Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptopl slow, advertisements, cooler somtimes starts very loud, startp

Started by HaraMo , Nov 11 2015 06:49 AM

  • This topic is locked This topic is locked

#1
HaraMo
Posted 11 November 2015 - 06:49 AM

HaraMo

    Member

  • Member
  • PipPipPip
  • 456 posts

Also 3 programms cannot be uninstalled: cinemaP(shows twice), and stencent.

 

Hopefully someone can help.

 

Here are the logs:

 

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:07-11-2015
Gestart door Gisele (Beheerder) op GISELE-HP-LAP (11-11-2015 13:46:20)
Gestart vanaf C:\Users\Gisele\Desktop
Geladen Profielen: Gisele (Beschikbare Profielen: Gisele)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: IE)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Cinema PlusV08.11) C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.exe
(Cinema PlusV23.09) C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
() C:\Program Files (x86)\Tencent\app.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Register (gefilterd) ===========================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-03-25] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM-x32\...\Run: [app] => C:\Program Files (x86)\Tencent\app.exe [167936 2015-09-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-774167087-3708585068-1396899783-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-03-25] (Bitdefender)
HKU\S-1-5-21-774167087-3708585068-1396899783-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-774167087-3708585068-1396899783-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 195.130.130.1 195.130.131.1
Tcpip\..\Interfaces\{38B80CB4-E5F9-4617-976B-1D5EE603FA78}: [DhcpNameServer] 195.130.130.1 195.130.131.1
Tcpip\..\Interfaces\{6590618C-7587-4A56-885B-79CFD927F080}: [DhcpNameServer] 195.130.130.1 195.130.131.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-774167087-3708585068-1396899783-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hln.be/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {6BCC5539-643F-485D-94A5-C6C89F48B37D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=hxxp://www.benl.ebay.be/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchfix.info/?unqvl=63&idate=2015/05/09&l=1&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchfix.info/?unqvl=63&idate=2015/05/09&l=1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-774167087-3708585068-1396899783-1000 -> DefaultScope {4B1CD24D-87AD-46D4-BC17-74B02FCAEF5C} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-774167087-3708585068-1396899783-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-774167087-3708585068-1396899783-1000 -> {4B1CD24D-87AD-46D4-BC17-74B02FCAEF5C} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-774167087-3708585068-1396899783-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-774167087-3708585068-1396899783-1000 -> {6BCC5539-643F-485D-94A5-C6C89F48B37D} URL = 
SearchScopes: HKU\S-1-5-21-774167087-3708585068-1396899783-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-03-25] (Bitdefender)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-03-25] (Bitdefender)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-774167087-3708585068-1396899783-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-22] (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
 
FireFox:
========
FF ProfilePath: C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default
FF Homepage: about:blank
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2011-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-774167087-3708585068-1396899783-1000: BearSharePlugin -> C:\Program Files (x86)\BearShare Applications\BearShare\npBearSharePlugin.dll [2013-11-19] (BearShare)
FF user.js: detected! => C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\user.js [2015-09-10]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: CinemaP-1.9cV08.11 - C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\Extensions\[email protected] [2015-11-08] [ niet getekend]
FF Extension: Belgium eID - C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\Extensions\[email protected] [2015-08-22]
FF Extension: Send to EidoGo - C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\Extensions\[email protected] [2015-06-01]
FF Extension: Geen Naam - C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\Extensions\{b8366951-8800-4242-9711-fe6b46518ff3}.xpi [2015-09-09] [ niet getekend]
FF Extension: Belgium eID - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2015-09-25] [ niet getekend]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-10-31] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-10-31] [ niet getekend]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
 
Chrome: 
=======
CHR dev: Chrome dev build gedetecteerd! <======= AANDACHT
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/" 
CHR Profile: C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-18]
CHR Extension: (Docs) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-16]
CHR Extension: (Google Drive) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-18]
CHR Extension: (YouTube) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-18]
CHR Extension: (Google Search) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-18]
CHR Extension: (Bitdefender Wallet) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih [2015-06-16]
CHR Extension: (Google Sheets) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-18]
CHR Extension: (Freemake Video Converter) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2015-05-18]
CHR Extension: (CinemaP-1.9cV08.11) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-08]
CHR Extension: (Google Wallet) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-18]
CHR Extension: (Gmail) - C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-18]
CHR HKLM\...\Chrome\Extension: [fhidhffpdlhleocklmjbncdngoobjdli] - <geen Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <geen Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - <geen Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhidhffpdlhleocklmjbncdngoobjdli] - <geen Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-04-28]
 
==================== Services (gefilterd) ========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-02-11] (Bitdefender)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [Bestand niet getekend]
S4 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [Bestand niet getekend]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Bestand niet getekend]
S3 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Bestand niet getekend]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Bestand niet getekend]
S4 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6849808 2015-11-10] (TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2015-02-11] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-03-25] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (gefilterd) ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-03-25] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [262544 2015-03-25] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-03-25] (BitDefender)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-11-03] (Broadcom Corporation.)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2015-03-25] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2015-03-25] (BitDefender SRL)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-21] (Broadcom Corporation.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EMVSCARD; C:\Windows\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (USB Smart Card Reader)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2015-02-11] (BitDefender LLC)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [258664 2011-09-22] (Realtek Semiconductor Corp.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2015-02-11] (BitDefender S.R.L.)
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2015-11-11 13:46 - 2015-11-11 13:46 - 00023062 _____ C:\Users\Gisele\Desktop\FRST.txt
2015-11-11 13:44 - 2015-11-11 13:44 - 02198528 _____ (Farbar) C:\Users\Gisele\Desktop\FRST64.exe
2015-11-11 13:22 - 2015-11-11 13:22 - 00000935 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-11-11 13:22 - 2015-11-11 13:22 - 00000923 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2015-11-11 00:40 - 2015-11-11 13:30 - 00000336 _____ C:\Windows\setupact.log
2015-11-11 00:40 - 2015-11-11 00:40 - 00000000 _____ C:\Windows\setuperr.log
2015-11-10 10:08 - 2015-11-10 10:08 - 00012100 _____ C:\Users\Gisele\Documents\Mo.odt
2015-11-09 23:19 - 2015-11-09 23:19 - 00000000 ____D C:\Users\Gisele\AppData\LocalLow\uTorrent
2015-11-08 18:45 - 2015-11-11 13:31 - 00002442 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user.job
2015-11-08 18:45 - 2015-11-11 13:31 - 00002442 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.job
2015-11-08 18:45 - 2015-11-08 18:45 - 00005472 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5
2015-11-08 18:43 - 2015-11-11 13:43 - 00003134 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.job
2015-11-08 18:43 - 2015-11-08 18:43 - 00006162 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6
2015-11-08 18:42 - 2015-11-11 13:42 - 00005514 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.job
2015-11-08 18:42 - 2015-11-11 13:42 - 00005178 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.job
2015-11-08 18:42 - 2015-11-11 13:31 - 00004154 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.job
2015-11-08 18:42 - 2015-11-08 18:42 - 00008542 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6
2015-11-08 18:42 - 2015-11-08 18:42 - 00008206 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7
2015-11-08 18:42 - 2015-11-08 18:42 - 00007184 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4
2015-11-08 18:42 - 2015-11-08 18:42 - 00000000 ____D C:\Program Files (x86)\d0474f20-c92a-47c8-bba1-9c9b9e2ec9f8
2015-11-08 18:41 - 2015-11-11 13:41 - 00004154 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.job
2015-11-08 18:41 - 2015-11-08 18:41 - 00007190 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3
2015-11-08 18:40 - 2015-11-11 13:41 - 00002108 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user.job
2015-11-08 18:40 - 2015-11-08 19:18 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV08.11
2015-11-08 15:13 - 2015-11-08 15:13 - 00000000 ____D C:\Users\Gisele\Downloads\Wolfskinder (2013)(dvd5)(Nl subs) RETAIL SAM TBS
2015-11-07 17:22 - 2015-11-07 17:22 - 00000000 ____D C:\Users\Gisele\AppData\Local\CEF
2015-11-07 17:21 - 2015-11-10 18:56 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-06 20:50 - 2015-11-06 20:50 - 00000000 ____D C:\Users\Gisele\Documents\queen 2
2015-11-06 20:33 - 2015-11-07 18:21 - 00000000 ____D C:\Users\Gisele\Documents\queen 1
2015-10-28 17:39 - 2015-10-29 06:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-24 08:12 - 2015-10-24 08:12 - 00000355 _____ C:\Users\Gisele\Desktop\Prullenbak - Snelkoppeling.lnk
2015-10-18 06:23 - 2015-10-18 13:40 - 00000000 ____D C:\Users\Gisele\Documents\Dave & Valerie
2015-10-16 05:43 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-16 05:43 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-16 05:43 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-16 05:43 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-16 05:43 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-16 05:43 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-16 05:43 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-16 05:43 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-16 05:43 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-16 05:43 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-16 05:43 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-16 05:43 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-16 05:43 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-16 05:43 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-16 05:43 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-16 05:43 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-16 05:43 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-16 05:43 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-16 05:43 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-16 05:43 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-16 05:43 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-16 05:43 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-16 05:43 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-16 05:43 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-16 05:43 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-16 05:43 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-16 05:43 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-16 05:43 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-16 05:43 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-16 05:43 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-16 05:43 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-16 05:43 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-16 05:43 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-16 05:43 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-16 05:43 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-16 05:43 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-16 05:43 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-16 05:43 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-16 05:43 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-16 05:43 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-16 05:43 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-16 05:43 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-16 05:43 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-16 05:43 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-16 05:43 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-16 05:43 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-16 05:43 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-16 05:43 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-16 05:43 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-16 05:43 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-16 05:43 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-16 05:43 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-16 05:43 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-16 05:43 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-16 05:43 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-16 05:43 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-16 05:43 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-16 05:43 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-16 05:43 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-16 05:43 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-16 05:43 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-16 05:42 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-16 05:42 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-16 05:42 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-16 05:42 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-16 05:42 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-16 05:42 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-16 05:42 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-16 05:42 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-16 05:42 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-16 05:42 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-16 05:42 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-16 05:42 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-16 05:42 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-16 05:42 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-16 05:42 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-16 05:42 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-16 05:42 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-16 05:42 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-16 05:42 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-16 05:42 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-16 05:42 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-16 05:42 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-16 05:42 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-16 05:41 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-16 05:41 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-16 05:41 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-16 05:41 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-16 05:41 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-16 05:41 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-16 05:41 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-16 05:41 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-16 05:41 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-16 05:41 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-16 05:41 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-16 05:41 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-16 05:41 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-16 05:41 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-16 05:41 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-16 05:41 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-16 05:41 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-16 05:41 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-16 05:41 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-16 05:41 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-16 05:41 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-16 05:41 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-16 05:41 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-16 05:41 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-16 05:41 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-16 05:41 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-16 05:41 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-16 05:41 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-16 05:41 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-16 05:41 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-16 05:41 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-16 05:41 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-16 05:41 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-16 05:41 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-16 05:41 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-16 05:41 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-16 05:41 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-16 05:41 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-16 05:41 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-16 05:41 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-16 05:41 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-16 05:41 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-16 05:41 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-16 05:41 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-16 05:41 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-16 05:41 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-16 05:41 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-16 05:41 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-16 05:41 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-16 05:41 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-16 05:41 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-16 05:41 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-16 05:41 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-16 05:41 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-16 05:37 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-16 05:37 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-16 05:37 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-16 05:37 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-16 05:37 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-16 05:37 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-16 05:37 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-16 05:37 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-16 05:37 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2015-11-11 13:46 - 2014-11-18 20:24 - 00000000 ____D C:\FRST
2015-11-11 13:39 - 2009-07-14 05:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-11 13:39 - 2009-07-14 05:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-11 13:34 - 2012-10-03 17:47 - 01340678 _____ C:\Windows\WindowsUpdate.log
2015-11-11 13:31 - 2015-09-23 17:10 - 00002108 _____ C:\Windows\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user.job
2015-11-11 13:31 - 2015-09-23 17:10 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-11 13:31 - 2014-10-23 03:49 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee6bf72142fd.job
2015-11-11 13:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-11 13:29 - 2009-07-14 05:45 - 00429136 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 13:28 - 2014-11-14 14:05 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-11 12:58 - 2012-10-09 20:23 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-11 12:52 - 2012-02-10 15:33 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-11 12:13 - 2012-02-10 23:38 - 00732178 _____ C:\Windows\system32\perfh013.dat
2015-11-11 12:13 - 2012-02-10 23:38 - 00149664 _____ C:\Windows\system32\perfc013.dat
2015-11-11 12:13 - 2009-07-14 06:13 - 01671080 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-10 19:28 - 2014-12-21 20:49 - 00000000 ____D C:\Users\Gisele\AppData\Roaming\uTorrent
2015-11-10 19:20 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Offline Web Pages
2015-11-10 19:17 - 2014-11-30 12:34 - 00000000 ____D C:\ProgramData\BDLogging
2015-11-10 17:11 - 2015-05-28 10:11 - 00000424 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job
2015-11-10 08:08 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-11-09 22:52 - 2014-12-23 21:06 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-09 09:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-09 07:14 - 2014-04-19 18:27 - 00000000 ____D C:\Windows\Minidump
2015-11-08 22:33 - 2014-11-11 08:42 - 00001401 _____ C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-11-08 18:35 - 2012-10-05 18:16 - 00000000 ____D C:\Users\Gisele\AppData\Roaming\vlc
2015-11-08 18:29 - 2012-11-01 16:33 - 00000000 ____D C:\Users\Gisele\AppData\Roaming\dvdcss
2015-11-08 16:36 - 2014-07-17 12:18 - 00000000 ____D C:\Users\Gisele\Documents\UGANDA
2015-11-07 17:22 - 2014-08-22 07:21 - 00000000 ____D C:\Users\Gisele\AppData\Local\Adobe
2015-11-07 17:21 - 2014-12-23 21:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-07 17:21 - 2012-02-10 15:56 - 00000000 ____D C:\ProgramData\Adobe
2015-11-07 17:21 - 2012-02-10 15:56 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-06 20:39 - 2012-10-05 20:06 - 00000123 ___SH C:\ProgramData\.zreglib
2015-11-04 17:55 - 2015-05-11 11:11 - 00018180 _____ C:\Users\Gisele\Documents\dvd fims nieuw.odt
2015-10-29 08:56 - 2012-10-05 11:40 - 00115776 _____ C:\Users\Gisele\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-29 06:34 - 2014-02-21 12:09 - 00000000 ____D C:\ProgramData\Uninstall
2015-10-28 17:19 - 2014-05-18 10:39 - 00000000 ___RD C:\Users\Gisele\Documents\MIJN FOTO's
2015-10-28 15:14 - 2014-01-01 10:07 - 00000000 ____D C:\Users\Gisele\Documents\DVD COVERS
2015-10-27 17:21 - 2015-09-30 21:54 - 00011608 _____ C:\Users\Gisele\Documents\Dijledal wonen.odt
2015-10-26 12:46 - 2013-11-17 14:12 - 00000000 ___RD C:\Users\Gisele\Documents\HANDLEIDINGEN
2015-10-26 07:03 - 2012-02-10 15:33 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-26 07:03 - 2012-02-10 15:33 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-26 07:03 - 2012-02-10 15:33 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-25 06:17 - 2014-11-12 09:53 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForGisele.job
2015-10-23 18:05 - 2014-06-04 08:32 - 00000000 ___RD C:\Users\Gisele\Documents\GISELE GEGEVENS
2015-10-23 10:51 - 2014-11-11 11:53 - 00001026 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-22 07:07 - 2009-07-14 06:08 - 00032536 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-21 15:25 - 2014-12-01 22:55 - 00000000 ____D C:\ProgramData\Oracle
2015-10-21 14:49 - 2014-12-01 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 14:48 - 2015-10-03 23:46 - 00000000 ____D C:\Users\Gisele\.oracle_jre_usage
2015-10-21 14:48 - 2014-12-01 22:55 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-21 14:48 - 2014-12-01 22:55 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-19 18:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-17 06:13 - 2013-11-17 14:13 - 00000000 ___RD C:\Users\Gisele\Documents\MA & PA GEGEVENS
2015-10-17 06:02 - 2015-04-22 10:40 - 00041257 _____ C:\Windows\SysWOW64\debug.log
2015-10-16 05:55 - 2013-08-17 09:48 - 00000000 ____D C:\Windows\system32\MRT
2015-10-16 05:47 - 2012-10-10 09:56 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 16:17 - 2012-10-05 19:44 - 00000000 ____D C:\Users\Gisele\AppData\Local\CrashDumps
 
==================== Bestanden in de root van sommige mappen =======
 
2014-12-23 08:24 - 2010-01-26 10:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2014-07-01 18:42 - 2014-07-02 08:25 - 0000295 _____ () C:\Users\Gisele\AppData\Roaming\burnaware.ini
2014-07-25 14:31 - 2014-07-25 18:52 - 0000000 _____ () C:\Users\Gisele\AppData\Roaming\Electric Clav
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Gisele\AppData\Roaming\GGpoFkG86Q
2012-12-25 19:56 - 2014-11-10 16:34 - 0099384 _____ () C:\Users\Gisele\AppData\Roaming\inst.exe
2012-12-25 19:56 - 2014-11-10 16:34 - 0007859 _____ () C:\Users\Gisele\AppData\Roaming\pcouffin.cat
2012-12-25 19:56 - 2014-11-10 16:34 - 0001167 _____ () C:\Users\Gisele\AppData\Roaming\pcouffin.inf
2012-12-25 19:56 - 2014-11-10 16:34 - 0000055 _____ () C:\Users\Gisele\AppData\Roaming\pcouffin.log
2012-12-25 19:56 - 2014-11-10 16:34 - 0082816 _____ (VSO Software) C:\Users\Gisele\AppData\Roaming\pcouffin.sys
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Gisele\AppData\Roaming\ZO4SPlTMRx4CiEzgS9SpOE
2014-01-06 09:51 - 2015-09-06 15:08 - 0006144 _____ () C:\Users\Gisele\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-05 21:02 - 2013-01-06 17:02 - 0007596 _____ () C:\Users\Gisele\AppData\Local\resmon.resmoncfg
2014-03-19 18:57 - 2014-12-24 15:47 - 0696960 _____ () C:\Users\Gisele\AppData\Local\rx_audio.Cache
2014-02-21 14:12 - 2014-12-24 15:49 - 18420144 _____ () C:\Users\Gisele\AppData\Local\rx_image32.Cache
2012-10-05 20:06 - 2015-11-06 20:39 - 0000123 ___SH () C:\ProgramData\.zreglib
2014-03-21 14:45 - 2014-03-21 14:45 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
 
Bestanden om te verplaatsen of verwijderen:
====================
C:\Users\Gisele\Sigel_Visitenkarten_In_2_Minuten.exe
C:\Windows\Tasks\{8BE261E3-B96D-4439-BA1F-AAD83FF4FAE1}.job
 
 
==================== Bamital & volsnap =================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2015-11-10 17:43
 
==================== Eind van FRST.txt ============================
 
 
 
 
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:07-11-2015
Gestart door Gisele (2015-11-11 13:47:24)
Gestart vanaf C:\Users\Gisele\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-03 16:47:29)
Boot Modus: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-774167087-3708585068-1396899783-500 - Administrator - Disabled)
Gast (S-1-5-21-774167087-3708585068-1396899783-501 - Limited - Disabled)
Gisele (S-1-5-21-774167087-3708585068-1396899783-1000 - Administrator - Enabled) => C:\Users\Gisele
HomeGroupUser$ (S-1-5-21-774167087-3708585068-1396899783-1002 - Limited - Enabled)
test (S-1-5-21-774167087-3708585068-1396899783-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
 
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
 
==================== Geïnstalleerde programma's ======================
 
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
 
µTorrent (HKU\S-1-5-21-774167087-3708585068-1396899783-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.4.0 - SlySoft)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer FREE v.1.0.0 (HKLM-x32\...\{4209F371-8668-980C-19C9-F8698AB75135}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
BearShare (HKLM-x32\...\BearShare) (Version: 12.0.0.135394 - Musiclab, LLC)
Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 18.17.0.1227 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.3300 - Broadcom Corporation)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Easy Computing - PC Drukkerij CD's & DVD's versie 6 (HKLM-x32\...\{E15CA073-CE07-4A33-8381-D4906C6173A7}) (Version: 4.1 - )
Elevated Installer (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version:  - )
FormatFactory 3.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.5.0.0 - Format Factory)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Video Converter versie 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{045320b6-c340-4960-aefd-57bf08a9b425}) (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
GemistDownloader (HKLM-x32\...\GemistDownloader) (Version: 2.8.1.8 - Wietze Beukema (HelpdeskWeb.nl))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM\...\{8A9B16F0-A84E-4EC5-BDA7-0ACCE79FB043}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{D2FFE8A1-980E-4CF9-A48F-453D767BA661}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Productverbeteringsonderzoek (HKLM\...\{ABDD5DC4-E37C-40E1-AB1C-601AA7F7D383}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{9A7B06AC-675B-428F-B632-97C7E6D45F8C}) (Version:  - )
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IsoBuster 2.2 (HKLM-x32\...\IsoBuster_is1) (Version: 2.2 - Smart Projects)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.2 Help Pack (Dutch) (HKLM-x32\...\{B9953A9A-27B6-43C6-A65E-BCE875E9F1BF}) (Version: 4.2.3.3 - The Document Foundation)
LibreOffice 4.2.3.3 (HKLM-x32\...\{4117DF3C-6677-4A22-90B7-FF06923417E9}) (Version: 4.2.3.3 - The Document Foundation)
MAGIX Speed burnR (MSI) (Version: 7.0.1.29 - MAGIX Software GmbH) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 nl) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 nl)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 nl)) (Version: 38.3.0 - Mozilla)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Softonic Assistant (HKU\S-1-5-21-774167087-3708585068-1396899783-1000\...\SoftonicAssistant) (Version: 0.1.6 - Softonic International S.A.) <==== AANDACHT
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Stuurprogrammapakket voor Windows - Fedict SmartCard  (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict)
Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.51091 Beta - TeamViewer)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VDownloader 4.1.1403.0 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: 4.1.1403.0 - Vitzo Limited)
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.33 - VSO-Software SARL)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
==================== Aangepaste CLSID (gefilterd): ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
CustomCLSID: HKU\S-1-5-21-774167087-3708585068-1396899783-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-774167087-3708585068-1396899783-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-774167087-3708585068-1396899783-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-774167087-3708585068-1396899783-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-774167087-3708585068-1396899783-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-774167087-3708585068-1396899783-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
 
==================== Herstelpunten =========================
 
02-11-2015 07:38:40 Windows Back-up
08-11-2015 19:00:39 Windows Back-up
 
==================== Hosts inhoud: ===============================
 
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
 
2009-07-14 03:34 - 2014-11-15 17:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Geplande Taken (gefilterd) =============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
Task: {00D4A471-4154-44DA-BE3E-E39702867F0A} - \{10A84920-3E16-4375-9AC1-E08445D4B6BF} -> Geen bestand <==== AANDACHT
Task: {01023A90-AA59-4BA8-A62B-0212324B11F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {09B2D955-8D46-48DB-81CB-B97804C60739} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {11B19D01-482D-40E4-AB59-4670E6464F7C} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}\missing_in_action_1985_2_the_beginning_dvdr_avi_nl_srt.exe <==== AANDACHT
Task: {17E459DB-3611-4102-A5EB-E825C6E4F23C} - System32\Tasks\{7E1FEAA4-B309-403E-A56B-A080C99FE350} => pcalua.exe -a "C:\Users\Gisele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1XOJOB4\JavaSetup8u45.exe" -d C:\Users\Gisele\Desktop
Task: {1F55D593-C44F-4DCE-ABC9-669A390EE296} - System32\Tasks\Softland\FBackup 5\FBackup 5 Tray Agent_Gisele => C:\Program Files (x86)\Softland\FBackup 5\bTray.exe
Task: {2122735E-F3C0-4EF6-AB41-C38F789E610E} - System32\Tasks\Wise Registry Cleaner Schedule Task => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe
Task: {2697E81A-B948-431A-9128-7FECC9C4C23D} - System32\Tasks\{8A1D12DF-80D7-4C5F-8ACA-C361FA192FF2} => pcalua.exe -a "C:\Program Files (x86)\Acoustica CD Label Maker\cdlabel.exe" -c UNINSTALL
Task: {28C15568-52AC-4F9E-B8E1-437EF193BF93} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-11-28] (CyberLink)
Task: {2AB1E0E1-E1CF-4DB2-BA7E-62EC6666DBA4} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {2F533DB8-0CB7-447F-A55F-5E93BACDD10C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {376B3297-51A6-4901-B4D3-D7074230D623} - System32\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe [2015-09-23] (Cinema PlusV23.09) <==== AANDACHT
Task: {46A3D4C6-3EA5-4F19-AFE0-B529753CCE90} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {472AD842-D1F2-4090-A220-B08E5FD30C9F} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {4A1CD95E-D5B6-42FA-AD40-15EC3A9D6302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-26] (Adobe Systems Incorporated)
Task: {4B5F6003-CB98-46E8-86AA-F780BDF720A8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {50C7D608-2342-47CE-847E-267CE6710DDD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {591D1E13-17AA-4611-A188-46A6B354CB65} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {5D61C131-EC24-43DC-885B-F7B05B5821F1} - System32\Tasks\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe [2015-09-23] (Cinema PlusV23.09) <==== AANDACHT
Task: {6632CA4C-9469-40D0-A72D-FBCAEEC5C74F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {6634E84D-6931-431F-A2C9-0DF3F1A43B4B} - System32\Tasks\{2683A1CA-06EF-4604-8288-7DA072D4747C} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/nl/abandoninstall?page=tsWLM
Task: {6E27E8AA-7D0B-497A-ACC7-1E3080E8E2B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {77EBAD64-F9D9-4B2A-9F9E-ED083BEF8CF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {78585B00-E926-491B-A0A9-83BD766F3ED9} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe [2015-07-27] (Bitdefender)
Task: {78EFE4F7-ABFF-453B-962A-DCA684461BD1} - System32\Tasks\{AA918117-826C-4F72-B8B1-51E8BD3FF9F3} => pcalua.exe -a "C:\Program Files (x86)\Acoustica CD Label Maker\cdlabel.exe" -c UNINSTALL
Task: {7E68F999-2C18-4840-9047-F71D2E5BEDA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {82FECA5E-94B7-4AE2-A065-D14BE0F8A0E5} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9B5559DA-E48D-42FC-B996-24A67C238DFC} - System32\Tasks\{250A1781-0C4B-46EF-862C-1C851A23DA29} => pcalua.exe -a "C:\Users\Gisele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23RTC188\SoftonicDownloader_voor_windows-live-mail.exe" -d C:\Users\Gisele\Desktop <==== AANDACHT
Task: {9E2D3537-D36B-4016-932A-33F9C17E4433} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10.exe <==== AANDACHT
Task: {A4A697A4-CB9A-4AAD-944C-48C9657F1ED3} - System32\Tasks\{1E57921B-7B9C-4649-8E0E-218B7A9D3952} => pcalua.exe -a "C:\Users\Gisele\Documents\DRIVERs &amp; SLEUTELS\ELABORATE BYTES\CLONE DVD\Clone dvd 1\SetupCloneDVD2.exe" -d "C:\Users\Gisele\Documents\DRIVERs &amp; SLEUTELS\ELABORATE BYTES\CLONE DVD\Clone dvd 1"
Task: {B0682CBC-BC0F-4B11-A7F9-4425D2658FDD} - System32\Tasks\{80BE72B0-6B3B-4D80-B18E-3B189F362CE0} => pcalua.exe -a C:\Users\Gisele\Documents\HP\roxiocentral_beta.exe -d C:\Users\Gisele\Documents\HP
Task: {B86BA973-6A97-4831-AFCC-13528A27312A} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {B883F375-91A5-4C49-A375-F08A37C66B70} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.exe <==== AANDACHT
Task: {BB7EE7DA-CDB1-4147-8ACA-981C37DB5A18} - System32\Tasks\GoogleUpdateTaskMachineCore1cfee6bf72142fd => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C2438ADD-EA0F-47BC-B92F-F14530AF3AE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C5F65146-A512-46D2-8F8D-9BECFAD9EB6E} - System32\Tasks\{840E8FCB-A3B9-4615-99EC-9074EBA0C2DD} => pcalua.exe -a "C:\Users\Gisele\Documents\DRIVERs &amp; SLEUTELS\ELABORATE BYTES\CLONE DVD1\Clone dvd 2\CloneDVD2-uninst.exe" -d "C:\Users\Gisele\Documents\DRIVERs &amp; SLEUTELS\ELABORATE BYTES\CLONE DVD1\Clone dvd 2"
Task: {D1120056-0169-4241-A436-BD8276B6ACD9} - System32\Tasks\{EED628D9-4EEC-46E7-AB4D-04F1779199F6} => pcalua.exe -a "C:\Users\Gisele\Documents\DRIVERs &amp; SLEUTELS\BUBLETS 2\unins000.exe" -d "C:\Users\Gisele\Documents\DRIVERs &amp; SLEUTELS\BUBLETS 2"
Task: {DA757FAB-47C4-469E-877A-AEB374290D6D} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.exe <==== AANDACHT
Task: {ED63F08A-521B-483A-B86D-E7925E5901D1} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Gisele\AppData\Roaming\Allmyapps\Allmyapps.exe
Task: {F3C4D3D1-8BD5-4BAC-AA6F-98DEC4DE68A0} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {F95F8149-49D1-4761-BA01-41A2220DEAA4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
 
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
 
Task: C:\Windows\Tasks\0414bUpdateInfo.job => C:\ProgramData\Avg_Update_0414b\0414b_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\0814avUpdateInfo.job => C:\ProgramData\Avg_Update_0814av\0814av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe <==== AANDACHT
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}\missing_in_action_1985_2_the_beginning_dvdr_avi_nl_srt.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.exe <==== AANDACHT
Task: C:\Windows\Tasks\GarminUpdaterTask.job => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a9ea7de147b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee6bf72142fd.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForGisele.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe <==== AANDACHT
Task: C:\Windows\Tasks\Wise Registry Cleaner Schedule Task.job => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe
Task: C:\Windows\Tasks\{8BE261E3-B96D-4439-BA1F-AAD83FF4FAE1}.job => Iexplore exeEhttp /ui skype com ui 0 6 73 105 457 nl/
 
==================== Geladen Modules (gefilterd) ==============
 
2015-02-01 15:53 - 2014-08-27 16:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-02-01 15:52 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-02-01 15:53 - 2014-10-31 07:40 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-02-01 15:53 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2015-09-04 18:20 - 2015-09-04 18:20 - 00875352 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01150_013\ashttpbr.mdl
2015-09-04 18:20 - 2015-09-04 18:20 - 00741952 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01150_013\ashttpdsp.mdl
2015-09-04 18:20 - 2015-09-04 18:20 - 02800952 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01150_013\ashttpph.mdl
2015-09-04 18:20 - 2015-09-04 18:20 - 01413024 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01150_013\ashttprbl.mdl
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-23 17:00 - 2015-09-17 23:03 - 00167936 ____H () C:\Program Files (x86)\Tencent\app.exe
 
==================== Alternate Data Streams (gefilterd) =========
 
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
 
AlternateDataStreams: C:\Users\Gisele\Documents\Firefox Setup Stub 37.0.2.exe:BDU
 
==================== Veilige Modus (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Bestandskoppeling (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
 
 
==================== Internet Explorer vertrouwde/beperkte toegang ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
 
 
==================== Andere gebieden ============================
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKU\S-1-5-21-774167087-3708585068-1396899783-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.130.130.1 - 195.130.131.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
 
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
MSCONFIG\Services: BdDesktopParental => 3
MSCONFIG\startupreg: Bdagent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe"
MSCONFIG\startupreg: Bitdefender Wallet Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
MSCONFIG\startupreg: VDownloader => "C:\Program Files\VDownloader\VDownloader4.exe" /silent
 
==================== Firewall regels (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
FirewallRules: [{24B5E6D0-B139-47ED-910C-77708CFCDF80}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BBB1D9BD-ADDA-40C4-956B-8BD145715E31}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{AF3BB071-775C-496D-887D-F16F2053509E}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{16B04FA8-7594-4CFD-9F6A-2766E6332FEF}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{3A749795-20E7-4286-9A45-1759139F0050}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{CE720FC9-097A-4E08-AD46-2CBC31127813}] => (Allow) C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe
FirewallRules: [{99DE2158-8CD7-4117-9B64-0434F0E59622}] => (Allow) C:\Users\Gisele\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5FD7D73B-D058-4463-865F-A92B80B8F92A}] => (Allow) C:\Users\Gisele\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{980F0BFA-1B4C-4BF7-8E69-F17A4C418921}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{2D9BE962-DC60-49CD-8E7A-4F17CB8811BC}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2C0BD4F6-70E0-4693-9720-D3E5EA464D2D}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{25372923-22F3-4522-9195-B0280683D0D1}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{22EB3FD6-B0FA-459B-B536-E925994861C8}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
FirewallRules: [{BA48E02F-8DBB-4D51-B4A3-1F187748BC57}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E6D488F9-1884-4C5C-8E30-2C7FBA6C3B46}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{75D81AC7-142C-4FB4-AA9A-85314E6AFB35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5BBF86CD-EC35-46C9-9BE3-FAAD944C2D7E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{064DC10C-04FB-49EC-A272-EFC74027FA2F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{48745EAE-9CC7-4FC2-9D11-3707FEB5CED3}] => (Allow) LPort=2869
FirewallRules: [{C84267AC-42C8-4B6C-9FAE-9A40BE642299}] => (Allow) LPort=1900
FirewallRules: [{A6D9637E-1199-45E6-B9A6-AC67396BC6CD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{C71B195F-24EF-4DF9-8AE6-DF7F90196AD6}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe] => (Allow) C:\program files (x86)\bearshare applications\bearshare\bearshare.exe
FirewallRules: [UDP Query User{37714110-B779-4BC4-B115-BE16B23120D4}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe] => (Allow) C:\program files (x86)\bearshare applications\bearshare\bearshare.exe
FirewallRules: [{F42548F6-C144-4AD2-92C0-EED0948AD294}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{186CA1F1-67D8-45B3-BA86-8325B307B5F0}] => (Allow) C:\Users\Gisele\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{872E3B61-608C-4E05-96F0-D3E24F6402A6}] => (Allow) C:\Users\Gisele\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AC247C22-D2FF-4486-BC37-01BC0CD4D760}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{5F24EA58-01DC-4987-9E77-A580D4BC4A20}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{24C49FDC-7B33-4A45-A23B-FCA3F2008464}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{162358E9-3FDD-4312-B294-ADF57213E076}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4D578950-6495-4A0F-AAC4-AFEBCC766ABB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{434336DA-EE19-4A14-A3FA-844395C16444}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{36E1B837-BC68-4429-8D86-AF003009F2FA}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{9647714A-87A6-4E36-913F-AE227525B953}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{6369729E-2252-43C2-9970-E2986554E5E5}C:\program files (x86)\搜狐影音\sohuva.exe] => (Block) C:\program files (x86)\搜狐影音\sohuva.exe
FirewallRules: [UDP Query User{73DD5F9D-5C50-4E61-BC1E-4EAF69312AA5}C:\program files (x86)\搜狐影音\sohuva.exe] => (Block) C:\program files (x86)\搜狐影音\sohuva.exe
FirewallRules: [TCP Query User{D58FE710-7251-4710-B541-C8FA1ECD43C7}C:\program files (x86)\搜狐影音\shplayer.exe] => (Block) C:\program files (x86)\搜狐影音\shplayer.exe
FirewallRules: [UDP Query User{24456B12-304B-40B5-A2F8-7ECF244C05F2}C:\program files (x86)\搜狐影音\shplayer.exe] => (Block) C:\program files (x86)\搜狐影音\shplayer.exe
FirewallRules: [{A113DB1F-D9AF-4A67-B6F4-A00272BCAF88}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{68EAA6FB-AB7F-452A-8A80-D9AA36952233}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{251E295A-811D-4ABE-88F1-C2A9384AF6D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{98242CD2-A5AA-4517-9357-1DAC6740A92F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1D5ADB70-F7FC-4D6D-AFC4-0D61C796AE87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Defecte Apparaatbeheer Apparaten =============
 
 
==================== Eventlog fouten: =========================
 
Applicatiefouten:
==================
Error: (11/10/2015 06:18:14 PM) (Source: MsiInstaller) (EventID: 1024) (User: Gisele-HP-LAP)
Description: Product: Adobe Acrobat Reader DC - Nederlands - Update '{AC76BA86-7AD7-0000-2550-AC0F094E6D00}' kan niet worden geïnstalleerd. Foutcode: 1625. Windows Installer kan logboekbestanden maken om te helpen bij het oplossen van problemen tijdens het installeren van softwarepakketten. Raadpleeg de volgende koppeling voor aanwijzingen over het inschakelen van ondersteuning via logboekregistratie: http://go.microsoft....k/?LinkId=23127
 
Error: (11/08/2015 10:33:43 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3560) WindowsMail0: Het maken van de back-up is gestopt, omdat deze door de client is gestopt of omdat de verbinding met de client is mislukt.
 
Error: (11/08/2015 07:00:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine ConvertStringSidToSid(S-1-5-21-774167087-3708585068-1396899783-1003.bak).  hr = 0x80070539, De structuur van de beveiligings-id is ongeldig.
.
 
 
Bewerking:
   OnIdentify-gebeurtenis
   Schrijvergegevens verzamelen
 
Context:
   Uitvoeringscontext: Shadow Copy Optimization Writer
   Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Naam van schrijver: Shadow Copy Optimization Writer
   Instantie-id van schrijver: {d6902fbf-5808-4d30-ba2d-a1d0156ce536}
 
Error: (11/02/2015 07:38:41 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine ConvertStringSidToSid(S-1-5-21-774167087-3708585068-1396899783-1003.bak).  hr = 0x80070539, De structuur van de beveiligings-id is ongeldig.
.
 
 
Bewerking:
   OnIdentify-gebeurtenis
   Schrijvergegevens verzamelen
 
Context:
   Uitvoeringscontext: Shadow Copy Optimization Writer
   Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Naam van schrijver: Shadow Copy Optimization Writer
   Instantie-id van schrijver: {eecdacbe-736f-437b-bb37-fdc0d415b832}
 
Error: (10/29/2015 06:33:31 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Gisele-HP-LAP)
Description: Kan toepassing of service 'Roxio SAIB Service' niet opnieuw starten.
 
Error: (10/29/2015 06:33:31 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Gisele-HP-LAP)
Description: Kan toepassing of service 'BOT4Service' niet opnieuw starten.
 
Error: (10/25/2015 07:00:09 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine ConvertStringSidToSid(S-1-5-21-774167087-3708585068-1396899783-1003.bak).  hr = 0x80070539, De structuur van de beveiligings-id is ongeldig.
.
 
 
Bewerking:
   OnIdentify-gebeurtenis
   Schrijvergegevens verzamelen
 
Context:
   Uitvoeringscontext: Shadow Copy Optimization Writer
   Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Naam van schrijver: Shadow Copy Optimization Writer
   Instantie-id van schrijver: {ac04faa3-5d51-4213-92f2-d9eccf7b69c7}
 
Error: (10/25/2015 06:16:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine ConvertStringSidToSid(S-1-5-21-774167087-3708585068-1396899783-1003.bak).  hr = 0x80070539, De structuur van de beveiligings-id is ongeldig.
.
 
 
Bewerking:
   OnIdentify-gebeurtenis
   Schrijvergegevens verzamelen
 
Context:
   Uitvoeringscontext: Shadow Copy Optimization Writer
   Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Naam van schrijver: Shadow Copy Optimization Writer
   Instantie-id van schrijver: {836b0d37-676a-4bc0-b90f-f558d1c6f372}
 
Error: (10/18/2015 06:16:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine ConvertStringSidToSid(S-1-5-21-774167087-3708585068-1396899783-1003.bak).  hr = 0x80070539, De structuur van de beveiligings-id is ongeldig.
.
 
 
Bewerking:
   OnIdentify-gebeurtenis
   Schrijvergegevens verzamelen
 
Context:
   Uitvoeringscontext: Shadow Copy Optimization Writer
   Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Naam van schrijver: Shadow Copy Optimization Writer
   Instantie-id van schrijver: {61925c3f-7cd5-483f-8282-e027b4c2d522}
 
Error: (10/16/2015 08:27:05 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine ConvertStringSidToSid(S-1-5-21-774167087-3708585068-1396899783-1003.bak).  hr = 0x80070539, De structuur van de beveiligings-id is ongeldig.
.
 
 
Bewerking:
   OnIdentify-gebeurtenis
   Schrijvergegevens verzamelen
 
Context:
   Uitvoeringscontext: Shadow Copy Optimization Writer
   Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Naam van schrijver: Shadow Copy Optimization Writer
   Instantie-id van schrijver: {6712fc98-73e1-4497-81ee-3a18b56140d2}
 
 
Systeemfouten:
=============
Error: (11/11/2015 01:32:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De Peer Networking Grouping-service is afhankelijk van de Peer Name Resolution Protocol-service, die vanwege de volgende fout niet kan worden gestart: 
%%-2140993535
 
Error: (11/11/2015 01:32:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Peer Name Resolution Protocol-service is gestopt met de volgende foutcode: 
%%-2140993535.
 
Error: (11/11/2015 01:32:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De Peer Networking Grouping-service is afhankelijk van de Peer Name Resolution Protocol-service, die vanwege de volgende fout niet kan worden gestart: 
%%-2140993535
 
Error: (11/11/2015 01:32:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Peer Name Resolution Protocol-service is gestopt met de volgende foutcode: 
%%-2140993535.
 
Error: (11/11/2015 01:32:08 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (11/11/2015 01:32:08 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (11/11/2015 01:31:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Peer Name Resolution Protocol-service is gestopt met de volgende foutcode: 
%%-2140993535.
 
Error: (11/11/2015 01:31:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De Peer Networking Grouping-service is afhankelijk van de Peer Name Resolution Protocol-service, die vanwege de volgende fout niet kan worden gestart: 
%%-2140993535
 
Error: (11/11/2015 01:31:59 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
 
Error: (11/11/2015 01:30:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Bitdefender Virus Shield-service is bij het starten vastgelopen.
 
 
CodeIntegrity:
===================================
  Date: 2014-11-15 17:32:45.312
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 17:32:45.296
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 17:32:45.265
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 17:32:45.234
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 16:41:41.354
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 16:41:41.339
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 16:41:41.307
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 16:41:41.276
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 14:44:35.518
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-11-15 14:44:35.489
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
 
==================== Geheugen info =========================== 
 
Processor: Intel® Pentium® CPU B950 @ 2.10GHz
Percentage geheugen in gebruik: 34%
Totaal fysiek RAM-geheugen: 6040.36 MB
Beschikbaar fysiek RAM-geheugen: 3934.33 MB
Totaal Virtueel geheugen: 15038.57 MB
Beschikbaar Virtual geheugen: 12855.91 MB
 
==================== Schijven ================================
 
Drive c: () (Fixed) (Total:441.59 GB) (Free:94.5 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (Recovery) (Fixed) (Total:23.87 GB) (Free:2.15 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
 
==================== MBR & Partitietabel ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D514C5BB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=23.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== Eind van Addition.txt ============================

Edited by HaraMo, 11 November 2015 - 06:53 AM.

  • 0

Advertisements

#2
Essexboy
Posted 12 November 2015 - 11:41 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you let me know how the computer is after this

Re-install Chrome

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome.
Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

THEN

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM-x32\...\Run: [app] => C:\Program Files (x86)\Tencent\app.exe [167936 2015-09-17] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Geen bestand
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchfix.info/?unqvl=63&idate=2015/05/09&l=1&q={searchTerms}
FF user.js: detected! => C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\user.js [2015-09-10]
FF Extension: CinemaP-1.9cV08.11 - C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\Extensions\[email protected] [2015-11-08] [ niet getekend]
2015-11-08 18:45 - 2015-11-11 13:31 - 00002442 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user.job
2015-11-08 18:45 - 2015-11-11 13:31 - 00002442 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.job
2015-11-08 18:45 - 2015-11-08 18:45 - 00005472 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5
2015-11-08 18:43 - 2015-11-11 13:43 - 00003134 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.job
2015-11-08 18:43 - 2015-11-08 18:43 - 00006162 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6
2015-11-08 18:42 - 2015-11-11 13:42 - 00005514 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.job
2015-11-08 18:42 - 2015-11-11 13:42 - 00005178 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.job
2015-11-08 18:42 - 2015-11-11 13:31 - 00004154 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.job
2015-11-08 18:42 - 2015-11-08 18:42 - 00008542 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6
2015-11-08 18:42 - 2015-11-08 18:42 - 00008206 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7
2015-11-08 18:42 - 2015-11-08 18:42 - 00007184 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4
2015-11-08 18:42 - 2015-11-08 18:42 - 00000000 ____D C:\Program Files (x86)\d0474f20-c92a-47c8-bba1-9c9b9e2ec9f8
2015-11-08 18:41 - 2015-11-11 13:41 - 00004154 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.job
2015-11-08 18:41 - 2015-11-08 18:41 - 00007190 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3
2015-11-08 18:40 - 2015-11-11 13:41 - 00002108 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user.job
2015-11-08 18:40 - 2015-11-08 19:18 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV08.11
2015-11-11 13:31 - 2015-09-23 17:10 - 00002108 _____ C:\Windows\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user.job
2015-11-11 13:31 - 2015-09-23 17:10 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-11 13:31 - 2014-10-23 03:49 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee6bf72142fd.job
2015-11-10 19:17 - 2014-11-30 12:34 - 00000000 ____D C:\ProgramData\BDLogging
2015-11-10 17:11 - 2015-05-28 10:11 - 00000424 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job
2015-11-10 08:08 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Gisele\AppData\Roaming\GGpoFkG86Q
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Gisele\AppData\Roaming\ZO4SPlTMRx4CiEzgS9SpOE
Task: {00D4A471-4154-44DA-BE3E-E39702867F0A} - \{10A84920-3E16-4375-9AC1-E08445D4B6BF} -> Geen bestand <==== AANDACHT
Task: {11B19D01-482D-40E4-AB59-4670E6464F7C} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}\missing_in_action_1985_2_the_beginning_dvdr_avi_nl_srt.exe <==== AANDACHT
Task: {2AB1E0E1-E1CF-4DB2-BA7E-62EC6666DBA4} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {376B3297-51A6-4901-B4D3-D7074230D623} - System32\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe [2015-09-23] (Cinema PlusV23.09) <==== AANDACHT
Task: {472AD842-D1F2-4090-A220-B08E5FD30C9F} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {591D1E13-17AA-4611-A188-46A6B354CB65} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {5D61C131-EC24-43DC-885B-F7B05B5821F1} - System32\Tasks\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe [2015-09-23] (Cinema PlusV23.09) <==== AANDACHT
Task: {9B5559DA-E48D-42FC-B996-24A67C238DFC} - System32\Tasks\{250A1781-0C4B-46EF-862C-1C851A23DA29} => pcalua.exe -a "C:\Users\Gisele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23RTC188\SoftonicDownloader_voor_windows-live-mail.exe" -d C:\Users\Gisele\Desktop <==== AANDACHT
Task: {9E2D3537-D36B-4016-932A-33F9C17E4433} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10.exe <==== AANDACHT
Task: {B86BA973-6A97-4831-AFCC-13528A27312A} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {B883F375-91A5-4C49-A375-F08A37C66B70} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.exe <==== AANDACHT
Task: {DA757FAB-47C4-469E-877A-AEB374290D6D} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.exe <==== AANDACHT
Task: {ED63F08A-521B-483A-B86D-E7925E5901D1} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Gisele\AppData\Roaming\Allmyapps\Allmyapps.exe
Task: {F3C4D3D1-8BD5-4BAC-AA6F-98DEC4DE68A0} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: C:\Windows\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe <==== AANDACHT
Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}\missing_in_action_1985_2_the_beginning_dvdr_avi_nl_srt.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.exe <==== AANDACHT
Task: C:\Windows\Tasks\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe <==== AANDACHT
C:\Program Files (x86)\Tencent
C:\Program Files (x86)\CinemaP-1.9cV23.09
C:\Program Files (x86)\CinemaP-1.9cV08.11
c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

FINALLY

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
HaraMo
Posted 12 November 2015 - 01:22 PM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

No google chrome is used, it is indeed installed, but no history, or favorites, also no account.

 

Can I just uninstal it in remove programs?

 

I uninstalled it using control panel (removing programs).

 

then rebooted, then wanted to download it, (your link is english version), so I googled it, but then, I cannot click on the links (searchresult), this problem also appears with the advertisement, cannot open a page in google searchresult.

 

But I will leave the installation now as it is.

 

Will continu to the fixlist step.


Edited by HaraMo, 12 November 2015 - 01:40 PM.

  • 0

#4
Essexboy
Posted 12 November 2015 - 01:36 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Yes uninstall but ensure that all data is removed


  • 0

#5
HaraMo
Posted 12 November 2015 - 02:06 PM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts
adwcleaners filename does not end with S0, but S1 and another file C1.
 
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:07-11-2015
Gestart door Gisele (2015-11-12 20:42:10) Run:1
Gestart vanaf C:\Users\Gisele\Desktop
Geladen Profielen: Gisele (Beschikbare Profielen: Gisele)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
CreateRestorePoint:
HKLM-x32\...\Run: [app] => C:\Program Files (x86)\Tencent\app.exe [167936 2015-09-17] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Geen bestand
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Geen bestand
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchfix.info/?unqvl=63&idate=2015/05/09&l=1&q={searchTerms}
FF user.js: detected! => C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\user.js [2015-09-10]
FF Extension: CinemaP-1.9cV08.11 - C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\Extensions\[email protected] [2015-11-08] [ niet getekend]
2015-11-08 18:45 - 2015-11-11 13:31 - 00002442 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user.job
2015-11-08 18:45 - 2015-11-11 13:31 - 00002442 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.job
2015-11-08 18:45 - 2015-11-08 18:45 - 00005472 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5
2015-11-08 18:43 - 2015-11-11 13:43 - 00003134 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.job
2015-11-08 18:43 - 2015-11-08 18:43 - 00006162 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6
2015-11-08 18:42 - 2015-11-11 13:42 - 00005514 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.job
2015-11-08 18:42 - 2015-11-11 13:42 - 00005178 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.job
2015-11-08 18:42 - 2015-11-11 13:31 - 00004154 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.job
2015-11-08 18:42 - 2015-11-08 18:42 - 00008542 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6
2015-11-08 18:42 - 2015-11-08 18:42 - 00008206 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7
2015-11-08 18:42 - 2015-11-08 18:42 - 00007184 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4
2015-11-08 18:42 - 2015-11-08 18:42 - 00000000 ____D C:\Program Files (x86)\d0474f20-c92a-47c8-bba1-9c9b9e2ec9f8
2015-11-08 18:41 - 2015-11-11 13:41 - 00004154 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.job
2015-11-08 18:41 - 2015-11-08 18:41 - 00007190 _____ C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3
2015-11-08 18:40 - 2015-11-11 13:41 - 00002108 _____ C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user.job
2015-11-08 18:40 - 2015-11-08 19:18 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV08.11
2015-11-11 13:31 - 2015-09-23 17:10 - 00002108 _____ C:\Windows\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user.job
2015-11-11 13:31 - 2015-09-23 17:10 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-11 13:31 - 2014-10-23 03:49 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee6bf72142fd.job
2015-11-10 19:17 - 2014-11-30 12:34 - 00000000 ____D C:\ProgramData\BDLogging
2015-11-10 17:11 - 2015-05-28 10:11 - 00000424 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job
2015-11-10 08:08 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Gisele\AppData\Roaming\GGpoFkG86Q
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Gisele\AppData\Roaming\ZO4SPlTMRx4CiEzgS9SpOE
Task: {00D4A471-4154-44DA-BE3E-E39702867F0A} - \{10A84920-3E16-4375-9AC1-E08445D4B6BF} -> Geen bestand <==== AANDACHT
Task: {11B19D01-482D-40E4-AB59-4670E6464F7C} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}\missing_in_action_1985_2_the_beginning_dvdr_avi_nl_srt.exe <==== AANDACHT
Task: {2AB1E0E1-E1CF-4DB2-BA7E-62EC6666DBA4} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {376B3297-51A6-4901-B4D3-D7074230D623} - System32\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe [2015-09-23] (Cinema PlusV23.09) <==== AANDACHT
Task: {472AD842-D1F2-4090-A220-B08E5FD30C9F} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {591D1E13-17AA-4611-A188-46A6B354CB65} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {5D61C131-EC24-43DC-885B-F7B05B5821F1} - System32\Tasks\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe [2015-09-23] (Cinema PlusV23.09) <==== AANDACHT
Task: {9B5559DA-E48D-42FC-B996-24A67C238DFC} - System32\Tasks\{250A1781-0C4B-46EF-862C-1C851A23DA29} => pcalua.exe -a "C:\Users\Gisele\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\23RTC188\SoftonicDownloader_voor_windows-live-mail.exe" -d C:\Users\Gisele\Desktop <==== AANDACHT
Task: {9E2D3537-D36B-4016-932A-33F9C17E4433} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10.exe <==== AANDACHT
Task: {B86BA973-6A97-4831-AFCC-13528A27312A} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: {B883F375-91A5-4C49-A375-F08A37C66B70} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.exe <==== AANDACHT
Task: {DA757FAB-47C4-469E-877A-AEB374290D6D} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.exe <==== AANDACHT
Task: {ED63F08A-521B-483A-B86D-E7925E5901D1} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Gisele\AppData\Roaming\Allmyapps\Allmyapps.exe
Task: {F3C4D3D1-8BD5-4BAC-AA6F-98DEC4DE68A0} - System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4 => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.exe [2015-11-08] (Cinema PlusV08.11) <==== AANDACHT
Task: C:\Windows\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe <==== AANDACHT
Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}\missing_in_action_1985_2_the_beginning_dvdr_avi_nl_srt.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.exe <==== AANDACHT
Task: C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.job => C:\Program Files (x86)\CinemaP-1.9cV08.11\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.exe <==== AANDACHT
Task: C:\Windows\Tasks\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => C:\Program Files (x86)\CinemaP-1.9cV23.09\951a9b41-c647-4615-bf02-94b5849a653f-10.exe <==== AANDACHT
C:\Program Files (x86)\Tencent
C:\Program Files (x86)\CinemaP-1.9cV23.09
C:\Program Files (x86)\CinemaP-1.9cV08.11
c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Herstelpunt is succesfol gemaakt.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\app => waarde is succesvol verwijderd.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\SOFTWARE\Policies\Google" => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde met succes hersteld
C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\user.js => is succesvol verplaatst.
C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\Extensions\[email protected] => is succesvol verplaatst.
C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\Extensions\[email protected] => pad is succesvol verwijderd.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user.job => is succesvol verplaatst.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.job => is succesvol verplaatst.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5 => is succesvol verplaatst.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.job => is succesvol verplaatst.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6 => is succesvol verplaatst.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.job => is succesvol verplaatst.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.job => is succesvol verplaatst.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.job => is succesvol verplaatst.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6 => is succesvol verplaatst.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7 => is succesvol verplaatst.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4 => is succesvol verplaatst.
C:\Program Files (x86)\d0474f20-c92a-47c8-bba1-9c9b9e2ec9f8 => is succesvol verplaatst.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.job => is succesvol verplaatst.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3 => is succesvol verplaatst.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user.job => is succesvol verplaatst.
C:\Program Files (x86)\CinemaP-1.9cV08.11 => is succesvol verplaatst.
C:\Windows\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => is succesvol verplaatst.
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => is succesvol verplaatst.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfee6bf72142fd.job => is succesvol verplaatst.
C:\ProgramData\BDLogging => is succesvol verplaatst.
C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => is succesvol verplaatst.
C:\Windows\System32\Tasks\WPD => is succesvol verplaatst.
C:\Users\Gisele\AppData\Roaming\GGpoFkG86Q => is succesvol verplaatst.
C:\Users\Gisele\AppData\Roaming\ZO4SPlTMRx4CiEzgS9SpOE => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00D4A471-4154-44DA-BE3E-E39702867F0A}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00D4A471-4154-44DA-BE3E-E39702867F0A}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{10A84920-3E16-4375-9AC1-E08445D4B6BF}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11B19D01-482D-40E4-AB59-4670E6464F7C}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11B19D01-482D-40E4-AB59-4670E6464F7C}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b] => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bidaily Synchronize Task[973b]" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2AB1E0E1-E1CF-4DB2-BA7E-62EC6666DBA4}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AB1E0E1-E1CF-4DB2-BA7E-62EC6666DBA4}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5 => niet gevonden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{376B3297-51A6-4901-B4D3-D7074230D623}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{376B3297-51A6-4901-B4D3-D7074230D623}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\951a9b41-c647-4615-bf02-94b5849a653f-10_user" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{472AD842-D1F2-4090-A220-B08E5FD30C9F}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{472AD842-D1F2-4090-A220-B08E5FD30C9F}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{591D1E13-17AA-4611-A188-46A6B354CB65}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{591D1E13-17AA-4611-A188-46A6B354CB65}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6 => niet gevonden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D61C131-EC24-43DC-885B-F7B05B5821F1}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D61C131-EC24-43DC-885B-F7B05B5821F1}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B5559DA-E48D-42FC-B996-24A67C238DFC}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B5559DA-E48D-42FC-B996-24A67C238DFC}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\{250A1781-0C4B-46EF-862C-1C851A23DA29} => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{250A1781-0C4B-46EF-862C-1C851A23DA29}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9E2D3537-D36B-4016-932A-33F9C17E4433}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E2D3537-D36B-4016-932A-33F9C17E4433}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B86BA973-6A97-4831-AFCC-13528A27312A}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B86BA973-6A97-4831-AFCC-13528A27312A}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3 => niet gevonden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B883F375-91A5-4C49-A375-F08A37C66B70}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B883F375-91A5-4C49-A375-F08A37C66B70}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6 => niet gevonden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DA757FAB-47C4-469E-877A-AEB374290D6D}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA757FAB-47C4-469E-877A-AEB374290D6D}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7 => niet gevonden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED63F08A-521B-483A-B86D-E7925E5901D1}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED63F08A-521B-483A-B86D-E7925E5901D1}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\AllmyappsUpdateTask => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AllmyappsUpdateTask" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F3C4D3D1-8BD5-4BAC-AA6F-98DEC4DE68A0}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3C4D3D1-8BD5-4BAC-AA6F-98DEC4DE68A0}" => sleutel is succesvol verwijderd.
C:\Windows\System32\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4 => niet gevonden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4" => sleutel is succesvol verwijderd.
C:\Windows\Tasks\951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => niet gevonden.
C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => niet gevonden.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-1-6.job => niet gevonden.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-10_user.job => niet gevonden.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-3.job => niet gevonden.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-4.job => niet gevonden.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5.job => niet gevonden.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-5_user.job => niet gevonden.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-6.job => niet gevonden.
C:\Windows\Tasks\d7a577c7-3b1e-462a-9012-e8faa1f8537e-7.job => niet gevonden.
C:\Windows\Tasks\temp_951a9b41-c647-4615-bf02-94b5849a653f-10_user.job => is succesvol verplaatst.
C:\Program Files (x86)\Tencent => is succesvol verplaatst.
C:\Program Files (x86)\CinemaP-1.9cV23.09 => is succesvol verplaatst.
"C:\Program Files (x86)\CinemaP-1.9cV08.11" => niet gevonden.
"c:\programdata\{37f06908-592c-7ed0-37f0-06908592a421}" => niet gevonden.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
De bewerking is voltooid.
 
 
 
========= Eind van Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
De bewerking is voltooid.
 
 
 
========= Eind van Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd.
HKU\S-1-5-21-774167087-3708585068-1396899783-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd.
HKU\S-1-5-21-774167087-3708585068-1396899783-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd.
 
 
========= Eind van RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {598A460B-4427-4456-A94F-298C061A09A0}.
Unable to cancel {0FF794FB-DD36-4B15-8639-4786FDB37B14}.
Unable to cancel {EDBE1B72-A2DB-49E1-AA3C-D938F87BED21}.
Unable to cancel {66EC8CD5-F6FC-4C3B-B2CB-F87C0CE6DECF}.
Unable to cancel {B721668F-1075-447A-9DA5-D31DDE5397E8}.
Unable to cancel {4218DF14-02D5-4D44-B0E9-968BD4E1E60D}.
Unable to cancel {EF8FA321-034D-492A-AB04-FFAAF4E7E04C}.
{22927075-6AAB-4F5E-AE3E-0CD50A2390FA} canceled.
{27FA39B9-276F-458D-AC7F-C81D35B640CF} canceled.
2 out of 9 jobs canceled.
 
========= Eind van CMD: =========
 
EmptyTemp: => 271.2 MB tijdelijke gegevens verwijderd.
 
 
Het systeem moest herstart worden.
 
==== Eind van Fixlog 20:43:41 ====
 
# AdwCleaner v5.019 - Logbestand aangemaakt 12/11/2015 op 20:57:38
# Laatste update 08/11/2015 door Xplode
# Database : 2015-11-09.1 [Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Gisele - GISELE-HP-LAP
# Gestart vanuit : C:\Users\Gisele\Desktop\AdwCleaner.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum
 
***** [ Services ] *****
 
 
***** [ Mappen ] *****
 
[-] Map Verwijderd : C:\Program Files (x86)\BearShare Applications
[-] Map Verwijderd : C:\ProgramData\11399962440826087191
[-] Map Verwijderd : C:\Users\Gisele\AppData\Local\SoftonicAssistant
[-] Map Verwijderd : C:\Users\Gisele\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
[-] Map Verwijderd : C:\Users\Gisele\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
[-] Map Verwijderd : C:\Users\Gisele\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\blkommpkadaihnagjpjpjbhkgfoekldk
[-] Map Verwijderd : C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Map Verwijderd : C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[!] Map Niet Verwijderd : C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi
[-] Map Verwijderd : C:\Users\Gisele\AppData\Roaming\EZDownloader
[-] Map Verwijderd : C:\Users\Gisele\AppData\Roaming\OpenCandy
[-] Map Verwijderd : C:\Users\Gisele\AppData\Roaming\VOPackage
[-] Map Verwijderd : C:\Users\Gisele\AppData\Roaming\RHEng
[-] Map Verwijderd : C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
 
***** [ Bestanden ] *****
 
[-] Bestand Verwijderd : C:\Users\Gisele\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
[-] Bestand Verwijderd : C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] Bestand Verwijderd : C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] Bestand Verwijderd : C:\Users\Gisele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
 
***** [ DLLs ] *****
 
 
***** [ Snelkoppelingen ] *****
 
 
***** [ geplande taken ] *****
 
[-] Taak Verwijderd : amiupdaterExd
[-] Taak Verwijderd : amiupdaterExi
 
***** [ Register ] *****
 
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper.1
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [BackgroundHost.exe]
[-] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD [BackgroundHost.exe]
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
[-] Sleutel Verwijderd : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{596BB86E-F1E5-A1DE-3363-41AB634E77EF}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A3492A3A-6715-9371-F8DB-1C48CC4DAAA1}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
[-] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}]
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1241cebd-9777-4bc6-aae5-2a77e25db246}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6818868a-1b3d-4e35-a561-fa964a96cd3b}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79e57afa-bc05-4636-9457-fbc0abb3576b}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9193e23b-4182-493f-a38e-682307a7c463}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ae0f4663-eae3-437f-be60-9ec9b745dbfa}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e1f80eb5-8af4-410d-87c1-4f3e2776822a}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{596BB86E-F1E5-A1DE-3363-41AB634E77EF}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{A3492A3A-6715-9371-F8DB-1C48CC4DAAA1}
[-] Sleutel Verwijderd : HKCU\Software\InstalledBrowserExtensions
[-] Sleutel Verwijderd : HKCU\Software\Softonic
[-] Sleutel Verwijderd : HKCU\Software\TutoTag
[-] Sleutel Verwijderd : HKCU\Software\gameo
[-] Sleutel Verwijderd : HKCU\Software\YorkNewCin
[-] Sleutel Verwijderd : HKCU\Software\HighDefAction
[-] Sleutel Verwijderd : HKCU\Software\ArenaHD
[-] Sleutel Verwijderd : HKCU\Software\DAILYPCCLEAN
[-] Sleutel Verwijderd : HKCU\Software\WEBAPP
[-] Sleutel Verwijderd : HKCU\Software\Reg\Clean
[-] Sleutel Verwijderd : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Crossrider
[-] Sleutel Verwijderd : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Sleutel Verwijderd : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Sleutel Verwijderd : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\GlobalUpdate
[-] Sleutel Verwijderd : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Sleutel Verwijderd : HKLM\SOFTWARE\PerformerSoft
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Solvusoft
[-] Sleutel Verwijderd : HKLM\SOFTWARE\YorkNewCin
[-] Sleutel Verwijderd : HKLM\SOFTWARE\HighDefAction
[-] Sleutel Verwijderd : HKLM\SOFTWARE\ArenaHD
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Avg Secure Update
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Reg\Clean
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\HighDefAction
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\ArenaHD
[-] Sleutel Verwijderd : HKU\.DEFAULT\Software\AVG Nation toolbar
[-] Sleutel Verwijderd : HKU\.DEFAULT\Software\Avg Secure Update
[-] Sleutel Verwijderd : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Sleutel Verwijderd : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
 
***** [ Internetbrowsers ] *****
 
[-] [C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\prefs.js] [Preference] Verwijderd : user_pref("extensions.crossrider.bic", "150f67c2fe84c041fab06614a72df2d5");
[-] [C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Verwijderd : jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] [C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Verwijderd : lkadffjmnaiokkdncgdlecdegajoiemi
[-] [C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Verwijderd : lkadffjmnaiokkdncgdlecdegajoiemi
[-] [C:\Users\Gisele\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Verwijderd : ask.com
[-] [C:\Users\Gisele\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Verwijderd : WebSearch
 
*************************
 
:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12218 bytes] ##########

  • 0

#6
HaraMo
Posted 12 November 2015 - 02:13 PM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

Oh, forgetto mention, after the FRST scan, but actually laptop was on whole day, but in the  late evening, a BSOD occured:

 

.... windows has sbeen shutdown to prevent damage to your computer: irql-gt-0-at-system-service , if this is the frst time restart pc, if again follow these steps:....

 

 

Reboot did help, but do I have to worry about this irql-gt-0-at-system-service??

 

I will inform you after a  day or two, how the laptop is working after the repair.


  • 0

#7
Essexboy
Posted 12 November 2015 - 03:38 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No that was probably a one off
 
Lets now sweep for orphans

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0

#8
HaraMo
Posted 14 November 2015 - 03:33 PM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

ok, will do mbam soon


  • 0

#9
HaraMo
Posted 16 November 2015 - 09:04 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scandatum: 16/11/2015
Scantijd: 14:00
Logboekbestand: logmbamthreadscan.txt
Beheerder: Ja
 
Versie: 2.2.0.1024
Malware-database: v2015.11.16.03
Rootkit-database: v2015.11.14.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld
 
Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Gisele
 
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 320388
Verstreken tijd: 32 min, 30 sec
 
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
 
Processen: 0
(Geen kwaadaardige items gedetecteerd)
 
Modules: 0
(Geen kwaadaardige items gedetecteerd)
 
Registersleutels: 10
PUP.Optional.WebSearches.ShrtCln, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\fhidhffpdlhleocklmjbncdngoobjdli, In quarantaine, [0aa92a54ef9c96a080aaeaa7778be61a], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUser310FFD001FE7429AACFFFCFE28580352, In quarantaine, [3380dba3aeddc076408dceb824dfdb25], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnce4F854337789E46B4ACAD165F6471D12E, In quarantaine, [dad9631bd0bb6fc72ba29aecd82b42be], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnceA82A967D01084B30A134B201E572C9FF, In quarantaine, [6152b2ccd9b2c6703c917a0cc93a3ec2], 
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV08.11, In quarantaine, [367d730b503b70c649ef165048bb619f], 
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV08.11-nv, In quarantaine, [0aa956281a715adcc474075f9a69768a], 
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV08.11-nv-ie, In quarantaine, [971c7e00068544f21523026419eadb25], 
PUP.Optional.WebSearches.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fhidhffpdlhleocklmjbncdngoobjdli, In quarantaine, [fcb7bfbf6724a29474b698f941c1f30d], 
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{869C9C09-A70D-462D-BB0D-2ADB60601C9E}, In quarantaine, [3f740975bccf2d09b95e76675ea5ff01], 
PUP.Optional.Cinema, HKU\S-1-5-21-774167087-3708585068-1396899783-1000\SOFTWARE\CinemaP-1.9cV23.09, In quarantaine, [684bd6a82a610a2cb47b5511be45b050], 
 
Registerwaarden: 1
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{869C9C09-A70D-462D-BB0D-2ADB60601C9E}|AppPath, C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\ToolBar, In quarantaine, [3f740975bccf2d09b95e76675ea5ff01]
 
Registerdata: 0
(Geen kwaadaardige items gedetecteerd)
 
Mappen: 4
PUP.Optional.CrossRider, C:\Users\Gisele\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi, In quarantaine, [0fa4cbb3f2991d1928d9b3d229d9867a], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu, In quarantaine, [e9ca94ea59327fb784ba0f7680822dd3], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common, In quarantaine, [e9ca94ea59327fb784ba0f7680822dd3], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N, In quarantaine, [e9ca94ea59327fb784ba0f7680822dd3], 
 
Bestanden: 2
PUP.Optional.Yontoo, C:\Users\Gisele\AppData\Roaming\Mozilla\Firefox\Profiles\luvxyrkb.default\extensions\{B8366951-8800-4242-9711-FE6B46518FF3}.XPI, In quarantaine, [a310df9f820930068be000a6788ba25e], 
PUP.Optional.ChinAd, C:\Users\Public\Documents\Baidu\Common\I18N\conf.db, In quarantaine, [e9ca94ea59327fb784ba0f7680822dd3], 
 
Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)
 
 
(end)

  • 0

#10
Essexboy
Posted 16 November 2015 - 11:25 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That should be the last, how is the computer now ?
  • 0

#11
Essexboy
Posted 20 November 2015 - 09:05 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP