0D74-0B40-4104-A52D-1678B10B42AF} - System32\Tasks\{1B54A708-90A1-4957-888F-8E4B6954721D} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {83B53F84-20EF-4804-8876-0D3B8DED72F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {8C03F78A-15C3-4966-B97D-2D02C033DE68} - System32\Tasks\{50936F96-FCF2-4ED7-86ED-C43579AFBFB2} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {97C50787-CDB1-4DD2-8A2C-39D99326EC13} - System32\Tasks\{E93DE1B1-F16F-4ABE-BC2F-CF6941928359} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {B8D3DD26-F965-417A-A672-1E48D62BABB1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {BCA732EB-B0B3-49B1-91EB-1548D5767CDB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {BF7648FD-00C8-405C-BB5D-919EFC2862EB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {C41248BD-9C29-4644-99D9-84466F64D1EA} - System32\Tasks\DistromaticSearchProtect-hourly => C:\Program Files (x86)\Amazon Browser Settings\AmznSearchProtect.exe [2016-10-22] (Distromatic) <==== AANDACHT
Task: {D499C78F-FDAF-4FFC-B7AA-1B2CF5BCE8F8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {DF3EF9D1-44F8-4442-ADCC-40BBB8830744} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {E84707A9-4FB5-46F5-8ED8-0397C372B61D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT
Task: {E864D643-EAFF-4C50-B3F0-212D012A0B5B} - System32\Tasks\{83846223-9E34-4ABA-AC24-22397489AB4A} => C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
Task: {F1C04BAB-038A-4BBF-B2E1-F346226D38D1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [118]
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [124]
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.exe:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.scr:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.bat:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.com:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.cmd:  =>  <==== AANDACHT
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.reg:  =>  <==== AANDACHT
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
FirewallRules: [{36216A61-E996-4726-945E-23690E71CEB4}] => (Allow) C:\Users\nicole\AppData\Local\Temp\7zS66E7\HPDiagnosticCoreUI.exe
FirewallRules: [{E3A7448B-D5D6-465D-AACF-472ACA606655}] => (Allow) C:\Users\nicole\AppData\Local\Temp\7zS66E7\HPDiagnosticCoreUI.exe
FirewallRules: [{C3F5FF4C-7CEE-4E42-A04D-66FC64DDED4C}] => (Allow) C:\Users\nicole\AppData\Local\Temp\7zS6ED0\HPDiagnosticCoreUI.exe
FirewallRules: [{D49AE53D-2EA3-4A29-A17D-EEA6A55B81A5}] => (Allow) C:\Users\nicole\AppData\Local\Temp\7zS6ED0\HPDiagnosticCoreUI.exe
FirewallRules: [{08ECBEAA-1D73-4336-85D8-281119BC3C48}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B4F8F240-ABE3-4861-9F7E-4D8466E4E3ED}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6030C793-C05B-44DC-838A-155294A8B464}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{EA0A7891-8D9F-4B11-9D2E-DD6C753E5016}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{9BEC82C4-2867-4756-958A-3E80E9075440}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{37C9361A-38CB-4EAE-929F-C6889B73402E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{A16D73F4-7AA0-4B79-B295-8EBFC681C5B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{6FBB9971-C7C0-49BF-A134-3BF812274416}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{77E2B6E0-4AE4-4756-8FF3-E633E742932C}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{D6531B2D-7C1D-4D1B-9463-7EC9C2860ABD}] => (Allow) C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe
FirewallRules: [UDP Query User{923726E8-F625-4C73-9232-775519FCFF5F}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{8A8E1CFE-56F5-40EA-AFD9-13B87EB199BE}C:\program files (x86)\ares\ares.exe] => (Block) C:\program files (x86)\ares\ares.exe
FirewallRules: [UDP Query User{43F1AB6F-E64D-43B4-BAA9-A41BBA9B4BBF}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
FirewallRules: [TCP Query User{F6A94683-B969-4E44-A5FB-58F96224F72F}C:\program files (x86)\ares\ares.exe] => (Allow) C:\program files (x86)\ares\ares.exe
EmptyTemp:
Reboot:
end
*****************

Code: Selecteer alles

 => Fout: Geen automatische fix gevonden voor dit item.
Herstelpunt is succesvol gemaakt.
C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe => Geen lopend proces gevonden
C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe => Geen lopend proces gevonden
C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe => Geen lopend proces gevonden
C:\Program Files\WinZip\WzPreloader.exe => Geen lopend proces gevonden
C:\Program Files\WinZip Driver Updater => is succesvol verplaatst
C:\Users\nicole\AppData\Roaming\Opera Software => is succesvol verplaatst
C:\Users\nicole\AppData\Local\Opera Software => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\aswc5ed4f31c7962768.tmp => is succesvol verplaatst
"C:\Program Files (x86)\AVG" map verplaatsing:
Kon niet verplaatsen "C:\Program Files (x86)\AVG" => Gepland te verplaatsen bij herstart.

"C:\ProgramData\Avg" map verplaatsing:
Kon niet verplaatsen "C:\ProgramData\Avg" => Gepland te verplaatsen bij herstart.
C:\Users\nicole\AppData\Local\AvgSetupLog => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\aswaa64330da15414ff.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\asw734010a48e67b268.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\asw8818ce13d8d09db3.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\aswdeccf11d5315aaa3.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\aswefaab614b1d3f05f.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\asw 405556e156fad4a.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\asw 486ee43613bd467.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\aswd5423a4cced207aa.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\asw3fab90b68a102190.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\asw2ddefef13201d83d.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\asw9fa7506127d55e51.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\aswe6f18778f1bdd4bf.tmp => is succesvol verplaatst
C:\WINDOWS\system32\Drivers\asw 10c539cbbf8ec7c.tmp => is succesvol verplaatst
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.5" => niet gevonden.
C:\ProgramData\WinZip => is succesvol verplaatst
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220} => sleutel niet gevonden
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => sleutel niet gevonden
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => sleutel niet gevonden
ContextMenuHandlers1-x32-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.) => Fout: Geen automatische fix gevonden voor dit item.
ContextMenuHandlers6-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-04-22] (WinZip Computing, S.L.) => Fout: Geen automatische fix gevonden voor dit item.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{907F5957-970F-4829-8281-967052295C13} => kon niet worden verwijderd sleutel. ErrorCode1: 0x00000001
C:\WINDOWS\System32\Tasks\WinZip Update Notifier => niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinZip Update Notifier => sleutel niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0362D4C4-3B87-4053-BCC1-A4F56F7738A3}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0362D4C4-3B87-4053-BCC1-A4F56F7738A3}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{051E977F-74DC-4B5A-8728-C915616A0402}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{051E977F-74DC-4B5A-8728-C915616A0402}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\McQcModifier-5c47-a7b0 => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McQcModifier-5c47-a7b0" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10DE46E4-840D-4AA2-AD56-4EB962C819A0}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10DE46E4-840D-4AA2-AD56-4EB962C819A0}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2475B949-6CC8-4AA2-A0A8-B9AA9EFB56FC}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2475B949-6CC8-4AA2-A0A8-B9AA9EFB56FC}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\{2D7E4B9C-D68B-44A2-82DC-D22EA34F8010} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D7E4B9C-D68B-44A2-82DC-D22EA34F8010}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26C78E5C-BD1E-4852-A799-AD5A39A99745}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26C78E5C-BD1E-4852-A799-AD5A39A99745}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B3EE7D4-DB8D-4C8A-83ED-919FA6DFAE6E}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B3EE7D4-DB8D-4C8A-83ED-919FA6DFAE6E}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47E418AE-5B69-44D3-81EC-02609B702B09}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47E418AE-5B69-44D3-81EC-02609B702B09}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\DistromaticUpdater-periodic => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DistromaticUpdater-periodic" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D3FE8B8-E339-482E-B811-CF56C63B32B5}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D3FE8B8-E339-482E-B811-CF56C63B32B5}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\DistromaticSearchProtect-logon => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DistromaticSearchProtect-logon" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D7FC715-47C4-41D0-AF72-AD18486F0AC0}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7FC715-47C4-41D0-AF72-AD18486F0AC0}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\DistromaticUpdater-logon => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DistromaticUpdater-logon" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF0CE5F-00FA-4909-AD11-E777D9C40272}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF0CE5F-00FA-4909-AD11-E777D9C40272}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{737E90C9-AEAF-41A6-BEAF-90FFCD97BBAC}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{737E90C9-AEAF-41A6-BEAF-90FFCD97BBAC}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7967719A-7D77-48E0-BD09-DC482DEAC72F}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7967719A-7D77-48E0-BD09-DC482DEAC72F}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{818F0D74-0B40-4104-A52D-1678B10B42AF}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{818F0D74-0B40-4104-A52D-1678B10B42AF}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\{1B54A708-90A1-4957-888F-8E4B6954721D} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1B54A708-90A1-4957-888F-8E4B6954721D}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83B53F84-20EF-4804-8876-0D3B8DED72F7}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83B53F84-20EF-4804-8876-0D3B8DED72F7}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C03F78A-15C3-4966-B97D-2D02C033DE68}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C03F78A-15C3-4966-B97D-2D02C033DE68}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\{50936F96-FCF2-4ED7-86ED-C43579AFBFB2} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{50936F96-FCF2-4ED7-86ED-C43579AFBFB2}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97C50787-CDB1-4DD2-8A2C-39D99326EC13}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97C50787-CDB1-4DD2-8A2C-39D99326EC13}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\{E93DE1B1-F16F-4ABE-BC2F-CF6941928359} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E93DE1B1-F16F-4ABE-BC2F-CF6941928359}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8D3DD26-F965-417A-A672-1E48D62BABB1}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8D3DD26-F965-417A-A672-1E48D62BABB1}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCA732EB-B0B3-49B1-91EB-1548D5767CDB}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCA732EB-B0B3-49B1-91EB-1548D5767CDB}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF7648FD-00C8-405C-BB5D-919EFC2862EB}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF7648FD-00C8-405C-BB5D-919EFC2862EB}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C41248BD-9C29-4644-99D9-84466F64D1EA} => sleutel niet gevonden
C:\WINDOWS\System32\Tasks\DistromaticSearchProtect-hourly => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DistromaticSearchProtect-hourly" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D499C78F-FDAF-4FFC-B7AA-1B2CF5BCE8F8}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D499C78F-FDAF-4FFC-B7AA-1B2CF5BCE8F8}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF3EF9D1-44F8-4442-ADCC-40BBB8830744}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF3EF9D1-44F8-4442-ADCC-40BBB8830744}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E84707A9-4FB5-46F5-8ED8-0397C372B61D}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E84707A9-4FB5-46F5-8ED8-0397C372B61D}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E864D643-EAFF-4C50-B3F0-212D012A0B5B}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E864D643-EAFF-4C50-B3F0-212D012A0B5B}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\{83846223-9E34-4ABA-AC24-22397489AB4A} => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{83846223-9E34-4ABA-AC24-22397489AB4A}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1C04BAB-038A-4BBF-B2E1-F346226D38D1}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1C04BAB-038A-4BBF-B2E1-F346226D38D1}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => is succesvol verwijderd
C:\ProgramData\Temp => ":4CF61E54" ADS is succesvol verwijderd
C:\ProgramData\Temp => ":E1F04E8D" ADS is succesvol verwijderd
"HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.exe" => is succesvol verwijderd
"HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.scr" => is succesvol verwijderd
"HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.bat" => is succesvol verwijderd
"HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.com" => is succesvol verwijderd
"HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.cmd" => is succesvol verwijderd
"HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Classes\.reg" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ares" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_TRAY" => is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36216A61-E996-4726-945E-23690E71CEB4} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3A7448B-D5D6-465D-AACF-472ACA606655} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3F5FF4C-7CEE-4E42-A04D-66FC64DDED4C} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D49AE53D-2EA3-4A29-A17D-EEA6A55B81A5} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08ECBEAA-1D73-4336-85D8-281119BC3C48} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B4F8F240-ABE3-4861-9F7E-4D8466E4E3ED} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6030C793-C05B-44DC-838A-155294A8B464} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA0A7891-8D9F-4B11-9D2E-DD6C753E5016} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BEC82C4-2867-4756-958A-3E80E9075440} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{37C9361A-38CB-4EAE-929F-C6889B73402E} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A16D73F4-7AA0-4B79-B295-8EBFC681C5B9} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FBB9971-C7C0-49BF-A134-3BF812274416} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77E2B6E0-4AE4-4756-8FF3-E633E742932C} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6531B2D-7C1D-4D1B-9463-7EC9C2860ABD} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{923726E8-F625-4C73-9232-775519FCFF5F}C:\program files (x86)\ares\ares.exe => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8A8E1CFE-56F5-40EA-AFD9-13B87EB199BE}C:\program files (x86)\ares\ares.exe => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{43F1AB6F-E64D-43B4-BAA9-A41BBA9B4BBF}C:\program files (x86)\ares\ares.exe => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F6A94683-B969-4E44-A5FB-58F96224F72F}C:\program files (x86)\ares\ares.exe => waarde is succesvol verwijderd
=> Fout: Geen automatische fix gevonden voor dit item.
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 119602673 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 4182610 B
Edge => 665468792 B
Chrome => 37396659 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 4102 B
NetworkService => 5010 B
nicole => 17776701 B
UpdatusUser => 33058 B
DefaultAppPool => 33058 B
RecycleBin => 114463 B
EmptyTemp: => 812.5 MB tijdelijke gegevens verwijderd.
================================
Resultaat van geplande bestanden te verplaatsen (Boot Modus: Normal) (Datum&Tijd: 24-12-2017 16:05:24)
C:\Program Files (x86)\AVG => is succesvol verplaatst
C:\ProgramData\Avg => is succesvol verplaatst
==== Eind van Fixlog 16:05:25 ====

abbs
Lid geworden op: 16 dec 2016, 13:49
Locatie: Leidschendam
Contacteer:

24 dec 2017, 16:52

Hallo,

\We gaan kijken of alles weg is:

Dubbelklik op Afbeelding FRST64.exe om de tool te starten.
Zorg dat de optie "Addition.txt" is aangevinkt.
Druk op de knop Scannen.
Na de scan worden 2 logbestanden gemaakt, "FRST.txt" en "Addition.txt" op dezelfde plaats vanwaar de 'tool' is gestart.
Voeg deze log bestanden weer in twee antwoorden.
Groeten abbs
Afbeelding
Member of UNITE (Unified Network of Instructors and Trained Eliminators)

ghislaine*
Lid geworden op: 27 jan 2005, 13:39
Locatie: Menen

25 dec 2017, 09:38

Hello,

Hierbij de logs:

1. addition

Ghis

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 23-12-2017 01
Gestart door nicole (Beheerder) op NICOLE-PC (25-12-2017 09:27:09)
Gestart vanaf C:\Users\nicole\Desktop
Geladen Profielen: nicole (Beschikbare Profielen: nicole & UpdatusUser & DefaultAppPool)
Platform: Windows 10 Home Versie 1703 15063.786 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Edge)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-02] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-26] (Google Inc.)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [425984 2009-08-05] ()
Startup: C:\Users\nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk [2010-07-12]
ShortcutTarget: OneNote 2007 Schermopname en Snel starten.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{447b939a-f47a-43ec-af75-c5156ba64658}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.be/search?sourceid=ie7&q={se ... BE386BE388
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {A8011874-C91C-4B1F-9A52-0B2C192C7B07} URL = hxxp://www.tntcit.be/tools/searchengines/reftr ... earchTerms}
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
BHO: Geen Naam -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Geen bestand
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Geen Naam -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Geen bestand
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-23] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-23] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> Geen Naam - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Geen bestand
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {19D6A3D5-EA50-4C3B-88F0-79627C325570} hxxp://iloapp.fotoclub-kiknu-wervik.be/gallery/executable/IlosoftMultipleImageUpload.dll
DPF: HKLM-x32 {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} hxxp://www.extrafilm.be/ExtraFilmUploader6.cab
DPF: HKLM-x32 {CB50428B-657F-47DF-9B32-671F82AA73F7} hxxp://www.photodex.com/pxplay.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Geen bestand
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2017-03-23] [Verouderd]
FF HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Firefox\Extensions: [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}] - C:\Program Files (x86)\ViewPassword\134.xpi => niet gevonden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default ->  Not-active:"chrome-extension://moghnflhlcpjkjkpnpgebffcjbmifljk/stubby.html"
CHR DefaultSearchURL: Default -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&redirect=CPC
CHR DefaultSearchKeyword: Default -> askwebsearch
CHR DefaultSuggestURL: Default -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}
CHR Profile: C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default [2017-12-24]
CHR Extension: (Ask Web Search) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgadloddempmemeinnpmhfopklhiaedh [2017-11-02]
CHR Extension: (CreateDocsOnline) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\moghnflhlcpjkjkpnpgebffcjbmifljk [2017-12-17]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-18]
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Bestand niet getekend]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Bestand niet getekend]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Bestand niet getekend]
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend]
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-14] (Microsoft Corporation)
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-03] (AVG Technologies)
R1 MpKsl01c0f7f7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7E7FE044-6188-41C4-A94C-6B5E29F3B1F9}\MpKsl01c0f7f7.sys [58120 2017-12-23] (Microsoft Corporation)
R1 MpKslfb56a295; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0F5CD6F-C090-4995-801E-AAFE26BFE023}\MpKslfb56a295.sys [58120 2017-12-24] (Microsoft Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R2 TurboB; C:\WINDOWS\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; geen ImagePath
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-12-25 09:27 - 2017-12-25 09:28 - 000016363 _____ C:\Users\nicole\Desktop\FRST.txt
2017-12-25 09:09 - 2017-12-25 09:09 - 000000000 ___HD C:\OneDriveTemp
2017-12-24 15:52 - 2017-12-24 16:05 - 000031575 _____ C:\Users\nicole\Desktop\Fixlog.txt
2017-12-24 15:51 - 2017-12-24 15:51 - 000000000 ____D C:\Users\nicole\Desktop\FRST-OlderVersion
2017-12-24 15:32 - 2017-12-24 15:32 - 000000000 ____D C:\Users\nicole\Documents\Add-in Express
2017-12-23 13:23 - 2017-12-24 15:51 - 002392064 _____ (Farbar) C:\Users\nicole\Desktop\FRST64.exe
2017-12-21 13:59 - 2017-12-21 13:59 - 000000000 ____D C:\Program Files\Common Files\AVG
2017-12-18 11:35 - 2017-12-18 11:35 - 000001886 _____ C:\Users\nicole\Desktop\IMGfotosneeuw1_1304 - Snelkoppeling.lnk
2017-12-18 11:35 - 2017-12-18 11:35 - 000001654 _____ C:\Users\nicole\Desktop\IMG_5881sneeuw2 - Snelkoppeling.lnk
2017-12-18 11:16 - 2017-11-30 04:33 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-18 11:16 - 2017-11-30 04:33 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-18 11:16 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-12-18 11:16 - 2017-11-30 04:29 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-18 11:16 - 2017-11-30 04:26 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-18 11:16 - 2017-11-30 04:24 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-18 11:16 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-18 11:16 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-12-18 11:16 - 2017-11-30 04:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-18 11:16 - 2017-11-30 03:59 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-18 11:16 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-18 11:16 - 2017-11-30 03:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-18 11:16 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-12-18 11:16 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-12-18 11:16 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-18 11:16 - 2017-11-30 03:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-18 11:16 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-18 11:16 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-12-18 11:16 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-18 11:16 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-18 11:16 - 2017-11-30 03:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-12-18 11:16 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-18 11:16 - 2017-11-30 03:40 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-18 11:16 - 2017-11-30 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 008195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-18 11:16 - 2017-11-30 03:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-18 11:16 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-12-16 14:22 - 2017-12-16 14:28 - 000012828 _____ C:\Users\nicole\Downloads\FRST.txt
2017-12-16 14:21 - 2017-12-25 09:27 - 000000000 ____D C:\FRST
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-12-25 09:28 - 2017-07-14 09:36 - 000004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5855ED69-F1FF-41AA-BDB6-617C2AB1B7C1}
2017-12-25 09:11 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-25 09:09 - 2016-06-05 14:14 - 000000000 ___RD C:\Users\nicole\OneDrive
2017-12-24 16:02 - 2017-07-14 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-24 15:57 - 2017-07-14 09:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-24 15:57 - 2015-10-29 13:03 - 000000000 ____D C:\Users\nicole\AppData\Roaming\AVG
2017-12-24 15:57 - 2015-06-03 08:47 - 000000000 ____D C:\Users\nicole\AppData\Local\Avg
2017-12-24 15:56 - 2017-09-30 18:32 - 000000000 ____D C:\$WINDOWS.~BT
2017-12-24 15:56 - 2017-07-14 09:09 - 000000000 ____D C:\Users\nicole
2017-12-24 15:56 - 2017-07-13 12:05 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-24 15:56 - 2017-03-18 12:40 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2017-12-24 15:55 - 2010-10-24 08:52 - 000000000 ____D C:\Users\nicole\AppData\LocalLow\Temp
2017-12-23 13:29 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-22 16:37 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-22 16:26 - 2010-07-03 17:05 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-20 17:35 - 2017-06-15 10:13 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-20 17:35 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-20 16:16 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-18 17:52 - 2016-06-05 14:00 - 000000000 ____D C:\Users\nicole\AppData\Local\Packages
2017-12-18 17:35 - 2017-07-14 09:58 - 000000000 ____D C:\Windows.old
2017-12-18 10:24 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-12-18 09:19 - 2013-08-14 10:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-17 13:46 - 2017-10-11 11:55 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-17 13:46 - 2010-07-04 12:15 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-17 13:20 - 2015-08-23 13:17 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-17 13:20 - 2015-08-23 13:17 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-16 16:31 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-16 16:31 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-16 16:19 - 2017-07-14 09:09 - 000000000 ____D C:\Users\UpdatusUser
2017-12-16 16:19 - 2017-07-14 09:09 - 000000000 ____D C:\Users\DefaultAppPool
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-12-16 16:19 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-16 16:19 - 2016-09-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-16 16:19 - 2015-04-08 14:58 - 000000000 ____D C:\WINDOWS\SysWOW64\beidpp
2017-12-16 16:19 - 2012-08-24 12:16 - 000000000 ____D C:\WINDOWS\system32\SPReview
2017-12-16 16:19 - 2012-08-24 12:15 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2017-12-16 16:19 - 2011-01-17 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
2017-12-16 16:19 - 2009-11-26 18:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2017-12-16 16:19 - 2009-11-26 18:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-12-16 16:19 - 2009-11-26 18:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-12-16 16:19 - 2007-10-10 22:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
2017-12-16 16:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-16 16:18 - 2016-12-22 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-12-16 16:18 - 2016-10-22 08:40 - 000000000 ____D C:\Program Files (x86)\Amazon Browser Settings
2017-12-16 16:18 - 2016-02-29 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-12-16 16:18 - 2015-10-30 19:08 - 000000000 ____D C:\WINDOWS\ShellNew
2017-12-16 16:18 - 2015-05-14 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-16 16:18 - 2015-04-08 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
2017-12-16 16:18 - 2013-03-16 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-16 16:18 - 2012-01-05 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-12-16 16:18 - 2011-07-27 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-12-16 16:18 - 2010-10-07 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS3
2017-12-16 16:18 - 2010-07-23 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-16 16:18 - 2010-07-23 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Roaming\SoftDMA
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Roaming\PowerCinema
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Local\PlayMovie
2017-12-16 16:18 - 2010-06-30 14:17 - 000000000 ____D C:\ProgramData\FLEXnet
2017-12-16 16:18 - 2010-06-29 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2017-12-16 16:18 - 2010-06-29 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2017-12-16 16:18 - 2010-06-29 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-12-16 16:18 - 2009-11-26 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2017-12-16 16:18 - 2009-11-26 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2017-12-16 16:18 - 2009-11-26 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2017-12-16 16:18 - 2009-11-26 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2017-12-16 16:18 - 2007-10-10 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-16 16:01 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\registration
2017-12-16 15:58 - 2017-07-14 09:33 - 000000000 ____D C:\WINDOWS\system32\msmq
2017-12-13 16:48 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-08 10:39 - 2017-07-28 09:29 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3769809095-3783424619-1328341166-1000
2017-12-08 10:39 - 2016-06-05 14:14 - 000002433 _____ C:\Users\nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-05 09:14 - 2017-03-03 10:35 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.151246172218702
2017-12-02 03:25 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-02 03:25 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-30 10:56 - 2016-04-07 12:20 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-25 16:56 - 2017-07-14 09:07 - 002316558 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-25 16:56 - 2017-03-20 04:54 - 001018582 _____ C:\WINDOWS\system32\perfh013.dat
2017-11-25 16:56 - 2017-03-20 04:54 - 000231652 _____ C:\WINDOWS\system32\perfc013.dat
2017-11-25 16:54 - 2016-06-05 14:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-25 16:51 - 2017-07-14 09:02 - 005243400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Bestanden in de root van sommige mappen =======
2009-11-26 18:31 - 2009-02-10 21:23 - 000192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2010-07-12 15:36 - 2016-09-05 18:29 - 000000778 _____ () C:\Users\nicole\AppData\Roaming\wklnhst.dat
2011-01-17 17:08 - 2012-08-17 09:46 - 000026624 _____ () C:\Users\nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-03 09:53 - 2015-07-03 09:53 - 000000000 _____ () C:\Users\nicole\AppData\Local\{F6678F8A-6392-4475-B946-B2518DE34657}
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2017-12-17 13:38
==================== Eind van FRST.txt ============================

ghislaine*
Lid geworden op: 27 jan 2005, 13:39
Locatie: Menen

25 dec 2017, 09:43

Abbs,

hierbij de first:

ghis

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 23-12-2017 01
Gestart door nicole (Beheerder) op NICOLE-PC (25-12-2017 09:39:29)
Gestart vanaf C:\Users\nicole\Desktop
Geladen Profielen: nicole (Beschikbare Profielen: nicole & UpdatusUser & DefaultAppPool)
Platform: Windows 10 Home Versie 1703 15063.786 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Edge)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8098848 2009-09-02] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-26] (Google Inc.)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe [615808 2009-09-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [425984 2009-08-05] ()
Startup: C:\Users\nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk [2010-07-12]
ShortcutTarget: OneNote 2007 Schermopname en Snel starten.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{447b939a-f47a-43ec-af75-c5156ba64658}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE15
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.be/search?sourceid=ie7&q={se ... BE386BE388
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {A8011874-C91C-4B1F-9A52-0B2C192C7B07} URL = hxxp://www.tntcit.be/tools/searchengines/reftr ... earchTerms}
SearchScopes: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bi ... earchTerms}
BHO: Geen Naam -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Geen bestand
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Geen Naam -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> Geen bestand
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-23] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-23] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3769809095-3783424619-1328341166-1000 -> Geen Naam - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Geen bestand
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {19D6A3D5-EA50-4C3B-88F0-79627C325570} hxxp://iloapp.fotoclub-kiknu-wervik.be/gallery/executable/IlosoftMultipleImageUpload.dll
DPF: HKLM-x32 {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} hxxp://www.extrafilm.be/ExtraFilmUploader6.cab
DPF: HKLM-x32 {CB50428B-657F-47DF-9B32-671F82AA73F7} hxxp://www.photodex.com/pxplay.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Geen bestand
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF Extension: (Belgium eID) - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2017-03-23] [Verouderd]
FF HKU\S-1-5-21-3769809095-3783424619-1328341166-1000\...\Firefox\Extensions: [{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}] - C:\Program Files (x86)\ViewPassword\134.xpi => niet gevonden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa2.dll [2008-08-21] (Google, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Picasa2\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default ->  Not-active:"chrome-extension://moghnflhlcpjkjkpnpgebffcjbmifljk/stubby.html"
CHR DefaultSearchURL: Default -> hxxps://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&redirect=CPC
CHR DefaultSearchKeyword: Default -> askwebsearch
CHR DefaultSuggestURL: Default -> hxxps://ss.search.ask.com/ss?li=ff&sstype=prefix&limit=10&hl=en&q={searchTerms}
CHR Profile: C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default [2017-12-24]
CHR Extension: (Ask Web Search) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgadloddempmemeinnpmhfopklhiaedh [2017-11-02]
CHR Extension: (CreateDocsOnline) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\moghnflhlcpjkjkpnpgebffcjbmifljk [2017-12-17]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\nicole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-18]
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Bestand niet getekend]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Bestand niet getekend]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Bestand niet getekend]
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend]
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-14] (Microsoft Corporation)
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-03] (AVG Technologies)
R1 MpKsl01c0f7f7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7E7FE044-6188-41C4-A94C-6B5E29F3B1F9}\MpKsl01c0f7f7.sys [58120 2017-12-23] (Microsoft Corporation)
R1 MpKslfb56a295; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0F5CD6F-C090-4995-801E-AAFE26BFE023}\MpKslfb56a295.sys [58120 2017-12-24] (Microsoft Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R2 TurboB; C:\WINDOWS\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; geen ImagePath
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-12-25 09:28 - 2017-12-25 09:31 - 000047696 _____ C:\Users\nicole\Desktop\Addition.txt
2017-12-25 09:27 - 2017-12-25 09:39 - 000016964 _____ C:\Users\nicole\Desktop\FRST.txt
2017-12-25 09:09 - 2017-12-25 09:09 - 000000000 ___HD C:\OneDriveTemp
2017-12-24 15:52 - 2017-12-24 16:05 - 000031575 _____ C:\Users\nicole\Desktop\Fixlog.txt
2017-12-24 15:51 - 2017-12-24 15:51 - 000000000 ____D C:\Users\nicole\Desktop\FRST-OlderVersion
2017-12-24 15:32 - 2017-12-24 15:32 - 000000000 ____D C:\Users\nicole\Documents\Add-in Express
2017-12-23 13:23 - 2017-12-24 15:51 - 002392064 _____ (Farbar) C:\Users\nicole\Desktop\FRST64.exe
2017-12-21 13:59 - 2017-12-21 13:59 - 000000000 ____D C:\Program Files\Common Files\AVG
2017-12-18 11:35 - 2017-12-18 11:35 - 000001886 _____ C:\Users\nicole\Desktop\IMGfotosneeuw1_1304 - Snelkoppeling.lnk
2017-12-18 11:35 - 2017-12-18 11:35 - 000001654 _____ C:\Users\nicole\Desktop\IMG_5881sneeuw2 - Snelkoppeling.lnk
2017-12-18 11:16 - 2017-11-30 04:33 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-18 11:16 - 2017-11-30 04:33 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-18 11:16 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-12-18 11:16 - 2017-11-30 04:29 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-18 11:16 - 2017-11-30 04:26 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-18 11:16 - 2017-11-30 04:24 - 000870896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-18 11:16 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-18 11:16 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-12-18 11:16 - 2017-11-30 04:00 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-18 11:16 - 2017-11-30 03:59 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-18 11:16 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-18 11:16 - 2017-11-30 03:58 - 000702032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-18 11:16 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-12-18 11:16 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-12-18 11:16 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-18 11:16 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-18 11:16 - 2017-11-30 03:43 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-18 11:16 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-18 11:16 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-12-18 11:16 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-18 11:16 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-18 11:16 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-18 11:16 - 2017-11-30 03:42 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-12-18 11:16 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-18 11:16 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-18 11:16 - 2017-11-30 03:40 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-18 11:16 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-18 11:16 - 2017-11-30 03:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-18 11:16 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 008195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-12-18 11:16 - 2017-11-30 03:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 006252544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-18 11:16 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 004726784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 003652096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-18 11:16 - 2017-11-30 03:36 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-18 11:16 - 2017-11-30 03:35 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-18 11:16 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-12-16 14:22 - 2017-12-16 14:28 - 000012828 _____ C:\Users\nicole\Downloads\FRST.txt
2017-12-16 14:21 - 2017-12-25 09:39 - 000000000 ____D C:\FRST
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-12-25 09:28 - 2017-07-14 09:36 - 000004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5855ED69-F1FF-41AA-BDB6-617C2AB1B7C1}
2017-12-25 09:11 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-25 09:09 - 2016-06-05 14:14 - 000000000 ___RD C:\Users\nicole\OneDrive
2017-12-24 16:02 - 2017-07-14 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-24 15:57 - 2017-07-14 09:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-24 15:57 - 2015-10-29 13:03 - 000000000 ____D C:\Users\nicole\AppData\Roaming\AVG
2017-12-24 15:57 - 2015-06-03 08:47 - 000000000 ____D C:\Users\nicole\AppData\Local\Avg
2017-12-24 15:56 - 2017-09-30 18:32 - 000000000 ____D C:\$WINDOWS.~BT
2017-12-24 15:56 - 2017-07-14 09:09 - 000000000 ____D C:\Users\nicole
2017-12-24 15:56 - 2017-07-13 12:05 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-24 15:56 - 2017-03-18 12:40 - 002097152 _____ C:\WINDOWS\system32\config\BBI
2017-12-24 15:55 - 2010-10-24 08:52 - 000000000 ____D C:\Users\nicole\AppData\LocalLow\Temp
2017-12-23 13:29 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-12-22 16:37 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-22 16:26 - 2010-07-03 17:05 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-12-20 17:35 - 2017-06-15 10:13 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-12-20 17:35 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-20 16:16 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-18 17:52 - 2016-06-05 14:00 - 000000000 ____D C:\Users\nicole\AppData\Local\Packages
2017-12-18 17:35 - 2017-07-14 09:58 - 000000000 ____D C:\Windows.old
2017-12-18 10:24 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-12-18 09:19 - 2013-08-14 10:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-17 13:46 - 2017-10-11 11:55 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-17 13:46 - 2010-07-04 12:15 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-17 13:20 - 2015-08-23 13:17 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-17 13:20 - 2015-08-23 13:17 - 000002284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-16 16:31 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-16 16:31 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-16 16:19 - 2017-07-14 09:09 - 000000000 ____D C:\Users\UpdatusUser
2017-12-16 16:19 - 2017-07-14 09:09 - 000000000 ____D C:\Users\DefaultAppPool
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-16 16:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-12-16 16:19 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-16 16:19 - 2016-09-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-16 16:19 - 2015-04-08 14:58 - 000000000 ____D C:\WINDOWS\SysWOW64\beidpp
2017-12-16 16:19 - 2012-08-24 12:16 - 000000000 ____D C:\WINDOWS\system32\SPReview
2017-12-16 16:19 - 2012-08-24 12:15 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2017-12-16 16:19 - 2011-01-17 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
2017-12-16 16:19 - 2009-11-26 18:57 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2
2017-12-16 16:19 - 2009-11-26 18:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-12-16 16:19 - 2009-11-26 18:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-12-16 16:19 - 2007-10-10 22:18 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
2017-12-16 16:18 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-16 16:18 - 2016-12-22 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-12-16 16:18 - 2016-10-22 08:40 - 000000000 ____D C:\Program Files (x86)\Amazon Browser Settings
2017-12-16 16:18 - 2016-02-29 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-12-16 16:18 - 2015-10-30 19:08 - 000000000 ____D C:\WINDOWS\ShellNew
2017-12-16 16:18 - 2015-05-14 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-16 16:18 - 2015-04-08 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
2017-12-16 16:18 - 2013-03-16 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-16 16:18 - 2012-01-05 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-12-16 16:18 - 2011-07-27 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-12-16 16:18 - 2010-10-07 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Premium CS3
2017-12-16 16:18 - 2010-07-23 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-12-16 16:18 - 2010-07-23 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Roaming\SoftDMA
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Roaming\PowerCinema
2017-12-16 16:18 - 2010-07-07 14:39 - 000000000 ____D C:\Users\nicole\AppData\Local\PlayMovie
2017-12-16 16:18 - 2010-06-30 14:17 - 000000000 ____D C:\ProgramData\FLEXnet
2017-12-16 16:18 - 2010-06-29 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2017-12-16 16:18 - 2010-06-29 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2017-12-16 16:18 - 2010-06-29 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-12-16 16:18 - 2009-11-26 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2017-12-16 16:18 - 2009-11-26 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2017-12-16 16:18 - 2009-11-26 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2017-12-16 16:18 - 2009-11-26 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager
2017-12-16 16:18 - 2007-10-10 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-16 16:01 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\registration
2017-12-16 15:58 - 2017-07-14 09:33 - 000000000 ____D C:\WINDOWS\system32\msmq
2017-12-13 16:48 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-08 10:39 - 2017-07-28 09:29 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3769809095-3783424619-1328341166-1000
2017-12-08 10:39 - 2016-06-05 14:14 - 000002433 _____ C:\Users\nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-05 09:14 - 2017-03-03 10:35 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.151246172218702
2017-12-02 03:25 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-02 03:25 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-30 10:56 - 2016-04-07 12:20 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-25 16:56 - 2017-07-14 09:07 - 002316558 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-25 16:56 - 2017-03-20 04:54 - 001018582 _____ C:\WINDOWS\system32\perfh013.dat
2017-11-25 16:56 - 2017-03-20 04:54 - 000231652 _____ C:\WINDOWS\system32\perfc013.dat
2017-11-25 16:54 - 2016-06-05 14:01 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-25 16:51 - 2017-07-14 09:02 - 005243400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Bestanden in de root van sommige mappen =======
2009-11-26 18:31 - 2009-02-10 21:23 - 000192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2010-07-12 15:36 - 2016-09-05 18:29 - 000000778 _____ () C:\Users\nicole\AppData\Roaming\wklnhst.dat
2011-01-17 17:08 - 2012-08-17 09:46 - 000026624 _____ () C:\Users\nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-03 09:53 - 2015-07-03 09:53 - 000000000 _____ () C:\Users\nicole\AppData\Local\{F6678F8A-6392-4475-B946-B2518DE34657}
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2017-12-17 13:38
==================== Eind van FRST.txt ============================