SSL-certificaat van Xolphin Powered by Cloud VPS - High Availability Cloud Servers Steun Nucia, doneer!
Resultaten 1 tot 13 van de 13
  1. #1

    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows Vista Home Premium
    Firewall
    Berichten
    140

    Geen internetverbinding (beperkte toegang) ... problemen firewall

    Beste,

    Sinds kort heeft een kennis van mij internetproblemen. Er is WIFI - verbinding, maar met beperkte toegang.
    Na wat zoeken merkte ik dat Windows Firewall uitgeschakeld was. Het was immers niet mogelijk om deze opnieuw in te schakelen.

    Via fora las ik over hetzelfde probleem en dat het op te lossen was met Combofix. Ik liet dit draaien en Windows Firewall werd opnieuw actief. Helaas... de beperkte internetverbinding blijft.

    Ik maakte daarnet de nodige logjes. Is het mogelijk om toch eens te kijken of er iets verdacht aanwezig is?

    Bedankt!

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 17/04/2017
    Scantijd: 12:49:47
    Logbestand: mbam.txt
    Beheerder: Ja

    Versie: 2.00.1.1004
    Malwaredatabase: v2017.04.09.04
    Rootkitdatabase: v2017.04.02.01
    Licentie: Gratis
    Malwarebescherming: Uitgeschakeld
    Kwaadaardige Website Bescherming: Uitgeschakeld
    Chameleon: Uitgeschakeld

    Besturingssysteem: Windows 7 Service Pack 1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: johan

    Scantype: Aangepaste Scan
    Resultaat: Voltooid
    Objecten Gescand: 551785
    Verstreken Tijd: 13 u, 49 m, 59 s

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Shuriken: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registersleutels: 7
    PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantaine, [e36685678d1b3bfbb56ce5ddfb0747b9],
    PUP.Optional.SysTweak, HKLM\SOFTWARE\WOW6432NODE\Systweak, In Quarantaine, [1d2cb9332b7d55e1310942e9ff01ca36],
    PUP.Optional.LizardLink, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jainjonnknhmbbkibcbmhihbopigapdm, In Quarantaine, [5ced5d8f9f097fb7717f9203b84a9d63],
    PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASAPI32, In Quarantaine, [76d316d62583b97de50103a7c63ca35d],
    PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASMANCS, In Quarantaine, [7fcae903b8f0290d5d89773346bcc23e],
    PUP.Optional.MindSpark, HKU\S-1-5-21-1605064705-3519875545-3396432865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, In Quarantaine, [2c1dca227038e94d747befa8bc46dc24],
    PUP.Optional.MindSpark, HKU\S-1-5-21-1605064705-3519875545-3396432865-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, In Quarantaine, [c98044a88820c76f43ac484f11f19a66],

    Registerwaardes: 4
    PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|LyricsSay-1-bg.exe, 8000, In Quarantaine, [cb7ed319e7c1e84ec05622b19a6827d9]
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|VideoDownloadConverter Search Scope Monitor, "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h, In Quarantaine, [8ebb97559018a393271c1570cb379769]
    PUP.Optional.SpeedTestAnalysis, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|speedanalysis02@SpeedAnalysis.com, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantaine, [7bce8e5eb9efaa8c357a2d74e61c817f]
    PUP.Optional.SpeedTestAnalysis, HKU\S-1-5-21-1605064705-3519875545-3396432865-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedanalysis02@SpeedAnalysis.com, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantaine, [8ebb9854753339fd921bfea392700ff1]

    Registerdata: 0
    (No malicious items detected)

    Mappen: 18
    PUP.Optional.SysTweak, C:\Users\johan\AppData\Roaming\Systweak, In Quarantaine, [f455eefe95135fd7c5db30ff2cd4be42],
    PUP.Optional.Delta.ShrtCln, C:\Users\johan\AppData\LocalLow\Delta\delta, In Quarantaine, [d2770ede6b3d3df9aa7d807bf9089b65],
    PUP.Optional.DSearchLink, C:\ProgramData\DSearchLink, In Quarantaine, [00496a82198fb58143be9b67a45edd23],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\History, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Settings, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\VideoDownloadConverter_4z, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\VideoDownloadConverter_4z\Cache, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup, In Quarantaine, [2d1ce4082682a98d34cbf7105ca6f808],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\m z, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],

    Bestanden: 113
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E5DC8, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E5F3F.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E5FEA.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E60F4.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E621C.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E6325.cab, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E643E.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E6547.cab, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E6670.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E675A.cab, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E6863.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E68E0.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\000E693D.bmp, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Cache\files.ini, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\History\search3, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\ldb.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lobm.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\btmarrow.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\cancel.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\config.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\continue.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\dispatch.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\divider.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\gcancel.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\index.htm, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\infobar.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\jquery.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\la.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lbcs.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lbms.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lca.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lcfc.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lcm.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lcs.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lcso.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lctn.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\ldbg.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lddg.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lff.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lffb.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lg.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lgs.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lgw.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lha.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lhp.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lia.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\liwon.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lkazulah.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lmd.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lmfc.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lmh.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lmma.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lmosh.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lmwf.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lmws.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\loryte.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lpss.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lqc.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lrb.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lrg.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lrr.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lsc.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lscr.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lsi.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lssd.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\ltrs.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\ltvf.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lvs.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lwb.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lwf.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\lzwinky.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\ok.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\overlay.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\pid.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\qstring.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\shield.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\spacer.swf, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\toolbar.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\yelgrey.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\yellowbg.png, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\zEnable.css, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\zEnable.htm, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\ie9mesg\COMMON\zEnable.js, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\bar\Settings\prevcfg2.htm, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\VideoDownloadConverter_4z\Cache\PopupPrope rties210425027.html, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\VideoDownloadConverter_4z\Cache\Radio.html , In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MindSpark, C:\Users\johan\AppData\LocalLow\VideoDownloadConverter_4z\VideoDownloadConverter_4z\Cache\VideosBtn. html, In Quarantaine, [7ccd806c8e1a191dbabe1aedd82a18e8],
    PUP.Optional.MyPCBackup, C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe, In Quarantaine, [2d1ce4082682a98d34cbf7105ca6f808],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome.manifest, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\install.rdf, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\b ackground.html, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\b g.js, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\b utton.xml, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\c onfig.js, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\c ontent.js, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\f ramework.js, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\f ramework.png, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\f ramework.xul, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con128.png, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con16.png, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con18.ico, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con18.png, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con24.ico, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con24.png, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con32.ico, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con32.png, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\i con48.png, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\j query-1.9.1.min.js, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\o ptions.xul, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\s ettings.json, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\m z\background.js, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\m z\content.js, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],
    PUP.Optional.SpeedAnalysis, C:\Users\johan\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin\fram ework.css, In Quarantaine, [e267549802a63bfb69a2f715a35ffb05],

    Fysieke Sectoren: 0
    (No malicious items detected)


    (end)


    # AdwCleaner v6.045 - Logbestand aangemaakt 17/04/2017 op 15:35:17
    # Bijgewerkt op 28/03/2017 door Malwarebytes
    # Database : 2017-03-28.2 [Lokaal]
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (X64)
    # Gebruikersnaam : johan - JOHAN-PC
    # Gestart vanuit : C:\Users\johan\Desktop\adwcleaner_6.045.exe
    # Mode: Verwijderen
    # Ondersteuning : https://www.malwarebytes.com/support



    ***** [ Services ] *****



    ***** [ Mappen ] *****

    [-] Map verwijderd: C:\Users\johan\AppData\Local\VideoDownloadConverter_4z
    [-] Map verwijderd: C:\Users\johan\AppData\Local\iac
    [#] Map verwijderd tijdens herstart: C:\Users\johan\AppData\Local\IAC
    [#] Map verwijderd tijdens herstart: C:\Users\johan\AppData\Local\VideoDownloadConverter_4z
    [-] Map verwijderd: C:\Users\johan\AppData\LocalLow\iac
    [-] Map verwijderd: C:\Users\johan\AppData\LocalLow\avg web tuneup
    [#] Map verwijderd tijdens herstart: C:\Users\johan\AppData\LocalLow\IAC
    [-] Map verwijderd: C:\Users\johan\AppData\Roaming\PerformerSoft
    [-] Map verwijderd: C:\ProgramData\AVG Security Toolbar
    [-] Map verwijderd: C:\ProgramData\Babylon
    [-] Map verwijderd: C:\ProgramData\Partner
    [#] Map verwijderd tijdens herstart: C:\ProgramData\Application Data\AVG Security Toolbar
    [#] Map verwijderd tijdens herstart: C:\ProgramData\Application Data\Babylon
    [#] Map verwijderd tijdens herstart: C:\ProgramData\Application Data\Partner
    [-] Map verwijderd: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\video download converter
    [-] Map verwijderd: C:\Program Files (x86)\RegClean Pro
    [-] Map verwijderd: C:\Program Files (x86)\video download converter
    [-] Map verwijderd: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search
    [-] Map verwijderd: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup


    ***** [ Bestanden ] *****



    ***** [ DLL ] *****



    ***** [ WMI ] *****



    ***** [ Snelkoppelingen ] *****



    ***** [ Geplande Taken ] *****



    ***** [ Register ] *****

    [-] Sleutel verwijderd: HKLM\SOFTWARE\522d6deb33aed48
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2d9083ce-8758-4704-ba57-3c891d7452bd}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4f291eb7-9ae8-4a12-a507-f13cd29831e3}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9103c314-c4e2-4463-8934-b19bcb46236d}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97cef41c-5055-474a-855a-892d4fe3e596}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d375ee64-f893-498a-a0e9-0e9829c88c3d}
    [#] Sleutel verwijderd tijdens herstart: {93a3111f-4f74-4ed8-895e-d9708497629e}
    [#] Sleutel verwijderd tijdens herstart: {BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
    [-] Sleutel verwijderd: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\videodownloadconverter_4zservice
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\Prod.cap
    [#] Sleutel verwijderd tijdens herstart: [x64] HKLM\SOFTWARE\Classes\Prod.cap
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
    [-] Sleutel verwijderd: HKU\.DEFAULT\Software\AVG Secure Search
    [-] Sleutel verwijderd: HKU\.DEFAULT\Software\Auslogics
    [-] Sleutel verwijderd: HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\IGearSettings
    [-] Sleutel verwijderd: HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\delta
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\Lizardlink
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\SweetIM
    [#] Sleutel verwijderd tijdens herstart: HKU\S-1-5-18\Software\AVG Secure Search
    [#] Sleutel verwijderd tijdens herstart: HKU\S-1-5-18\Software\Auslogics
    [#] Sleutel verwijderd tijdens herstart: HKCU\Software\IGearSettings
    [#] Sleutel verwijderd tijdens herstart: HKCU\Software\delta
    [-] Sleutel verwijderd: HKLM\SOFTWARE\AVG Secure Search
    [-] Sleutel verwijderd: HKLM\SOFTWARE\delta
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\Lizardlink
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\SweetIM
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\IGearSettings
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\delta
    [-] Sleutel verwijderd: [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
    [-] Sleutel verwijderd: HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\Microsoft\Internet Explorer\SearchScopes\9B749E3A876B47DE85CA31AF867EF310
    [-] Sleutel verwijderd: HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
    [#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\9B749E3A876B47DE85CA31AF867EF310
    [#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\9B749E3A876B47DE85CA31AF867EF310
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\superfish.com
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.avg.com
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchgol.com
    [-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\superfish.com
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.avg.com
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchgol.com
    [#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
    [-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE


    ***** [ Browsers ] *****

    [-] [C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: isearch.avg.com
    [-] [C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: search.mywebsearch.com
    [-] [C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: searchgol.com


    *************************

    :: "Tracing" sleutels verwijderd
    :: Winsock instellingen gereset

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [9181 bytes] - [17/04/2017 15:35:17]
    C:\AdwCleaner\AdwCleaner[S0].txt - [8700 bytes] - [17/04/2017 15:34:49]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [9327 bytes] ##########

  2. #2

    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows Vista Home Premium
    Firewall
    Berichten
    140
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.18616
    Run by johan at 15:39:25 on 2017-04-17
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4007.2558 [GMT 2:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
    C:\Windows\system32\WLANExt.exe
    C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    C:\Windows\system32\svchost.exe -k bthsvcs
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Windows\system32\CxAudMsg64.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
    C:\Windows\System32\svchost.exe -k utcsvc
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\PHotkey\PHotkey.exe
    C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
    C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
    c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\PHotkey\ATouch64.exe
    C:\Program Files (x86)\PHotkey\PVDesktop.exe
    C:\Program Files (x86)\PHotkey\PVDAgent.exe
    C:\Program Files (x86)\PHotkey\POSD.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    C:\Program Files (x86)\PHotkey\HCSynApi.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.be/
    uDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    BHO: Browsing Protection by F-Secure: {45BBE08D-81C5-4A67-AF20-B2A077C67747} -
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    mRun: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
    mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
    IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: NameServer = 195.130.130.5 195.130.131.5
    TCP: Interfaces\{D4ECBD93-2721-4AC3-95B0-64293A4227C1} : DHCPNameServer = 195.130.130.5 195.130.131.5
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
    x64-BHO: Browsing Protection by F-Secure: {45BBE08D-81C5-4A67-AF20-B2A077C67747} -
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
    x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
    x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    x64-IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 fsbts;fsbts;C:\Windows\System32\drivers\fsbts.sys [2015-8-18 73928]
    R0 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-11 119512]
    R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-11-10 28992]
    R2 AMPPALR3;Intel∆ Centrino∆ Wireless Bluetooth∆ 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-9-15 1166848]
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-5-19 921664]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-5-19 995392]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2015-3-18 822496]
    R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-11-10 198784]
    R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-4-14 70952]
    R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-4-14 312616]
    R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
    R2 GFNEXSrv;GFNEX Service;C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2011-11-10 156672]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-10 13592]
    R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-9-28 25824]
    R2 PEGAGFN;PEGAGFN;C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2011-11-10 14344]
    R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-11-17 386344]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-8 534184]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-10 2655768]
    R3 AMPPAL;Intel∆ Centrino∆ Wireless Bluetooth∆ 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-9-15 299008]
    R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-5-19 1335360]
    R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\System32\drivers\btmaud.sys [2011-5-19 51712]
    R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-5-19 53248]
    R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-7-20 282624]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-11-17 31216]
    R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-7-20 59904]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-10 317440]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-9-9 25496]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-11-3 76912]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-4-13 87552]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-4-13 207872]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2014-10-8 766632]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2014-10-8 273576]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2014-10-8 29352]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2014-10-8 23208]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-8 211104]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-3-20 105096]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-3-20 125064]
    S2 FSORSPClient;F-Secure ORSP Client;"C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe" --> C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe [?]
    S3 AMPPALP;Intel∆ Centrino∆ Wireless Bluetooth∆ 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-9-15 299008]
    S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2009-10-23 46592]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-3-17 114688]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-9-9 34200]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-9-16 340240]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-19 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== Created Last 30 ================
    .
    2017-04-17 13:33:32 -------- d-----w- C:\AdwCleaner
    2017-04-17 13:10:30 -------- d-----w- C:\$RECYCLE.BIN
    2017-04-17 12:08:25 98816 ----a-w- C:\Windows\sed.exe
    2017-04-17 12:08:25 256000 ----a-w- C:\Windows\PEV.exe
    2017-04-17 12:08:25 208896 ----a-w- C:\Windows\MBR.exe
    2017-04-17 11:16:04 -------- d-----w- C:\ProgramData\Western Digital
    2017-04-15 05:51:05 12774864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA0AEA07-9D91-464D-A2C5-8E26DD14D2AE}\mpengine.dll
    2017-04-09 14:00:10 -------- d-----w- C:\Windows\pss
    2017-04-05 17:59:58 -------- d-----w- C:\Users\johan\AppData\Local\{F74FF76B-26E9-4D40-B5F4-F5E594888F7D}
    2017-04-02 05:46:26 18441472 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
    2017-03-20 08:43:41 -------- d-----w- C:\Users\johan\AppData\Local\FSDART
    2017-03-19 22:48:06 28352 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
    2017-03-19 22:48:06 19112 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
    2017-03-19 22:48:06 19112 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
    2017-03-19 22:48:06 19112 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
    2017-03-19 22:41:38 30400 ----a-w- C:\Windows\System32\aspnet_counters.dll
    2017-03-19 22:41:38 19112 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
    2017-03-19 22:41:38 19112 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
    2017-03-19 22:41:38 19112 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
    2017-03-19 19:27:02 -------- d-----w- C:\Users\johan\AppData\Local\ElevatedDiagnostics
    2017-03-19 08:58:44 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
    2017-03-19 08:58:42 142336 ----a-w- C:\Windows\System32\poqexec.exe
    .
    ==================== Find3M ====================
    .
    2017-04-16 20:59:48 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2017-04-09 19:54:33 802904 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2017-04-09 19:54:33 144472 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2017-03-04 08:20:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2017-03-04 08:20:25 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2017-03-04 08:02:55 66560 ----a-w- C:\Windows\System32\iesetup.dll
    2017-03-04 08:01:53 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2017-03-04 08:01:44 417792 ----a-w- C:\Windows\System32\html.iec
    2017-03-04 08:01:17 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2017-03-04 08:01:04 576512 ----a-w- C:\Windows\System32\vbscript.dll
    2017-03-04 07:45:30 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2017-03-04 07:45:29 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
    2017-03-04 07:45:10 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
    2017-03-04 07:36:13 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2017-03-04 07:31:29 6045696 ----a-w- C:\Windows\System32\jscript9.dll
    2017-03-04 07:23:20 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2017-03-04 06:52:51 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2017-03-04 06:52:32 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
    2017-03-04 06:25:31 3241984 ----a-w- C:\Windows\System32\wininet.dll
    2017-03-02 18:16:41 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2017-03-02 18:02:16 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2017-03-02 18:01:48 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2017-03-02 18:01:30 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2017-03-02 18:01:15 341504 ----a-w- C:\Windows\SysWow64\html.iec
    2017-03-02 18:00:12 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2017-03-02 17:50:05 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2017-03-02 17:49:46 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2017-03-02 17:36:33 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2017-03-02 17:22:27 4604416 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2017-03-02 17:17:43 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2017-03-02 17:17:33 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2017-03-02 16:53:59 2767360 ----a-w- C:\Windows\SysWow64\wininet.dll
    2017-02-22 23:42:18 84712 ----a-w- C:\Windows\System32\CompatTelRunner.exe
    2017-02-22 23:37:25 1285632 ----a-w- C:\Windows\System32\aeinv.dll
    2017-02-18 14:05:27 646656 ----a-w- C:\Windows\System32\generaltel.dll
    2017-02-18 14:05:27 1609216 ----a-w- C:\Windows\System32\appraiser.dll
    2017-02-11 15:58:19 462848 ----a-w- C:\Windows\System32\drivers\srv.sys
    2017-02-11 15:58:11 405504 ----a-w- C:\Windows\System32\drivers\srv2.sys
    2017-02-11 15:58:06 168960 ----a-w- C:\Windows\System32\drivers\srvnet.sys
    2017-02-10 16:32:31 803328 ----a-w- C:\Windows\System32\usp10.dll
    2017-02-10 16:32:19 405504 ----a-w- C:\Windows\System32\gdi32.dll
    2017-02-10 16:17:38 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
    2017-02-10 16:17:36 628736 ----a-w- C:\Windows\SysWow64\usp10.dll
    2017-02-10 14:33:08 1251328 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2017-02-09 16:36:44 631176 ----a-w- C:\Windows\System32\winresume.efi
    2017-02-09 16:35:44 706792 ----a-w- C:\Windows\System32\winload.efi
    2017-02-09 16:35:43 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2017-02-09 16:35:43 5548264 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2017-02-09 16:35:43 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2017-02-09 16:33:37 1732864 ----a-w- C:\Windows\System32\ntdll.dll
    2017-02-09 16:31:59 316928 ----a-w- C:\Windows\System32\msv1_0.dll
    2017-02-09 16:19:22 4000488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2017-02-09 16:19:22 3945192 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2017-02-09 16:16:53 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2017-02-09 16:03:10 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
    2017-02-09 16:03:05 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
    2017-02-09 16:03:05 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
    2017-02-09 16:02:22 64000 ----a-w- C:\Windows\System32\auditpol.exe
    2017-02-09 16:00:44 3220480 ----a-w- C:\Windows\System32\win32k.sys
    2017-02-09 15:59:23 338432 ----a-w- C:\Windows\System32\conhost.exe
    2017-02-09 15:58:29 296960 ----a-w- C:\Windows\System32\rstrui.exe
    2017-02-09 15:55:48 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2017-02-09 15:55:13 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2017-02-09 15:55:12 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2017-02-09 15:54:29 30720 ----a-w- C:\Windows\System32\lsass.exe
    2017-02-09 15:54:25 112640 ----a-w- C:\Windows\System32\smss.exe
    2017-02-09 15:53:33 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
    2017-02-09 15:51:50 32768 ----a-w- C:\Windows\SysWow64\WcsPlugInService.dll
    2017-02-09 15:50:03 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2017-02-09 15:50:02 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2017-02-09 15:50:01 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2017-02-09 15:50:00 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2017-02-09 15:49:15 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
    2017-02-09 15:49:08 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2017-02-09 15:49:08 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2017-02-09 15:49:08 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2017-02-09 15:49:08 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2017-02-09 14:06:01 1648128 ----a-w- C:\Windows\System32\DWrite.dll
    2017-02-09 14:06:01 1180160 ----a-w- C:\Windows\System32\FntCache.dll
    2017-02-06 16:14:01 733696 ----a-w- C:\Windows\HelpPane.exe
    .
    ============= FINISH: 15:49:42,83 ===============


    GMER 2.2.19882 - http://www.gmer.net
    Rootkit scan 2017-04-17 15:58:24
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST950042 rev.0002 465,76GB
    Running: 9wt5pljx.exe; Driver: C:\Users\johan\AppData\Local\Temp\pwdoypow.sys


    ---- User code sections - GMER 2.2 ----

    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769d1401 2 bytes JMP 7508b233 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769d1419 2 bytes JMP 7508b35e C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769d1431 2 bytes JMP 75109149 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769d144a 2 bytes CALL 75064885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769d14dd 2 bytes JMP 75108a42 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769d14f5 2 bytes JMP 75108c18 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769d150d 2 bytes JMP 75108938 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769d1525 2 bytes JMP 75108d02 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769d153d 2 bytes JMP 7507fcc0 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769d1555 2 bytes JMP 75086907 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769d156d 2 bytes JMP 75109201 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769d1585 2 bytes JMP 75108d62 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769d159d 2 bytes JMP 751088fc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769d15b5 2 bytes JMP 7507fd59 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769d15cd 2 bytes JMP 7508b2f4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769d16b2 2 bytes JMP 751090c4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe[1692] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769d16bd 2 bytes JMP 75108891 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769d1401 2 bytes JMP 7508b233 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769d1419 2 bytes JMP 7508b35e C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769d1431 2 bytes JMP 75109149 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769d144a 2 bytes CALL 75064885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769d14dd 2 bytes JMP 75108a42 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769d14f5 2 bytes JMP 75108c18 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769d150d 2 bytes JMP 75108938 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769d1525 2 bytes JMP 75108d02 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769d153d 2 bytes JMP 7507fcc0 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769d1555 2 bytes JMP 75086907 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769d156d 2 bytes JMP 75109201 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769d1585 2 bytes JMP 75108d62 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769d159d 2 bytes JMP 751088fc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769d15b5 2 bytes JMP 7507fd59 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769d15cd 2 bytes JMP 7508b2f4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769d16b2 2 bytes JMP 751090c4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769d16bd 2 bytes JMP 75108891 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769d1401 2 bytes JMP 7508b233 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769d1419 2 bytes JMP 7508b35e C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769d1431 2 bytes JMP 75109149 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769d144a 2 bytes CALL 75064885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769d14dd 2 bytes JMP 75108a42 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769d14f5 2 bytes JMP 75108c18 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769d150d 2 bytes JMP 75108938 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769d1525 2 bytes JMP 75108d02 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769d153d 2 bytes JMP 7507fcc0 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769d1555 2 bytes JMP 75086907 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769d156d 2 bytes JMP 75109201 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769d1585 2 bytes JMP 75108d62 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769d159d 2 bytes JMP 751088fc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769d15b5 2 bytes JMP 7507fd59 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769d15cd 2 bytes JMP 7508b2f4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769d16b2 2 bytes JMP 751090c4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe[4444] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769d16bd 2 bytes JMP 75108891 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769d1401 2 bytes JMP 7508b233 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769d1419 2 bytes JMP 7508b35e C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769d1431 2 bytes JMP 75109149 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769d144a 2 bytes CALL 75064885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769d14dd 2 bytes JMP 75108a42 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769d14f5 2 bytes JMP 75108c18 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769d150d 2 bytes JMP 75108938 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769d1525 2 bytes JMP 75108d02 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769d153d 2 bytes JMP 7507fcc0 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769d1555 2 bytes JMP 75086907 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769d156d 2 bytes JMP 75109201 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769d1585 2 bytes JMP 75108d62 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769d159d 2 bytes JMP 751088fc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769d15b5 2 bytes JMP 7507fd59 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769d15cd 2 bytes JMP 7508b2f4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769d16b2 2 bytes JMP 751090c4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[4272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769d16bd 2 bytes JMP 75108891 C:\Windows\syswow64\kernel32.dll

    ---- Registry - GMER 2.2 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{28CACDA7-4976-4DD1-88F7-C37BA1459A13}\Connection@Name isatap.{93A4460B-9637-44BC-9240-02C45D809484}
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind \Device\{462FCD5F-E031-4FFD-BDC6-BAAF59E07A3F}?\Device\{28CACDA7-4976-4DD1-88F7-C37BA1459A13}?\Device\{2475D5B5-59BE-47A6-A248-BFE6BD41ADE0}?\Device\{53CB0292-2946-4673-BFC0-3805F44FC245}?\Device\{0E66F97A-E7E2-4E56-B7CB-4833AF1785F9}?
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{462FCD5F-E031-4FFD-BDC6-BAAF59E07A3F}"?"{28CACDA7-4976-4DD1-88F7-C37BA1459A13}"?"{2475D5B5-59BE-47A6-A248-BFE6BD41ADE0}"?"{53CB0292-2946-4673-BFC0-3805F44FC245}"?"{0E66F97A-E7E2-4E56-B7CB-4833AF1785F9}"?
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{462FCD5F-E031-4FFD-BDC6-BAAF59E07A3F}?\Device\TCPIP6TUNNEL_{28CACDA7-4976-4DD1-88F7-C37BA1459A13}?\Device\TCPIP6TUNNEL_{2475D5B5-59BE-47A6-A248-BFE6BD41ADE0}?\Device\TCPIP6TUNNEL_{53CB0292-2946-4673-BFC0-3805F44FC245}?\Device\TCPIP6TUNNEL_{0E66F97A-E7E2-4E56-B7CB-4833AF1785F9}?
    Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{28CACDA7-4976-4DD1-88F7-C37BA1459A13}@InterfaceName isatap.{93A4460B-9637-44BC-9240-02C45D809484}
    Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{28CACDA7-4976-4DD1-88F7-C37BA1459A13}@ReusableType 0
    Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{462FCD5F-E031-4FFD-BDC6-BAAF59E07A3F}@InterfaceName isatap.{0904F159-C454-480C-BBB4-4250F4D5B881}
    Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{462FCD5F-E031-4FFD-BDC6-BAAF59E07A3F}@ReusableType 0

    ---- Disk sectors - GMER 2.2 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- EOF - GMER 2.2 ----

  3. #3

    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows Vista Home Premium
    Firewall
    Berichten
    140
    Update:

    Het firewall - en internetprobleem kreeg ik toch opeens opgelost door heel wat commando's uit te voeren in opdrachtprompt.
    Ik krijg opnieuw mijn IP via DHCP, wat voorheen een probleem was.

    Mag dus afgesloten worden!

  4. #4
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Download de Farbar Recovery Scan Tool 32 of 64 bit van ťťn van de onderstaande links

    Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

    Farbar Recovery Scan Tool uitvoeren
    • Dubbelklik op FRST.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
    • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
    • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
    • Voeg beide logbestanden als bijlage toe aan het volgende bericht.

  5. #5

    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows Vista Home Premium
    Firewall
    Berichten
    140
    Juisterr,

    Het probleem is ondertussen opgelost. Toch nog eens de Farbar Recovery Scan Tool laten lopen omdat er wat dingen in de logs zitten?

  6. #6
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Niet onverstandig gezien de uitslagen in de vorige logjes.

  7. #7

    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows Vista Home Premium
    Firewall
    Berichten
    140
    Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17-04-2017 01
    Gestart door johan (Beheerder) op JOHAN-PC (18-04-2017 18:21:52)
    Gestart vanaf C:\Users\johan\Downloads
    Geladen Profielen: johan (Beschikbare Profielen: UpdatusUser & johan & Gast)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
    Internet Explorer Versie 11 (Standaardbrowser: Chrome)
    Boot Modus: Normal
    Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processen (gefilterd) =================

    (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    () C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
    () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
    (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    () C:\Program Files (x86)\PHotkey\PHotkey.exe
    () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
    () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
    (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
    () C:\Program Files (x86)\PHotkey\PVDesktop.exe
    () C:\Program Files (x86)\PHotkey\PVDAgent.exe
    () C:\Program Files (x86)\PHotkey\POsd.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe

    ==================== Register (gefilterd) ====================

    (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

    HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated)
    HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
    HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
    HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
    HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
    HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
    HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-31] (CyberLink Corp.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand

    ==================== Internet (gefilterd) ====================

    (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

    Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5
    Tcpip\..\Interfaces\{B2DF4614-EADB-4BBD-A393-280439F6C9BE}: [DhcpNameServer] 195.130.131.5 195.130.130.5

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
    HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.be/
    HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1605064705-3519875545-3396432865-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-1605064705-3519875545-3396432865-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
    BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll => Geen bestand
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-07] (Sun Microsystems, Inc.)
    BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll => Geen bestand
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-07] (Sun Microsystems, Inc.)
    Toolbar: HKU\S-1-5-21-1605064705-3519875545-3396432865-1001 -> Geen Naam - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Geen bestand
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Geen bestand

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi => niet gevonden
    FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi => niet gevonden
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll [2014-05-03] ()
    FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-07] (Sun Microsystems, Inc.)
    FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll [2014-05-03] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2012-03-22] (Google, Inc.)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-07] (Sun Microsystems, Inc.)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-1605064705-3519875545-3396432865-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\johan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

    Chrome:
    =======
    CHR Profile: C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default [2017-04-18]
    CHR Extension: (Google Presentaties) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-17]
    CHR Extension: (Google Documenten) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-17]
    CHR Extension: (Google Drive) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-03]
    CHR Extension: (YouTube) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-03]
    CHR Extension: (Jjfohome) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhbdlpofpkljkoioobicmghhlopbkbhm [2016-10-01]
    CHR Extension: (Google Spreadsheets) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-17]
    CHR Extension: (Offline Documenten) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-17]
    CHR Extension: (Search by F-Secure) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkmikccifolokanfakbeadbmgchomeli [2017-03-17]
    CHR Extension: (Audibeep) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdcebkpmdmmhpbblkljjhfppngnmognp [2016-04-23]
    CHR Extension: (Browsing Protection by F-Secure) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2017-03-17]
    CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
    CHR Extension: (Gmail) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-03]
    CHR Extension: (Chrome Media Router) - C:\Users\johan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-04]
    CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx
    CHR HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\Telenet Security Pack\apps\SafeSearch\Chrome\main.crx <niet gevonden>
    CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (gefilterd) ====================

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
    R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [Bestand niet getekend]
    R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [Bestand niet getekend]
    R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [Bestand niet getekend]
    R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
    R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
    R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-14] () [Bestand niet getekend]
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
    R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S3 FSMA; "C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Common\FSMA32.EXE" [X]
    S2 FSORSPClient; "C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Reputation\fsorsp.exe" [X]

    ===================== Drivers (gefilterd) ======================

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
    R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [73928 2016-07-06] ()
    R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
    S3 catchme; \??\C:\ComboFix\catchme.sys [X]
    S3 F-Secure Gatekeeper; \??\C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [X]
    S1 F-Secure HIPS; \??\C:\Program Files (x86)\Telenet Security Pack\apps\ComputerSecurity\HIPS\drivers\fshs.sys [X]
    S3 fsni; \??\C:\Program Files (x86)\Telenet Security Pack\apps\CCF_Scanning\bin\fsni64.sys [X]

    ==================== NetSvcs (gefilterd) ===================

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    ==================== Een Maand Aangemaakt bestanden en mappen ========

    (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

    2017-04-18 18:21 - 2017-04-18 18:22 - 00017436 _____ C:\Users\johan\Downloads\FRST.txt
    2017-04-18 18:21 - 2017-04-18 18:21 - 00000000 ____D C:\FRST
    2017-04-18 18:20 - 2017-04-18 18:21 - 02424832 _____ (Farbar) C:\Users\johan\Downloads\FRST64.exe
    2017-04-17 20:32 - 2017-04-17 20:33 - 00000000 ____D C:\Users\johan\Documents\Oplossing WIFI DHCP
    2017-04-17 18:58 - 2017-04-17 20:15 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2017-04-17 18:57 - 2017-04-17 18:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2017-04-17 18:57 - 2017-04-17 18:57 - 00002051 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2017-04-17 18:17 - 2017-04-17 18:25 - 00000000 ____D C:\Program Files (x86)\TeamViewer
    2017-04-17 18:17 - 2017-04-17 18:17 - 13189504 _____ (TeamViewer GmbH) C:\Users\johan\Downloads\TeamViewer_Setup_nl.exe
    2017-04-17 18:17 - 2017-04-17 18:17 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
    2017-04-17 18:17 - 2017-04-17 18:17 - 00001039 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
    2017-04-17 18:17 - 2017-04-17 18:17 - 00000000 ____D C:\Users\johan\AppData\Roaming\TeamViewer
    2017-04-17 18:07 - 2017-04-17 18:07 - 00000000 ____D C:\Users\johan\AppData\Local\CEF
    2017-04-17 18:04 - 2017-04-17 18:04 - 06903192 _____ (AVAST Software) C:\Users\johan\Downloads\avast_free_antivirus_setup_online.exe
    2017-04-17 17:52 - 2017-04-17 17:52 - 00000000 ____D C:\Users\johan\Downloads\Wireless_18.11.0_Ds64
    2017-04-17 17:52 - 2017-04-17 17:52 - 00000000 ____D C:\Dell
    2017-04-17 17:52 - 2017-04-17 17:50 - 16395650 _____ C:\Users\johan\Downloads\Wireless_18.11.0_Ds64.zip
    2017-04-17 17:26 - 2017-04-17 17:26 - 00000000 ____D C:\Users\johan\Desktop\comintrep
    2017-04-17 16:00 - 2017-04-17 16:00 - 00025328 _____ C:\Users\johan\Desktop\mbam.txt
    2017-04-17 15:50 - 2017-04-17 15:50 - 00022400 _____ C:\Users\johan\Desktop\dds.txt
    2017-04-17 15:50 - 2017-04-17 15:50 - 00006557 _____ C:\Users\johan\Desktop\attach.txt
    2017-04-17 15:35 - 2017-04-17 15:35 - 00009466 _____ C:\Users\johan\Desktop\AdwCleaner[C0].txt
    2017-04-17 15:34 - 2017-04-17 15:34 - 00008700 _____ C:\Users\johan\Desktop\AdwCleaner[S0].txt
    2017-04-17 15:33 - 2017-04-17 16:02 - 00000000 ____D C:\AdwCleaner
    2017-04-17 15:33 - 2017-04-17 15:33 - 00000000 _____ C:\Users\johan\defogger_reenable
    2017-04-17 15:32 - 2017-04-17 14:19 - 04089296 _____ C:\Users\johan\Desktop\adwcleaner_6.045.exe
    2017-04-17 15:32 - 2017-04-17 14:19 - 00688992 ____R (Swearware) C:\Users\johan\Desktop\dds.com
    2017-04-17 15:32 - 2017-04-17 14:19 - 00380928 _____ C:\Users\johan\Desktop\9wt5pljx.exe
    2017-04-17 15:32 - 2017-04-17 14:18 - 00050477 _____ C:\Users\johan\Desktop\Defogger.exe
    2017-04-17 15:29 - 2017-04-17 15:29 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Virtual Desktop Manager
    2017-04-17 15:27 - 2017-04-17 15:27 - 00001405 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000020 ___SH C:\Users\Gast\ntuser.ini
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\Sjablonen
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\Netwerkprinteromgeving
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\Mijn documenten
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\Menu Start
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\Documents\Mijn video's
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\Documents\Mijn muziek
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\Documents\Mijn afbeeldingen
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Geschiedenis
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Intel
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\Power2Go
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
    2017-04-17 15:27 - 2017-04-17 15:27 - 00000000 ____D C:\Users\Gast
    2017-04-17 15:27 - 2015-04-12 07:25 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Garmin
    2017-04-17 15:27 - 2015-04-12 07:25 - 00000000 ____D C:\Users\Gast\AppData\Local\Garmin_Ltd._or_its_subsid
    2017-04-17 15:27 - 2013-01-31 09:16 - 00000000 ____D C:\Users\Gast\AppData\Roaming\TuneUp Software
    2017-04-17 15:27 - 2011-11-17 13:21 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomeCinema
    2017-04-17 15:27 - 2011-11-07 18:44 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
    2017-04-17 15:27 - 2011-04-12 10:28 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Media Center Programs
    2017-04-17 15:16 - 2017-04-17 15:16 - 00030829 _____ C:\ComboFix.txt
    2017-04-17 14:08 - 2017-04-17 15:16 - 00000000 ____D C:\Qoobox
    2017-04-17 14:08 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
    2017-04-17 14:08 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
    2017-04-17 14:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
    2017-04-17 14:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
    2017-04-17 14:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
    2017-04-17 14:08 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
    2017-04-17 14:08 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
    2017-04-17 14:08 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
    2017-04-17 14:07 - 2017-04-17 15:14 - 00000000 ____D C:\Windows\erdnt
    2017-04-17 14:06 - 2017-04-17 14:05 - 05659609 ____R (Swearware) C:\Users\johan\Desktop\ComboFix.exe
    2017-04-17 13:51 - 2017-04-17 13:49 - 00346950 _____ C:\Users\johan\Downloads\SharedAccess.reg
    2017-04-17 13:19 - 2017-04-17 13:11 - 00214174 _____ C:\Users\johan\Downloads\WindowsFirewall.diagcab
    2017-04-17 13:16 - 2017-04-17 13:16 - 00000000 ____D C:\ProgramData\Western Digital
    2017-04-15 13:49 - 2017-04-15 13:49 - 01004025 _____ C:\Users\johan\Downloads\NIEUWSBRIEF 15 apr 17.pdf
    2017-04-15 13:48 - 2017-04-15 13:48 - 01201768 _____ (Adobe Systems Incorporated) C:\Users\johan\Downloads\flashplayer25ppau_ga_install.exe
    2017-04-13 08:07 - 2017-04-13 08:07 - 00022253 _____ C:\Users\johan\Downloads\Nummers vanaf 22-04-2017.xlsx
    2017-04-13 08:06 - 2017-04-13 08:06 - 00034830 _____ C:\Users\johan\Downloads\LOTTO MULTI 7.xlsx
    2017-04-11 09:02 - 2017-04-11 09:02 - 07156697 _____ C:\Users\johan\Downloads\20170324-folderlakosta-2017.pdf
    2017-04-09 21:54 - 2017-04-09 21:54 - 00004584 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2017-04-09 21:33 - 2017-04-09 21:33 - 00774226 _____ C:\Users\johan\Downloads\AdobeFlashPlayer_25_a_install.dmg
    2017-04-09 16:00 - 2017-04-16 22:56 - 00000000 ____D C:\Windows\pss
    2017-04-08 07:11 - 2017-04-08 07:12 - 01005472 _____ C:\Users\johan\Downloads\NIEUWSBRIEF 07 apr 17.pdf
    2017-04-08 07:09 - 2017-04-08 07:09 - 00908265 _____ C:\Users\johan\Downloads\NIEUWSBRIEF VIAENE Nine.pdf
    2017-04-07 19:22 - 2017-04-07 19:22 - 04529339 _____ C:\Users\johan\Downloads\tas kijken141.mp4
    2017-04-07 19:21 - 2017-04-07 19:21 - 04979678 _____ C:\Users\johan\Downloads\IMG_0173.MP4
    2017-04-07 08:55 - 2017-04-07 08:55 - 01102731 _____ C:\Users\johan\Downloads\INTERVIEW CLUBLID 2017 Johan Delameilleure.pdf
    2017-04-06 15:37 - 2017-04-06 15:37 - 00233623 _____ C:\Users\johan\Downloads\Unibet Live Voetbal Kijken en Live Wedden.html
    2017-04-06 15:37 - 2017-04-06 15:37 - 00000000 ____D C:\Users\johan\Downloads\Unibet Live Voetbal Kijken en Live Wedden_files
    2017-04-05 19:59 - 2017-04-05 19:59 - 00000000 ____D C:\Users\johan\AppData\Local\{F74FF76B-26E9-4D40-B5F4-F5E594888F7D}
    2017-04-02 18:09 - 2017-04-02 18:09 - 01015055 _____ C:\Users\johan\Downloads\NIEUWSBRIEF 31 maa 17.pdf
    2017-03-29 14:09 - 2017-03-29 14:15 - 02349133 _____ C:\Users\johan\Desktop\fsdiag2.7z
    2017-03-29 13:48 - 2017-03-29 13:48 - 00882656 _____ (F-Secure Corporation) C:\Users\johan\Downloads\TelenetSecurityPack_ABVE-GGDF-JUK8-JXZR-50CY_ (5).exe
    2017-03-29 13:38 - 2017-03-29 13:38 - 00172040 _____ C:\Users\johan\Desktop\fsdiag.7z
    2017-03-29 13:22 - 2017-03-29 13:22 - 00882656 _____ (F-Secure Corporation) C:\Users\johan\Downloads\TelenetSecurityPack_ABVE-GGDF-JUK8-JXZR-50CY_ (4).exe
    2017-03-29 13:22 - 2017-03-29 13:22 - 00882656 _____ (F-Secure Corporation) C:\Users\johan\Downloads\TelenetSecurityPack_ABVE-GGDF-JUK8-JXZR-50CY_ (3).exe
    2017-03-29 13:21 - 2017-03-29 13:21 - 00882656 _____ (F-Secure Corporation) C:\Users\johan\Downloads\TelenetSecurityPack_ABVE-GGDF-JUK8-JXZR-50CY_ (2).exe
    2017-03-29 13:20 - 2017-03-29 13:20 - 00882656 _____ (F-Secure Corporation) C:\Users\johan\Downloads\TelenetSecurityPack_ABVE-GGDF-JUK8-JXZR-50CY_ (1).exe
    2017-03-26 09:02 - 2017-03-26 09:02 - 01014182 _____ C:\Users\johan\Downloads\NIEUWSBRIEF 25 maa 17 (1).pdf
    2017-03-25 20:21 - 2017-03-25 20:21 - 01014182 _____ C:\Users\johan\Downloads\NIEUWSBRIEF 25 maa 17.pdf
    2017-03-21 08:13 - 2017-03-21 08:13 - 01201256 _____ (Adobe Systems Incorporated) C:\Users\johan\Downloads\flashplayer25axau_ga_install.exe
    2017-03-20 20:10 - 2017-03-20 20:10 - 02422784 _____ C:\Users\johan\Downloads\Op onze vriendschap1 (1).pps
    2017-03-20 16:57 - 2017-03-20 16:57 - 02422784 _____ C:\Users\johan\Downloads\Op onze vriendschap1.pps
    2017-03-20 11:01 - 2017-04-17 12:50 - 00002116 _____ C:\Users\Public\Desktop\Telenet Security Pack.lnk
    2017-03-20 10:57 - 2017-03-20 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telenet Security Pack
    2017-03-20 10:43 - 2017-03-20 11:11 - 00000000 ____D C:\Users\johan\AppData\Local\FSDART
    2017-03-20 10:40 - 2017-03-20 10:40 - 00882656 _____ (F-Secure Corporation) C:\Users\johan\Downloads\TelenetSecurityPack_ABVE-GGDF-JUK8-JXZR-50CY_.exe
    2017-03-20 10:17 - 2017-03-20 10:17 - 00000062 _____ C:\Users\johan\Desktop\Rouwcentrum Decombele Torhout.url
    2017-03-20 00:48 - 2017-03-20 00:48 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
    2017-03-20 00:48 - 2017-03-20 00:48 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
    2017-03-20 00:48 - 2017-03-20 00:48 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
    2017-03-20 00:48 - 2017-03-20 00:48 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
    2017-03-20 00:41 - 2017-03-20 00:41 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
    2017-03-20 00:41 - 2017-03-20 00:41 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
    2017-03-20 00:41 - 2017-03-20 00:41 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
    2017-03-20 00:41 - 2017-03-20 00:41 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll
    2017-03-19 22:19 - 2017-03-19 22:19 - 00000055 _____ C:\Users\johan\Desktop\ECW PHOTO.url
    2017-03-19 21:27 - 2017-04-17 13:20 - 00000000 ____D C:\Users\johan\AppData\Local\ElevatedDiagnostics
    2017-03-19 21:22 - 2017-03-19 21:22 - 00000017 _____ C:\Users\johan\AppData\Local\resmon.resmoncfg
    2017-03-19 10:58 - 2016-07-22 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2017-03-19 10:58 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

    ==================== Een Maand Gewijzigd bestanden en mappen ========

    (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

    2017-04-18 18:20 - 2012-04-17 13:12 - 00000000 ____D C:\Users\johan\Documents\Youcam
    2017-04-18 18:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2017-04-17 20:34 - 2009-07-14 06:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2017-04-17 20:34 - 2009-07-14 06:45 - 00024800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2017-04-17 20:29 - 2009-07-14 07:08 - 00032594 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2017-04-17 20:15 - 2012-12-28 17:14 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2017-04-17 20:15 - 2012-12-28 17:14 - 00004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2017-04-17 20:15 - 2011-11-07 18:44 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2017-04-17 20:14 - 2011-11-07 18:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
    2017-04-17 20:14 - 2011-11-07 18:44 - 00000000 ____D C:\Windows\system32\Macromed
    2017-04-17 18:57 - 2011-11-07 18:44 - 00000000 ____D C:\ProgramData\Adobe
    2017-04-17 18:57 - 2011-11-07 18:44 - 00000000 ____D C:\Program Files (x86)\Adobe
    2017-04-17 18:35 - 2012-04-17 13:12 - 00099232 _____ C:\Users\johan\AppData\Local\GDIPFONTCACHEV1.DAT
    2017-04-17 18:33 - 2015-06-12 11:53 - 00000000 ____D C:\Program Files\Common Files\AV
    2017-04-17 18:33 - 2013-09-26 19:18 - 00000000 ____D C:\ProgramData\AVAST Software
    2017-04-17 18:33 - 2009-07-14 06:45 - 00394584 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-04-17 18:05 - 2014-05-11 12:17 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2017-04-17 17:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
    2017-04-17 17:39 - 2014-06-11 20:34 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1605064705-3519875545-3396432865-1001UA.job
    2017-04-17 17:37 - 2011-11-04 04:25 - 00746466 _____ C:\Windows\system32\perfh013.dat
    2017-04-17 17:37 - 2011-11-04 04:25 - 00154128 _____ C:\Windows\system32\perfc013.dat
    2017-04-17 17:37 - 2009-07-14 07:13 - 01672576 _____ C:\Windows\system32\PerfStringBackup.INI
    2017-04-17 15:33 - 2012-04-17 13:10 - 00000000 ____D C:\Users\johan
    2017-04-17 15:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
    2017-04-17 15:10 - 2009-07-14 04:34 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts.bak
    2017-04-17 12:50 - 2014-05-11 12:17 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2017-04-17 12:50 - 2013-09-29 11:30 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-04-17 12:50 - 2013-09-29 11:30 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-04-17 12:50 - 2012-05-11 12:04 - 00002595 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
    2017-04-17 12:50 - 2011-11-10 22:06 - 00002056 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
    2017-04-17 12:50 - 2011-11-07 19:44 - 00002649 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medion FastBoot.lnk
    2017-04-17 12:50 - 2011-11-07 18:00 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
    2017-04-17 12:50 - 2011-11-07 18:00 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
    2017-04-17 12:50 - 2011-11-07 17:59 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2017-04-17 12:50 - 2011-11-07 17:57 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2017-04-17 12:50 - 2011-11-07 17:46 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
    2017-04-17 12:50 - 2011-11-04 03:31 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    2017-04-17 12:50 - 2011-11-04 03:31 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    2017-04-17 12:50 - 2011-11-03 23:21 - 00001428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Control Center.lnk
    2017-04-17 12:50 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2017-04-17 12:50 - 2009-07-14 06:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
    2017-04-17 12:50 - 2009-07-14 06:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
    2017-04-17 12:50 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
    2017-04-17 12:50 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
    2017-04-17 12:50 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
    2017-04-17 12:49 - 2013-09-28 09:38 - 00000000 ____D C:\Users\johan\AppData\LocalLow\Delta
    2017-04-17 12:49 - 2012-04-17 13:10 - 00001409 _____ C:\Users\johan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-04-17 12:49 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
    2017-04-17 12:49 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
    2017-04-16 20:39 - 2014-06-11 20:34 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1605064705-3519875545-3396432865-1001Core.job
    2017-04-15 13:48 - 2014-06-17 07:38 - 00000000 ____D C:\Users\johan\AppData\Local\Adobe
    2017-04-14 19:28 - 2011-11-10 21:16 - 00000000 ____D C:\Users\UpdatusUser
    2017-04-12 11:28 - 2013-03-13 12:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2017-04-12 11:28 - 2013-03-13 12:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2017-04-12 09:44 - 2013-03-13 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2017-04-12 09:42 - 2013-08-14 13:47 - 00000000 ____D C:\Windows\system32\MRT
    2017-04-12 09:40 - 2011-11-03 22:34 - 148601744 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2017-04-12 09:38 - 2012-05-11 11:56 - 01647244 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2017-04-12 06:59 - 2012-04-17 13:05 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2017-04-12 06:59 - 2012-04-17 13:05 - 00003360 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2017-03-22 09:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
    2017-03-20 10:46 - 2014-12-30 18:55 - 00000000 ____D C:\Program Files (x86)\Telenet Security Pack
    2017-03-20 10:46 - 2014-12-30 18:54 - 00000000 ____D C:\ProgramData\F-Secure
    2017-03-20 10:40 - 2016-06-02 16:56 - 00000000 ____D C:\Users\johan\AppData\Local\F-Secure

    ==================== Bestanden in de root van sommige mappen =======

    2014-01-21 20:14 - 2016-02-29 18:32 - 0003584 _____ () C:\Users\johan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2012-07-11 18:37 - 2012-07-11 18:37 - 0033758 _____ () C:\Users\johan\AppData\Local\dt.dat
    2017-03-19 21:22 - 2017-03-19 21:22 - 0000017 _____ () C:\Users\johan\AppData\Local\resmon.resmoncfg
    2012-04-18 14:29 - 2012-04-18 14:29 - 0017408 _____ () C:\Users\johan\AppData\Local\WebpageIcons.db

    ==================== Bamital & volsnap ======================

    (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

    C:\Windows\system32\winlogon.exe => Bestand is getekend
    C:\Windows\system32\wininit.exe => Bestand is getekend
    C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
    C:\Windows\explorer.exe => Bestand is getekend
    C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
    C:\Windows\system32\svchost.exe => Bestand is getekend
    C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
    C:\Windows\system32\services.exe => Bestand is getekend
    C:\Windows\system32\User32.dll => Bestand is getekend
    C:\Windows\SysWOW64\User32.dll => Bestand is getekend
    C:\Windows\system32\userinit.exe => Bestand is getekend
    C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
    C:\Windows\system32\rpcss.dll => Bestand is getekend
    C:\Windows\system32\dnsapi.dll => Bestand is getekend
    C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
    C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend

    LastRegBack: 2017-04-14 16:44

    ==================== Eind van FRST.txt ============================

  8. #8

    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows Vista Home Premium
    Firewall
    Berichten
    140
    Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-04-2017 01
    Gestart door johan (18-04-2017 18:22:53)
    Gestart vanaf C:\Users\johan\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) (2012-04-17 11:10:14)
    Boot Modus: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1605064705-3519875545-3396432865-500 - Administrator - Disabled)
    Gast (S-1-5-21-1605064705-3519875545-3396432865-501 - Limited - Disabled) => C:\Users\Gast
    HomeGroupUser$ (S-1-5-21-1605064705-3519875545-3396432865-1020 - Limited - Enabled)
    johan (S-1-5-21-1605064705-3519875545-3396432865-1001 - Administrator - Enabled) => C:\Users\johan
    UpdatusUser (S-1-5-21-1605064705-3519875545-3396432865-1000 - Limited - Enabled) => C:\Users\UpdatusUser

    ==================== Security Center ========================

    (Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== GeÔnstalleerde programma's ======================

    (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
    Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.148 - Adobe Systems Incorporated)
    Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
    Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
    AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
    Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
    Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
    Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
    Computer Security 14.176.101.0 (release) (x32 Version: 14.176.101.0 - F-Secure Corporation) Hidden
    Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.14.50 - Conexant)
    Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
    ContrŰle ActiveX Windows Live Mesh pour connexions ŗ distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
    Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
    Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
    CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
    CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
    CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
    CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
    CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
    CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
    CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
    CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3419a - CyberLink Corp.)
    CyberLink PowerDirector (Version: 9.0.0.3419a - CyberLink Corp.) Hidden
    CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3510.02 - CyberLink Corp.)
    CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
    CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
    CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
    CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1108 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    F-Secure CCF Reputation (x32 Version: 2.1.1342.0 - F-Secure) Hidden
    F-Secure CCF Scanning 1.73.275.1078 (release) (x32 Version: 1.73.275.1078 - F-Secure Corporation) Hidden
    F-Secure Network CCF 1.04.214 (x32 Version: 1.04.214 - F-Secure Corporation) Hidden
    F-Secure SafeSearch 1.11.101.0 (release) (x32 Version: 1.11.101.0 - F-Secure Corporation) Hidden
    GalerŪa fotogrŠfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
    Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
    Intel PROSet Wireless (x32 Version: - ) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2538 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
    Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
    Intel(R) WiDi (HKLM-x32\...\{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}) (Version: 2.2.14.0 - Intel Corporation)
    Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
    IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version: - )
    Java(TM) 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
    Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Malwarebytes Anti-Malware versie 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
    Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
    Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
    Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
    NVIDIA Graphics Driver 285.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.64 - NVIDIA Corporation)
    NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
    Online Safety 2.176.4626.2945 (x32 Version: 2.176.4626.2945 - F-Secure Corporation) Hidden
    OpenOffice 4.0.1 (HKLM-x32\...\{EA9BAE1A-2D68-4160-81E6-14B712435D66}) (Version: 4.01.9714 - Apache Software Foundation)
    PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH)
    PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0045 - Pegatron Corporation)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
    Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.27.1 - Synaptics Incorporated)
    TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
    Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== AANDACHT
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
    Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Mesh ActiveX-vezťrlő tŠvoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)

    ==================== Aangepaste CLSID (gefilterd): ==========================

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    ==================== Geplande Taken (gefilterd) =============

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    Task: {3A77455F-887A-4CE0-A760-F42AD88F68E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-17] (Adobe Systems Incorporated)
    Task: {3F5D0763-9A5F-4C9E-975F-3AE735085914} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_127_pepper.exe [2017-04-09] (Adobe Systems Incorporated)
    Task: {574A2071-6DCE-43C8-9693-430110F10F9B} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2011-11-08] (CyberLink Corp.)
    Task: {6B2B6A2F-73EB-4BF6-8716-ED265E35596B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
    Task: {7F4B0AB0-24D2-4E94-B7A1-0F90891FD949} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {89DFC557-FDC8-4FE2-91EA-394DB257396D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1605064705-3519875545-3396432865-1001Core => C:\Users\johan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-11] (Facebook Inc.)
    Task: {F9DE6F2F-6730-4A2E-A4D8-2574B53BD932} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
    Task: {FC23B47B-F05D-4F2D-BA0A-79AF48CBD3CA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1605064705-3519875545-3396432865-1001UA => C:\Users\johan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-11] (Facebook Inc.)

    (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1605064705-3519875545-3396432865-1001Core.job => C:\Users\johan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1605064705-3519875545-3396432865-1001UA.job => C:\Users\johan\AppData\Local\Facebook\Update\FacebookUpdate.exe

    ==================== Snelkoppelingen =============================

    (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

    ==================== Geladen Modules (gefilterd) ==============

    2011-09-16 03:46 - 2011-09-16 03:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
    2011-11-10 22:15 - 2009-12-19 01:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
    2011-11-10 22:15 - 2011-10-14 00:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
    2011-11-10 22:15 - 2011-10-14 21:06 - 00818688 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
    2011-11-10 22:15 - 2010-01-13 03:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
    2011-11-10 22:15 - 2010-01-13 03:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
    2011-11-10 01:32 - 2011-09-26 00:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2011-09-16 03:46 - 2011-09-16 03:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
    2011-11-17 13:17 - 2010-08-19 18:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    2011-11-10 22:15 - 2010-12-28 00:14 - 00776200 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
    2011-11-10 22:15 - 2011-04-13 00:32 - 00483336 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
    2011-11-10 22:15 - 2011-10-24 23:59 - 03420160 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
    2011-11-10 22:15 - 2009-12-19 01:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
    2011-11-10 22:15 - 2009-12-19 01:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
    2010-08-04 01:39 - 2010-08-04 01:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
    2010-08-04 01:39 - 2010-08-04 01:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
    2016-05-11 17:40 - 2016-05-11 17:40 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\68b50258c65f19990de5179995021e57\IsdiInte rop.ni.dll
    2011-11-10 20:17 - 2011-05-20 20:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

    ==================== Alternate Data Streams (gefilterd) =========

    (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


    ==================== Veilige Modus (gefilterd) ===================

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


    ==================== Bestandskoppeling (gefilterd) ===============

    (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


    ==================== Internet Explorer vertrouwde/beperkte toegang ===============

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


    ==================== Hosts inhoud: ===============================

    (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

    2009-07-14 04:34 - 2017-04-17 17:28 - 00000835 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Andere gebieden ============================

    (Momenteel is er geen automatische fix voor dit onderdeel.)

    HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\johan\AppData\Roaming\Virtual Desktop Manager\PVDesktopWallpaper_2.jpg
    DNS Servers: 195.130.131.5 - 195.130.130.5
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is ingeschakeld.

    ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==


    ==================== Firewall regels (gefilterd) ===============

    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

    FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
    FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
    FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
    FirewallRules: [TCP Query User{76EAC5AA-55AB-4F0F-8248-FD46F5A38480}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Block) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
    FirewallRules: [UDP Query User{3F3B91D2-F414-4547-80E2-C75101CA9AA6}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Block) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
    FirewallRules: [TCP Query User{56868582-6FD2-4C6F-A15C-27CE48BD593B}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{59F16E90-369F-4E1B-AB9F-3D2FA3F34A1F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
    FirewallRules: [{7A1FBDE9-D9D9-4FF0-A197-DEDBA49DB98D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{8718352F-0B22-4E04-ABE2-7CFE07307975}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{2EE9C8FE-1E51-483C-BAE1-93DEA804DEC3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{AC3A75AF-A7F9-443A-ADB0-4ADDE9F0B22B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [TCP Query User{4C0B6432-CBE9-4DD3-AF82-896CBF8FA4E8}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Block) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
    FirewallRules: [UDP Query User{22E1EE45-3CAB-4A02-9F21-33F30CF9D49D}C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe] => (Block) C:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
    FirewallRules: [TCP Query User{B38B3F05-C49A-4BFC-9459-1087A3A165DF}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
    FirewallRules: [UDP Query User{7AC2245D-88E3-41C0-83AF-7BA7DB020335}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

    ==================== Herstelpunten =========================


    ==================== Defecte Apparaatbeheer Apparaten =============

    Name: F-Secure HIPS Driver
    Description: F-Secure HIPS Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: F-Secure HIPS
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    ==================== Eventlog fouten: =========================

    Applicatiefouten:
    ==================
    Error: (04/18/2017 06:30:21 PM) (Source: CVHSVC) (EventID: 100) (User: )
    Description: Alleen informatie.
    (Patch task for {90140011-0066-0413-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-status 403: de client heeft onvoldoende toegangsrechten voor het aangevraagde serverobject.

    Error: (04/18/2017 06:19:46 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
    Description: Problem starting Memeo Background Service :Externe configuratie is mislukt met uitzondering System.Reflection.TargetInvocationException: Het doel van een aanroep heeft een uitzondering veroorzaakt. ---> System.Security.Principal.IdentityNotMappedException: Kan een aantal of alle id-verwijzingen niet omzetten.
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
    bij System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
    --- Einde van intern uitzonderingsstackpad ---
    bij System.RuntimeMethodHandle._InvokeConstructor(Object args, SignatureStruct& signature, IntPtr declaringType)
    bij System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture)
    bij System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object args, CultureInfo culture, Object activationAttributes)
    bij System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
    bij RemoteServerService.MemeoBackgroundService.OnStart(String args)

    Error: (04/17/2017 08:29:22 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
    Description: Problem starting Memeo Background Service :Externe configuratie is mislukt met uitzondering System.Reflection.TargetInvocationException: Het doel van een aanroep heeft een uitzondering veroorzaakt. ---> System.Security.Principal.IdentityNotMappedException: Kan een aantal of alle id-verwijzingen niet omzetten.
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
    bij System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
    --- Einde van intern uitzonderingsstackpad ---
    bij System.RuntimeMethodHandle._InvokeConstructor(Object args, SignatureStruct& signature, IntPtr declaringType)
    bij System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture)
    bij System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object args, CultureInfo culture, Object activationAttributes)
    bij System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
    bij RemoteServerService.MemeoBackgroundService.OnStart(String args)

    Error: (04/17/2017 08:25:20 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
    Description: Problem starting Memeo Background Service :Externe configuratie is mislukt met uitzondering System.Reflection.TargetInvocationException: Het doel van een aanroep heeft een uitzondering veroorzaakt. ---> System.Security.Principal.IdentityNotMappedException: Kan een aantal of alle id-verwijzingen niet omzetten.
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
    bij System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
    --- Einde van intern uitzonderingsstackpad ---
    bij System.RuntimeMethodHandle._InvokeConstructor(Object args, SignatureStruct& signature, IntPtr declaringType)
    bij System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture)
    bij System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object args, CultureInfo culture, Object activationAttributes)
    bij System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
    bij RemoteServerService.MemeoBackgroundService.OnStart(String args)

    Error: (04/17/2017 08:14:46 PM) (Source: CVHSVC) (EventID: 100) (User: )
    Description: Alleen informatie.
    (Patch task for {90140011-0066-0413-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-status 403: de client heeft onvoldoende toegangsrechten voor het aangevraagde serverobject.

    Error: (04/17/2017 08:03:45 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
    Description: Problem starting Memeo Background Service :Externe configuratie is mislukt met uitzondering System.Reflection.TargetInvocationException: Het doel van een aanroep heeft een uitzondering veroorzaakt. ---> System.Security.Principal.IdentityNotMappedException: Kan een aantal of alle id-verwijzingen niet omzetten.
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
    bij System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
    --- Einde van intern uitzonderingsstackpad ---
    bij System.RuntimeMethodHandle._InvokeConstructor(Object args, SignatureStruct& signature, IntPtr declaringType)
    bij System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture)
    bij System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object args, CultureInfo culture, Object activationAttributes)
    bij System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
    bij RemoteServerService.MemeoBackgroundService.OnStart(String args)

    Error: (04/17/2017 08:03:34 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegOpenKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...). hr = 0x80070005, Toegang geweigerd.
    .


    Bewerking:
    Schrijver initialiseren

    Context:
    Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
    Naam van schrijver: System Writer
    Instantie-id van schrijver: {bdc9cd05-09a1-4f28-bd73-ba0713f67676}

    Error: (04/17/2017 06:48:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
    Description: Alleen informatie.
    (Patch task for {90140011-0066-0413-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-status 403: de client heeft onvoldoende toegangsrechten voor het aangevraagde serverobject.

    Error: (04/17/2017 06:34:11 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
    Description: Problem starting Memeo Background Service :Externe configuratie is mislukt met uitzondering System.Reflection.TargetInvocationException: Het doel van een aanroep heeft een uitzondering veroorzaakt. ---> System.Security.Principal.IdentityNotMappedException: Kan een aantal of alle id-verwijzingen niet omzetten.
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
    bij System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
    bij System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
    --- Einde van intern uitzonderingsstackpad ---
    bij System.RuntimeMethodHandle._InvokeConstructor(Object args, SignatureStruct& signature, IntPtr declaringType)
    bij System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture)
    bij System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object args, CultureInfo culture, Object activationAttributes)
    bij System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). bij System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
    bij System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
    bij RemoteServerService.MemeoBackgroundService.OnStart(String args)

    Error: (04/17/2017 06:33:57 PM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegOpenKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...). hr = 0x80070005, Toegang geweigerd.
    .


    Bewerking:
    Schrijver initialiseren

    Context:
    Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
    Naam van schrijver: System Writer
    Instantie-id van schrijver: {5acda2c0-1cc7-4978-9bc1-7a4f76749bd7}


    Systeemfouten:
    =============
    Error: (04/18/2017 06:31:39 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: DCOM kreeg foutmelding '1053' bij het starten van de sdrsvc-service met de argumenten '' om de server
    {687E55CA-6621-4C41-B9F1-C0EDDC94BB05} te starten

    Error: (04/18/2017 06:31:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: De Windows Backup-service kan vanwege de volgende fout niet worden gestart:
    De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.

    Error: (04/18/2017 06:31:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Windows Backup.

    Error: (04/18/2017 06:27:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: De Intel(R) Management and Security Application User Notification Service-service kan vanwege de volgende fout niet worden gestart:
    De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.

    Error: (04/18/2017 06:27:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Intel(R) Management and Security Application User Notification Service.

    Error: (04/18/2017 06:27:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: De Windows Update-service is bij het starten vastgelopen.

    Error: (04/18/2017 06:24:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: De NVIDIA Update Service Daemon-service is bij het starten vastgelopen.

    Error: (04/18/2017 06:19:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: De F-Secure ORSP Client-service kan vanwege de volgende fout niet worden gestart:
    Het systeem kan het opgegeven bestand niet vinden.

    Error: (04/18/2017 06:19:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: De Diagnostic Policy Service-service is gestopt met de volgende foutcode:
    Toegang geweigerd.
    .

    Error: (04/17/2017 08:31:54 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: Servicebesturingsbeheer heeft na het onverwachte afsluiten van de User Profile Service-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt:
    De service is al gestart.


    CodeIntegrity:
    ===================================
    Date: 2017-04-17 15:08:30.369
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geÔnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

    Date: 2017-04-17 15:08:30.244
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geÔnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    ==================== Geheugen info ===========================

    Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
    Percentage geheugen in gebruik: 42%
    Totaal fysiek RAM-geheugen: 4007.05 MB
    Beschikbaar fysiek RAM-geheugen: 2317.05 MB
    Totaal Virtueel geheugen: 8012.29 MB
    Beschikbaar Virtual geheugen: 6330.09 MB

    ==================== Schijven ================================

    Drive c: (Boot) (Fixed) (Total:404.66 GB) (Free:344.94 GB) NTFS
    Drive d: (Recover) (Fixed) (Total:60 GB) (Free:29.99 GB) NTFS

    ==================== MBR & Partitietabel ==================

    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=404.7 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

    ==================== Eind van Addition.txt ============================

  9. #9
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Belangrijk is om maar 1 antivirus te hebben, neem de antivirus van uw keuze en verwijder alle anderen. ( ik zie bv. sporen van AVAST)
    1 firewall is meer dan genoeg.
    Combofix is een krachtige tool en niet om mee te spelen, verwijder deze van de computer aub.



    Start de Farbar Recovery Scan Tool nogmaals.

    • Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
    • Dubbelklik op FRST.exe om de tool te starten.
    • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
    • Druk op de Fix knop
    • Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
    • Voeg dit logbestand als bijlage toe aan het volgende bericht..
    Bijgevoegde Bestanden Bijgevoegde Bestanden

  10. #10

    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows Vista Home Premium
    Firewall
    Berichten
    140
    Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 17-04-2017 01
    Gestart door johan (19-04-2017 13:09:46) Run:1
    Gestart vanaf C:\Users\johan\Desktop
    Geladen Profielen: UpdatusUser & johan (Beschikbare Profielen: UpdatusUser & johan & Gast)
    Boot Modus: Normal
    ==============================================

    fixlist inhoud:
    *****************
    start
    CreateRestorePoint:

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
    HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
    Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== AANDACHT

    Hosts:
    EmptyTemp:
    end

    *****************

    Herstelpunt is succesvol gemaakt.
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => sleutel is succesvol verwijderd.
    HKU\S-1-5-21-1605064705-3519875545-3396432865-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => sleutel is succesvol verwijderd.
    Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== AANDACHT => Fout: Geen automatische fix gevonden voor dit item.
    C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst.
    Hosts met succes hersteld.

    =========== EmptyTemp: ==========

    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9812514 B
    Java, Flash, Steam htmlcache => 595 B
    Windows/system/drivers => 60101 B
    Edge => 0 B
    Chrome => 334599660 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 33125 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile => 129023 B
    systemprofile32 => 87739 B
    LocalService => 0 B
    NetworkService => 8166 B
    UpdatusUser => 0 B
    johan => 19661264 B
    Gast => 254992 B

    RecycleBin => 13285194 B
    EmptyTemp: => 368.4 MB tijdelijke gegevens verwijderd.

    ================================


    Het systeem moest herstart worden.

    ==== Eind van Fixlog 13:10:38 ====

  11. #11
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Ok beter nu?

  12. #12

    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows Vista Home Premium
    Firewall
    Berichten
    140
    De internetproblemen waren al eventjes van de baan (zie vorige posts), maar het zal de laptop ongetwijfeld deugd gedaan hebben even een opschoonbeurt te krijgen.

    Bedankt voor de tijd Juisterr! Topic mag afgesloten worden.

  13. #13
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Prima.

Forum Rechten

  • Je mag geen nieuwe onderwerpen plaatsen
  • Je mag geen reacties plaatsen
  • Je mag geen bijlagen toevoegen
  • Je mag jouw berichten niet wijzigen
  •