Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

advertisment, window opening on every browser, system slow, no reactio

Started by HaraMo , Mar 30 2016 01:16 PM

  • This topic is locked This topic is locked

#1
HaraMo
Posted 30 March 2016 - 01:16 PM

HaraMo

    Member

  • Member
  • PipPipPip
  • 456 posts

Dear

 

Computer is working very bad lately, it has a long time advertisement when the browser is used, any browser (IE, google chrome, Firefox).

 

then it blocks sometimes, and very slow.

 

exampe of advertisement:

http://www.30daychanges.co/

https://www.nordicbet.dk

http://canuck-method.co/b/special-offe

 

before these websites shows, alwsays first this comes:

http://fal.apostroph...ges.com/0bqPDkv

 

 

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:05-03-2016 01
Gestart door Egon (Beheerder) op EGON-PC (30-03-2016 18:35:26)
Gestart vanaf C:\Users\Egon\Desktop
Geladen Profielen: Egon (Beschikbare Profielen: Egon)
Platform: Windows 8.1 Pro (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVC.EXE
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVCM.EXE
(NewTech InfoSystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(PhraseProfessor) C:\Program Files (x86)\PhraseProfessor_1.10.0.24\Service\ppsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(华为技术有限公司) C:\Program Files (x86)\HiSuite\LiveUpdateTip.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BlazeVideo Company) C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.4\MediaDetector.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe
(Isabel SA/NV) C:\Program Files (x86)\Common Files\Isabel\isacertupdate.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Register (gefilterd) ===========================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2036864 2016-03-23] (Hola Networks Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12118840 2015-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [OfficeSubscriptionAgent] => C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe [932160 2011-11-16] (Microsoft Corporation)
HKLM-x32\...\Run: [IsaCertUpdate] => C:\Program Files (x86)\Common Files\Isabel\isacertupdate.exe [1422344 2014-05-14] (Isabel SA/NV)
HKLM-x32\...\Run: [gmsd_be_004010022] => [X]
HKLM-x32\...\Run: [gmsd_be_005010023] => [X]
HKLM-x32\...\Run: [gmsd_be_005010031] => [X]
HKLM-x32\...\Run: [BkupTray] => C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [33024 2010-03-02] ()
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\Run: [BlazeServoTool] => C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.4\MediaDetector.exe [282624 2007-11-30] (BlazeVideo Company)
HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [36547168 2016-02-22] (VoipConnect)
SecurityProviders: credssp.dll, schannel.dll
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 195.130.131.3 195.130.130.3
Tcpip\..\Interfaces\{9981AD65-30BF-480B-9A42-69288D9325F4}: [DhcpNameServer] 195.130.131.3 195.130.130.3
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2492519384-784487665-790397795-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131020033644647599&GUID=7CB9D41B-404E-481E-A309-4BCFC79DBE21
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2492519384-784487665-790397795-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Geen bestand
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Geen bestand
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442477744&z=930bd4e5e7b93df2bb61eb8gfzfzco6zbmbm3w8bde&from=face&uid=WDCXWD3200AAJS-60M0A0_WD-WCAV2749348693486
 
FireFox:
========
FF ProfilePath: C:\Users\Egon\AppData\Roaming\Mozilla\Firefox\Profiles\hmgeooc5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-23] ()
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-23] (Hola)
FF Plugin HKU\S-1-5-21-2492519384-784487665-790397795-1000: @hola.org/FlashPlayer -> C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-23] ()
FF Plugin HKU\S-1-5-21-2492519384-784487665-790397795-1000: @hola.org/vlc -> C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-23] (Hola)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-28] ()
FF Extension: Belgium eID - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2014-12-10] [ niet getekend]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-30] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Mozilla Firefox\extensions\[email protected] => niet gevonden
 
Chrome: 
=======
CHR Profile: C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Presentaties) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-15]
CHR Extension: (Google Documenten) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-15]
CHR Extension: (Google Drive) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-15]
CHR Extension: (YouTube) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-15]
CHR Extension: (Google Spreadsheets) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-15]
CHR Extension: (Offline Documenten) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-16]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-15]
CHR Extension: (Google Snel scrollen) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2016-03-15]
CHR Extension: (Gmail) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-15]
CHR HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (gefilterd) ========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 BUNAgentSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [24832 2010-03-02] (NewTech Infosystems, Inc.)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138544 2015-05-20] ()
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [8127616 2016-03-23] (Hola Networks Ltd.)
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8126592 2015-11-28] (Hola Networks Ltd.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2015-05-20] ()
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 osubsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe [493384 2011-11-16] (Microsoft Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-07-23] (Panda Security, S.L.)
R2 ppsvc_1.10.0.24; C:\Program Files (x86)\PhraseProfessor_1.10.0.24\Service\ppsvc.exe [301664 2015-09-02] (PhraseProfessor)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 423248f1; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\IncludeRunner\IncludeRunner.dll",serv
S2 lexyfofi; C:\Program Files (x86)\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4\knsb2162.tmp [X]
 
===================== Drivers (gefilterd) ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 FAMv4; C:\Windows\System32\DRIVERS\FAMv4.sys [155160 2009-10-27] (VisionWorks Solutions, Inc)
S3 HWHandSet; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [223232 2015-05-07] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [78072 2015-07-09] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
R1 ppfd_vw_1_10_0_24; C:\Windows\System32\drivers\ppfd_vw_1_10_0_24.sys [57744 2015-09-02] (PhraseProfessor)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
S3 usbser; C:\Windows\system32\DRIVERS\USBSER.sys [33280 2015-05-07] (Microsoft Corporation) [Bestand niet getekend]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U3 idsvc; geen ImagePath
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
S1 wsfd_vw_1_10_0_20; system32\drivers\wsfd_vw_1_10_0_20.sys [X]
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-03-30 18:35 - 2016-03-30 18:36 - 00022070 _____ C:\Users\Egon\Desktop\FRST.txt
2016-03-30 18:21 - 2016-03-30 18:35 - 00000000 ____D C:\FRST
2016-03-30 18:21 - 2016-03-30 18:21 - 02374144 _____ (Farbar) C:\Users\Egon\Desktop\FRST64.exe
2016-03-30 18:02 - 2016-03-30 18:02 - 00001430 _____ C:\Users\Egon\Desktop\Internet Explorer.lnk
2016-03-30 17:53 - 2016-03-30 17:53 - 00000000 ____D C:\Users\Egon\AppData\Local\TeamViewer
2016-03-30 17:51 - 2016-03-30 17:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-30 17:51 - 2016-03-30 17:51 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-03-30 17:51 - 2016-03-30 17:51 - 00001043 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-03-30 17:49 - 2016-03-30 17:49 - 09785648 _____ (TeamViewer GmbH) C:\Users\Egon\Desktop\TeamViewer_Setup_nl-jeo.exe
2016-03-30 17:48 - 2016-03-30 17:48 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (5).exe
2016-03-30 15:49 - 2016-03-30 15:49 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (4).exe
2016-03-30 15:49 - 2016-03-30 15:49 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (3).exe
2016-03-30 15:49 - 2016-03-30 15:49 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (2).exe
2016-03-30 15:48 - 2016-03-30 15:48 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS.exe
2016-03-30 15:48 - 2016-03-30 15:48 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (1).exe
2016-03-17 14:54 - 2016-03-17 14:54 - 00047554 _____ C:\Users\Egon\Downloads\timenkelly.pdf
2016-03-16 15:18 - 2016-03-16 15:18 - 167583000 _____ (Apple Inc.) C:\Users\Egon\Downloads\iTunes6464Setup.exe
2016-03-16 15:17 - 2016-03-16 15:17 - 00001700 _____ C:\Users\Public\Desktop\Hervat Reimage Repair Installatie.lnk
2016-03-16 15:17 - 2016-03-16 15:17 - 00000099 _____ C:\WINDOWS\Reimage.ini
2016-03-15 16:03 - 2016-03-15 16:03 - 00002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 16:03 - 2016-03-15 16:03 - 00002295 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-09 14:57 - 2016-02-20 17:45 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 01168896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-09 14:57 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 14:57 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-09 14:57 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-09 14:57 - 2016-02-08 22:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-09 14:57 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-09 14:57 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-09 14:57 - 2016-02-08 22:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-03-09 14:57 - 2016-02-08 22:05 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 14:57 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-03-09 14:57 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-09 14:57 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-09 14:57 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-09 14:57 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-09 14:57 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-09 14:57 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-03-09 14:57 - 2016-02-08 20:27 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-09 14:57 - 2016-02-08 20:26 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-09 14:57 - 2016-02-08 20:16 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-09 14:57 - 2016-02-08 20:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-09 14:57 - 2016-02-08 20:13 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-09 14:57 - 2016-02-08 19:51 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-03-09 14:57 - 2016-02-08 19:42 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-03-09 14:57 - 2016-02-08 19:37 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-03-09 14:57 - 2016-02-08 19:34 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-09 14:57 - 2016-02-08 19:33 - 14613504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-09 14:57 - 2016-02-08 19:33 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-09 14:57 - 2016-02-08 19:19 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-09 14:57 - 2016-02-08 19:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-03-09 14:57 - 2016-02-08 19:07 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-09 14:57 - 2016-02-08 18:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-03-09 14:57 - 2016-02-05 21:06 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-03-09 14:57 - 2016-02-05 16:59 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 14:57 - 2016-02-05 16:55 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 14:57 - 2016-02-05 16:48 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-03-09 14:57 - 2016-02-05 16:47 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-03-09 14:57 - 2016-01-09 03:38 - 00091992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2016-03-09 14:57 - 2016-01-06 20:25 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-03-09 14:57 - 2015-12-30 23:53 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-09 14:55 - 2016-01-24 20:19 - 00419160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-03-09 14:55 - 2016-01-24 20:19 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-03-09 14:55 - 2016-01-24 20:19 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-03-09 14:55 - 2016-01-24 13:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-03-09 14:55 - 2016-01-24 13:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-03-09 14:55 - 2016-01-09 03:49 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-03-09 14:55 - 2016-01-09 03:49 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-03-09 14:54 - 2016-02-11 16:21 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-03-09 14:54 - 2016-02-11 16:21 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-03-09 14:54 - 2016-02-11 16:20 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-03-09 14:54 - 2016-02-11 16:20 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-03-09 14:54 - 2016-02-06 18:58 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-09 14:54 - 2016-02-06 18:32 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-09 14:54 - 2016-01-07 01:46 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-03-09 14:54 - 2016-01-07 01:45 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-09 14:54 - 2016-01-06 18:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-09 14:53 - 2016-02-12 21:14 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-09 14:53 - 2016-02-12 17:14 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 14:53 - 2016-02-12 16:55 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-09 14:53 - 2016-02-12 16:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-03-09 14:53 - 2016-02-12 16:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-03-09 14:53 - 2016-02-12 16:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-03-09 14:53 - 2016-02-12 16:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-03-09 14:53 - 2016-02-12 16:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-03-09 14:53 - 2016-02-12 16:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-03-09 14:53 - 2016-02-12 16:48 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-03-09 14:53 - 2016-02-12 16:47 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-03-09 14:53 - 2016-02-12 16:46 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-03-09 14:53 - 2016-02-06 20:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 14:53 - 2016-02-05 21:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-09 14:53 - 2016-02-05 21:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-09 14:53 - 2016-02-05 17:03 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 14:53 - 2016-02-05 17:00 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 14:53 - 2016-02-04 20:18 - 04174336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-09 14:53 - 2016-02-04 20:18 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 14:53 - 2016-02-04 20:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 14:53 - 2016-02-04 19:44 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 14:53 - 2016-02-04 19:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 14:53 - 2016-02-04 19:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 14:53 - 2016-02-04 19:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 14:53 - 2016-02-03 22:37 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 14:53 - 2016-02-03 22:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 14:53 - 2016-02-03 17:09 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 14:53 - 2016-02-03 17:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 14:53 - 2016-02-03 17:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 14:53 - 2016-01-31 21:16 - 00148832 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 14:53 - 2016-01-15 18:56 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-03-09 14:53 - 2016-01-15 18:45 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-03-09 14:53 - 2016-01-10 18:41 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-09 14:53 - 2016-01-10 18:31 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-09 14:53 - 2016-01-05 17:00 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-09 14:53 - 2015-12-30 22:49 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-03-09 14:53 - 2015-12-20 16:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-09 14:53 - 2015-12-20 16:56 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-03-09 14:53 - 2015-12-20 16:43 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-09 14:53 - 2015-11-19 16:33 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2016-03-09 14:53 - 2015-11-19 16:26 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2016-03-02 13:38 - 2016-03-02 13:39 - 00000000 ____D C:\Users\Egon\Documents\btw brieven 1ste kw 2016
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-03-30 18:34 - 2016-01-11 12:29 - 00000000 ___RD C:\Users\Egon\Google Drive
2016-03-30 18:34 - 2016-01-11 12:27 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-30 18:34 - 2014-12-13 11:10 - 00000000 __RDO C:\Users\Egon\OneDrive
2016-03-30 18:31 - 2014-03-18 17:31 - 01823174 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-30 18:31 - 2014-03-18 17:00 - 00805462 _____ C:\WINDOWS\system32\perfh013.dat
2016-03-30 18:31 - 2014-03-18 17:00 - 00161964 _____ C:\WINDOWS\system32\perfc013.dat
2016-03-30 18:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-03-30 18:27 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-30 18:26 - 2014-06-12 03:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-30 18:25 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-30 18:09 - 2015-08-24 16:44 - 00000000 ____D C:\Users\Egon\Desktop\Cortofisc diversen
2016-03-30 18:08 - 2015-08-24 16:55 - 00000000 ____D C:\Users\Egon\Desktop\windows 10 NL
2016-03-30 18:04 - 2015-09-17 19:27 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2492519384-784487665-790397795-1000
2016-03-30 17:56 - 2013-08-22 16:44 - 00537040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-30 17:47 - 2015-08-18 17:25 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-30 17:38 - 2016-01-11 12:27 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-30 16:10 - 2015-12-21 14:29 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AB7330F7-2940-403A-BE7C-C30B143E0F16}
2016-03-30 15:49 - 2012-07-12 11:55 - 00000000 ____D C:\Users\Egon\AppData\Roaming\TeamViewer
2016-03-30 13:33 - 2014-12-13 00:19 - 00000000 ____D C:\Users\Egon
2016-03-24 12:47 - 2015-08-18 17:25 - 00003828 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-03-24 10:02 - 2015-04-13 12:59 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-03-24 10:02 - 2015-04-13 12:59 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-03-24 10:02 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-23 09:29 - 2015-09-17 19:27 - 00000000 ____D C:\Users\Egon\AppData\Roaming\Hola
2016-03-17 13:42 - 2015-09-30 16:58 - 00003844 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1443625059
2016-03-17 13:42 - 2014-09-02 10:43 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-17 13:41 - 2015-09-30 16:57 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-15 16:03 - 2012-07-26 16:31 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-14 09:38 - 2016-01-11 12:28 - 00002058 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-03-14 09:38 - 2016-01-11 12:28 - 00002056 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-03-14 09:38 - 2016-01-11 12:28 - 00002046 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-03-14 09:38 - 2016-01-11 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-11 09:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-10 10:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-03-09 18:32 - 2014-12-17 21:37 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-09 15:16 - 2013-08-15 03:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 15:16 - 2012-07-03 13:44 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 14:46 - 2015-12-10 04:56 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-03-09 14:46 - 2015-12-10 04:56 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-03-09 14:46 - 2015-12-10 04:56 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-03-08 09:00 - 2015-01-05 16:10 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 09:00 - 2015-01-05 16:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Bestanden in de root van sommige mappen =======
 
2015-08-25 10:51 - 2015-08-25 10:51 - 1579520 _____ () C:\Users\Egon\AppData\Roaming\4gd6NIgFbFWQFc1O5yI9vvqp.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan
2015-08-25 10:51 - 2015-08-25 10:51 - 1579520 _____ () C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan.exe
2015-09-17 09:05 - 2015-09-17 09:05 - 3531374 _____ () C:\Users\Egon\AppData\Local\curl.zip
2015-09-07 14:00 - 2015-09-07 14:00 - 0000398 _____ () C:\Users\Egon\AppData\Local\Kx42m.vbs
2015-09-17 10:19 - 2015-09-17 10:19 - 0000398 _____ () C:\Users\Egon\AppData\Local\McCLmJP.vbs
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsaF76A.tmp
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsb7C34.tmp
2015-09-07 14:01 - 2015-09-07 14:01 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsh31AB.tmp
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nskAACA.tmp
2015-09-17 10:19 - 2015-09-17 10:19 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nslE424.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsmE030.tmp
2015-09-17 09:34 - 2015-09-17 09:34 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nst45ED.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0628688 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nst6D28.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsxD78D.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nszD16F.tmp
2015-10-24 12:52 - 2015-10-24 12:52 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
 
 
Sommige bestanden in TEMP:
====================
C:\Users\Egon\AppData\Local\Temp\1021.exe
C:\Users\Egon\AppData\Local\Temp\4245.exe
C:\Users\Egon\AppData\Local\Temp\5074.exe
C:\Users\Egon\AppData\Local\Temp\6008.exe
C:\Users\Egon\AppData\Local\Temp\8363.exe
C:\Users\Egon\AppData\Local\Temp\894.exe
C:\Users\Egon\AppData\Local\Temp\fsd2AAD.exe
C:\Users\Egon\AppData\Local\Temp\fsd6F61.exe
C:\Users\Egon\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.8.369.exe
C:\Users\Egon\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.105.exe
C:\Users\Egon\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.510.exe
C:\Users\Egon\AppData\Local\Temp\optprosetup.exe
C:\Users\Egon\AppData\Local\Temp\Quarantine.exe
C:\Users\Egon\AppData\Local\Temp\sqlite3.dll
C:\Users\Egon\AppData\Local\Temp\sqlite3.exe
C:\Users\Egon\AppData\Local\Temp\supoptsetup.exe
C:\Users\Egon\AppData\Local\Temp\Uninstall.exe
C:\Users\Egon\AppData\Local\Temp\UninstallModule.exe
C:\Users\Egon\AppData\Local\Temp\{1998A2D8-FD81-4673-B30F-C2AF8C283998}.exe
 
 
==================== Bamital & volsnap =================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2016-03-24 10:24
 
==================== Eind van FRST.txt ============================
 
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:05-03-2016 01
Gestart door Egon (2016-03-30 18:36:39)
Gestart vanaf C:\Users\Egon\Desktop
Windows 8.1 Pro (X64) (2014-12-13 09:02:27)
Boot Modus: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2492519384-784487665-790397795-500 - Administrator - Disabled)
Egon (S-1-5-21-2492519384-784487665-790397795-1000 - Administrator - Enabled) => C:\Users\Egon
Gast (S-1-5-21-2492519384-784487665-790397795-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
 
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
 
==================== Geïnstalleerde programma's ======================
 
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
 
ACS Unified PC/SC Driver 4.0.0.0 (HKLM\...\{8A89A9DD-9ED4-4532-AE8A-863B291D9472}) (Version: 4.0.0.0 - Advanced Card Systems Ltd.)
Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{EAB6B77C-0E46-48EF-8660-7ABA400F7FB4}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0.1a - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Basissoftware voor HP Officejet Pro 8500 A910 (HKLM\...\{E72B796E-BB9B-44D5-BDCB-36AC39E0C5D0}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government)
BitComet 1.38 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.38 - CometNetwork)
BNP Paribas Fortis Security Components (HKLM-x32\...\{45909428-3E25-40BD-8FBD-2AF3FF4EA7E8}) (Version: 6.28.0006 - BNP Paribas Fortis NV/SA)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cheetah DVD Burner (HKLM-x32\...\{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
GamesDesktop 005.005010089 (HKLM-x32\...\gmsd_be_005010089_is1) (Version:  - GAMESDESKTOP) <==== AANDACHT
GemistDownloader (HKLM-x32\...\GemistDownloader) (Version: 2.8.1.8a - Wietze Beukema (HelpdeskWeb.nl))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google SketchUp 8 (HKLM-x32\...\{13FE3480-9E41-48C0-930F-BFC0767CC340}) (Version: 3.0.14369 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Handset WinDriver 1.02.02.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.02.00 - Huawei technologies Co., Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 41.003.55.00.06 - Huawei Technologies Co.,Ltd)
Hola™ 1.12.459 - Better Internet (HKLM\...\Hola) (Version: 1.12.459 - Hola Networks Ltd.)
HP Officejet Pro 8500 A910 Haelp (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft Lync 2010 (HKLM\...\{C7B887F2-07CA-4903-93A2-9B4E16E4EABD}) (Version: 4.0.7577.4461 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSSUB) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 nl)) (Version: 45.0.1 - Mozilla)
NTI Backup Now 5 (x32 Version: 5.5.0.63 - NewTech Infosystems, Inc.) Hidden
NTI Backup Now 5.5 (HKLM-x32\...\InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}) (Version: 5.5.0.63 - NewTech Infosystems, Inc.)
NTI Digital Flix 2.5.0.4 (HKLM-x32\...\NTI Digital Flix 2.5.0.4_is1) (Version:  - )
NTI Media Maker 9 Premium (HKLM-x32\...\InstallShield_{BAD7EFEC-E8D9-4B57-9F1B-9DD30D839933}) (Version: 9.0.1.8933 - NTI Corporation)
NTI Media Maker 9 Premium (x32 Version: 9.0.1.8933 - NTI Corporation) Hidden
NTI Open File Manager (HKLM-x32\...\NTI Open File Manager) (Version:  - NewTech Infosystems, Inc.)
Opera Stable 36.0.2130.32 (HKLM-x32\...\Opera 36.0.2130.32) (Version: 36.0.2130.32 - Opera Software)
Påloggingsassistent for Microsoft Online Services (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Panda Devices Agent (x32 Version: 1.03.05 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.1 - Panda Security)
Panda Free Antivirus (Version: 8.03.00.0000 - Panda Security) Hidden
PhraseProfessor 1.10.0.24 (HKLM-x32\...\PhraseProfessor_1.10.0.24) (Version: 1.10.0.24 - PhraseProfessor) <==== AANDACHT
Popcorn Time (HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\Popcorn Time) (Version:  - Popcorn Official)
Productverbeteringonderzoek HP Officejet Pro 8500 A910 (HKLM\...\{9C28F7FA-A393-4256-A1A8-278AD506F990}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - ) <==== AANDACHT
SHARP MX/MX-M Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Snelkoppelingen naar Marketsplash (HKLM-x32\...\{61A74D66-D2E0-45C8-AC28-EC66EA9D9002}) (Version: 1.0.1.7 - Hewlett-Packard)
Stuurprogrammapakket voor Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (10/10/2013 4.0.0.0) (HKLM\...\017E462195A49B92E61A2EE9F52F341D2A5D6C3B) (Version: 10/10/2013 4.0.0.0 - Advanced Card Systems Ltd.)
Stuurprogrammapakket voor Windows - Fedict SmartCard  (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 766 - Finarea S.A. Switzerland)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
 
==================== Aangepaste CLSID (gefilterd): ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
CustomCLSID: HKU\S-1-5-21-2492519384-784487665-790397795-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
 
==================== Geplande Taken (gefilterd) =============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
Task: {0344E402-903B-4AEB-A66B-182691E44176} - \HPCustParticipation HP Officejet Pro 8500 A910 -> Geen bestand <==== AANDACHT
Task: {100BD8F6-BE4E-4B0D-B380-06C5A5114EF0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {103D0E89-7F36-4EFD-9FFC-C3FD5AD539CC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {11496A3A-A45A-4254-A1F3-A2FAC42A5D6B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1B0218B4-1B6A-4287-8CB3-59B242D7087D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {1CFEA1B0-0959-4094-9974-AF8A6AF0A48D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {20337873-788B-4B3C-8857-FCE927E5B469} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {2390764F-4931-4E38-806E-92AE6BED97FD} - \Winsta Update -> Geen bestand <==== AANDACHT
Task: {2A8C99C5-E70D-4D49-A795-088799184777} - \CreateChoiceProcessTask -> Geen bestand <==== AANDACHT
Task: {2AAA900E-95AE-4A74-9316-78AE0AEEAD98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2FD59D3E-40D0-4F60-852D-07FB053B9661} - System32\Tasks\Opera scheduled Autoupdate 1443625059 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-14] (Opera Software)
Task: {463A06F7-7FA1-4B43-B3B1-6ED4D934D39E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4E08CF6A-2919-49E9-806A-4A0A89A8E5B2} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5017C623-6393-440C-93E9-027CB14FE9AE} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {5290EC6B-47A1-404D-9431-45E2BA61F36F} - \{6BC3BD36-CC7E-4666-867E-D66FB83918ED} -> Geen bestand <==== AANDACHT
Task: {676E2551-F630-4FCB-A6CA-F026111D4B5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {67F881E8-9A16-4DB1-9D99-49B32FDD3BED} - \Adobe Acrobat Update Task -> Geen bestand <==== AANDACHT
Task: {6FDF98F6-07EC-4196-B562-F87B2067E272} - \PhraseProfessor Auto Updater 1.10.0.24 Pending Update -> Geen bestand <==== AANDACHT
Task: {72D0A54C-A787-4B92-979C-8549EF85BAD9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7BACB88B-395D-4299-8EEA-A4BAD8514AC4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {7E9723A4-BBC1-4980-859A-3A3ACC68D87A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {7F0C1CFB-49EF-469F-8EDF-88EEB18C91AB} - \Optimize Start Menu Cache Files-S-1-5-21-2492519384-784487665-790397795-1027 -> Geen bestand <==== AANDACHT
Task: {917F26D7-C930-4660-88DF-1A90F519834D} - \{102B20BA-1E82-47B3-BFE8-CF1FBBE2A804} -> Geen bestand <==== AANDACHT
Task: {92D126A0-9769-4C77-9200-122C2389ABF1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9363264E-3508-4F7A-9B82-4681F1B6A295} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {96C7FC2A-6CAD-48B8-A807-A990202E457A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A0CBE4A1-9549-49F4-83C5-21712C34826F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A65354F3-67E7-41D7-A11C-6F2DA1DE080C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A6557BA1-1169-4F87-A476-60004569BA68} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {AB41D3CD-CB0A-4C02-83B3-0EECBB981185} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {AB4C4A60-A4B8-4A65-896C-FE5539273DDE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {B50B0AAE-4481-464C-A705-962DF62DF74C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {B771C835-E4CC-4D66-A1B9-20322F1ECFB6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {B87D32FE-D516-4819-BF77-B069ED8104D3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {BA07F5E6-3807-45A9-89A1-69464EBD5EF2} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2492519384-784487665-790397795-1000 -> Geen bestand <==== AANDACHT
Task: {BAB0EE2C-87F0-4E03-A097-C9171A897EAC} - \WinKit -> Geen bestand <==== AANDACHT
Task: {C0489AB8-7603-41BD-B097-A83D06116A53} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CD392819-9C96-4461-BB49-649CCC5BBBAE} - \Convertor -> Geen bestand <==== AANDACHT
Task: {D97904B3-7702-4F10-8594-5D634F98EBC4} - \PhraseProfessor Auto Updater 1.10.0.24 Core -> Geen bestand <==== AANDACHT
Task: {DB71D5B5-DD89-4981-B282-8CC2B522BDC1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
Task: {EED13EE7-F957-4401-9F20-6EBBCD10F83C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EF7B4887-8375-4365-9E87-4C7815BA705D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {F232EDBF-46EC-4A35-BC7F-ADCD48C02681} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {FD6ED0F3-0FAA-4BCE-93AB-674D589BEB1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
 
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[8da6].job => c:\programdata\{f6a12d13-0e71-d3e8-f6a1-12d130e7b44c}\hqghumeaylnlf.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Snelkoppelingen =============================
 
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
 
==================== Geladen Modules (gefilterd) ==============
 
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-28 11:16 - 2015-05-20 12:46 - 00138544 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2015-05-28 11:16 - 2015-05-20 12:46 - 00192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-08-17 14:21 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2015-07-06 14:13 - 2015-07-06 14:13 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2010-03-02 11:29 - 2010-03-02 11:29 - 00033024 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
2010-03-02 11:30 - 2010-03-02 11:30 - 01066240 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2010-03-02 11:30 - 2010-03-02 11:30 - 00103680 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2010-03-02 11:30 - 2010-03-02 11:30 - 00066816 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-09-17 09:52 - 2007-02-27 18:45 - 00073728 _____ () C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.4\VersionInfo.dll
2015-09-17 09:52 - 2007-02-27 18:45 - 00106496 _____ () C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.4\mlutil.dll
2016-03-30 18:34 - 2016-03-30 18:34 - 00098816 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32api.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00110080 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\pywintypes27.dll
2016-03-30 18:34 - 2016-03-30 18:34 - 00364544 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\pythoncom27.dll
2016-03-30 18:34 - 2016-03-30 18:34 - 00320512 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32com.shell.shell.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00776704 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_hashlib.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 01176576 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._core_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00806400 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._gdi_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00816128 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._windows_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 01067008 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._controls_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00733184 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._misc_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00682496 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\pysqlite2._sqlite.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00088064 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_ctypes.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00119808 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32file.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00108544 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32security.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00007168 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\hashobjs_ext.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00017920 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\thumbnails_ext.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00088064 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\usb_ext.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00167936 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32gui.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00018432 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32event.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00046080 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_socket.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 01208320 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_ssl.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00128512 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_elementtree.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00127488 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\pyexpat.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00013824 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\common.time34.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00038912 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32inet.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00036864 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_psutil_windows.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00525208 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\windows._lib_cacheinvalidation.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00011264 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32crypt.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00077312 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._html2.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00027136 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_multiprocessing.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00020480 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_yappi.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00035840 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32process.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00686080 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\unicodedata.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00078848 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._animate.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00123392 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._wizard.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00024064 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32pipe.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00010240 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\select.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00025600 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32pdh.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00017408 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32profile.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00022528 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32ts.pyd
2010-03-02 11:30 - 2010-03-02 11:30 - 00008960 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
 
==================== Alternate Data Streams (gefilterd) =========
 
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
 
 
==================== Veilige Modus (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 
==================== EXE Bestandskoppeling (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
 
 
==================== Internet Explorer vertrouwde/beperkte toegang ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
 
IE trusted site: HKU\.DEFAULT\...\belgium.be -> hxxps://*.belgium.be
IE trusted site: HKU\.DEFAULT\...\bnpparibasfortis.be -> hxxp://*.bnpparibasfortis.be
IE trusted site: HKU\.DEFAULT\...\bnpparibasfortis.be -> hxxps://*.bnpparibasfortis.be
IE trusted site: HKU\.DEFAULT\...\bnpparibasfortis.com -> hxxp://*.bnpparibasfortis.com
IE trusted site: HKU\.DEFAULT\...\fgov.be -> hxxps://*.minfin.fgov.be
IE trusted site: HKU\.DEFAULT\...\fortis.com -> hxxp://wwwqa.merchant-banking.fortis.com
IE trusted site: HKU\.DEFAULT\...\fortisbank.com -> hxxps://businessportal.fortisbank.com
IE trusted site: HKU\.DEFAULT\...\isabel.be -> hxxps://*.IBS6.isabel.be
IE trusted site: HKU\.DEFAULT\...\isabel.eu -> hxxps://www.isabel.eu
IE trusted site: HKU\.DEFAULT\...\isabel.eu -> hxxp://www.isabel.eu
IE trusted site: HKU\.DEFAULT\...\nbb.be -> hxxps://*.nbb.be
IE trusted site: HKU\.DEFAULT\...\qabnpparibasfortis.be -> hxxps://pcbb.qabnpparibasfortis.be
IE trusted site: HKU\.DEFAULT\...\socialsecurity.be -> hxxps://*.socialsecurity.be
IE trusted site: HKU\.DEFAULT\...\zoomit.be -> hxxps://*.zoomit.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\belgium.be -> hxxps://*.belgium.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\bnpparibasfortis.be -> hxxp://*.bnpparibasfortis.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\bnpparibasfortis.be -> hxxps://*.bnpparibasfortis.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\bnpparibasfortis.com -> hxxp://*.bnpparibasfortis.com
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\fgov.be -> hxxps://*.minfin.fgov.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\fortis.com -> hxxp://wwwqa.merchant-banking.fortis.com
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\fortisbank.com -> hxxps://businessportal.fortisbank.com
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\isabel.be -> hxxps://*.IBS6.isabel.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\isabel.eu -> hxxps://www.isabel.eu
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\isabel.eu -> hxxp://www.isabel.eu
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\nbb.be -> hxxps://*.nbb.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\qabnpparibasfortis.be -> hxxps://pcbb.qabnpparibasfortis.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\sharepoint.com -> hxxps://cortofisc2.sharepoint.com
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\socialsecurity.be -> hxxps://*.socialsecurity.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\zoomit.be -> hxxps://*.zoomit.be
 
==================== Hosts inhoud: ===============================
 
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Andere gebieden ============================
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKU\S-1-5-21-2492519384-784487665-790397795-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 195.130.131.3 - 195.130.130.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
 
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKLM\...\StartupApproved\Run: => "SpaceSoundPro"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "rec_be_69"
HKLM\...\StartupApproved\Run32: => "gmsd_be_005010089"
HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\StartupApproved\Run: => "Sidebar"
 
==================== Firewall regels (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{26AE2DB3-6CD3-4659-8A79-9D1A7C1A5BF3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{B8BC9883-C795-429A-8169-6CABB1478402}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{82BCE6DB-73FB-4345-8598-F5B1F0043E8E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D48F4947-8D93-425F-AFA0-18747443DA88}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{24BB3A21-FD1D-4A53-8550-33A80970E457}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{355E94DD-5836-465A-94C9-9C8241E65FEE}] => (Allow) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
FirewallRules: [{780B12B5-4BC8-49C8-8640-47ACCAAAE023}] => (Allow) C:\Program Files\Microsoft Lync\UcMapi64.exe
FirewallRules: [TCP Query User{7FA2045D-7C21-4008-8754-BD916891823B}C:\users\egon\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\egon\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{836C0A6F-EC81-4409-937F-E7CA70DF57F7}C:\users\egon\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\egon\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{2DC2F424-DDB8-42B6-B58C-0BA6C109D520}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{AA09B090-C6FA-48CC-B2EB-811E375082AC}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{E7F703DB-D089-4A9D-B832-10BEBF5C3C6D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EC82BDAD-4CE1-481F-807A-D855CB474CFA}] => (Allow) LPort=2869
FirewallRules: [{5281D25A-B00B-41C7-B33A-F385AE204EF0}] => (Allow) LPort=1900
FirewallRules: [{B1146F52-0849-4E3F-B9DA-FA9E84EE712E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{952D0BC1-EA79-4FEB-A917-B8A849DFC7A4}] => (Allow) C:\Users\Egon\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{60326222-B55A-4B62-BB47-0E5049CFBC8E}] => (Allow) C:\Users\Egon\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{4255E804-DDC5-4175-8A21-C3072D22CCF7}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{12656270-9B9D-4CD5-9551-EEF1CDA32F8C}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{8005F68B-CD1F-425D-8B5C-D8B9FBA0E801}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{BCA4CB25-D832-405B-B20A-BBE291A80AD6}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{298A55A1-D99E-4CB5-8E84-BBAE6A7865D1}] => (Allow) C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe
FirewallRules: [{41C30A30-2050-4689-B41B-2C54BE1CD1F9}] => (Allow) C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe
FirewallRules: [{5312E195-FEA4-415C-8427-E5519D2B83F0}] => (Allow) C:\Users\Egon\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{256C660C-E9E5-452A-8155-3738CF0BFB4E}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe
FirewallRules: [{E4BFEAB9-D6F3-4FF6-8AF6-E299BDAF34B0}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{0C801698-BBC8-4297-B81F-263A8ED25151}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{04079FB2-F218-4184-8324-793701C05762}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\ShadowSvc.exe
FirewallRules: [{4671B49D-6583-44EA-981F-B287869B5536}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{8165DFBB-234D-4415-99D1-9C316D382A80}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{0E166778-406F-4EA7-9F26-A949EB2DBAD5}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\ShadowSvc.exe
FirewallRules: [{A933CEAA-2462-4FD2-9ED7-8D3B9AB0ED01}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{8BE715D8-B6D6-4E6B-A7CA-66E475B58E79}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{687E1479-6865-4B8E-A2DB-043173A016BA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C1457994-F634-4ECF-8F2C-B08BDF7F48AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C61F5D37-B68E-42F7-BBA8-31FCF555016B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A987E505-6B24-4DA5-8499-BAE7C1051DDD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F0C074E4-22E8-4936-B75A-58B4DAB3DB18}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB390905-F91E-4CE9-87F4-6D003D01001F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AF2327CE-DBAD-4E4F-B6F3-41CF821B96FC}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{76A33C77-2647-4229-A7D7-2472A1D41560}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [TCP Query User{8B111706-0F2A-4B43-A413-E976295D248C}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Block) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{39586827-2A9D-41A6-BE4A-3AE73B49BD36}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Block) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [{B0374E55-3232-4702-836E-23821B01E970}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C8DBD2B8-6515-42F6-B7EF-8ACEEBA17C0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{21EA14F4-2174-4479-BA39-1EFE0A0CF68D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6EB513F7-F7F6-4B7B-BA90-BD67A7F6AEB6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F3FBBEDD-428D-4ABA-8B65-25487484FF37}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AB3970B1-2983-48AA-A0E9-7C24DA7E9893}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Herstelpunten =========================
 
09-03-2016 10:00:26 Gepland controlepunt
18-03-2016 09:55:47 Gepland controlepunt
24-03-2016 10:01:49 Windows Update
 
==================== Defecte Apparaatbeheer Apparaten =============
 
 
==================== Eventlog fouten: =========================
 
Applicatiefouten:
==================
Error: (03/30/2016 06:23:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: PSUAMain.exe, versie: 4.0.0.644, tijdstempel: 0x55b799d6
Naam van module met fout: ntdll.dll, versie: 6.3.9600.18202, tijdstempel: 0x569e72c5
Uitzonderingscode: 0xc000070a
Foutmarge: 0x000f5786
Id van proces met fout: 0x1650
Starttijd van toepassing met fout: 0xPSUAMain.exe0
Pad naar toepassing met fout: PSUAMain.exe1
Pad naar module met fout: PSUAMain.exe2
Rapport-id: PSUAMain.exe3
Volledige pakketnaam met fout: PSUAMain.exe4
Relatieve toepassings-id van pakket met fout: PSUAMain.exe5
 
Error: (03/30/2016 06:03:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma IEXPLORE.EXE, versie 11.0.9600.18124 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.
 
Proces-id: ae8
 
Starttijd: 01d18a9d95ad6cf9
 
Eindtijd: 109
 
Toepassingspad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Rapport-id: fba57460-f690-11e5-beb8-00265538ba37
 
Volledige pakketnaam met fout: 
 
Relatieve toepassings-id van pakket met fout:
 
Error: (03/30/2016 06:02:20 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (03/30/2016 05:27:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1671
 
Error: (03/30/2016 05:27:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1671
 
Error: (03/30/2016 05:27:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/29/2016 05:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7563
 
Error: (03/29/2016 05:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7563
 
Error: (03/29/2016 05:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/29/2016 05:34:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6078
 
 
Systeemfouten:
=============
Error: (03/30/2016 06:27:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Counter-intuitive Text Direction-service kan vanwege de volgende fout niet worden gestart: 
%%2
 
Error: (03/30/2016 06:27:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: IncludeRunner.
 
Error: (03/30/2016 06:27:03 PM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x810x20x10xfe0x00x0
 
Error: (03/30/2016 05:57:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Counter-intuitive Text Direction-service kan vanwege de volgende fout niet worden gestart: 
%%2
 
Error: (03/30/2016 05:57:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: IncludeRunner.
 
Error: (03/30/2016 05:57:12 PM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x810x20x10xfe0x00x0
 
Error: (03/30/2016 05:55:25 PM) (Source: DCOM) (EventID: 10010) (User: EGON-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (03/30/2016 05:32:57 PM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x810x20x10xfe0x00x0
 
Error: (03/30/2016 05:32:55 PM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: ScReadWrite: Failed to read reply.-8053061870xa0x00x00x0
 
Error: (03/30/2016 03:26:00 PM) (Source: WudfUsbccidDriver) (EventID: 6) (User: NT AUTHORITY)
Description: VendorIoctl0x313520
 
 
==================== Geheugen info =========================== 
 
Processor: Intel® Core™2 Duo CPU E7500 @ 2.93GHz
Percentage geheugen in gebruik: 41%
Totaal fysiek RAM-geheugen: 3037.17 MB
Beschikbaar fysiek RAM-geheugen: 1764.62 MB
Totaal Virtueel geheugen: 6109.17 MB
Beschikbaar Virtual geheugen: 4832.4 MB
 
==================== Schijven ================================
 
Drive c: () (Fixed) (Total:297.99 GB) (Free:213.21 GB) NTFS
 
==================== MBR & Partitietabel ==================
 
==================== Eind van Addition.txt ============================

Edited by HaraMo, 30 March 2016 - 01:24 PM.

  • 0

Advertisements

#2
Essexboy
Posted 31 March 2016 - 09:03 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi first I would recommend that you uninstall Hola http://adios-hola.org/


Let me know what problems there are after this run

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKLM-x32\...\Run: [gmsd_be_004010022] => [X]
HKLM-x32\...\Run: [gmsd_be_005010023] => [X]
HKLM-x32\...\Run: [gmsd_be_005010031] => [X]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442477744&z=930bd4e5e7b93df2bb61eb8gfzfzco6zbmbm3w8bde&from=face&uid=WDCXWD3200AAJS-60M0A0_WD-WCAV2749348693486
S2 lexyfofi; C:\Program Files (x86)\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4\knsb2162.tmp [X]
2016-03-16 15:17 - 2016-03-16 15:17 - 00001700 _____ C:\Users\Public\Desktop\Hervat Reimage Repair Installatie.lnk
2016-03-16 15:17 - 2016-03-16 15:17 - 00000099 _____ C:\WINDOWS\Reimage.ini
2015-08-25 10:51 - 2015-08-25 10:51 - 1579520 _____ () C:\Users\Egon\AppData\Roaming\4gd6NIgFbFWQFc1O5yI9vvqp.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan
2015-08-25 10:51 - 2015-08-25 10:51 - 1579520 _____ () C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan.exe
2015-09-17 09:05 - 2015-09-17 09:05 - 3531374 _____ () C:\Users\Egon\AppData\Local\curl.zip
2015-09-07 14:00 - 2015-09-07 14:00 - 0000398 _____ () C:\Users\Egon\AppData\Local\Kx42m.vbs
2015-09-17 10:19 - 2015-09-17 10:19 - 0000398 _____ () C:\Users\Egon\AppData\Local\McCLmJP.vbs
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsaF76A.tmp
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsb7C34.tmp
2015-09-07 14:01 - 2015-09-07 14:01 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsh31AB.tmp
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nskAACA.tmp
2015-09-17 10:19 - 2015-09-17 10:19 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nslE424.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsmE030.tmp
2015-09-17 09:34 - 2015-09-17 09:34 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nst45ED.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0628688 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nst6D28.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsxD78D.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nszD16F.tmp
2015-10-24 12:52 - 2015-10-24 12:52 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
CustomCLSID: HKU\S-1-5-21-2492519384-784487665-790397795-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
Task: {0344E402-903B-4AEB-A66B-182691E44176} - \HPCustParticipation HP Officejet Pro 8500 A910 -> Geen bestand <==== AANDACHT
Task: {2390764F-4931-4E38-806E-92AE6BED97FD} - \Winsta Update -> Geen bestand <==== AANDACHT
Task: {2A8C99C5-E70D-4D49-A795-088799184777} - \CreateChoiceProcessTask -> Geen bestand <==== AANDACHT
Task: {5017C623-6393-440C-93E9-027CB14FE9AE} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {5290EC6B-47A1-404D-9431-45E2BA61F36F} - \{6BC3BD36-CC7E-4666-867E-D66FB83918ED} -> Geen bestand <==== AANDACHT
Task: {67F881E8-9A16-4DB1-9D99-49B32FDD3BED} - \Adobe Acrobat Update Task -> Geen bestand <==== AANDACHT
Task: {6FDF98F6-07EC-4196-B562-F87B2067E272} - \PhraseProfessor Auto Updater 1.10.0.24 Pending Update -> Geen bestand <==== AANDACHT
Task: {7F0C1CFB-49EF-469F-8EDF-88EEB18C91AB} - \Optimize Start Menu Cache Files-S-1-5-21-2492519384-784487665-790397795-1027 -> Geen bestand <==== AANDACHT
Task: {917F26D7-C930-4660-88DF-1A90F519834D} - \{102B20BA-1E82-47B3-BFE8-CF1FBBE2A804} -> Geen bestand <==== AANDACHT
Task: {A6557BA1-1169-4F87-A476-60004569BA68} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {AB4C4A60-A4B8-4A65-896C-FE5539273DDE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {BA07F5E6-3807-45A9-89A1-69464EBD5EF2} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2492519384-784487665-790397795-1000 -> Geen bestand <==== AANDACHT
Task: {BAB0EE2C-87F0-4E03-A097-C9171A897EAC} - \WinKit -> Geen bestand <==== AANDACHT
Task: {CD392819-9C96-4461-BB49-649CCC5BBBAE} - \Convertor -> Geen bestand <==== AANDACHT
Task: {D97904B3-7702-4F10-8594-5D634F98EBC4} - \PhraseProfessor Auto Updater 1.10.0.24 Core -> Geen bestand <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[8da6].job => c:\programdata\{f6a12d13-0e71-d3e8-f6a1-12d130e7b44c}\hqghumeaylnlf.exe <==== AANDACHT
C:\Program Files (x86)\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4
C:\Program Files (x86)\AnyProtectEx
c:\programdata\{f6a12d13-0e71-d3e8-f6a1-12d130e7b44c}
C:\Users\Egon\AppData\Local\Temp\_MEI49402
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#3
HaraMo
Posted 01 April 2016 - 09:20 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:05-03-2016 01
Gestart door Egon (2016-03-31 17:49:18) Run:1
Gestart vanaf C:\Users\Egon\Desktop
Geladen Profielen: Egon (Beschikbare Profielen: Egon)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
CreateRestorePoint:
HKLM-x32\...\Run: [gmsd_be_004010022] => [X]
HKLM-x32\...\Run: [gmsd_be_005010023] => [X]
HKLM-x32\...\Run: [gmsd_be_005010031] => [X]
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442477744&z=930bd4e5e7b93df2bb61eb8gfzfzco6zbmbm3w8bde&from=face&uid=WDCXWD3200AAJS-60M0A0_WD-WCAV2749348693486
S2 lexyfofi; C:\Program Files (x86)\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4\knsb2162.tmp [X]
2016-03-16 15:17 - 2016-03-16 15:17 - 00001700 _____ C:\Users\Public\Desktop\Hervat Reimage Repair Installatie.lnk
2016-03-16 15:17 - 2016-03-16 15:17 - 00000099 _____ C:\WINDOWS\Reimage.ini
2015-08-25 10:51 - 2015-08-25 10:51 - 1579520 _____ () C:\Users\Egon\AppData\Roaming\4gd6NIgFbFWQFc1O5yI9vvqp.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan
2015-08-25 10:51 - 2015-08-25 10:51 - 1579520 _____ () C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan.exe
2015-09-17 09:05 - 2015-09-17 09:05 - 3531374 _____ () C:\Users\Egon\AppData\Local\curl.zip
2015-09-07 14:00 - 2015-09-07 14:00 - 0000398 _____ () C:\Users\Egon\AppData\Local\Kx42m.vbs
2015-09-17 10:19 - 2015-09-17 10:19 - 0000398 _____ () C:\Users\Egon\AppData\Local\McCLmJP.vbs
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsaF76A.tmp
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsb7C34.tmp
2015-09-07 14:01 - 2015-09-07 14:01 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsh31AB.tmp
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nskAACA.tmp
2015-09-17 10:19 - 2015-09-17 10:19 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nslE424.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsmE030.tmp
2015-09-17 09:34 - 2015-09-17 09:34 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nst45ED.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0628688 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nst6D28.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsxD78D.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nszD16F.tmp
2015-10-24 12:52 - 2015-10-24 12:52 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
CustomCLSID: HKU\S-1-5-21-2492519384-784487665-790397795-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
Task: {0344E402-903B-4AEB-A66B-182691E44176} - \HPCustParticipation HP Officejet Pro 8500 A910 -> Geen bestand <==== AANDACHT
Task: {2390764F-4931-4E38-806E-92AE6BED97FD} - \Winsta Update -> Geen bestand <==== AANDACHT
Task: {2A8C99C5-E70D-4D49-A795-088799184777} - \CreateChoiceProcessTask -> Geen bestand <==== AANDACHT
Task: {5017C623-6393-440C-93E9-027CB14FE9AE} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {5290EC6B-47A1-404D-9431-45E2BA61F36F} - \{6BC3BD36-CC7E-4666-867E-D66FB83918ED} -> Geen bestand <==== AANDACHT
Task: {67F881E8-9A16-4DB1-9D99-49B32FDD3BED} - \Adobe Acrobat Update Task -> Geen bestand <==== AANDACHT
Task: {6FDF98F6-07EC-4196-B562-F87B2067E272} - \PhraseProfessor Auto Updater 1.10.0.24 Pending Update -> Geen bestand <==== AANDACHT
Task: {7F0C1CFB-49EF-469F-8EDF-88EEB18C91AB} - \Optimize Start Menu Cache Files-S-1-5-21-2492519384-784487665-790397795-1027 -> Geen bestand <==== AANDACHT
Task: {917F26D7-C930-4660-88DF-1A90F519834D} - \{102B20BA-1E82-47B3-BFE8-CF1FBBE2A804} -> Geen bestand <==== AANDACHT
Task: {A6557BA1-1169-4F87-A476-60004569BA68} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {AB4C4A60-A4B8-4A65-896C-FE5539273DDE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {BA07F5E6-3807-45A9-89A1-69464EBD5EF2} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2492519384-784487665-790397795-1000 -> Geen bestand <==== AANDACHT
Task: {BAB0EE2C-87F0-4E03-A097-C9171A897EAC} - \WinKit -> Geen bestand <==== AANDACHT
Task: {CD392819-9C96-4461-BB49-649CCC5BBBAE} - \Convertor -> Geen bestand <==== AANDACHT
Task: {D97904B3-7702-4F10-8594-5D634F98EBC4} - \PhraseProfessor Auto Updater 1.10.0.24 Core -> Geen bestand <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[8da6].job => c:\programdata\{f6a12d13-0e71-d3e8-f6a1-12d130e7b44c}\hqghumeaylnlf.exe <==== AANDACHT
C:\Program Files (x86)\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4
C:\Program Files (x86)\AnyProtectEx
c:\programdata\{f6a12d13-0e71-d3e8-f6a1-12d130e7b44c}
C:\Users\Egon\AppData\Local\Temp\_MEI49402
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Herstelpunt is succesfol gemaakt.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_004010022 => waarde is succesvol verwijderd.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010023 => waarde is succesvol verwijderd.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_be_005010031 => waarde is succesvol verwijderd.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => waarde met succes hersteld
lexyfofi => dienst is succesvol verwijderd.
C:\Users\Public\Desktop\Hervat Reimage Repair Installatie.lnk => is succesvol verplaatst.
C:\WINDOWS\Reimage.ini => is succesvol verplaatst.
C:\Users\Egon\AppData\Roaming\4gd6NIgFbFWQFc1O5yI9vvqp.exe => is succesvol verplaatst.
C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan => is succesvol verplaatst.
C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan.exe => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\curl.zip => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\Kx42m.vbs => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\McCLmJP.vbs => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nsaF76A.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nsb7C34.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nsh31AB.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nskAACA.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nslE424.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nsmE030.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nst45ED.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nst6D28.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nsxD78D.tmp => is succesvol verplaatst.
C:\Users\Egon\AppData\Local\nszD16F.tmp => is succesvol verplaatst.
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => is succesvol verplaatst.
"HKU\S-1-5-21-2492519384-784487665-790397795-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0344E402-903B-4AEB-A66B-182691E44176}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0344E402-903B-4AEB-A66B-182691E44176}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCustParticipation HP Officejet Pro 8500 A910" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2390764F-4931-4E38-806E-92AE6BED97FD}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2390764F-4931-4E38-806E-92AE6BED97FD}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Winsta Update" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A8C99C5-E70D-4D49-A795-088799184777}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A8C99C5-E70D-4D49-A795-088799184777}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateChoiceProcessTask" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5017C623-6393-440C-93E9-027CB14FE9AE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5017C623-6393-440C-93E9-027CB14FE9AE}" => sleutel is succesvol verwijderd.
C:\WINDOWS\System32\Tasks\APSnotifierPP1 => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5290EC6B-47A1-404D-9431-45E2BA61F36F}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5290EC6B-47A1-404D-9431-45E2BA61F36F}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6BC3BD36-CC7E-4666-867E-D66FB83918ED}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{67F881E8-9A16-4DB1-9D99-49B32FDD3BED}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67F881E8-9A16-4DB1-9D99-49B32FDD3BED}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6FDF98F6-07EC-4196-B562-F87B2067E272}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FDF98F6-07EC-4196-B562-F87B2067E272}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhraseProfessor Auto Updater 1.10.0.24 Pending Update" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F0C1CFB-49EF-469F-8EDF-88EEB18C91AB}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F0C1CFB-49EF-469F-8EDF-88EEB18C91AB}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-2492519384-784487665-790397795-1027" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{917F26D7-C930-4660-88DF-1A90F519834D}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{917F26D7-C930-4660-88DF-1A90F519834D}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{102B20BA-1E82-47B3-BFE8-CF1FBBE2A804}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6557BA1-1169-4F87-A476-60004569BA68}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6557BA1-1169-4F87-A476-60004569BA68}" => sleutel is succesvol verwijderd.
C:\WINDOWS\System32\Tasks\APSnotifierPP2 => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB4C4A60-A4B8-4A65-896C-FE5539273DDE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB4C4A60-A4B8-4A65-896C-FE5539273DDE}" => sleutel is succesvol verwijderd.
C:\WINDOWS\System32\Tasks\APSnotifierPP3 => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA07F5E6-3807-45A9-89A1-69464EBD5EF2}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA07F5E6-3807-45A9-89A1-69464EBD5EF2}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft OneDrive Auto Update Task-S-1-5-21-2492519384-784487665-790397795-1000" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAB0EE2C-87F0-4E03-A097-C9171A897EAC}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAB0EE2C-87F0-4E03-A097-C9171A897EAC}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinKit" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD392819-9C96-4461-BB49-649CCC5BBBAE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD392819-9C96-4461-BB49-649CCC5BBBAE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Convertor" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D97904B3-7702-4F10-8594-5D634F98EBC4}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D97904B3-7702-4F10-8594-5D634F98EBC4}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhraseProfessor Auto Updater 1.10.0.24 Core" => sleutel is succesvol verwijderd.
C:\WINDOWS\Tasks\APSnotifierPP1.job => is succesvol verplaatst.
C:\WINDOWS\Tasks\APSnotifierPP2.job => is succesvol verplaatst.
C:\WINDOWS\Tasks\APSnotifierPP3.job => is succesvol verplaatst.
C:\WINDOWS\Tasks\Bidaily Synchronize Task[8da6].job => is succesvol verplaatst.
C:\Program Files (x86)\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4 => is succesvol verplaatst.
"C:\Program Files (x86)\AnyProtectEx" => niet gevonden.
c:\programdata\{f6a12d13-0e71-d3e8-f6a1-12d130e7b44c} => is succesvol verplaatst.
 
"C:\Users\Egon\AppData\Local\Temp\_MEI49402" map verplaatsing:
 
Kon niet verplaatsen "C:\Users\Egon\AppData\Local\Temp\_MEI49402" => Gepland te verplaatsen bij herstart.
 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
De bewerking is voltooid.
 
 
 
========= Eind van Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
De bewerking is voltooid.
 
 
 
========= Eind van Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd.
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd.
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd.
HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd.
HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd.
 
 
========= Eind van RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {8FE277EF-5B25-4346-8B0A-1E7E1637D6F7}.
{CBBFE6D7-CBE4-4873-AC81-4B48D2865573} canceled.
Unable to cancel {9BA2CDBD-CB80-45EB-9C01-87DE1A16653C}.
Unable to cancel {6008C9AA-7437-4949-B306-2A0FDE6A6295}.
1 out of 4 jobs canceled.
 
========= Eind van CMD: =========
 
EmptyTemp: => 7.9 GB tijdelijke gegevens verwijderd.
 
Resultaat van geplande bestanden te verplaatsen (Boot Modus: Normal) (Datum&Tijd: 2016-04-01 08:23:42)
 
C:\Users\Egon\AppData\Local\Temp\_MEI49402 => is succesvol verplaatst.
 
==== Eind van Fixlog 08:23:42 ====

  • 0

#4
HaraMo
Posted 01 April 2016 - 09:42 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

# AdwCleaner v4.113 - Logbestand aangemaakt 06/07/2015 op 23:01:07

# Laatste update 22/03/2015 door Xplode
# Database : 2015-03-22.2 [Lokaal]
# Besturingssysteem : Windows 8.1 Pro  (x64)
# Gebruikersnaam : Egon - EGON-PC
# Gestart vanuit : C:\Users\Egon\Desktop\adwcleaner_4.113.exe
# Optie : Verwijderen
 
***** [ Services ] *****
 
[#] Service Verwijderd : globalUpdate
[#] Service Verwijderd : globalUpdatem
Service Verwijderd : WindowsMangerProtect
Service Verwijderd : hola_updater
Service Verwijderd : hola_svc
Service Verwijderd : IHProtect Service
 
***** [ Bestanden / Mappen ] *****
 
Map Verwijderd : C:\Hola
Map Verwijderd : C:\ProgramData\WindowsMangerProtect
Map Verwijderd : C:\ProgramData\IHProtectUpDate
Map Verwijderd : C:\ProgramData\2b0f16060000088e
Map Verwijderd : C:\ProgramData\884522cb00005a07
Map Verwijderd : C:\Program Files (x86)\Easy Speed Check
Map Verwijderd : C:\Program Files (x86)\globalUpdate
Map Verwijderd : C:\Program Files (x86)\predm
Map Verwijderd : C:\Program Files (x86)\Probit Software
Map Verwijderd : C:\Program Files\Hola
Map Verwijderd : C:\Users\Egon\SupTab
Map Verwijderd : C:\Users\Egon\AppData\Local\globalUpdate
Map Verwijderd : C:\Users\Egon\AppData\Local\Hola
Map Verwijderd : C:\Users\Egon\AppData\Local\SmartWeb
Map Verwijderd : C:\Users\Egon\AppData\Roaming\AnyProtectEx
Map Verwijderd : C:\Users\Egon\AppData\Roaming\Systweak
Map Verwijderd : C:\Users\Egon\AppData\Roaming\Hola
Map Verwijderd : C:\Users\Egon\Desktop\Hola
Map Verwijderd : C:\Users\Egon\Documents\Probit Software
Bestand Verwijderd : C:\Users\Egon\AppData\Local\Temp\Uninstall.exe
Bestand Verwijderd : C:\WINDOWS\System32\roboot64.exe
 
***** [ Geplande taken ] *****
 
Taak Verwijderd : globalUpdateUpdateTaskMachineCore
Taak Verwijderd : globalUpdateUpdateTaskMachineUA
 
***** [ Snelkoppelingen ] *****
 
 
***** [ Register ] *****
 
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [EasySpeedCheck]
Sleutel Verwijderd : HKLM\SOFTWARE\16a011db-9370-6380-d112-e0060b179380
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Waarde Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Sleutel Verwijderd : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Gegevens Hersteld : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Sleutel Verwijderd : HKCU\Software\AnyProtect
Sleutel Verwijderd : HKCU\Software\APN PIP
Sleutel Verwijderd : HKCU\Software\AskPartnerNetwork
Sleutel Verwijderd : HKCU\Software\GlobalUpdate
Sleutel Verwijderd : HKCU\Software\HomeTab
Sleutel Verwijderd : HKCU\Software\Optimizer Pro
Sleutel Verwijderd : HKCU\Software\simplytech
Sleutel Verwijderd : HKCU\Software\systweak
Sleutel Verwijderd : HKCU\Software\TutoTag
Sleutel Verwijderd : HKCU\Software\Easy Speed Check
Sleutel Verwijderd : HKCU\Software\WajIEnhance
Sleutel Verwijderd : HKCU\Software\TNT2
Sleutel Verwijderd : HKCU\Software\Super Optimizer
Sleutel Verwijderd : HKCU\Software\WajIntEnhance
Sleutel Verwijderd : HKCU\Software\SearchProtectWS
Sleutel Verwijderd : HKCU\Software\Crossbrowse
Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Crossrider
Sleutel Verwijderd : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Sleutel Verwijderd : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Sleutel Verwijderd : HKLM\SOFTWARE\AskPartnerNetwork
Sleutel Verwijderd : HKLM\SOFTWARE\Conduit
Sleutel Verwijderd : HKLM\SOFTWARE\GlobalUpdate
Sleutel Verwijderd : HKLM\SOFTWARE\Iminent
Sleutel Verwijderd : HKLM\SOFTWARE\SearchProtect
Sleutel Verwijderd : HKLM\SOFTWARE\SupDp
Sleutel Verwijderd : HKLM\SOFTWARE\SupTab
Sleutel Verwijderd : HKLM\SOFTWARE\supWindowsMangerProtect
Sleutel Verwijderd : HKLM\SOFTWARE\systweak
Sleutel Verwijderd : HKLM\SOFTWARE\Tutorials
Sleutel Verwijderd : HKLM\SOFTWARE\mystartsearchSoftware
Sleutel Verwijderd : HKLM\SOFTWARE\IHProtect
Sleutel Verwijderd : HKLM\SOFTWARE\WajIntEnhance
Sleutel Verwijderd : HKLM\SOFTWARE\Crossbrowse
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
Gegevens Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Webbrowsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
Setting Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Hersteld : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Hersteld : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Google Chrome v43.0.2357.130
 
 
-\\ Opera v30.0.1835.88
 
 
*************************
 
AdwCleaner[R0].txt - [16264 bytes] - [06/07/2015 22:56:50]
AdwCleaner[R1].txt - [16324 bytes] - [06/07/2015 22:59:48]
AdwCleaner[S0].txt - [13134 bytes] - [06/07/2015 23:01:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13194  bytes] ##########

  • 0

#5
HaraMo
Posted 01 April 2016 - 09:49 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

No commercials anymore, system reacts faster.

 

Thank a lot.

 

Is pc now 100% malware virus free?


Edited by HaraMo, 01 April 2016 - 09:49 AM.

  • 0

#6
Essexboy
Posted 01 April 2016 - 11:16 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
One final check to be sure :)

JHlUMFt.png Scan with Malwarebytes Anti-Malware
  • Please download Malwarebytes Anti-Malware to your desktop
  • Launch Malwarebytes from your Desktop
  • In Database version section, click Update Now
  • Once the update is done, click Settings>Detection and Protection
  • Make sure that all three boxes under Detection Options are checked
    vG7pLOy.png
  • Go back to Dashboard and click the big, green Scan Now button.
  • Wait for Malwarebytes Anti-Malware to finish the scan
  • If the program will detect anything, click Remove Selected. The program might want to reboot the system. Allow it it wants to.
  • Once the deletion is done (or after reboot), go to History, select Application Logs and click the latest Scan Log.
  • Click Export, then click Copy to Clipboard.
  • Paste (CTRL+V) the log into your next reply.

  • 0

#7
HaraMo
Posted 01 April 2016 - 02:00 PM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

mbam found a trojan, is the pc accesible by others ?? argggh!

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scandatum: 1/04/2016
Scantijd: 20:04
Logboekbestand: 
Beheerder: Ja
 
Versie: 2.2.1.1043
Malware-database: v2016.04.01.05
Rootkit-database: v2016.03.30.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld
 
Besturingssysteem: Windows 8.1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Egon
 
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 411473
Verstreken tijd: 28 min, 50 sec
 
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
 
Processen: 0
(Geen kwaadaardige items gedetecteerd)
 
Modules: 0
(Geen kwaadaardige items gedetecteerd)
 
Registersleutels: 18
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In quarantaine, [d3d6b2f71584ba7c1474304a6b999868], 
PUP.Optional.Infonaut, HKLM\SOFTWARE\WOW6432NODE\Infonaut_1.10.0.14, In quarantaine, [c3e63376aaeff541cfac74ac47bd966a], 
PUP.Optional.WordShark, HKLM\SOFTWARE\WOW6432NODE\WordShark_1.10.0.20, In quarantaine, [abfe3f6a2b6ec571a6c5fa4ae22243bd], 
PUP.Optional.WordSurfer, HKLM\SOFTWARE\WOW6432NODE\WordSurfer_1.10.0.19, In quarantaine, [406977324554280e79fc5be99173649c], 
PUP.Optional.Vitruvian, HKLM\SOFTWARE\WOW6432NODE\WordWizard_1.10.0.24, In quarantaine, [5f4ac6e3f8a18fa7f8f20a41c04440c0], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{c31ed948}, In quarantaine, [8821d9d06d2c5cda3c7939f0ed1741bf], 
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, In quarantaine, [7c2ddfca7821f64060550227b74d8977], 
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In quarantaine, [6f3a6445ff9a00363f495327966ee41c], 
PUP.Optional.IncludeRunner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\423248f1, In quarantaine, [4267efba2d6c2c0aaa7a0b15a361926e], 
PUP.Optional.WindowsProtectionManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WdsManPro, In quarantaine, [5257d3d63f5a37ff39e26cc127dc01ff], 
PUP.Optional.CinemaPlus, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV06.07-nv, In quarantaine, [0f9afbae1485ec4a838c838af90b39c7], 
PUP.Optional.CinemaPlus, HKU\S-1-5-18\SOFTWARE\CinemaPlus-3.2cV06.07-nv-ie, In quarantaine, [0b9ec4e5a3f65dd96aa57e8f56aeaf51], 
PUP.Optional.MediaPlayer, HKU\S-1-5-18\SOFTWARE\MediaPlayerVid2.4-nv, In quarantaine, [6b3ee3c651481e187f97869fcd37b24e], 
PUP.Optional.MediaPlayer, HKU\S-1-5-18\SOFTWARE\MediaPlayerVid2.4-nv-ie, In quarantaine, [c9e019900d8c0d2928ee8f96f70d966a], 
PUP.Optional.CinemaPlus, HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\CinemaPlus-3.2cV06.07-nv-ie, In quarantaine, [0e9bb5f43069023429e6e92412f21ce4], 
PUP.Optional.CinemaPlus, HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\CinemaPlus-3.2cV15.07-nv-ie, In quarantaine, [a6036742376247ef9e713dd014f09b65], 
PUP.Optional.MediaPlayer, HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\MediaPlayerVid2.4-nv-ie, In quarantaine, [327778315c3dd85ef5218e9719eb52ae], 
PUP.Optional.MyBrowser, HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\MyBrowser 1.0.2V30.07-nv-ie, In quarantaine, [07a24465c5d43006668dd455e321bf41], 
 
Registerwaarden: 13
Trojan.Vonteera, HKCU\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXT\CLSID|{437B9306-2FDE-4054-A3C9-6B49507C12D0}, 1, In quarantaine, [6a3f5f4ae2b765d12ef8a9da0ff5a25e]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In quarantaine, [bfeaa405fa9f82b40afe482ff113867a], 
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In quarantaine, [773250592e6b5dd9987085f2ab59b44c], 
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In quarantaine, [d3d6b2f71584ba7c1474304a6b999868]
PUP.Optional.CrossBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.XHTML\OPENWITHPROGIDS|CRSBRWSHTML, In quarantaine, [fdac9514d5c49b9bf810b3c4ff05fc04], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS, MyBrowser, In quarantaine, [bdec9613a2f76ccadba362e7d62e867a]
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|StubPath, "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level, In quarantaine, [5a4ffcadfc9d9a9cc8b6044528dc629e]
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|Localized Name, MyBrowser, In quarantaine, [18914564188139fd314ddb6e2ed609f7]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In quarantaine, [6f3a6445ff9a00363f495327966ee41c]
Trojan.Vonteera, HKU\S-1-5-21-2492519384-784487665-790397795-1000\ACTIVE_PERMISSIONS|{934B156A-3D17-3981-B78A-5C138F423AD6}, 1, In quarantaine, [d2d7921710898da94dd3e89bbc4832ce]
Trojan.Vonteera, HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXT\CLSID|{437B9306-2FDE-4054-A3C9-6B49507C12D0}, 1, In quarantaine, [3475e9c07524f64028fa95eef80c7b85]
Trojan.Vonteera, HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXT\CLSID|{934B156A-3D17-3981-B78A-5C138F423AD6}, 1, In quarantaine, [a80191189603e84ece560d7620e4738d]
Trojan.Vonteera, HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXT\CLSID|{437B9306-2FDE-4054-A3C9-6B49507C12D0}, 1, In quarantaine, [6d3c9217d2c73600b56d2c577094b24e]
 
Registerdata: 0
(Geen kwaadaardige items gedetecteerd)
 
Mappen: 2
PUP.Optional.ConvertAd.Gen, C:\Users\Egon\AppData\Roaming\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4, In quarantaine, [60494465396081b5c4c6b04bd82b827e], 
PUP.Optional.OptimizerPro, C:\Users\Egon\Documents\Optimizer Pro, In quarantaine, [c3e6238676236fc76815b57721e333cd], 
 
Bestanden: 9
PUP.Optional.PhraseProfessor, C:\WINDOWS\SYSTEM32\drivers\ppfd_vt_1_10_0_24.sys, Verwijder-bij-herstart, [63637b775224ea2798e70c6ffeb4f3de], 
PUP.Optional.PhraseProfessor, C:\WINDOWS\SYSTEM32\drivers\ppfd_vw_1_10_0_24.sys, Verwijder-bij-herstart, [4ad96d0e6a99488023d09f7a7eb08b51], 
PUP.Optional.ConvertAd, C:\Users\Egon\AppData\Roaming\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4\hnsz51D6.tmp, In quarantaine, [496065443a5f39fdf87a55e8857c2cd4], 
Trojan.Vonteera, C:\Users\Egon\AppData\Roaming\HqeO\rinti.exe, In quarantaine, [199031782c6d4fe760aa99b225db0ef2], 
PUP.Optional.Conduit, C:\Users\Egon\Desktop\HSS-3.42-install-hss-561-conduit.exe, In quarantaine, [476234758217132324b4e72c07fb7987], 
PUP.Optional.ConvertAd.Gen, C:\Users\Egon\AppData\Roaming\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4\jnsb3C68.tmp, In quarantaine, [60494465396081b5c4c6b04bd82b827e], 
PUP.Optional.ConvertAd.Gen, C:\Users\Egon\AppData\Roaming\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4\Uninstall.exe, In quarantaine, [60494465396081b5c4c6b04bd82b827e], 
PUP.Optional.ConvertAd.Gen, C:\Users\Egon\AppData\Roaming\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4\vD572.tmp, In quarantaine, [60494465396081b5c4c6b04bd82b827e], 
PUP.Optional.OptimizerPro, C:\Users\Egon\Documents\Optimizer Pro\CookiesException.txt, In quarantaine, [c3e6238676236fc76815b57721e333cd], 
 
Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)
 
 
(end)

  • 0

#8
Essexboy
Posted 02 April 2016 - 03:34 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK two more to kill then you should be good to go :)

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

C:\Users\Egon\AppData\Roaming\HqeO
C:\Users\Egon\AppData\Roaming\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#9
HaraMo
Posted 02 April 2016 - 03:48 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:05-03-2016 01
Gestart door Egon (2016-04-02 11:48:09) Run:2
Gestart vanaf C:\Users\Egon\Desktop
Geladen Profielen: Egon (Beschikbare Profielen: Egon)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
C:\Users\Egon\AppData\Roaming\HqeO
C:\Users\Egon\AppData\Roaming\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4
*****************
 
C:\Users\Egon\AppData\Roaming\HqeO => is succesvol verplaatst.
"C:\Users\Egon\AppData\Roaming\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4" => niet gevonden.
 
==== Eind van Fixlog 11:48:09 ====

  • 0

#10
Essexboy
Posted 02 April 2016 - 03:56 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

Advertisements

#11
HaraMo
Posted 02 April 2016 - 04:01 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

well, thanks a lot.

 

Monday will the computer be used again, then after a few days I can let you know how good it works.

 

I also will uninstall some application, as most are not used, I hope this will gain some speed.

 

I will now do the last steps you posted.

 

Thanks again a lot.


  • 0

#12
HaraMo
Posted 02 April 2016 - 04:07 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts
# DelFix v1.010 - Logfile created 02/04/2016 at 12:05:31
# Updated 26/04/2015 by Xplode
# Username : Egon - EGON-PC
# Operating System : Windows 8.1 Pro  (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Egon\Desktop\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #59 [Gepland controlepunt | 03/18/2016 07:55:47]
Deleted : RP #61 [Windows Update | 03/24/2016 08:01:49]
Deleted : RP #63 [Restore Point Created by FRST | 03/31/2016 15:49:21]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0

#13
HaraMo
Posted 02 April 2016 - 04:42 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

how can i get rid of this certificate in internet explorer, it seems to have the same name as the app you advised me to uninstall (HOLA)

 

 33e3q15.jpg


  • 0

#14
Essexboy
Posted 02 April 2016 - 05:35 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Follow this guide to delete http://www.thewindow...manager-windows
  • 0

#15
HaraMo
Posted 02 April 2016 - 06:41 AM

HaraMo

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 456 posts

Thanks , deleted it succesfully.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP