Mededeling

Collapse
No announcement yet.

trage pc en veel activiteit harde schijf

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • trage pc en veel activiteit harde schijf

    Hoi

    Laptop wat aan de trage kant en regelmatig volop draaiende harde schijf.

    Zouden jullie een willen kijken of er nog wat te zien is?

    Alvast bedankt voor de tijd en moeite.

    Wat logbestanden:

    1. malwarebytes:

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 8-12-2016
    Scantijd: 21:16
    Logboekbestand: malware.txt
    Beheerder: Ja

    Versie: 2.2.1.1043
    Malware-database: v2016.12.08.13
    Rootkit-database: v2016.11.20.01
    Licentie: Proef
    Malware-bescherming: Ingeschakeld
    Bescherming tegen kwaadaardige websites: Ingeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows 8.1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Peter Wester

    Scantype: Bedreigingsscan
    Resultaat: Voltooid
    Objecten gescand: 310491
    Verstreken tijd: 20 min, 3 sec

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Uitgeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (Geen kwaadaardige items gedetecteerd)

    Modules: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutels: 26
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\TYPELIB\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{983410CC-D399-401D-BEC8-3F6623B5E8BD}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BC87ADED-E2FC-4B7E-B21B-F2578F51D78E}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{983410CC-D399-401D-BEC8-3F6623B5E8BD}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BC87ADED-E2FC-4B7E-B21B-F2578F51D78E}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\AmazonAppIE.AppGateway, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AmazonAppIE.AppGateway, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\AmazonAppIE.AppGateway, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CF2ACB80-1A7A-4642-A463-CD7583FDB0FE}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\AmazonAppIE.GatewayFactory, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AmazonAppIE.GatewayFactory, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\AmazonAppIE.GatewayFactory, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CF2ACB80-1A7A-4642-A463-CD7583FDB0FE}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\AmazonAppIE.GadgetGateway, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\CLASSES\AmazonAppIE.GadgetGateway, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\AmazonAppIE.GadgetGateway, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],

    Registerwaarden: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)

    Mappen: 12
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\de, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\en, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\en-CA, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\en-GB, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\en-US, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\es, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\fr, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\it, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\ja-JP, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\zh-CN, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],

    Bestanden: 29
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonUpdater.exe, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonUpdater.exe.config, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonUpdateTask.exe, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIEManaged.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\CommandLine.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\CommandLine.xml, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\InstallAction.exe, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\de\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\en\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\en-CA\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\en-GB\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\en-US\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\es\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\fr\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\it\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\ja-JP\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\amazon-favicon.ico, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_ca_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_cn_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_co-jp_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_co-uk_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_com_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_de_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_es_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_fr_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Resources\a_it_logo.png, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],
    PUP.Optional.Amazon1Button.AppFlsh, C:\Program Files (x86)\Amazon\Amazon1ButtonApp\zh-CN\Amazon1ButtonUpdater.resources.dll, In quarantaine, [18d5ae36f6a47bbb772db4b78878a35d],

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)

    2. adw cleaner:

    # AdwCleaner v6.040 - Logbestand aangemaakt 08/12/2016 op 21:50:04
    # Bijgewerkt op 02/12/2016 door Malwarebytes
    # Database : 2016-12-07.1 [Server]
    # Besturingssysteem : Windows 8.1 (X64)
    # Gebruikersnaam : Peter Wester - WESTER
    # Gestart vanuit : C:\Users\Peter Wester\Downloads\AdwCleaner.exe
    # Mode: Verwijderen
    # Ondersteuning : https://www.malwarebytes.com/support



    ***** [ Services ] *****

    [-] Service verwijderd: vToolbarUpdater40.3.6
    [-] Service verwijderd: WtuSystemSupport


    ***** [ Mappen ] *****

    [-] Map verwijderd: C:\Program Files\avg web tuneup
    [-] Map verwijderd: C:\Program Files\Common Files\AVG Secure Search
    [-] Map verwijderd: C:\ProgramData\avg web tuneup
    [#] Map verwijderd tijdens herstart: C:\ProgramData\Application Data\avg web tuneup
    [-] Map verwijderd: C:\Program Files (x86)\avg web tuneup
    [-] Map verwijderd: C:\Program Files (x86)\Common Files\AVG Secure Search
    [-] Map verwijderd: C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\glmfgahfleepmdfffonfckpmkondpdkg


    ***** [ Bestanden ] *****



    ***** [ DLL ] *****



    ***** [ WMI ] *****



    ***** [ Snelkoppelingen ] *****



    ***** [ Geplande Taken ] *****



    ***** [ Register ] *****

    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\AVG Tuneup
    [-] Waarde verwijderd: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [SearchSettings]
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
    [-] Sleutel verwijderd: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin


    ***** [ Browsers ] *****



    *************************

    :: "Tracing" sleutels verwijderd
    :: Winsock instellingen gereset

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [4056 bytes] - [08/12/2016 21:50:04]
    C:\AdwCleaner\AdwCleaner[S0].txt - [4087 bytes] - [08/12/2016 21:48:09]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4202 bytes] ##########

    3. Epeek: volgt in 2e bericht

  • #2
    Epeek log:

    E-Peek v 1.9.9.0 ENHANCED 4 © Emphyrio/Onsia Patrick 2013-2016
    E Dev
    Run at do 8 dec 2016 22:02
    .
    Windows 8.1 (64 bits)
    C:\Windows [NTFS - Fixed]
    Default Browser: Google Chrome
    Boot mode: Normal boot
    User logged in: Peter Wester
    .
    Java x86: 1.7.0_55
    Java x64: 1.7.0_45
    .
    AV : Windows Defender [Updated - Not Running]
    AV : Internetbeveiliging by F-Secure [Updated - Not Running]
    AS : Internetbeveiliging by F-Secure [Updated - Not Running]
    AS : Windows Defender [Updated - Not Running]
    FW : Windows firewall
    .
    ==================== Files and Folders history =================================

    Folders Created Last 7 days :

    08-12-2016 ##### r-h-s-d+a- C:\Users\Peter Wester\AppData\Roaming\E Dev
    08-12-2016 ##### r-h-s-d+a- C:\Program Files (x86)\Malwarebytes Anti-Malware
    08-12-2016 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
    08-12-2016 ##### r-h-s-d+a- C:\AdwCleaner

    Files Modified Last 7 days :


    Files Created Last 7 days :


    ==================== RUNNING PROCESSES =========================================

    [AdminService] -SYSTEM- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - (Windows (R) Win 7 DDK provider)
    [armsvc] -SYSTEM- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - (Adobe Systems Incorporated)
    [audiodg] -LOCAL SERVICE- C:\Windows\System32\audiodg.exe - (audiodg.exe)
    [avgsvca] -SYSTEM- C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe - (AVG Technologies CZ, s.r.o.)
    [avguix] -Peter Wester- C:\Program Files (x86)\AVG\Framework\Common\avguix.exe - (AVG Technologies CZ, s.r.o.)
    [CAudioFilterAgent64] -Peter Wester- C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe - (Conexant Systems, Inc.)
    [CCleaner64] -Peter Wester- C:\Program Files\CCleaner\CCleaner64.exe - (Piriform Ltd)
    [chrome] -Peter Wester- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
    [chrome] -Peter Wester- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
    [chrome] -Peter Wester- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
    [chrome] -Peter Wester- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - (Google Inc.)
    [ClassicStartMenu] -Peter Wester- C:\Program Files\Classic Shell\ClassicStartMenu.exe - (IvoSoft)
    [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
    [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
    [CxAudMsg64] -SYSTEM- C:\Windows\system32\CxAudMsg64.exe - (Conexant Systems Inc.)
    [dasHost] -LOCAL SERVICE- C:\Windows\system32\dashost.exe - (Microsoft Corporation)
    [dllhost] -Peter Wester- C:\Windows\system32\DllHost.exe - (Microsoft Corporation)
    [dllhost] -SYSTEM- C:\Windows\SysWOW64\DllHost.exe - (Microsoft Corporation)
    [dts_apo_service] -SYSTEM- C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe - ()
    [dwm] -DWM-2- C:\Windows\System32\dwm.exe - (Microsoft Corporation)
    [E-Peek 1.9.9.0] -Peter Wester- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev)
    [explorer] -Peter Wester- C:\Windows\Explorer.EXE - (Microsoft Corporation)
    [ExpressTray] -Peter Wester- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe - (Garmin Ltd. or its subsidiaries)
    [fsgk32] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE - (F-Secure Corporation)
    [fshoster32] -Peter Wester- C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe - (F-Secure Corporation)
    [fshoster32] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe - (F-Secure Corporation)
    [FSMA32] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE - (F-Secure Corporation)
    [fsorsp] -NETWORK SERVICE- C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe - (F-Secure Corporation)
    [fssm32] -SYSTEM- C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe - (F-Secure Corporation)
    [GarminService] -SYSTEM- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe - (Garmin Ltd. or its subsidiaries)
    [HeciServer] -SYSTEM- C:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation)
    [hkcmd] -Peter Wester- C:\Windows\System32\hkcmd.exe - (Intel Corporation)
    [igfxpers] -Peter Wester- C:\Windows\System32\igfxpers.exe - (Intel Corporation)
    [igfxsrvc] -Peter Wester- C:\Windows\system32\igfxsrvc.exe - (Intel Corporation)
    [igfxtray] -Peter Wester- C:\Windows\System32\igfxtray.exe - (Intel Corporation)
    [IntelMeFWService] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe - (Intel Corporation)
    [jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation)
    [jusched] -Peter Wester- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - (Oracle Corporation)
    [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation)
    [lsass] -SYSTEM- C:\Windows\system32\lsass.exe - (Microsoft Corporation)
    [mbam] -Peter Wester- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe - (Malwarebytes)
    [mbamscheduler] -SYSTEM- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe - (Malwarebytes)
    [mbamservice] -SYSTEM- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe - (Malwarebytes)
    [mfefire] -SYSTEM- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe - (McAfee, Inc.)
    [mfevtps] -SYSTEM- C:\Windows\system32\mfevtps.exe - (McAfee, Inc.)
    [msiexec] -SYSTEM- C:\Windows\system32\msiexec.exe - (Microsoft Corporation)
    [ONENOTEM] -Peter Wester- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE - (Microsoft Corporation)
    [rundll32] -SYSTEM- C:\Windows\System32\rundll32.exe - (Microsoft Corporation)
    [SearchFilterHost] -SYSTEM- C:\Windows\system32\SearchFilterHost.exe - (Microsoft Corporation)
    [SearchIndexer] -SYSTEM- C:\Windows\system32\SearchIndexer.exe - (Microsoft Corporation)
    [SearchProtocolHost] -SYSTEM- C:\Windows\system32\SearchProtocolHost.exe - (Microsoft Corporation)
    [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe)
    [Skype] -Peter Wester- C:\Program Files (x86)\Skype\Phone\Skype.exe - (Skype Technologies S.A.)
    [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe)
    [spoolsv] -SYSTEM- C:\Windows\System32\spoolsv.exe - (Microsoft Corporation)
    [Spotify] -Peter Wester- C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe - (Spotify Ltd)
    [Spotify] -Peter Wester- C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe - (Spotify Ltd)
    [Spotify] -Peter Wester- C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe - (Spotify Ltd)
    [SpotifyCrashService] -Peter Wester- C:\Users\Peter Wester\AppData\Roaming\Spotify\SpotifyCrashService.exe - (Spotify Ltd)
    [SpotifyWebHelper] -Peter Wester- C:\Users\Peter Wester\AppData\Roaming\Spotify\SpotifyWebHelper.exe - (Spotify Ltd)
    [SynTPEnh] -Peter Wester- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - (Synaptics Incorporated)
    [SynTPHelper] -Peter Wester- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE - (Synaptics Incorporated)
    [System] -N/A- - (System)
    [taskeng] -SYSTEM- C:\Windows\system32\taskeng.exe - (Microsoft Corporation)
    [taskhostex] -Peter Wester- C:\Windows\system32\taskhostex.exe - (Microsoft Corporation)
    [TCrdMain_Win8] -Peter Wester- C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe - (TOSHIBA Corporation)
    [TeamViewer_Service] -SYSTEM- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe - (TeamViewer GmbH)
    [TecoResident] -Peter Wester- C:\Program Files\Toshiba\Teco\TecoResident.exe - (TOSHIBA Corporation)
    [TecoService] -SYSTEM- C:\Program Files\Toshiba\Teco\TecoService.exe - (Toshiba Corporation)
    [TMachInfo] -SYSTEM- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe - (TOSHIBA Corporation)
    [TODDSrv] -SYSTEM- C:\Windows\system32\TODDSrv.exe - (TOSHIBA Corporation)
    [ToshibaServiceStation] -Peter Wester- C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe - (TOSHIBA Corporation)
    [TPCHSrv] -SYSTEM- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe - (TOSHIBA Corporation)
    [TPCHWMsg] -Peter Wester- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe - (TOSHIBA Corporation)
    [UMonit64] -Peter Wester- C:\Windows\SysWOW64\UMonit64.exe - ()
    [wininit] -SYSTEM- C:\Windows\system32\wininit.exe - (Microsoft Corporation)
    [winlogon] -SYSTEM- C:\Windows\System32\WinLogon.exe - (Microsoft Corporation)
    [WmiPrvSE] -NETWORK SERVICE- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
    [WmiPrvSE] -SYSTEM- C:\Windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
    [wmpnetwk] -NETWORK SERVICE- C:\Program Files\Windows Media Player\wmpnetwk.exe - (Microsoft Corporation)

    ==================== IE PAGES ==================================================

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main
    Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Local Page = C:\Windows\SysWOW64\blank.htm
    Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes
    DefaultScope = {61226BF8-FF28-49F0-B8CC-9F58A9DE725B}

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar
    {553891B7-A0D5-4526-BE18-D3CE461D6310}
    => HKCR\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310}\InProcServer32 DefaultC:\Program Files\Classic Shell\ClassicExplorer32.dll

    ==================== IE PAGES x64 ==============================================

    HKLM\Software\Microsoft\Internet Explorer\Main
    Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Local Page = C:\Windows\System32\blank.htm
    Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
    Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

    HKLM\Software\Microsoft\Internet Explorer\SearchScopes
    DefaultScope = {61226BF8-FF28-49F0-B8CC-9F58A9DE725B}

    HKLM\Software\Microsoft\Internet Explorer\Toolbar
    {553891B7-A0D5-4526-BE18-D3CE461D6310}
    => HKCR\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310}\InProcServer32 DefaultC:\Program Files\Classic Shell\ClassicExplorer32.dll

    ==================== Auto Load =================================================

    HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit = userinit.exe,
    Shell = explorer.exe

    ==================== Auto Load x64 =============================================

    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit = C:\Windows\system32\userinit.exe,
    Shell = explorer.exe

    ==================== Browsers present ==========================================

    FIREFOX.EXE
    Google Chrome
    IEXPLORE.EXE

    ==================== Firefox ===================================================

    FF - ProfilePath - C:\Users\Peter Wester\AppData\Roaming\Mozilla\firefox\Profiles\qh9dqgpo.default

    FF - Ext: [Firefox Hotfix 20160826.01 ] - extension - [email protected] [ visible: True # active: True]
    FF - Ext: [Firefox Hello 1.4.4 ] - extension - [email protected] [ visible: False # active: False]
    FF - Ext: [Multi-process staged rollout 1.1 ] - extension - [email protected] [ visible: False # active: False]
    FF - Ext: [Pocket 1.0.4 ] - extension - [email protected] [ visible: False # active: False]
    FF - Ext: [Default 48.0.2 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} [ visible: True # active: True]
    FF - Ext: [Multi-process staged rollout 1.3 ] - extension - [email protected] [ visible: True # active: True]
    FF - Ext: [Pocket 1.0.4 ] - extension - [email protected] [ visible: True # active: True]
    FF - Ext: [Firefox Hello 3.0.0 ] - extension - [email protected] [ visible: True # active: True]

    FF - PlugIn: [Java™ Deployment Toolkit] - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
    FF - PlugIn: [Oracle® Java™ Plug-In] - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
    FF - PlugIn: [Ag Player] - c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
    FF - PlugIn: [Office Authorization] - C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL


    ==================== Google Chrome =============================================

    GC - Local State Path: C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Local State

    GC - Profile: [Default] Name: Persoon 1 - Shortcut name: - Username:

    ==================== Google Chrome Profile: Default ============================

    GC - Prefpath: C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

    GC - Homepage: n/a

    GC - Ext: [ Web Store ] version: 0.2
    Description: Ontdek fantastische apps, games, extensies en thema's voor Google Chrome.
    Path: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\resources\web_store

    GC - Ext: [ Bookmark Manager ] version: 0.1
    Description: Bookmark Manager
    Path: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\resources\bookmark_manager

    GC - Ext: [ Settings ] version: 0.2
    Description: Settings
    Path: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\resources\settings_app

    GC - Ext: [ Feedback ] version: 1.0
    Description: User feedback extension
    Path: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\resources\feedback

    GC - Ext: [ Search by F-Secure ] version: 1.9.106
    Description: Provides you the best search results in a safe manner.
    Path: gkmikccifolokanfakbeadbmgchomeli\1.9.106_0

    GC - Ext: [ CryptoTokenExtension ] version: 0.9.38
    Description: CryptoToken Component Extension
    Path: C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\resources\cryptotoken

    GC - Ext: [ Cloud Print ] version: 0.1
    Description: Cloud Print
    Path: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\resources\cloud_print

    GC - Ext: [ Chrome ] version: 0.1
    Description: Een snelle, eenvoudige en veilige webbrowser voor het moderne internet.
    Path: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\resources\chrome_app

    GC - Ext: [ Chrome PDF Viewer ] version: 1
    Description:
    Path: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\resources\pdf

    GC - Ext: [ Google Network Speech ] version: 1.0
    Description: Component extension providing speech via the Google network text-to-speech service.
    Path: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\resources\network_speech_synthesis

    GC - Ext: [ Google Hangouts ] version: 1.3.0
    Description:
    Path: C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\resources\hangout_services

    ==================== Windows Host File =========================================


    ==================== BHO =======================================================

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    {449D0D6E-2412-4E61-B68F-1CB625CD9E52}
    HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52} Default = ExplorerBHO Class
    => HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}\InProcServer32 Default = C:\Program Files\Classic Shell\ClassicExplorer32.dll

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Default = Groove GFS Browser Helper
    => HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 Default = C:\PROGRA~2\Microsoft Office\Office14\GROOVEEX.DLL

    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper
    => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files (x86)\Java\jre7\bin\ssv.dll

    {B4F3A835-0E21-4959-BA22-42B3008E02FF}
    HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
    => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL

    {DBC80044-A445-435b-BC74-9C25C1C588A9}
    HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper
    => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

    {EA801577-E6AD-4BD5-8F71-4BE0154331A4}
    HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4} Default = ClassicIEBHO Class
    => HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}\InProcServer32 Default = C:\Program Files\Classic Shell\ClassicIEDLL_32.dll

    ==================== BHO x64 ===================================================

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    {449D0D6E-2412-4E61-B68F-1CB625CD9E52}
    HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52} Default = ExplorerBHO Class
    => HKCR\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}\InProcServer32 Default = C:\Program Files\Classic Shell\ClassicExplorer64.dll

    {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} Default = Groove GFS Browser Helper
    => HKCR\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\InProcServer32 Default = C:\PROGRA~1\Microsoft Office\Office14\GROOVEEX.DLL

    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Default = Java(tm) Plug-In SSV Helper
    => HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\InProcServer32 Default = C:\Program Files\Java\jre7\bin\ssv.dll

    {B4F3A835-0E21-4959-BA22-42B3008E02FF}
    HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} Default = Office Document Cache Handler
    => HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\InProcServer32 Default = C:\PROGRA~1\Microsoft Office\Office14\URLREDIR.DLL

    {DBC80044-A445-435b-BC74-9C25C1C588A9}
    HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Default = Java(tm) Plug-In 2 SSV Helper
    => HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\InProcServer32 Default = C:\Program Files\Java\jre7\bin\jp2ssv.dll

    {EA801577-E6AD-4BD5-8F71-4BE0154331A4}
    HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4} Default = ClassicIEBHO Class
    => HKCR\CLSID\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}\InProcServer32 Default = C:\Program Files\Classic Shell\ClassicIEDLL_64.dll

    ==================== Auto Start Programs =======================================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    AvgUi = "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
    ITSecMng = C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    TSVU = "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"

    HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    GarminExpressTrayApp = "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    Skype = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    Spotify = "C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
    Spotify Web Helper = "C:\Users\Peter Wester\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

    ==================== Auto Start Programs x64 ===================================

    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    BCSSync = "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    cAudioFilterAgent = C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
    HotKeysCmds = "C:\Windows\system32\hkcmd.exe"
    IgfxTray = "C:\Windows\system32\igfxtray.exe"
    Persistence = "C:\Windows\system32\igfxpers.exe"
    SmartAudio = C:\Program Files\CONEXANT\SAII\SACpl.exe /t
    SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    TCrdMain = C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
    TecoResident = C:\Program Files\TOSHIBA\Teco\TecoResident.exe
    TosWaitSrv = C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
    TSSSrv = C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled]
    = 4
    BCSSync = 2
    cAudioFilterAgent = 2
    HotKeysCmds = 2
    IgfxTray = 2
    Logitech Download Assistant = 2
    Persistence = 2
    SmartAudio = 2
    SynTPEnh = 2
    TCrdMain = 2
    TecoResident = 2
    TosWaitSrv = 2
    TSSSrv = 2
    Adobe ARM = 2
    APSDaemon = 2
    AVG_UI = 2
    AvgUi = 2
    F-Secure Hoster (45123) = 2
    F-Secure Manager = 2
    ITSecMng = 2
    QuickTime Task = 2
    SunJavaUpdateSched = 2
    TSVU = 2
    B1.BAT = 4

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    GarminExpressTrayApp = "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    Skype = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    Spotify = "C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
    Spotify Web Helper = "C:\Users\Peter Wester\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

    Startup - C:\Users\Peter Wester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
    ==================== Extra Items IE ============================================

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

    ==================== Extra Items IE x64 ========================================

    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

    ==================== Internet Default Prefix ===================================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    Default = http://

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes
    WWW = http://

    ==================== Internet Default Prefix x64 ===============================

    HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    Default = http://

    HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes
    WWW = http://

    ==================== Protocol Hijackers ========================================

    HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Filter\text/xml
    CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
    => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown


    ==================== Protocol Hijackers x64 ====================================

    HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml
    CLSID = {807573E5-5146-11D5-A672-00B0D022E945}
    => SOFTWARE\Classes\\CLSID\{807573E5-5146-11D5-A672-00B0D022E945}\InProcServer32 @ Default = C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL <= Unknown


    ==================== ShellServiceObjectDelayLoad ===============================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


    ==================== ShellServiceObjectDelayLoad x64 =========================

    HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


    ==================== Extra (Torpig/ConduitSearch) ==============================

    HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D}
    => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\Windows\system32\shell32.dll

    HKCR\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook @ Default = {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B}
    => HKCR\CLSID\{DB70412E-EEC9-479C-BBA9-BE36BFDDA41B}\InProcServer32 @ Default = C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

    HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
    => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\Windows\system32\ntshrui.dll


    ==================== DRIVERS and SERVICES ======================================

    *** Win32OwnProcess ***

    SERV - R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
    SERV - R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe
    SERV - R2 - [avgsvc] - AVG Service - c:\program files (x86)\avg\framework\common\avgsvca.exe
    SERV - R2 - [CxAudMsg] - Conexant Audio Message Service - c:\windows\system32\cxaudmsg64.exe
    SERV - R2 - [dts_apo_service] - DTS APO Service - c:\program files (x86)\dts, inc\dts studio sound\dts_apo_service.exe
    SERV - R2 - [fshoster] - F-Secure Dll Hoster - c:\program files (x86)\internetbeveiliging\fshoster32.exe
    SERV - R2 - [FSORSPClient] - F-Secure ORSP Client - c:\program files (x86)\internetbeveiliging\apps\ccf_reputation\fsorsp.exe
    SERV - R2 - [Garmin Device Interaction Service] - Garmin Device Interaction Service - c:\program files (x86)\garmin\device interaction service\garminservice.exe
    SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
    SERV - R2 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe
    SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
    SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
    SERV - R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe
    SERV - R2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
    SERV - R2 - [mfefire] - McAfee Firewall Core Service - c:\program files\common files\mcafee\systemcore\\mfefire.exe
    SERV - R2 - [mfevtp] - McAfee Validation Trust Protection Service - c:\windows\system32\mfevtps.exe
    SERV - R2 - [TeamViewer9] - TeamViewer 9 - c:\program files (x86)\teamviewer\version9\teamviewer_service.exe
    SERV - R2 - [TODDSrv] - TOSHIBA Optical Disc Drive Service - c:\windows\system32\toddsrv.exe
    SERV - R2 - [TOSHIBA eco Utility Service] - TOSHIBA eco Utility Service - c:\program files\toshiba\teco\tecoservice.exe
    SERV - R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
    SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
    SERV - R3 - [FSMA] - FSMA - c:\program files (x86)\internetbeveiliging\apps\computersecurity\common\fsma32.exe
    SERV - R3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
    SERV - R3 - [TMachInfo] - TMachInfo - c:\program files\toshiba\toshiba service station\tmachinfo.exe
    SERV - R3 - [TPCHSrv] - TPCH Service - c:\program files\toshiba\tphm\tpchsrv.exe
    SERV - S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
    SERV - S2 - [LiveUpdateSvc] - LiveUpdate - c:\program files (x86)\iobit\liveupdate\liveupdate.exe
    SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
    SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
    SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
    SERV - S3 - [cphs] - Intel(R) Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
    SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
    SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
    SERV - S3 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe
    SERV - S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
    SERV - S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe
    SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
    SERV - S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe
    SERV - S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - c:\program files\microsoft office\office14\groove.exe
    SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
    SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
    SERV - S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
    SERV - S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
    SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
    SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
    SERV - S3 - [TemproMonitoringService] - TEMPRO Service - c:\program files (x86)\toshiba tempro\temprosvc.exe
    SERV - S3 - [TOSHIBA Bluetooth Service] - TOSHIBA Bluetooth Service - c:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtsrv.exe
    SERV - S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
    SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
    SERV - S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
    SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
    SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
    SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
    SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
    SERV - S4 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe

    *** Win32ShareProcess ***

    SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
    SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
    SERV - S3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
    SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
    SERV - S4 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
    SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

    *** Others ***

    SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
    SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

    *** File System Driver ***

    DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
    DRV - R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
    DRV - R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
    DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys
    DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
    DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
    DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys

    *** Kernel Driver ***

    DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\Windows\system32\Drivers\ACPI.sys
    DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys
    DRV - R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys
    DRV - R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
    DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\Windows\system32\Drivers\disk.sys
    DRV - R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys
    DRV - R0 - [fsbts] - fsbts - C:\Windows\system32\Drivers\fsbts.sys
    DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
    DRV - R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys
    DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\Windows\system32\Drivers\intelpep.sys
    DRV - R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
    DRV - R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
    DRV - R0 - [mfehidk] - McAfee Inc. mfehidk - C:\Windows\system32\Drivers\mfehidk.sys
    DRV - R0 - [mfewfpk] - McAfee Inc. mfewfpk - C:\Windows\system32\Drivers\mfewfpk.sys
    DRV - R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
    DRV - R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
    DRV - R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
    DRV - R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
    DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\Windows\system32\Drivers\pci.sys
    DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
    DRV - R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys
    DRV - R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
    DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\Windows\system32\Drivers\spaceport.sys
    DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\Windows\system32\Drivers\Tcpip.sys
    DRV - R0 - [tos_sps64] - TOSHIBA tos_sps64 Service - C:\Windows\system32\Drivers\tos_sps64.sys
    DRV - R0 - [TVALZ] - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver - C:\Windows\system32\Drivers\TVALZ.sys [x]
    DRV - R0 - [TVALZFL] - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver - C:\Windows\system32\Drivers\TVALZFL.sys
    DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys
    DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\Windows\system32\Drivers\volmgr.sys
    DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
    DRV - R0 - [volsnap] - Opslagvolumes - C:\Windows\system32\Drivers\volsnap.sys
    DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
    DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys
    DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
    DRV - R1 - [Beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
    DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\Windows\system32\Drivers\tdx.sys
    DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys
    DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
    DRV - S0 - [mfeelamk] - McAfee Inc. mfeelamk - C:\Windows\system32\Drivers\mfeelamk.sys
    DRV - S3 - [atapi] - IDE-kanaal - C:\Windows\system32\Drivers\atapi.sys

    ==================== SvcHost - White Listed ====================================

    WOW x64 - All Ok

    ==================== SvcHost x64 - White Listed ================================

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
    BthHFSrv = ServiceDll = C:\Windows\System32\BthHFSrv.dll [9307a4b743d277c499cda8e19e5687ac]

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
    DiagTrack = ServiceDll = C:\Windows\system32\diagtrack.dll [0ac9f83a5508935de89c447473085eea]



    ==================== SigCheck x86 Fast =========================================

    Fast Scan All ok

    ==================== SigCheck x64 Fast =========================================

    Fast Scan All ok

    ==================== Job tasks at C:\Windows\Tasks =============================

    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 1074 bytes [ 29-7-2016 21:12:56 ]

    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 1078 bytes [ 29-7-2016 21:12:56 ]

    C:\Windows\Tasks\SA.DAT 6 bytes [ 22-8-2013 16:45:54 ]


    ==================== Job tasks at C:\Windows\system32\Tasks ====================

    C:\Windows\system32\Tasks\Adobe Acrobat Update Task 4476 bytes [ 9-11-2016 20:14:01 ]
    => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Windows\system32\Tasks\AutoKMSCustom 3238 bytes [ 10-1-2014 14:52:05 ]
    => C:\Windows\AutoKMS\AutoKMS.exe

    C:\Windows\system32\Tasks\AVG EUpdate Task 3600 bytes [ 20-11-2016 20:17:31 ]
    => avgsetupx.exe

    C:\Windows\system32\Tasks\CCleanerSkipUAC 2786 bytes [ 28-12-2013 18:40:23 ]
    => "C:\Program Files\CCleaner\CCleaner.exe"

    C:\Windows\system32\Tasks\GarminUpdaterTask 3554 bytes [ 1-12-2016 22:15:27 ]
    => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe

    C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 3814 bytes [ 28-12-2013 18:36:57 ]
    => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 4050 bytes [ 28-12-2013 18:36:58 ]
    => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1801927240-3863529157-1534887519-500 3596 bytes [ 10-9-2013 00:55:08 ]

    C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1828179077-3866219584-521906193-1001 3598 bytes [ 28-12-2013 18:24:48 ]

    C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1828179077-3866219584-521906193-500 3594 bytes [ 22-10-2013 11:16:37 ]

    C:\Windows\system32\Tasks\Resolution+ Setting Task 3128 bytes [ 22-10-2013 11:42:50 ]
    => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe

    C:\Windows\system32\Tasks\UMonitor Task 3016 bytes [ 22-10-2013 11:37:48 ]
    => C:\Windows\SysWOW64\UMonit64.exe

    C:\Windows\system32\Tasks\User_Feed_Synchronization-{372640E2-EE00-4AF5-94F1-52B905FF0372} 3978 bytes [ 28-12-2013 18:54:46 ]
    => C:\Windows\system32\msfeedssync.exe


    ==================== Job tasks at C:\Windows\SysWOW64\Tasks ====================

    There are no .job files found.

    ==================== End scanning at do 8 dec 2016 22:03 (1 Min 7 Sec ) ========

    Comment


    • #3
      Download de Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links
      Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

      Farbar Recovery Scan Tool uitvoeren
      • Dubbelklik op FRST.exe om de tool te starten.
      • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
      • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
      • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
      • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
      • Voeg beide logbestanden als bijlage toe aan het volgende bericht.

      Windows 10 opstarten in Veilige Modus

      Comment


      • #4
        Hoi Juisster

        Krijg steeds melding van de lange logbestanden. wat is de handigste oplossing?

        Comment


        • #5
          Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 07-12-2016
          Gestart door Peter Wester (12-12-2016 16:08:03)
          Gestart vanaf C:\Users\Peter Wester\Downloads
          Windows 8.1 (Update) (X64) (2013-12-28 17:18:33)
          Boot Modus: Normal
          ==========================================================


          ==================== Accounts: =============================

          Administrator (S-1-5-21-1828179077-3866219584-521906193-500 - Administrator - Disabled)
          Gast (S-1-5-21-1828179077-3866219584-521906193-501 - Limited - Disabled)
          Peter Wester (S-1-5-21-1828179077-3866219584-521906193-1001 - Administrator - Enabled) => C:\Users\Peter Wester

          ==================== Security Center ========================

          (Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

          AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          AV: Internetbeveiliging by F-Secure (Enabled - Up to date) {4CBE0CB6-C6C6-9D82-ECD2-A076E5981AC9}
          AS: Internetbeveiliging by F-Secure (Enabled - Up to date) {F7DFED52-E0FC-920C-D662-9B049E1F5074}
          AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

          ==================== Geïnstalleerde programma's ======================

          (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

          Aangifte inkomstenbelasting 2014 (HKLM-x32\...\Aangifte inkomstenbelasting 2014) (Version: - Belastingdienst)
          Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
          Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
          Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
          Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
          ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
          Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
          Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
          Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
          Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
          Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION)
          CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
          Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
          Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
          Computer Security 14.150.101.0 (release) (x32 Version: 14.150.101.0 - F-Secure Corporation) Hidden
          Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.2.0 - Conexant)
          DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
          Elevated Installer (x32 Version: 4.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
          Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
          E-Peek (HKLM-x32\...\{1CA0A028-0070-4E39-9450-9E7672FA3451}) (Version: 1.0.9 - E Dev)
          FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
          F-Secure CCF Reputation (x32 Version: 2.0.1337.0 - F-Secure) Hidden
          F-Secure CCF Scanning 1.72.115.709 (release) (x32 Version: 1.72.115.709 - F-Secure Corporation) Hidden
          F-Secure Network CCF 1.04.119 (x32 Version: 1.04.119 - F-Secure Corporation) Hidden
          F-Secure SafeSearch 1.09.109.0 (release) (x32 Version: 1.09.109.0 - F-Secure Corporation) Hidden
          Garmin Express (HKLM-x32\...\{00bf033c-5ade-400f-a174-be74932eebc6}) (Version: 4.5.0.0 - Garmin Ltd or its subsidiaries)
          Garmin Express (HKLM-x32\...\{42f02a91-da9c-48e1-8dc5-37f4449db969}) (Version: 4.1.5.0 - Garmin Ltd or its subsidiaries)
          Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
          Garmin Express (x32 Version: 4.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
          Garmin Express Tray (x32 Version: 4.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
          Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)
          Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
          Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
          Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
          Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
          Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
          Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
          Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
          Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
          Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
          Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
          K-Lite Codec Pack 10.2.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
          Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
          Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
          Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
          Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
          Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
          Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
          Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
          Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
          Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
          Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
          Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
          Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
          Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
          Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
          Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
          Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
          Mozilla Firefox 48.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 nl)) (Version: 48.0.2 - Mozilla)
          Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
          Mozilla Thunderbird 24.2.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 nl)) (Version: 24.2.0 - Mozilla)
          OpenOffice 4.0.1 (HKLM-x32\...\{EA9BAE1A-2D68-4160-81E6-14B712435D66}) (Version: 4.01.9714 - Apache Software Foundation)
          Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
          Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
          Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
          Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
          Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
          QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
          Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
          Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
          Skype™ 6.11 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.11.102 - Skype Technologies S.A.)
          Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
          Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
          Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
          Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
          swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
          Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
          Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
          TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
          TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
          TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
          TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
          TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
          TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
          TOSHIBA Gesture Controller (HKLM-x32\...\{D2484156-5F50-46CA-994A-3EC35F891950}) (Version: 4.0.110.0 - Toshiba Corporation)
          TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
          TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 5.0.1.0 - Toshiba Corporation)
          TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
          TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
          TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
          TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
          TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
          Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
          Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
          Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
          VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
          WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
          WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
          Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
          WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
          Ziggo Internetbeveiliging (HKLM-x32\...\F-Secure ServiceEnabler 45123) (Version: 2.50.214.0 - F-Secure Corporation)
          Ziggo Internetbeveiliging (x32 Version: 2.50.214.0 - F-Secure Corporation) Hidden

          ==================== Aangepaste CLSID (gefilterd): ==========================

          (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

          Comment


          • #6
            ==================== Geplande Taken (gefilterd) =============

            (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

            Task: {0D70B222-F22D-4C95-AD31-03BA6786EF06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
            Task: {2F75D36C-5558-4C22-B518-167DABBEB7FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
            Task: {4327076B-DEC6-407D-A0CD-923E98E4674B} - System32\Tasks\F-Secure\F-Secure GUI => C:\Program Files (x86)\Internetbeveiliging\FsGuiStarter.exe [2016-03-11] (F-Secure Corporation)
            Task: {514B2B1D-8E97-438B-A21F-8C3EF8DFAC4F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
            Task: {557E4F74-4D06-420E-839D-70D36CBDDB27} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-08-28] (TODO: <Company name>)
            Task: {5848C541-9D09-4689-9F0C-ED63EF151FB5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-11-11] (Microsoft Corporation)
            Task: {957CACEB-C63B-4784-ABDF-0480B839DD09} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-11-29] ()
            Task: {9FEAD42F-07F7-4F02-A944-ABFC8BEF0EB5} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-10] ()
            Task: {A90F0941-0CD1-403E-B062-5299F8FC0D28} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
            Task: {D5A735E3-F6AB-4FC2-AA66-1C18627549A2} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-11-17] (Toshiba Europe GmbH)
            Task: {DCAF9964-E84C-4E43-928C-6107B6C9ED04} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
            Task: {DCD912A2-B5E2-4B82-8FEC-8E8ED1243FFA} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-08-28] ()
            Task: {ED3B8CFD-A80A-4878-9ACC-4D025F581F97} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)

            (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

            Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
            Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

            ==================== Snelkoppelingen =============================

            (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

            ==================== Geladen Modules (gefilterd) ==============

            2013-09-10 20:54 - 2013-09-10 20:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
            2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
            2013-10-22 10:37 - 2013-08-28 16:08 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
            2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
            2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
            2016-08-15 10:35 - 2015-04-09 07:47 - 00011536 _____ () C:\Program Files (x86)\TeamViewer\Version9\outlook\ManagedAggregator.dll
            2015-11-11 02:49 - 2015-11-11 02:49 - 01557160 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
            2016-08-05 17:52 - 2016-08-05 17:52 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll
            2016-07-27 12:14 - 2015-11-24 11:26 - 00072744 _____ () C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
            2016-07-27 12:10 - 2016-03-11 14:14 - 00250840 _____ () C:\Program Files (x86)\Internetbeveiliging\daas2.dll
            2016-11-29 13:41 - 2016-11-29 13:41 - 00073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
            2016-11-02 19:31 - 2016-11-02 19:31 - 00934368 _____ () C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fm4av.dll
            2013-10-22 10:22 - 2013-09-03 15:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
            2016-12-10 10:54 - 2016-12-10 10:54 - 51777648 _____ () C:\Users\Peter Wester\AppData\Roaming\Spotify\libcef.dll
            2016-12-10 10:54 - 2016-12-10 10:54 - 01803888 _____ () C:\Users\Peter Wester\AppData\Roaming\Spotify\libglesv2.dll
            2016-12-10 10:54 - 2016-12-10 10:54 - 00086128 _____ () C:\Users\Peter Wester\AppData\Roaming\Spotify\libegl.dll
            2016-11-15 20:26 - 2016-11-08 21:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
            2016-11-15 20:26 - 2016-11-08 21:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libegl.dll

            ==================== Alternate Data Streams (gefilterd) =========

            (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


            ==================== Veilige Modus (gefilterd) ===================

            (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)

            HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
            HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
            HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
            HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
            HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
            HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
            HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
            HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

            ==================== Bestandskoppeling (gefilterd) ===============

            (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


            ==================== Internet Explorer vertrouwde/beperkte toegang ===============

            (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)

            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\008i.com -> 008i.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\008k.com -> 008k.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\00hq.com -> 00hq.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\0190-dialers.com -> 0190-dialers.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\01i.info -> 01i.info
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\05p.com -> 05p.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\0calories.net -> 0calories.net
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\0cj.net -> 0cj.net
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\0scan.com -> 0scan.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\1-se.com -> 1-se.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\1001movie.com -> 1001movie.com
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\1001night.biz -> 1001night.biz
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\100gal.net -> 100gal.net
            IE restricted site: HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\100sexlinks.com -> 100sexlinks.com

            Er zijn 4788 Meer websites.


            ==================== Hosts inhoud: ===============================

            (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

            2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


            ==================== Andere gebieden ============================

            (Momenteel is er geen automatische fix voor dit onderdeel.)

            HKU\S-1-5-21-1828179077-3866219584-521906193-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Toshiba\Standard.jpg
            DNS Servers: 84.116.46.23 - 84.116.46.22
            HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
            Windows Firewall is ingeschakeld.

            ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==


            ==================== Firewall regels (gefilterd) ===============

            (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

            FirewallRules: [vm-monitoring-nb-session] => LPort=139
            FirewallRules: [{BB21006B-E82F-4112-A61D-6AB3F2E8EF58}] => C:\Program Files (x86)\Spotify\spotify.exe
            FirewallRules: [{8D646B19-6987-48FF-8894-98A53D0CA22A}] => C:\Program Files (x86)\Spotify\spotify.exe
            FirewallRules: [{FE56101B-6250-434E-821F-F0875926B00D}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
            FirewallRules: [{D90EF613-2E84-4584-AA9C-E5A313BA3A81}] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
            FirewallRules: [{117E4D70-0670-4B3C-902D-078E319BB1F5}] => C:\Program Files (x86)\Winamp\winamp.exe
            FirewallRules: [{CA72179D-C5DA-4998-AD9C-2AC1E0CB876E}] => C:\Program Files (x86)\Winamp\winamp.exe
            FirewallRules: [{B2FFC313-E237-4EC9-B6E2-DBA7BB1FB3E0}] => C:\Program Files (x86)\Winamp\winamp.exe
            FirewallRules: [{C32D5934-A4A7-4B23-A56E-B90A2DC6BB0D}] => C:\Program Files (x86)\Winamp\winamp.exe
            FirewallRules: [{2EC913F0-6638-48C9-BF0A-1FB1ECD0E24F}] => C:\Program Files (x86)\Winamp\winamp.exe
            FirewallRules: [{4E02B0F4-0F3D-42D7-9DAE-E50C2534A179}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
            FirewallRules: [TCP Query User{C66DF5C8-8F23-4DC4-B036-BD7C893DC33A}C:\users\peter wester\appdata\roaming\spotify\spotify.exe] => C:\users\peter wester\appdata\roaming\spotify\spotify.exe
            FirewallRules: [UDP Query User{BF7D191A-C2BF-40B4-966A-E89E22D9EEDD}C:\users\peter wester\appdata\roaming\spotify\spotify.exe] => C:\users\peter wester\appdata\roaming\spotify\spotify.exe
            FirewallRules: [TCP Query User{A458957A-668E-4063-A0BE-02A647C58F4D}C:\users\peter wester\appdata\roaming\spotify\spotify.exe] => C:\users\peter wester\appdata\roaming\spotify\spotify.exe
            FirewallRules: [UDP Query User{EA38A0A6-48EB-470E-9D83-E957A683926F}C:\users\peter wester\appdata\roaming\spotify\spotify.exe] => C:\users\peter wester\appdata\roaming\spotify\spotify.exe
            FirewallRules: [{A89DBEBF-3893-4355-AF2C-66160707B601}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
            FirewallRules: [{43D09630-5EDA-482E-89B7-021F9CE3A2E5}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
            FirewallRules: [{3B513AD9-3A2F-43E7-A9CE-67FA86034E05}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
            FirewallRules: [{30D6851C-007B-441A-A962-57BC127E5D96}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
            FirewallRules: [{7C5EAB7E-EC79-465D-AAFC-B4DE9E0D9CE8}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
            FirewallRules: [{4A9DF619-55F6-4244-97AE-28A16E5E6205}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
            FirewallRules: [{187F065A-82AE-4215-B2EB-3F72300299BA}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
            FirewallRules: [{AFFDD4BC-B11A-462C-BC6A-0DEC362FB170}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
            FirewallRules: [{549BC56C-5439-4029-A9F2-1D3928A60976}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

            ==================== Herstelpunten =========================

            20-11-2016 11:33:13 Gepland controlepunt
            01-12-2016 22:13:00 Garmin Express
            08-12-2016 20:41:38 Removed Visual Studio 2012 x64 Redistributables

            ==================== Defecte Apparaatbeheer Apparaten =============


            ==================== Eventlog fouten: =========================

            Applicatiefouten:
            ==================
            Error: (12/12/2016 12:59:27 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
            Description: 2 2016-12-12 12:59:27+02:00 WESTER Wester\Peter Wester F-Secure Anti-Virus
            Scanning of \DEVICE\HARDDISKVOLUME4\PROGRAM FILES (X86)\OPENOFFICE 4\PROGRAM\SOFFICE.EXE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

            Error: (12/12/2016 12:59:27 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
            Description: 1 2016-12-12 12:59:26+02:00 WESTER Wester\Peter Wester F-Secure Anti-Virus
            Scanning of \DEVICE\HARDDISKVOLUME4\PROGRAM FILES (X86)\BELASTINGDIENST\AANGIFTE INKOMSTENBELASTING\2014\IB2014.EXE was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

            Error: (12/11/2016 10:33:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
            Description: Gegevens voor het Programma voor verbetering van de gebruikerservaring kunnen niet naar Microsoft worden verzonden. (Fout 80070005).

            Error: (12/09/2016 10:48:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wester)
            Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

            Error: (12/09/2016 10:48:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wester)
            Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

            Error: (12/09/2016 10:48:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Wester)
            Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

            Error: (12/08/2016 09:56:45 PM) (Source: MsiInstaller) (EventID: 11711) (User: Wester)
            Description: Product: E-Peek -- Error 1711. An error occurred while writing installation information to disk. Check to make sure enough disk space is available, and click "Retry", or "Cancel" to end the install.

            Error: (12/08/2016 09:56:32 PM) (Source: MsiInstaller) (EventID: 11711) (User: Wester)
            Description: Product: E-Peek -- Error 1711. An error occurred while writing installation information to disk. Check to make sure enough disk space is available, and click "Retry", or "Cancel" to end the install.

            Error: (12/08/2016 09:56:31 PM) (Source: MsiInstaller) (EventID: 11711) (User: Wester)
            Description: Product: E-Peek -- Error 1711. An error occurred while writing installation information to disk. Check to make sure enough disk space is available, and click "Retry", or "Cancel" to end the install.

            Error: (12/08/2016 09:56:30 PM) (Source: MsiInstaller) (EventID: 11711) (User: Wester)
            Description: Product: E-Peek -- Error 1711. An error occurred while writing installation information to disk. Check to make sure enough disk space is available, and click "Retry", or "Cancel" to end the install.


            Systeemfouten:
            =============
            Error: (12/09/2016 10:48:53 PM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 10:48:53 PM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 10:48:53 PM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1 heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 10:48:48 PM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 10:48:48 PM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1 heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 10:48:48 PM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 05:32:32 PM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 05:32:02 PM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server {1B1F472E-3221-4826-97DB-2C2324D389AE} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 09:49:48 AM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

            Error: (12/09/2016 09:49:18 AM) (Source: DCOM) (EventID: 10010) (User: Wester)
            Description: De server {1B1F472E-3221-4826-97DB-2C2324D389AE} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.


            ==================== Geheugen info ===========================

            Processor: Intel(R) Core(TM) i3-4000M CPU @ 2.40GHz
            Percentage geheugen in gebruik: 54%
            Totaal fysiek RAM-geheugen: 4020.27 MB
            Beschikbaar fysiek RAM-geheugen: 1831.3 MB
            Totaal Virtueel geheugen: 5108.27 MB
            Beschikbaar Virtual geheugen: 2316.47 MB

            ==================== Schijven ================================

            Drive c: (TI31201100A) (Fixed) (Total:687.65 GB) (Free:635.99 GB) NTFS

            ==================== MBR & Partitietabel ==================

            ========================================================
            Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

            Partition: GPT.

            ==================== Eind van Addition.txt ============================

            Comment


            • #7
              Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 07-12-2016
              Gestart door Peter Wester (Beheerder) op WESTER (12-12-2016 16:06:40)
              Gestart vanaf C:\Users\Peter Wester\Downloads
              Geladen Profielen: Peter Wester (Beschikbare Profielen: Peter Wester)
              Platform: Windows 8.1 (Update) (X64) Taal: Nederlands (Nederland)
              Internet Explorer Versie 11 (Standaardbrowser: Chrome)
              Boot Modus: Normal
              Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

              ==================== Processen (gefilterd) =================

              (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

              (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
              (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
              () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
              (F-Secure Corporation) C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
              (F-Secure Corporation) C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
              (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
              (F-Secure Corporation) C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
              (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
              (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
              (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
              (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
              (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
              (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
              (Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
              (F-Secure Corporation) C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
              (F-Secure Corporation) C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe
              (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
              (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
              (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
              (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe
              (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
              (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
              (F-Secure Corporation) C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSHDLL64.EXE
              (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
              () C:\Windows\SysWOW64\UMonit64.exe
              (Intel Corporation) C:\Windows\System32\igfxtray.exe
              (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
              (Intel Corporation) C:\Windows\System32\hkcmd.exe
              (Intel Corporation) C:\Windows\System32\igfxpers.exe
              (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
              (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
              (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
              (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
              (Spotify Ltd) C:\Users\Peter Wester\AppData\Roaming\Spotify\SpotifyWebHelper.exe
              (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
              (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
              (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
              (Spotify Ltd) C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe
              (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
              (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
              (Spotify Ltd) C:\Users\Peter Wester\AppData\Roaming\Spotify\SpotifyCrashService.exe
              (Spotify Ltd) C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe
              (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
              (Spotify Ltd) C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe
              (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
              (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
              (F-Secure Corporation) C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
              (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
              (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
              (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

              ==================== Register (gefilterd) ====================

              (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

              HKLM\...\Run: => [X]
              HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
              HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
              HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
              HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
              HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
              HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
              HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
              HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
              HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
              HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
              HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-22] (Apple Inc.)
              HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
              HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
              Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
              HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\Run: [Spotify Web Helper] => C:\Users\Peter Wester\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-10] (Spotify Ltd)
              HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20586656 2013-11-15] (Skype Technologies S.A.)
              HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
              HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
              HKU\S-1-5-21-1828179077-3866219584-521906193-1001\...\Run: [Spotify] => C:\Users\Peter Wester\AppData\Roaming\Spotify\Spotify.exe [7095408 2016-12-10] (Spotify Ltd)
              HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
              ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-21] (IvoSoft)
              ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-21] (IvoSoft)
              Startup: C:\Users\Peter Wester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk [2014-03-21]
              ShortcutTarget: OneNote 2010 Schermopname en Snel starten.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

              ==================== Internet (gefilterd) ====================

              (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

              Tcpip\Parameters: [DhcpNameServer] 84.116.46.23 84.116.46.22
              Tcpip\..\Interfaces\{02F5E740-597D-4C5F-AC86-7F4F1091A02B}: [DhcpNameServer] 84.116.46.23 84.116.46.22
              Tcpip\..\Interfaces\{93737276-3700-4D72-BE01-94278DA4105F}: [DhcpNameServer] 84.116.46.23 84.116.46.22

              Comment


              • #8
                Internet Explorer:
                ==================
                HKU\S-1-5-21-1828179077-3866219584-521906193-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
                HKU\S-1-5-21-1828179077-3866219584-521906193-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
                SearchScopes: HKLM -> DefaultScope {61226BF8-FF28-49F0-B8CC-9F58A9DE725B} URL =
                SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
                SearchScopes: HKLM-x32 -> DefaultScope {61226BF8-FF28-49F0-B8CC-9F58A9DE725B} URL =
                SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
                SearchScopes: HKU\S-1-5-21-1828179077-3866219584-521906193-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
                BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-21] (IvoSoft)
                BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
                BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-28] (Oracle Corporation)
                BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
                BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-28] (Oracle Corporation)
                BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-21] (IvoSoft)
                BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-21] (IvoSoft)
                BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
                BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
                BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
                BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
                BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-21] (IvoSoft)
                Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-21] (IvoSoft)
                Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-21] (IvoSoft)
                Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-27] (Skype Technologies)

                FireFox:
                ========
                FF ProfilePath: C:\Users\Peter Wester\AppData\Roaming\Mozilla\Firefox\Profiles\qh9dqgpo.default [2016-12-12]
                FF Extension: (Firefox Hotfix) - C:\Users\Peter Wester\AppData\Roaming\Mozilla\Firefox\Profiles\qh9dqgpo.default\Extensions\[email protected] [2016-09-09]
                FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-28] (Oracle Corporation)
                FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-28] (Oracle Corporation)
                FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
                FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
                FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
                FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
                FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
                FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
                FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
                FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
                FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
                FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
                FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
                FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
                FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
                FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
                FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

                Chrome:
                =======
                CHR Profile: C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default [2016-12-12]
                CHR Extension: (Google Presentaties) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-08]
                CHR Extension: (Google Documenten) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-08]
                CHR Extension: (Google Drive) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-08]
                CHR Extension: (YouTube) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-08]
                CHR Extension: (Google Search) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-08]
                CHR Extension: (Google Spreadsheets) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-08]
                CHR Extension: (Offline Documenten) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
                CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
                CHR Extension: (Gmail) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-08]
                CHR Extension: (Chrome Media Router) - C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-22]
                CHR Profile: C:\Users\Peter Wester\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-12-08]
                CHR HKU\S-1-5-21-1828179077-3866219584-521906193-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - hxxps://clients2.google.com/service/update2/crx

                ==================== Services (gefilterd) ====================

                (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

                R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider) [Bestand niet getekend]
                R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
                R2 fshoster; C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe [186840 2016-03-11] (F-Secure Corporation)
                R3 FSMA; C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-11-24] (F-Secure Corporation)
                R2 FSORSPClient; C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)
                R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1029648 2016-11-29] (Garmin Ltd. or its subsidiaries)
                S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Bestand niet getekend]
                R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Bestand niet getekend]
                S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
                R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
                R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
                S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-08-23] () [Bestand niet getekend]
                R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
                R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
                S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
                S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
                S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

                ===================== Drivers (gefilterd) ======================

                (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

                R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
                S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
                R3 F-Secure Gatekeeper; C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [219216 2016-11-02] (F-Secure Corporation)
                R1 F-Secure HIPS; C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\HIPS\drivers\fshs.sys [97368 2016-11-02] (F-Secure Corporation)
                R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [73928 2016-07-06] ()
                R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [41024 2013-12-31] ()
                R3 fsni; C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Scanning\bin\fsni64.sys [110800 2016-12-08] (F-Secure Corporation)
                R1 fsvista; C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2015-10-08] ()
                U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)
                R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
                S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
                R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
                S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
                R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
                R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
                R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
                S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
                R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
                R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
                S3 Tosrfcom; geen ImagePath
                S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
                S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
                S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
                R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

                ==================== NetSvcs (gefilterd) ===================

                (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


                ==================== Een Maand Aangemaakt bestanden en mappen ========

                (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

                2016-12-12 16:06 - 2016-12-12 16:07 - 00022403 _____ C:\Users\Peter Wester\Downloads\FRST.txt
                2016-12-12 16:05 - 2016-12-12 16:06 - 00000000 ____D C:\FRST
                2016-12-12 16:05 - 2016-12-12 16:05 - 02420224 _____ (Farbar) C:\Users\Peter Wester\Downloads\FRST64.exe
                2016-12-09 19:48 - 2016-12-09 19:48 - 00077461 _____ C:\Users\Peter Wester\Downloads\Mijn_geile_buurjongen.pdf
                2016-12-08 22:53 - 2016-12-08 22:53 - 00011918 _____ C:\Users\Peter Wester\Desktop\malware.txt
                2016-12-08 22:04 - 2016-12-08 22:04 - 00040386 _____ C:\Users\Peter Wester\Desktop\EPeek.txt
                2016-12-08 22:02 - 2016-12-08 22:02 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
                2016-12-08 22:02 - 2016-12-08 22:02 - 00000000 ____D C:\Users\Public\Desktop\E Dev
                2016-12-08 22:02 - 2016-12-08 22:02 - 00000000 ____D C:\Program Files (x86)\E Dev
                2016-12-08 22:01 - 2016-12-08 22:01 - 13850620 _____ (E Dev) C:\Users\Peter Wester\Downloads\setupE-Peek (1).exe
                2016-12-08 21:55 - 2016-12-08 21:55 - 13850620 _____ (E Dev) C:\Users\Peter Wester\Downloads\setupE-Peek.exe
                2016-12-08 21:55 - 2016-12-08 21:55 - 00000000 ____D C:\Users\Peter Wester\AppData\Roaming\E Dev
                2016-12-08 21:53 - 2016-12-08 21:53 - 00004317 _____ C:\Users\Peter Wester\Desktop\AdwCleaner[C0].txt
                2016-12-08 21:46 - 2016-12-08 21:50 - 00000000 ____D C:\AdwCleaner
                2016-12-08 21:46 - 2016-12-08 21:46 - 03968464 _____ C:\Users\Peter Wester\Downloads\AdwCleaner.exe
                2016-12-08 21:13 - 2016-12-08 21:14 - 22908888 _____ (Malwarebytes ) C:\Users\Peter Wester\Downloads\mbam-setup-2.2.0.1024.exe
                2016-12-01 22:15 - 2016-12-01 22:15 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
                2016-11-30 22:12 - 2016-11-30 22:23 - 00000022 _____ C:\Users\Peter Wester\Downloads\vanderlaangroep-10755a.zip
                2016-11-20 20:24 - 2016-11-20 20:24 - 00000000 ____D C:\Users\Peter Wester\AppData\Roaming\AVG
                2016-11-20 20:20 - 2016-11-20 20:20 - 00000000 ____D C:\Users\Peter Wester\AppData\Roaming\TuneUp Software
                2016-11-20 20:19 - 2016-11-20 20:51 - 00000000 ____D C:\ProgramData\MFAData
                2016-11-20 20:19 - 2016-11-20 20:19 - 00000000 ____D C:\Users\Peter Wester\AppData\Local\MFAData
                2016-11-20 20:15 - 2016-12-09 21:26 - 00000000 ____D C:\ProgramData\Avg
                2016-11-20 20:15 - 2016-11-20 20:56 - 00000000 ____D C:\Users\Peter Wester\AppData\Local\AvgSetupLog
                2016-11-20 20:15 - 2016-11-20 20:51 - 00000000 ____D C:\Users\Peter Wester\AppData\Local\Avg
                2016-11-12 10:03 - 2016-10-28 22:04 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
                2016-11-12 10:03 - 2016-10-28 22:04 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

                ==================== Een Maand Gewijzigd bestanden en mappen ========

                (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

                2016-12-12 16:04 - 2013-12-28 18:52 - 00000000 ____D C:\Users\Peter Wester\AppData\Roaming\ClassicShell
                2016-12-12 16:02 - 2013-12-28 18:22 - 00000000 ____D C:\Users\Peter Wester\AppData\Roaming\Spotify
                2016-12-12 13:17 - 2016-07-29 20:12 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
                2016-12-12 13:00 - 2016-07-29 20:12 - 00001074 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
                2016-12-12 12:57 - 2014-01-11 22:57 - 00000000 ____D C:\Users\Peter Wester\Documents\Outlook-bestanden
                2016-12-12 12:57 - 2013-12-28 18:22 - 00000000 ____D C:\Users\Peter Wester\AppData\Local\Spotify
                2016-12-11 22:44 - 2014-01-30 20:40 - 00000000 ____D C:\Users\Peter Wester\Desktop\werkmapje
                2016-12-11 11:49 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
                2016-12-11 10:54 - 2013-12-28 18:24 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1828179077-3866219584-521906193-1001
                2016-12-10 22:16 - 2016-07-02 19:07 - 00000000 ____D C:\Users\Peter Wester\AppData\Local\FSDART
                2016-12-08 21:51 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
                2016-12-08 21:42 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SchCache
                2016-12-08 21:41 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
                2016-12-08 21:40 - 2013-10-22 10:51 - 00000000 ____D C:\Program Files (x86)\Amazon
                2016-12-08 20:27 - 2013-12-28 19:56 - 00000000 ____D C:\Users\Peter Wester\AppData\Roaming\Skype
                2016-12-02 12:37 - 2013-12-28 18:18 - 00000000 ____D C:\Users\Peter Wester
                2016-12-01 23:01 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
                2016-12-01 22:19 - 2016-02-01 19:57 - 00000000 ____D C:\ProgramData\Package Cache
                2016-12-01 22:19 - 2015-12-12 10:38 - 00045056 _____ C:\Users\Peter Wester\Desktop\Speelsterkte GC Racing 23.9.2016.xls
                2016-12-01 22:17 - 2015-06-19 20:08 - 00000000 ____D C:\Program Files (x86)\Garmin
                2016-12-01 22:15 - 2016-08-02 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
                2016-11-24 21:03 - 2013-09-09 23:44 - 01831256 _____ C:\Windows\system32\PerfStringBackup.INI
                2016-11-24 21:03 - 2013-08-28 11:25 - 00809660 _____ C:\Windows\system32\perfh013.dat
                2016-11-24 21:03 - 2013-08-28 11:25 - 00163216 _____ C:\Windows\system32\perfc013.dat
                2016-11-24 20:28 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
                2016-11-20 20:51 - 2016-10-29 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
                2016-11-20 20:51 - 2013-12-28 18:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
                2016-11-20 20:48 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
                2016-11-20 20:24 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
                2016-11-15 20:26 - 2013-12-28 18:40 - 00002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
                2016-11-12 11:20 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
                2016-11-12 10:00 - 2013-08-22 15:44 - 00508008 _____ C:\Windows\system32\FNTCACHE.DAT

                Sommige bestanden in TEMP:
                ====================
                C:\Users\Peter Wester\AppData\Local\Temp\libeay32.dll
                C:\Users\Peter Wester\AppData\Local\Temp\msvcr120.dll
                C:\Users\Peter Wester\AppData\Local\Temp\sqlite3.dll


                ==================== Bamital & volsnap ======================

                (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

                C:\Windows\system32\winlogon.exe => Bestand is getekend
                C:\Windows\system32\wininit.exe => Bestand is getekend
                C:\Windows\explorer.exe => Bestand is getekend
                C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
                C:\Windows\system32\svchost.exe => Bestand is getekend
                C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
                C:\Windows\system32\services.exe => Bestand is getekend
                C:\Windows\system32\User32.dll => Bestand is getekend
                C:\Windows\SysWOW64\User32.dll => Bestand is getekend
                C:\Windows\system32\userinit.exe => Bestand is getekend
                C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
                C:\Windows\system32\rpcss.dll => Bestand is getekend
                C:\Windows\system32\dnsapi.dll => Bestand is getekend
                C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
                C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend

                LastRegBack: 2016-12-07 18:23

                ==================== Eind van FRST.txt ============================

                Comment


                • #9
                  Goede morgen,

                  sorry voor de late reactie, druk druk, ik kom a.s.a.p. met een fix voor je.

                  Windows 10 opstarten in Veilige Modus

                  Comment


                  • #10
                    Download ResetBrowser naar het bureaublad.
                    • Sluit eerst alle openstaande programma's en browsers.
                    • Klik vervolgens met de rechtermuisknop op ResetBrowser.exe en kies voor "Als Administrator uitvoeren".
                    • Als het scherm "About ResetBrowser" opent klik daar dan "OK".
                    • Het scherm van "ResetBrowser" opent.
                    • Klik Reset Internet Explorer.


                    --------------------------------------------------------------------------------------------------
                    Last edited by Juisterr; 19-12-16, 12:38.

                    Windows 10 opstarten in Veilige Modus

                    Comment


                    • #11
                      Hoi Juisterr

                      done en nu weer rustige laptop.

                      Moet ik verder nog wat doen?

                      Verwijderen van gebruikte programma's?

                      speciaal programmatje?

                      Bedankt voor je tijd

                      Groet

                      Peter

                      Comment


                      • #12
                        Uiteraard Peter.

                        Als er verder geen klachten meer zijn.


                        Download Delfix by Xplode naar het bureaublad.

                        KLIK HIER voor een vergroting!
                        (Klik bovenstaande afbeelding aan voor een vergroting!)

                        Dubbelklik op Delfix.exe om de tool te starten.
                        Zet nu vinkjes voor de volgende items:
                        • Remove disinfection tools
                        • Purge System Restore
                        • Reset system settings

                        Klik nu op "Run" en wacht geduldig tot de tool gereed is.
                        Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

                        Windows 10 opstarten in Veilige Modus

                        Comment

                        Sorry, you are not authorized to view this page
                        Working...
                        X