• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

[Opgelost]Ads by DNSUnlocker moeilijk te verwijderen

Status
Niet open voor verdere reacties.
D

drelau

Junior lid
Lid geworden
26 aug 2015
Berichten
57
Waarderingsscore
0
Goede avond,

Ook ik heb een probleem met het verwijderen van bovengenoemde. Ik heb RSIT opnieuw gedraaid want kon de eerder versie niet meer op mijn bureaublad terug vinden :wall:
Bij voorbaat mijn dank!



Logfile of random's system information tool 1.10 (written by random/random)
Run by Drelau at 2015-08-26 22:10:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 380 GB (83%) free of 458 GB
Total RAM: 3932 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:27, on 26-8-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Users\Drelau\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Drelau.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:52343;https=127.0.0.1:52343
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [LightShot] C:\Users\Drelau\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Drelau\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe
O23 - Service: Flood Fill Equals Sign (docufeme) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Kerning Down (gopibeko) - Unknown owner - C:\Users\Drelau\AppData\Local\3340AAF8-1440621655-E111-90C2-B888E34CE063\snsp8B63.tmp (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Cool Barcode (jimocoso) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NixSrv Service (NixSrv) - Unknown owner - C:\Program Files\NixSrv\NixSrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Quote Top (prtductadnoajoyneot) - Unknown owner - C:\Users\Drelau\AppData\Local\Con-trans.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Delete Exit (totyseku) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WIntEnhancer Service - Unknown owner - C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancerService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12964 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 5120720
\??\C:\Windows\system32\conhost.exe "-94455261917300115481198729596-93598217-671631605-290169986593828175246626625
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\knsj7606.tmpfs"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\jnszB186.tmp"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\NixSrv\NixSrv.exe" /s iid=3054536 did=Missing sid= ref= id=b8999aa2c4c8f4613cc5ad58fdc834fd8fdb6602873d26b30e21166d589a9984
C:\Windows\System32\svchost.exe -k HPZ12
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\Explorer.EXE
C:\Users\Drelau\AppData\Local\Con-trans.exe updateerod prtductadnoajoyneot
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\hnszCA36.tmp"
"C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancerService.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
InternetEnhancer.exe "C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\WJManifest"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"C:\Users\Drelau\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F4200 series#1388428182" -Startup
"C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4252 CREDAT:267521 /prefetch:2
C:\Windows\system32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4252 CREDAT:3544424 /prefetch:2
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4904
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {78934FC8-FD8C-4C80-9C22-EFA7185F22F6}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2708573932-1379375214-397904939-100016_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2708573932-1379375214-397904939-100016 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520

"C:\Users\Drelau\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BE93I2G8\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-07-14 886488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E34C061A-1009-4F08-9440-BCFE98EE0385}]
BitSAver - C:\Program Files (x86)\BitSAver\LU4dksMcvlQ05x.x64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14 710872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-04-23 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-04-23 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-04-23 439064]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-12-27 12343400]
"Power Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2012-02-08 1829768]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightShot"=C:\Users\Drelau\AppData\Local\Skillbrains\lightshot\Lightshot.exe Flags: uninsdeletevalue []
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176]
"OneDrive"=C:\Users\Drelau\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-08-20 404064]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2012-03-23 1105488]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-03-27 434688]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-26 21:02:42 ----D---- C:\Program Files (x86)\ESET
2015-08-26 20:43:48 ----D---- C:\AdwCleaner
2015-08-26 20:40:14 ----D---- C:\Users\Drelau\AppData\Roaming\Opera Software
2015-08-26 20:39:34 ----D---- C:\Program Files\NixSrv
2015-08-26 20:39:22 ----D---- C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063
2015-08-26 20:39:13 ----D---- C:\Program Files (x86)\WIntEnhancer
2015-08-26 20:38:19 ----D---- C:\Program Files (x86)\Opera
2015-08-26 18:11:09 ----D---- C:\Users\Drelau\AppData\Roaming\9-lab
2015-08-26 18:10:47 ----D---- C:\ProgramData\9-lab
2015-08-26 18:10:46 ----D---- C:\Program Files\9-lab
2015-08-26 17:25:01 ----HD---- C:\OneDriveTemp
2015-08-26 16:06:38 ----D---- C:\rsit
2015-08-26 16:06:38 ----D---- C:\Program Files\trend micro
2015-08-26 12:54:29 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-26 12:54:07 ----D---- C:\ProgramData\Malwarebytes
2015-08-26 12:54:07 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-26 12:54:07 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-26 12:54:07 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-26 12:54:07 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-21 13:27:57 ----A---- C:\Windows\system32\mshtml.dll
2015-08-21 13:27:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-13 09:09:11 ----A---- C:\Windows\ETDUninst.dll
2015-08-12 21:16:18 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 21:16:17 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 08:57:35 ----A---- C:\Windows\system32\invagent.dll
2015-08-12 08:57:35 ----A---- C:\Windows\system32\generaltel.dll
2015-08-12 08:57:35 ----A---- C:\Windows\system32\devinv.dll
2015-08-12 08:57:35 ----A---- C:\Windows\system32\appraiser.dll
2015-08-12 08:57:35 ----A---- C:\Windows\system32\acmigration.dll
2015-08-12 08:57:34 ----A---- C:\Windows\system32\aeinv.dll
2015-08-12 08:57:33 ----A---- C:\Windows\system32\aepdu.dll
2015-08-12 08:57:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-12 08:57:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:57:26 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-08-12 08:57:26 ----A---- C:\Windows\system32\ntdll.dll
2015-08-12 08:57:26 ----A---- C:\Windows\system32\kernel32.dll
2015-08-12 08:57:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-12 08:57:25 ----A---- C:\Windows\system32\sysmain.dll
2015-08-12 08:57:24 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-08-12 08:57:24 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-08-12 08:57:24 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-12 08:57:24 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 08:57:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-08-12 08:57:23 ----A---- C:\Windows\system32\wow64.dll
2015-08-12 08:57:23 ----A---- C:\Windows\system32\rstrui.exe
2015-08-12 08:57:23 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-12 08:57:23 ----A---- C:\Windows\system32\KernelBase.dll
2015-08-12 08:57:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-08-12 08:57:22 ----A---- C:\Windows\system32\winsrv.dll
2015-08-12 08:57:22 ----A---- C:\Windows\system32\srcore.dll
2015-08-12 08:57:22 ----A---- C:\Windows\system32\schannel.dll
2015-08-12 08:57:22 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-12 08:57:22 ----A---- C:\Windows\system32\kerberos.dll
2015-08-12 08:57:22 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-12 08:57:22 ----A---- C:\Windows\system32\conhost.exe
2015-08-12 08:57:21 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-08-12 08:57:21 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-08-12 08:57:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-08-12 08:57:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-08-12 08:57:21 ----A---- C:\Windows\system32\wdigest.dll
2015-08-12 08:57:21 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-12 08:57:21 ----A---- C:\Windows\system32\sspicli.dll
2015-08-12 08:57:21 ----A---- C:\Windows\system32\smss.exe
2015-08-12 08:57:21 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-12 08:57:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-12 08:57:21 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-12 08:57:20 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-08-12 08:57:20 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-08-12 08:57:20 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-08-12 08:57:20 ----A---- C:\Windows\system32\srclient.dll
2015-08-12 08:57:20 ----A---- C:\Windows\system32\lsass.exe
2015-08-12 08:57:20 ----A---- C:\Windows\system32\auditpol.exe
2015-08-12 08:57:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-08-12 08:57:19 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-08-12 08:57:19 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-08-12 08:57:19 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-08-12 08:57:19 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-12 08:57:19 ----A---- C:\Windows\system32\secur32.dll
2015-08-12 08:57:19 ----A---- C:\Windows\system32\ntvdm64.dll
2015-08-12 08:57:19 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-12 08:57:19 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-12 08:57:18 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-08-12 08:57:18 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-08-12 08:57:18 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-08-12 08:57:18 ----A---- C:\Windows\system32\wow64win.dll
2015-08-12 08:57:18 ----A---- C:\Windows\system32\wow64cpu.dll
2015-08-12 08:57:18 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-12 08:57:18 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-12 08:57:18 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-12 08:57:18 ----A---- C:\Windows\system32\credssp.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:57:17 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:57:17 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 08:57:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 08:57:15 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 08:57:15 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-08-12 08:57:15 ----A---- C:\Windows\system32\apisetschema.dll
2015-08-12 08:57:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 08:57:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 08:57:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 08:57:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:57:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:57:14 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 08:57:14 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 08:57:14 ----A---- C:\Windows\SYSWOW64\user.exe
2015-08-12 08:57:14 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-08-12 08:57:14 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-08-12 08:57:14 ----A---- C:\Windows\system32\adtschema.dll
2015-08-12 08:57:13 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-08-12 08:57:13 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-08-12 08:57:13 ----A---- C:\Windows\system32\msobjs.dll
2015-08-12 08:57:13 ----A---- C:\Windows\system32\msaudite.dll
2015-08-12 08:56:37 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 08:56:36 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-08-12 08:56:36 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-12 08:56:36 ----A---- C:\Windows\system32\tsgqec.dll
2015-08-12 08:56:36 ----A---- C:\Windows\system32\aaclient.dll
2015-08-12 08:56:35 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-08-12 08:56:07 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 08:54:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-08-12 08:54:53 ----A---- C:\Windows\system32\iertutil.dll
2015-08-12 08:54:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-08-12 08:54:52 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-08-12 08:54:52 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-12 08:54:52 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-12 08:54:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-12 08:54:51 ----A---- C:\Windows\system32\iernonce.dll
2015-08-12 08:54:51 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-12 08:54:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-12 08:54:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-12 08:54:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-12 08:54:50 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-08-12 08:54:50 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-08-12 08:54:50 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-08-12 08:54:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 08:54:48 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-08-12 08:54:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-12 08:54:48 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-12 08:54:47 ----A---- C:\Windows\system32\urlmon.dll
2015-08-12 08:54:46 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-08-12 08:54:46 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-08-12 08:54:46 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-12 08:54:46 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-08-12 08:54:46 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 08:54:45 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-12 08:54:45 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-08-12 08:54:45 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 08:54:45 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-12 08:54:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-12 08:54:44 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-12 08:54:44 ----A---- C:\Windows\system32\iesetup.dll
2015-08-12 08:54:43 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-12 08:54:42 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-08-12 08:54:41 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-12 08:54:41 ----A---- C:\Windows\system32\vbscript.dll
2015-08-12 08:54:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-12 08:54:40 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-08-12 08:54:40 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-08-12 08:54:40 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-12 08:54:40 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-12 08:54:39 ----A---- C:\Windows\system32\ieui.dll
2015-08-12 08:54:39 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-12 08:54:38 ----A---- C:\Windows\system32\ieframe.dll
2015-08-12 08:54:37 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-12 08:54:37 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-12 08:54:37 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-12 08:54:37 ----A---- C:\Windows\system32\jscript9.dll
2015-08-12 08:54:37 ----A---- C:\Windows\system32\jscript.dll
2015-08-12 08:54:36 ----A---- C:\Windows\system32\wininet.dll
2015-08-12 08:54:35 ----A---- C:\Windows\system32\msrating.dll
2015-08-12 08:54:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-12 08:52:00 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-12 08:52:00 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-12 08:52:00 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 08:52:00 ----A---- C:\Windows\system32\davclnt.dll
2015-08-12 08:51:56 ----A---- C:\Windows\system32\msxml6.dll
2015-08-12 08:51:56 ----A---- C:\Windows\system32\msxml3.dll
2015-08-12 08:51:55 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-08-12 08:51:55 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-12 08:51:55 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-12 08:51:55 ----A---- C:\Windows\system32\msxml6r.dll
2015-08-12 08:51:54 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-08-12 08:51:54 ----A---- C:\Windows\system32\msxml3r.dll
2015-08-12 08:51:52 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-12 08:51:52 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 08:51:52 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 08:51:51 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-12 08:51:51 ----A---- C:\Windows\system32\win32k.sys
2015-08-12 08:51:51 ----A---- C:\Windows\system32\atmfd.dll
2015-08-12 08:51:49 ----A---- C:\Windows\system32\lpk.dll
2015-08-12 08:51:48 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-08-12 08:51:48 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-08-12 08:51:48 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-08-12 08:51:48 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-08-12 08:51:48 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-12 08:51:48 ----A---- C:\Windows\system32\fontsub.dll
2015-08-12 08:51:48 ----A---- C:\Windows\system32\dciman32.dll
2015-08-12 08:51:48 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-12 08:51:48 ----A---- C:\Windows\system32\atmlib.dll
2015-08-12 08:51:42 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 08:51:42 ----A---- C:\Windows\notepad.exe
2015-08-12 08:51:40 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-12 08:51:36 ----A---- C:\Windows\system32\shell32.dll
2015-08-12 08:51:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-08-12 08:51:29 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-08-12 08:51:29 ----A---- C:\Windows\system32\wucltux.dll
2015-08-12 08:51:29 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-12 08:51:28 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-08-12 08:51:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-08-12 08:51:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-08-12 08:51:28 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-08-12 08:51:28 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-12 08:51:28 ----A---- C:\Windows\system32\wups2.dll
2015-08-12 08:51:28 ----A---- C:\Windows\system32\wups.dll
2015-08-12 08:51:28 ----A---- C:\Windows\system32\wudriver.dll
2015-08-12 08:51:28 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-12 08:51:28 ----A---- C:\Windows\system32\wuapp.exe
2015-08-12 08:51:28 ----A---- C:\Windows\system32\wuapi.dll
2015-08-12 08:51:28 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 08:51:28 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-12 08:51:23 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-27 14:24:17 ----A---- C:\Windows\NeroDigital.ini

======List of files/folders modified in the last 1 month======

2015-08-26 22:10:20 ----D---- C:\Windows\Temp
2015-08-26 21:23:07 ----D---- C:\Windows\system32\Tasks
2015-08-26 21:07:32 ----D---- C:\Windows
2015-08-26 21:02:44 ----D---- C:\Windows\inf
2015-08-26 21:02:44 ----D---- C:\Windows\Downloaded Program Files
2015-08-26 21:02:42 ----RD---- C:\Program Files (x86)
2015-08-26 20:53:36 ----A---- C:\Windows\SYSWOW64\log.txt
2015-08-26 20:51:40 ----D---- C:\Windows\system32\config
2015-08-26 20:48:16 ----HD---- C:\ProgramData
2015-08-26 20:48:15 ----D---- C:\Program Files (x86)\Common Files
2015-08-26 20:40:14 ----D---- C:\Windows\system32\drivers\etc
2015-08-26 20:39:34 ----RD---- C:\Program Files
2015-08-26 20:30:26 ----D---- C:\Windows\SysWOW64
2015-08-26 20:29:13 ----D---- C:\Windows\Tasks
2015-08-26 20:28:30 ----SHD---- C:\System Volume Information
2015-08-26 20:27:43 ----D---- C:\Windows\Prefetch
2015-08-26 17:07:11 ----D---- C:\Windows\system32\catroot2
2015-08-26 17:05:16 ----D---- C:\Windows\SoftwareDistribution
2015-08-26 17:05:15 ----D---- C:\Windows\system32\drivers
2015-08-26 16:09:48 ----SHD---- C:\Windows\Installer
2015-08-26 16:09:48 ----HD---- C:\Config.Msi
2015-08-26 16:09:45 ----D---- C:\Program Files (x86)\Java
2015-08-26 13:26:50 ----D---- C:\Windows\Microsoft.NET
2015-08-23 09:08:03 ----D---- C:\ProgramData\Skype
2015-08-23 09:05:53 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-08-23 08:26:58 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-08-23 08:26:31 ----RSD---- C:\Windows\assembly
2015-08-23 08:25:00 ----D---- C:\Program Files\Microsoft Office 15
2015-08-21 13:33:23 ----D---- C:\Windows\winsxs
2015-08-21 13:31:24 ----D---- C:\Windows\System32
2015-08-13 20:34:39 ----D---- C:\Windows\Downloaded Installations
2015-08-13 20:00:34 ----D---- C:\ProgramData\Nero
2015-08-13 19:52:27 ----D---- C:\Program Files (x86)\Nero
2015-08-13 09:35:46 ----D---- C:\Windows\debug
2015-08-13 09:09:08 ----D---- C:\Windows\system32\DriverStore
2015-08-13 08:43:35 ----D---- C:\Windows\rescache
2015-08-13 07:15:44 ----SD---- C:\Windows\system32\CompatTel
2015-08-13 07:15:43 ----D---- C:\Windows\system32\appraiser
2015-08-13 07:15:43 ----D---- C:\Windows\AppPatch
2015-08-13 07:15:35 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-08-13 07:15:34 ----D---- C:\Windows\system32\nl-NL
2015-08-13 07:15:34 ----D---- C:\Windows\system32\drivers\nl-NL
2015-08-13 07:15:18 ----D---- C:\Program Files\Internet Explorer
2015-08-13 07:15:17 ----D---- C:\Windows\SYSWOW64\en-US
2015-08-13 07:15:14 ----D---- C:\Windows\system32\en-US
2015-08-13 07:15:11 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-12 21:14:43 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-12 21:14:43 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 21:06:40 ----D---- C:\Windows\system32\MRT
2015-08-12 20:59:02 ----A---- C:\Windows\system32\MRT.exe
2015-08-12 08:20:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-08-09 16:34:11 ----HD---- C:\$Windows.~BT
2015-08-09 16:08:46 ----D---- C:\Windows\Panther
2015-08-09 14:44:38 ----D---- C:\Windows\Logs
2015-07-27 21:05:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-27 09:15:22 ----D---- C:\Windows\system32\FxsTmp
2015-07-27 07:39:10 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2012-02-02 568600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-01-11 2801664]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-11-04 68648]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-11-04 19496]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-09-02 51752]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2012-06-02 83576]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-03-27 14748416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-03 4730344]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2012-01-19 435240]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-08-26 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TrufosAlt;TrufosAlt; C:\Windows\system32\DRIVERS\TrufosAlt.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-07-14 2765496]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 docufeme;Flood Fill Equals Sign; C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\knsj7606.tmpfs [2015-08-26 1373184]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-03-23 355920]
R2 ePowerSvc;ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2012-02-08 871296]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2012-02-29 28264]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2013-12-17 46904]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-02 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-08 161560]
R2 jimocoso;Cool Barcode; C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\jnszB186.tmp [2015-08-26 227328]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2012-02-07 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-08 277784]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-03-30 598312]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NixSrv;NixSrv Service; C:\Program Files\NixSrv\NixSrv.exe [2015-08-25 379392]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 prtductadnoajoyneot;Quote Top; C:\Users\Drelau\AppData\Local\Con-trans.exe [2015-08-26 52736]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]
R2 totyseku;Delete Exit; C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\hnszCA36.tmp [2015-08-26 137728]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-08 363800]
R2 WIntEnhancer Service;WIntEnhancer Service; C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancerService.exe [2015-08-26 1200128]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gopibeko;Kerning Down; C:\Users\Drelau\AppData\Local\3340AAF8-1440621655-E111-90C2-B888E34CE063\snsp8B63.tmp []
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-04-23 276248]
S3 DCDhcpService;DCDhcpService; C:\Program Files (x86)\Packard Bell\WDAgent\DCDhcpService.exe [2012-01-18 111776]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-05-29 373824]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-30 265808]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-04-25 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-04-25 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-20 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

We gaan kijken, graag beide logs in n keer posten.


Stap 1
Download
51a46ae42d560-malwarebytes_anti_malware.png
MalwareBytes Anti-Malware.

Let op bij de installatie van MBAM: in het laatste installatievenster staan twee vinkjes bij de meldingen,
haal nu het bovenste vinkje weg (MBAM als volledige demo-versie gebruiken) en maak de installatie af.
Daarna kan je Malwarebytes MBAM als gratis versie telken opnieuw gebruiken!

  • Windows 2000 en Windows XP: dubbelklik op mbam-setup.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op mbam-setup.exe en kies voor "Als Administrator uitvoeren".

  • Klik in het menu van Malwarebytes ANTI-MALWARE op nstellingen" en daar op "Detectie en Bescherming" en zet vervolgens een vinkje bij "Scan naar rootkits".
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.

  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
  • Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.

  • Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
  • Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
  • Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
  • Klik op de nieuwste Scan Log.
  • Klik op "Exporteer" en kies de optie "Tekstbestand (*.txt)".
    5557b93ba94ab-Malwarebytes_Exporteer_ScanLog.png
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
    532aab157609a-MBAM-Scan.png

MBAM-Log posten:
  • Kopieer nu de inhoud van het zojuist opgeslagen log en plak dit in uw nieuwe antwoord erbij.

Stap 2
Download
5597ac83a1fcf-9-Lab_Scan_canned.png
9-Lab Removal Tool via n van de twee links hieronder:

9-Lab Removal Tool voor 64-bit Windows
9-Lab Removal Tool voor 32-bit Windows

  • Installeer het tool in jouw Windows; op het bureaublad vind je daarna de snelkoppeling.
  • Windows 2000 en Windows XP: dubbelklik op Removal Tool.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op Removal Tool en kies voor "Als Administrator uitvoeren".
  • Klik deze snelkoppeling met rechts aan kies voor "Als administrator uitvoeren".
  • De 9-Lab Removal Tool zal zich na het opstarten automatisch van nieuwe updates voorzien, wacht tot dat gebeurd is.
  • Klik daarna in het menu op "Full Scan" - die duurt wel even, dus wees geduldig.
  • Is de scan scan klaar, klik dan op de knop "Clean".

558472f03a2f2-9-Lab_scan2x.jpg


  • Er wordt een log bewaard, dat vind jij dan via de linkerkolom via "Logs".
  • Klik eerst het log aan en dan op de knop open.
  • Selekteer en kopieer vervolgens de gehele inhoud van het log en plak deze dan in jouw volgende antwoord.
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 27-8-2015
Scantijd: 7:19
Logboekbestand: mbam scanlog.txt
Beheerder: Ja

Versie: 2.1.8.1057
Malware-database: v2015.08.27.01
Rootkit-database: v2015.08.16.01
Licentie: Proef
Malware-bescherming: Ingeschakeld
Bescherming tegen kwaadaardige websites: Ingeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Drelau

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 391007
Verstreken tijd: 26 min, 49 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 5
Trojan.Agent.MSIL, C:\Users\Drelau\AppData\Local\Con-trans.exe, 2612, Verwijder-bij-herstart, [319c868789020b2b6c24c01230d10ff1]
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancer.exe, 5300, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2]
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancerService.exe, 2444, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2]
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\jnszB186.tmp, 2160, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82]
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\knsj7606.tmpfs, 1832, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82]

Modules: 3
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\ApiHandlr.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\FiddlerCore.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\Newtonsoft.Json.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],

Registersleutels: 8
Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\prtductadnoajoyneot, In quarantaine, [319c868789020b2b6c24c01230d10ff1],
PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WIntEnhancer Service, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso, In quarantaine, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\docufeme, In quarantaine, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, In quarantaine, [dfee927b27641e18b1a33c665fa546ba],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GOPIBEKO, In quarantaine, [4984b8557615bb7b558a6f3263a1de22],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TOTYSEKU, In quarantaine, [e4e9ea233457ee48716e0d9417edb54b],
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB, In quarantaine, [6d602ae3d5b6ab8b5d315b5b33d138c8],

Registerwaarden: 13
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\docufeme|ImagePath, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\knsj7606.tmpfs, In quarantaine, [903d14f9cfbc38fecf1088190bf957a9]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gopibeko|ImagePath, C:\Users\Drelau\AppData\Local\3340AAF8-1440621655-E111-90C2-B888E34CE063\snsp8B63.tmp, In quarantaine, [4984b8557615bb7b558a6f3263a1de22]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso|ImagePath, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\jnszB186.tmp, In quarantaine, [7d50ed20d7b43105ad32d0d1af558080]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\totyseku|ImagePath, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\hnszCA36.tmp, In quarantaine, [e4e9ea233457ee48716e0d9417edb54b]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype6, 8/26/15 20:38:57, In quarantaine, [6d602ae3d5b6ab8b5d315b5b33d138c8]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype20, 8/26/15 20:39:44, In quarantaine, [fad34cc1e7a4092d8a040fa7a65e02fe]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype24, 8/26/15 20:39:44, In quarantaine, [5c71c64765263ff7810d3d791ee67f81]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype27, 8/26/15 20:39:44, In quarantaine, [94397895a6e5d264aae474425fa554ac]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype41, 8/26/15 20:39:44, In quarantaine, [5b72b9548cffd16547479e1860a45ea2]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype42, 8/26/15 20:39:44, In quarantaine, [e6e7ba532a6139fd6f1f684ef90b8e72]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype4, 8/26/15 20:40:12, In quarantaine, [f6d7bf4ef4973501c9c5368002020df3]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype26, 8/26/15 20:40:12, In quarantaine, [fbd235d83358ce68c1cd595d1ce80bf5]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype14, 8/26/15 20:40:19, In quarantaine, [4e7fbb528506e452147a3e7851b3d22e]

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 8
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Uninstall Wajam, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82],

Bestanden: 90
Trojan.Agent.MSIL, C:\Users\Drelau\AppData\Local\Con-trans.exe, Verwijder-bij-herstart, [319c868789020b2b6c24c01230d10ff1],
PUP.Optional.SuperOptimizer.A, C:\Users\Drelau\AppData\Local\Temp\supoptsetup.exe, In quarantaine, [11bce627bfcc4aecf1c27d241fe2dc24],
PUP.Optional.Amonetize, C:\Users\Drelau\AppData\Local\Temp\nsoD685.exe, In quarantaine, [735aea23b6d593a36086517ae51ca25e],
Trojan.Agent.MSIL, C:\Users\Drelau\AppData\Local\Temp\AS16H.tmp, In quarantaine, [9c31f31af398dc5a00909d358b768d73],
PUP.Optional.OutBrowse, C:\Users\Drelau\AppData\Local\Temp\beeagbcbbj.exe, In quarantaine, [86473ad3cebd4ceacfa13f8d7091669a],
PUP.Optional.OurSeaching.A, C:\Users\Drelau\AppData\Local\Temp\81440614246\0P1I9LkpUSw==1.exe, In quarantaine, [9f2ea766b7d411250784ade046bf2dd3],
Trojan.Agent.MSIL, C:\Users\Drelau\AppData\Local\Temp\AS16H\xrc.exe, In quarantaine, [a52833da3655f93d4e42cc062ed346ba],
PUP.Optional.Amonetize, C:\Windows\Temp\tmpAFEE.tmp, In quarantaine, [a726aa6313780135a146418a19e8dc24],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Wajam Website.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Settings.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\SignIn with Facebook.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\SignIn with Twitter.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Ask.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Google.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\IMDb.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Shopping.com.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\TripAdvisor.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Wikipedia.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Yahoo!.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Amazon.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Argos.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Ebay.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Etsy.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\HomeDepot.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Ikea.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Lowe's.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Mercadolivre.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\MyShopping.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Sears.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Target.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Tesco.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Walmart.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Zalando.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Uninstall Wajam\uninstall.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\wajam.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\amazon.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\argos.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\ask.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\bestbuy.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\ebay.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\etsy.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\facebook.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\favicon.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\google.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\homedepot.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\ikea.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\imdb.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\lowes.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\mercado.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\mysearchweb.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\myshopping.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\searchresult.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\sears.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\setting.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\settings.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\shopping.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\target.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\tesco.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\tripadvisor.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\twitter.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\walmart.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\wiki.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\yahoo.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\zalando.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\uninstall.exe, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\f74929f79bdd7823da8990674cef14ae, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\167029cc75afece73ec894aa4f8268ff, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\2b6c29dec27fb42c65539846184da9bd, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\2cb6547209d3d143f07bdb8e1917ca9c, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\2e64d6cd75a08c56c36010cc0596d68a, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\720c4dfd4996ff060a6156e47a8df2d5, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\7852b3b0c218ec84e519c5fe9428476f, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\7f555219c518271750c4253a29449a9f, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\9b68f10e2c33d3a6778dd0d553fb438b, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\af6e9b43ad76460c49d0c6902312918d, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\ApiHandlr.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\b0dc96cf0b5db96fecf83166911cdbe0, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\FiddlerCore.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\HtmlAgilityPack.dll, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancer.exe, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancerService.exe, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\lan-proxy-settings.dat, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\makecert.exe, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\Newtonsoft.Json.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\wie, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\WJManifest, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\jnszB186.tmp, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\knsj7606.tmpfs, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\rnsj8CE2.exe, In quarantaine, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\Uninstall.exe, In quarantaine, [b5183bd24c3f61d59bd6f7bacb397e82],

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)


(end)


9-lab Removal Tool 1.0.0.36 BETA
9-lab.com

Database version: 0.0

Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)
Internet Explorer 9.11.9600.17959
Drelau :: Drelau-PC

27-8-2015 7:54:34
9lab-log-2015-08-27 (07-54-34).txt

Scan type: Full
Objects scanned: 49021
Time Elapsed: 58 m 46 s

Registry Values detected: 2
Risk.Proxy [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyEnable]
Risk.Proxy [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyServer]

--- Update ---

Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 27-8-2015
Scantijd: 7:19
Logboekbestand: mbam scanlog.txt
Beheerder: Ja

Versie: 2.1.8.1057
Malware-database: v2015.08.27.01
Rootkit-database: v2015.08.16.01
Licentie: Proef
Malware-bescherming: Ingeschakeld
Bescherming tegen kwaadaardige websites: Ingeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Drelau

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 391007
Verstreken tijd: 26 min, 49 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 5
Trojan.Agent.MSIL, C:\Users\Drelau\AppData\Local\Con-trans.exe, 2612, Verwijder-bij-herstart, [319c868789020b2b6c24c01230d10ff1]
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancer.exe, 5300, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2]
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancerService.exe, 2444, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2]
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\jnszB186.tmp, 2160, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82]
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\knsj7606.tmpfs, 1832, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82]

Modules: 3
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\ApiHandlr.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\FiddlerCore.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\Newtonsoft.Json.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],

Registersleutels: 8
Trojan.Agent.MSIL, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\prtductadnoajoyneot, In quarantaine, [319c868789020b2b6c24c01230d10ff1],
PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WIntEnhancer Service, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso, In quarantaine, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\docufeme, In quarantaine, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.VoPackage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\VOPackage, In quarantaine, [dfee927b27641e18b1a33c665fa546ba],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GOPIBEKO, In quarantaine, [4984b8557615bb7b558a6f3263a1de22],
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TOTYSEKU, In quarantaine, [e4e9ea233457ee48716e0d9417edb54b],
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB, In quarantaine, [6d602ae3d5b6ab8b5d315b5b33d138c8],

Registerwaarden: 13
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\docufeme|ImagePath, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\knsj7606.tmpfs, In quarantaine, [903d14f9cfbc38fecf1088190bf957a9]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gopibeko|ImagePath, C:\Users\Drelau\AppData\Local\3340AAF8-1440621655-E111-90C2-B888E34CE063\snsp8B63.tmp, In quarantaine, [4984b8557615bb7b558a6f3263a1de22]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jimocoso|ImagePath, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\jnszB186.tmp, In quarantaine, [7d50ed20d7b43105ad32d0d1af558080]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\totyseku|ImagePath, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\hnszCA36.tmp, In quarantaine, [e4e9ea233457ee48716e0d9417edb54b]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype6, 8/26/15 20:38:57, In quarantaine, [6d602ae3d5b6ab8b5d315b5b33d138c8]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype20, 8/26/15 20:39:44, In quarantaine, [fad34cc1e7a4092d8a040fa7a65e02fe]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype24, 8/26/15 20:39:44, In quarantaine, [5c71c64765263ff7810d3d791ee67f81]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype27, 8/26/15 20:39:44, In quarantaine, [94397895a6e5d264aae474425fa554ac]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype41, 8/26/15 20:39:44, In quarantaine, [5b72b9548cffd16547479e1860a45ea2]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype42, 8/26/15 20:39:44, In quarantaine, [e6e7ba532a6139fd6f1f684ef90b8e72]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype4, 8/26/15 20:40:12, In quarantaine, [f6d7bf4ef4973501c9c5368002020df3]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype26, 8/26/15 20:40:12, In quarantaine, [fbd235d83358ce68c1cd595d1ce80bf5]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-2708573932-1379375214-397904939-1000\SOFTWARE\OB|monitype14, 8/26/15 20:40:19, In quarantaine, [4e7fbb528506e452147a3e7851b3d22e]

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 8
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Uninstall Wajam, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82],

Bestanden: 90
Trojan.Agent.MSIL, C:\Users\Drelau\AppData\Local\Con-trans.exe, Verwijder-bij-herstart, [319c868789020b2b6c24c01230d10ff1],
PUP.Optional.SuperOptimizer.A, C:\Users\Drelau\AppData\Local\Temp\supoptsetup.exe, In quarantaine, [11bce627bfcc4aecf1c27d241fe2dc24],
PUP.Optional.Amonetize, C:\Users\Drelau\AppData\Local\Temp\nsoD685.exe, In quarantaine, [735aea23b6d593a36086517ae51ca25e],
Trojan.Agent.MSIL, C:\Users\Drelau\AppData\Local\Temp\AS16H.tmp, In quarantaine, [9c31f31af398dc5a00909d358b768d73],
PUP.Optional.OutBrowse, C:\Users\Drelau\AppData\Local\Temp\beeagbcbbj.exe, In quarantaine, [86473ad3cebd4ceacfa13f8d7091669a],
PUP.Optional.OurSeaching.A, C:\Users\Drelau\AppData\Local\Temp\81440614246\0P1I9LkpUSw==1.exe, In quarantaine, [9f2ea766b7d411250784ade046bf2dd3],
Trojan.Agent.MSIL, C:\Users\Drelau\AppData\Local\Temp\AS16H\xrc.exe, In quarantaine, [a52833da3655f93d4e42cc062ed346ba],
PUP.Optional.Amonetize, C:\Windows\Temp\tmpAFEE.tmp, In quarantaine, [a726aa6313780135a146418a19e8dc24],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Wajam Website.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Settings.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\SignIn with Facebook.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\SignIn with Twitter.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Ask.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Google.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\IMDb.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Shopping.com.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\TripAdvisor.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Wikipedia.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Search\Yahoo!.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Amazon.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Argos.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Ebay.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Etsy.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\HomeDepot.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Ikea.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Lowe's.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Mercadolivre.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\MyShopping.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Sears.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Target.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Tesco.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Walmart.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Explore Social Shopping\Zalando.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WIntEnhancer\Uninstall Wajam\uninstall.lnk, In quarantaine, [6a63ec2194f70f27c41d012300031be5],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\wajam.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\amazon.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\argos.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\ask.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\bestbuy.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\ebay.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\etsy.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\facebook.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\favicon.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\google.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\homedepot.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\ikea.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\imdb.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\lowes.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\mercado.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\mysearchweb.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\myshopping.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\searchresult.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\sears.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\setting.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\settings.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\shopping.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\target.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\tesco.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\tripadvisor.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\twitter.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\walmart.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\wiki.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\yahoo.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\Logos\zalando.ico, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\uninstall.exe, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\f74929f79bdd7823da8990674cef14ae, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\167029cc75afece73ec894aa4f8268ff, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\2b6c29dec27fb42c65539846184da9bd, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\2cb6547209d3d143f07bdb8e1917ca9c, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\2e64d6cd75a08c56c36010cc0596d68a, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\720c4dfd4996ff060a6156e47a8df2d5, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\7852b3b0c218ec84e519c5fe9428476f, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\7f555219c518271750c4253a29449a9f, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\9b68f10e2c33d3a6778dd0d553fb438b, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\af6e9b43ad76460c49d0c6902312918d, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\ApiHandlr.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\b0dc96cf0b5db96fecf83166911cdbe0, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\FiddlerCore.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\HtmlAgilityPack.dll, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancer.exe, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\InternetEnhancerService.exe, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\lan-proxy-settings.dat, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\makecert.exe, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\Newtonsoft.Json.dll, Verwijder-bij-herstart, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\wie, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.Wajam.A, C:\Program Files (x86)\WIntEnhancer\WIntEnhancer Internet Enhancer\WJManifest, In quarantaine, [0ac37c9148432d093df1b8f5de260ef2],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\jnszB186.tmp, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\knsj7606.tmpfs, Verwijder-bij-herstart, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\rnsj8CE2.exe, In quarantaine, [b5183bd24c3f61d59bd6f7bacb397e82],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\3340AAF8-1440614362-E111-90C2-B888E34CE063\Uninstall.exe, In quarantaine, [b5183bd24c3f61d59bd6f7bacb397e82],

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)


(end)


9-lab Removal Tool 1.0.0.36 BETA
9-lab.com

Database version: 0.0

Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)
Internet Explorer 9.11.9600.17959
Drelau :: Drelau-PC

27-8-2015 7:54:34
9lab-log-2015-08-27 (07-54-34).txt

Scan type: Full
Objects scanned: 49021
Time Elapsed: 58 m 46 s

Registry Values detected: 2
Risk.Proxy [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyEnable]
Risk.Proxy [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings ProxyServer]
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Graag de twee logs in n keer posten - gebruik de tools in de volgorde zoals aangegeven.

Stap 1
Download
51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg
Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:
  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van dit log in je volgende bericht.

Stap 2
Download
52186926180a1-adwcleaner_nieuw.png
AdwCleaner by Xplode.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
AdwCleaner opstarten:
  • Windows 2000 en Windows XP: dubbelklik op adwcleaner.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".
AdwCleaner is opgestart:
  • Klik op de knop Scan
  • Is de scan gereed, klik dan op de knop Verwijderen
  • Klik bij AdwCleaner Afsluiting van de programma's op OK
  • Klik bij AdwCleaner Herstarten noodzakelijk op OK
AdwCleaner logbestand:
  • Nadat de PC opnieuw is opgestart, opent een logfile.
  • Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0, of 1, of 2].txt
  • Post vervolgens de inhoud van dit log in je volgende bericht.
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.8 (08.24.2015:1)
OS: Windows 7 Home Premium x64
Ran by Drelau on do 27-08-2015 at 21:25:27,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Drelau\Appdata\Local\{06965A49-EF27-466F-A03E-9D09B15F26A8}
Successfully deleted: [Empty Folder] C:\Users\Drelau\Appdata\Local\{C0907517-67C5-45D3-B51F-08F99858BC0E}



~~~ Chrome


[C:\Users\Drelau\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Drelau\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Drelau\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Drelau\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on do 27-08-2015 at 21:30:10,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v5.004 - Logbestand aangemaakt 27/08/2015 op 21:42:02
# Laatste update 26/08/2015 door Xplode
# Database : 2015-08-25.1 [Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Drelau - Drelau-PC
# Gestart vanuit : C:\Users\Drelau\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PDHR2E79\adwcleaner_5.004.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum

***** [ Services ] *****


***** [ Mappen ] *****


***** [ Bestanden ] *****


***** [ Snelkoppelingen ] *****


***** [ geplande taken ] *****


***** [ Register ] *****

[-] Sleutel Verwijderd : HKLM\SOFTWARE\downchecker
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\downchecker

***** [ Internetbrowsers ] *****


*************************

:: Winsock instellingen gereset

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [854 bytes] ##########
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Ga naar de site van de
51a5de408905c-th_EsetLogo.png
ESET Online Scanner
  • Klik op de knop ESET Online Scanner
  • Zet een vinkje bij YES, I accept the Terms of Use
  • Klik op Start
  • Sta het ActiveX control toe om te installeren.
    • Zet een vinkje bij de volgende opties:
    • Enable detection of potentially unwanted applications
    • Indien verborgen, open vervolgens Advanced Settings en vink ondervermelde instellingen aan
    • Remove found threats
    • Scan archives
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • Notabene: deaktiveer tijdelijk de eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • Klik op Start
  • De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
  • is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is.
  • Ga vervolgens naar C:\Program Files\ESET\ESET Online Scanner (Windows 64-bit: C:\Program Files (x86)\ESET\ESET Online Scanner) en klik daar op log.txt
  • Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.

Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, esetsmartinstaller_enu.exe.
De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven.
Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan.
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Volgens mij wordt het warm..... bij de Eset online scanner moet ik vliegensvlug zijn want anders zijn er meteen allerlei popups van DNSunlocker en kan niet bij de benodigde knoppen. Wegklikken of Close reageert het niet op. Pfff blijf het proberen.
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Gebruik je Internet Explorer?

Start Firefox of Google Chrome - dan wordt het installatie bestand gedownload en start daarna automatisch als App op.
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Het is gelukt.

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Update Init
Update Download
Update Finalize
Updated modules version: 25463
Update Init
Update Download
Update Finalize
Updated modules version: 25481
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Laat weten hoe het inmiddels gaat.
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Goeiedag,

Helaas maar ik heb er ngo steeds last van. Minder pop ups maar wel veel dikgedrukte, onderstreepte teksten en icoontjes erbij. Als je daar je muis bij zet staat er "click to continue > DNSUnlocker".

--- Update ---

Goeiedag,

Helaas maar ik heb er nog steeds last van. Minder pop ups maar wel veel dikgedrukte, onderstreepte teksten en icoontjes erbij. Als je daar je muis bij zet staat er "click to continue > DNSUnlocker".
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Welke browser?
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Hallo Abraham,

Ik gebruik over het algemeen IE en soms chrome, bij chrome had ik in dit geval meer last dan bij IE... maar het gaat nu goed! Ik had malewarebytes nog een keer laten scannen

Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 29-8-2015
Scantijd: 8:51
Logboekbestand: scanlog malware.txt
Beheerder: Ja

Versie: 2.1.8.1057
Malware-database: v2015.08.29.01
Rootkit-database: v2015.08.16.01
Licentie: Proef
Malware-bescherming: Ingeschakeld
Bescherming tegen kwaadaardige websites: Ingeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Drelau

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 393778
Verstreken tijd: 24 min, 10 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(Geen kwaadaardige items gedetecteerd)

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)

Registerwaarden: 0
(Geen kwaadaardige items gedetecteerd)

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 0
(Geen kwaadaardige items gedetecteerd)

Bestanden: 0
(Geen kwaadaardige items gedetecteerd)

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)


(end)
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Dan laten we voor de zekerheid nog weer twee andere tools het werk doen.
Is Windows schoon, dan moeten de logs ook niks aangeven.


Graag de twee logs in n keer posten - gebruik de tools in de volgorde zoals aangegeven.

Stap 1
Download
51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg
Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:
  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van dit log in je volgende bericht.

Stap 2
Download
52186926180a1-adwcleaner_nieuw.png
AdwCleaner by Xplode.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
AdwCleaner opstarten:
  • Windows 2000 en Windows XP: dubbelklik op adwcleaner.exe.
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".
AdwCleaner is opgestart:
  • Klik op de knop Scan
  • Is de scan gereed, klik dan op de knop Verwijderen
  • Klik bij AdwCleaner Afsluiting van de programma's op OK
  • Klik bij AdwCleaner Herstarten noodzakelijk op OK
AdwCleaner logbestand:
  • Nadat de PC opnieuw is opgestart, opent een logfile.
  • Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0, of 1, of 2].txt
  • Post vervolgens de inhoud van dit log in je volgende bericht.
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Home Premium x64
Ran by Drelau on di 01-09-2015 at 8:50:08,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Drelau\Appdata\Local\{192FFEAB-DF5F-4EB3-863E-81F1A8063C94}
Successfully deleted: [Empty Folder] C:\Users\Drelau\Appdata\Local\{359A6DD8-53E0-45D8-96B9-263C75A7E089}
Successfully deleted: [Empty Folder] C:\Users\Drelau\Appdata\Local\{C4403F39-B66F-4829-BD58-C3BE89A5B8A4}
Successfully deleted: [Empty Folder] C:\Users\Drelau\Appdata\Local\{F37C1882-899E-4698-AB5E-EF26BA759235}
Successfully deleted: [Empty Folder] C:\Users\Drelau\Appdata\Local\{FD046E06-628F-490C-8033-5163C0FDC96C}
Successfully deleted: [Folder] C:\Program Files\nixsrv



~~~ Chrome


[C:\Users\Drelau\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Drelau\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Drelau\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Drelau\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 01-09-2015 at 8:54:55,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v5.004 - Logbestand aangemaakt 01/09/2015 op 08:57:12
# Laatste update 26/08/2015 door Xplode
# Database : 2015-08-31.2 [Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Drelau - Drelau-PC
# Gestart vanuit : C:\Users\Drelau\Desktop\adwcleaner_5.004.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum

***** [ Services ] *****


***** [ Mappen ] *****


***** [ Bestanden ] *****


***** [ Snelkoppelingen ] *****


***** [ geplande taken ] *****


***** [ Register ] *****

[-] Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\downchecker
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\downchecker

***** [ Internetbrowsers ] *****


*************************

:: Winsock instellingen gereset

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1571 bytes] ##########
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

[/img] MiniToolBox en plaats dit tool op jouw bureaublad.

Farbar MiniToolBox gebruiken:
  • Sluit nu eerst alle nog openstaande programmavensters!
    • Windows 2000 en Windows XP: start "MiniToolBox.exe" via dubbelklikken.
    • Windows Vista, Windows 7 en Windows 8: start "MiniToolBox.exe" via rechtsklik Als Administrator uitvoeren.
Vink de volgende onderdelen aan:
  • List content of Hosts
  • List last 10 Event Viewer log
  • List Installed Programs
    • Klik nu op de knop "Go".
    • Aansluitend wordt een log aangemaakt (Result.txt) in de zelfde map waar "MiniToolBox.exe" in zit.
    • Kopieer en plak de inhoud van het log in jouw volgende bericht.
 
Laatst bewerkt:
Re: Ads by DNSUnlocker moeilijk te verwijderen

MiniToolBox by Farbar Version: 25-07-2015 01
Ran by Drelau (administrator) on 02-09-2015 at 08:38:09
Running from "C:\Users\Drelau\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: EasyNote TE11HC Manufacturer: Packard Bell
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================




========================= Event log errors: ===============================

Application errors:
==================
Error: (09/02/2015 07:13:25 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (09/02/2015 07:13:25 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2A385914-C930-4B7D-8043-194AE569B226}

Error: (09/02/2015 07:13:24 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2A385914-C930-4B7D-8043-194AE569B226}

Error: (09/01/2015 08:59:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/01/2015 08:50:36 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer.


Details:
AddWin32ServiceFiles: Unable to back up image of service NixSrv Service since QueryServiceConfig API failed

System Error:
Het systeem kan het opgegeven bestand niet vinden.
.

Error: (09/01/2015 07:45:52 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (09/01/2015 07:45:52 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {6425A887-1C79-497B-8DA0-E1592E59E6F1}

Error: (09/01/2015 07:45:51 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {6425A887-1C79-497B-8DA0-E1592E59E6F1}

Error: (08/31/2015 11:19:44 AM) (Source: CVHSVC) (User: )
Description: Alleen informatie.
(Patch task for {90140011-0066-0413-0000-0000000FF1CE}): DownloadLatest Failed: Er zijn momenteel geen actieve netwerkverbindingen. Als een adapter wordt aangesloten probeert BITS (Background Intelligent Transfer Service) het opnieuw.

Error: (08/31/2015 07:22:50 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -2143485936


System errors:
=============
Error: (09/02/2015 07:41:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80240020: Bijwerken naar Windows 10 Home.

Error: (09/01/2015 07:50:15 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 heeft een fout gevonden tijdens het bijwerken van handtekeningen.

Nieuwe handtekeningversie:

Vorige handtekeningversie: 1.205.1065.0

Updatebron: %NT AUTHORITY59

Updatefase: 4.8.0204.00

Bronpad: 4.8.0204.01

Type handtekening: %NT AUTHORITY602

Type update: %NT AUTHORITY604

Gebruiker: NT AUTHORITY\SYSTEM

Huidige engineversie: %NT AUTHORITY605

Vorige engineversie: %NT AUTHORITY606

Foutcode: %NT AUTHORITY607

Foutbeschrijving: %NT AUTHORITY608

Error: (09/01/2015 09:00:46 AM) (Source: Service Control Manager) (User: )
Description: De Google Update-service (gupdate)-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (09/01/2015 08:57:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule is onverwacht gestopt.

Pad naar module: C:\Program Files (x86)\Packard Bell\WDAgent\AthIhvWlanExt.dll

Error: (09/01/2015 08:57:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule is onverwacht gestopt.

Pad naar module: C:\Program Files (x86)\Packard Bell\WDAgent\AthIhvWlanExt.dll

Error: (09/01/2015 08:57:23 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule is onverwacht gestopt.

Pad naar module: C:\Program Files (x86)\Packard Bell\WDAgent\AthIhvWlanExt.dll

Error: (09/01/2015 08:57:12 AM) (Source: Service Control Manager) (User: )
Description: De Software Protection-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/01/2015 08:57:12 AM) (Source: Service Control Manager) (User: )
Description: De Windows Modules Installer-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 300000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/01/2015 08:57:12 AM) (Source: Service Control Manager) (User: )
Description: De Windows Media Player Network Sharing Service-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/01/2015 08:57:12 AM) (Source: Service Control Manager) (User: )
Description: De Windows Live ID Sign-in Assistant-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.


Microsoft Office Sessions:
=========================
Error: (09/02/2015 07:13:25 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -2143485936

Error: (09/02/2015 07:13:25 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2A385914-C930-4B7D-8043-194AE569B226}

Error: (09/02/2015 07:13:24 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2A385914-C930-4B7D-8043-194AE569B226}

Error: (09/01/2015 08:59:04 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/01/2015 08:50:36 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NixSrv Service since QueryServiceConfig API failed

System Error:
Het systeem kan het opgegeven bestand niet vinden.

Error: (09/01/2015 07:45:52 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -2143485936

Error: (09/01/2015 07:45:52 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {6425A887-1C79-497B-8DA0-E1592E59E6F1}

Error: (09/01/2015 07:45:51 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {6425A887-1C79-497B-8DA0-E1592E59E6F1}

Error: (08/31/2015 11:19:44 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0413-0000-0000000FF1CE}): DownloadLatest Failed: Er zijn momenteel geen actieve netwerkverbindingen. Als een adapter wordt aangesloten probeert BITS (Background Intelligent Transfer Service) het opnieuw.

Error: (08/31/2015 07:22:50 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -2143485936


CodeIntegrity Errors:
===================================
Date: 2015-08-27 08:00:27.470
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-27 08:00:27.298
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-27 08:00:25.582
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-27 08:00:25.395
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-26 19:28:11.773
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-26 19:28:11.320
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-26 19:28:08.044
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-26 19:28:07.873
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
9-lab Removal Tool (HKLM-x32\...\9-lab Removal Tool) (Version: - )
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-67b24d58-5f64-44e3-80eb-a02de7c5a867) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-6534134c-a796-4d3e-b533-b11a3e368817) (Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.3 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WTA-abb559d1-3bcb-4571-a4ea-ebc7be3bca3b) (Version: 2.2.0.95 - WildTangent) Hidden
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
F4200 (HKLM-x32\...\{C2524280-A5CF-4458-B809-167F13FAB56D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
FATE (HKLM-x32\...\WTA-8ce4df72-d970-4816-941d-67ae40ba33e3) (Version: 2.2.0.97 - WildTangent) Hidden
Feeding Frenzy (HKLM-x32\...\58c50223bbae2f87303e30871b40ce84) (Version: - Zylom)
Final Drive: Nitro (HKLM-x32\...\WTA-6c3dd565-5919-4516-9415-cdee7964d587) (Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galera fotogrfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogrfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii us?ugi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Channels (HKLM-x32\...\WildTangentGameProvider-packardbell-main) (Version: 6.2.0.5 - WildTangent, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{23CCE784-A812-4647-AEFF-1DCCD4E57478}) (Version: 11.50.0000 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Insaniquarium Deluxe (HKLM-x32\...\9a14c916588716e1e4a91a4414907685) (Version: - Zylom)
Insaniquarium Deluxe (HKLM-x32\...\WTA-a4762e6f-6930-4220-8485-ae0b48b2d21b) (Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-1debc207-54a7-42dc-9a25-13d8474aeaa8) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-b2f8703a-b21f-4200-aa14-d73d42ebbd28) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-617ebb65-a219-45af-b877-0224211d1a86) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Packard Bell)
Mah Jong Quest Deluxe (HKLM-x32\...\9fb83c04070e0b7da7fc6379b8f9b7a8) (Version: - Zylom)
Malwarebytes Anti-Malware versie 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11100.9.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0413-0000-0000000FF1CE}) (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3507 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Penguins! (HKLM-x32\...\WTA-57335722-559b-4b36-b168-e50a3441e1b8) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-c999dca5-9dd6-4843-89ae-f982396ca78b) (Version: 2.2.0.98 - WildTangent) Hidden
Poczta us?ugi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-069dcc73-9033-413d-9182-953e8b28fed8) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-3a3bb547-4d4d-4cfc-bdfb-d85bca7fabad) (Version: 3.0.2.59 - WildTangent) Hidden
Pota Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros Direct Connect (HKLM-x32\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 3.0 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.0 - Qualcomm Atheros)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SKIP-BO Castaway Caper(TM) (HKLM-x32\...\9ae173205d6d9ab9cb67dc12f734faf1) (Version: - Zylom)
Slingo Deluxe (HKLM-x32\...\WTA-a75ec890-9b48-45bc-ab3d-346c7b63f275) (Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Uw bedrijfsnaam)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (HKLM-x32\...\WTA-787a319a-bf64-4c2c-88b7-e158abe2461b) (Version: 2.2.0.98 - WildTangent) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Verzoek of wijziging voorlopige aanslag 2014 (HKLM-x32\...\Verzoek of wijziging voorlopige aanslag 2014) (Version: - Belastingdienst)
Video Web Camera (HKLM-x32\...\{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2823.00 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2823.00 - CyberLink Corp.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-814021bd-1fce-4177-b5fe-0d92d94465dd) (Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (HKLM-x32\...\WTA-0c3f762a-558d-4b04-9deb-d9d364c340b2) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3507 - Packard Bell)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell) (Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Zuma Deluxe (HKLM-x32\...\WTA-96a3841d-7118-4e2a-8fb1-d1ac9e3e7f5e) (Version: 2.2.0.95 - WildTangent) Hidden
??????? ??????????? ??? Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???????? ?????????? Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
????? Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - ?????????? ??????????) Hidden
?????????? Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
??????????? ?? Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
?????? ??????? ?? Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???? Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???? ??? Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

**** End of log ****

--- Update ---

MiniToolBox by Farbar Version: 25-07-2015 01
Ran by Drelau (administrator) on 02-09-2015 at 08:38:09
Running from "C:\Users\Drelau\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: EasyNote TE11HC Manufacturer: Packard Bell
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================




========================= Event log errors: ===============================

Application errors:
==================
Error: (09/02/2015 07:13:25 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (09/02/2015 07:13:25 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2A385914-C930-4B7D-8043-194AE569B226}

Error: (09/02/2015 07:13:24 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2A385914-C930-4B7D-8043-194AE569B226}

Error: (09/01/2015 08:59:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/01/2015 08:50:36 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer.


Details:
AddWin32ServiceFiles: Unable to back up image of service NixSrv Service since QueryServiceConfig API failed

System Error:
Het systeem kan het opgegeven bestand niet vinden.
.

Error: (09/01/2015 07:45:52 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -2143485936

Error: (09/01/2015 07:45:52 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {6425A887-1C79-497B-8DA0-E1592E59E6F1}

Error: (09/01/2015 07:45:51 AM) (Source: Microsoft Office 15) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {6425A887-1C79-497B-8DA0-E1592E59E6F1}

Error: (08/31/2015 11:19:44 AM) (Source: CVHSVC) (User: )
Description: Alleen informatie.
(Patch task for {90140011-0066-0413-0000-0000000FF1CE}): DownloadLatest Failed: Er zijn momenteel geen actieve netwerkverbindingen. Als een adapter wordt aangesloten probeert BITS (Background Intelligent Transfer Service) het opnieuw.

Error: (08/31/2015 07:22:50 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -2143485936


System errors:
=============
Error: (09/02/2015 07:41:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80240020: Bijwerken naar Windows 10 Home.

Error: (09/01/2015 07:50:15 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 heeft een fout gevonden tijdens het bijwerken van handtekeningen.

Nieuwe handtekeningversie:

Vorige handtekeningversie: 1.205.1065.0

Updatebron: %NT AUTHORITY59

Updatefase: 4.8.0204.00

Bronpad: 4.8.0204.01

Type handtekening: %NT AUTHORITY602

Type update: %NT AUTHORITY604

Gebruiker: NT AUTHORITY\SYSTEM

Huidige engineversie: %NT AUTHORITY605

Vorige engineversie: %NT AUTHORITY606

Foutcode: %NT AUTHORITY607

Foutbeschrijving: %NT AUTHORITY608

Error: (09/01/2015 09:00:46 AM) (Source: Service Control Manager) (User: )
Description: De Google Update-service (gupdate)-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (09/01/2015 08:57:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule is onverwacht gestopt.

Pad naar module: C:\Program Files (x86)\Packard Bell\WDAgent\AthIhvWlanExt.dll

Error: (09/01/2015 08:57:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule is onverwacht gestopt.

Pad naar module: C:\Program Files (x86)\Packard Bell\WDAgent\AthIhvWlanExt.dll

Error: (09/01/2015 08:57:23 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule is onverwacht gestopt.

Pad naar module: C:\Program Files (x86)\Packard Bell\WDAgent\AthIhvWlanExt.dll

Error: (09/01/2015 08:57:12 AM) (Source: Service Control Manager) (User: )
Description: De Software Protection-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/01/2015 08:57:12 AM) (Source: Service Control Manager) (User: )
Description: De Windows Modules Installer-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 300000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/01/2015 08:57:12 AM) (Source: Service Control Manager) (User: )
Description: De Windows Media Player Network Sharing Service-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/01/2015 08:57:12 AM) (Source: Service Control Manager) (User: )
Description: De Windows Live ID Sign-in Assistant-service is onverwacht gestopt. Dit is 2 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.


Microsoft Office Sessions:
=========================
Error: (09/02/2015 07:13:25 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -2143485936

Error: (09/02/2015 07:13:25 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2A385914-C930-4B7D-8043-194AE569B226}

Error: (09/02/2015 07:13:24 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {2A385914-C930-4B7D-8043-194AE569B226}

Error: (09/01/2015 08:59:04 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/01/2015 08:50:36 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service NixSrv Service since QueryServiceConfig API failed

System Error:
Het systeem kan het opgegeven bestand niet vinden.

Error: (09/01/2015 07:45:52 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -2143485936

Error: (09/01/2015 07:45:52 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {6425A887-1C79-497B-8DA0-E1592E59E6F1}

Error: (09/01/2015 07:45:51 AM) (Source: Microsoft Office 15)(User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {6425A887-1C79-497B-8DA0-E1592E59E6F1}

Error: (08/31/2015 11:19:44 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0413-0000-0000000FF1CE}): DownloadLatest Failed: Er zijn momenteel geen actieve netwerkverbindingen. Als een adapter wordt aangesloten probeert BITS (Background Intelligent Transfer Service) het opnieuw.

Error: (08/31/2015 07:22:50 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -2143485936


CodeIntegrity Errors:
===================================
Date: 2015-08-27 08:00:27.470
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-27 08:00:27.298
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-27 08:00:25.582
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-27 08:00:25.395
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-26 19:28:11.773
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-26 19:28:11.320
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-26 19:28:08.044
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.

Date: 2015-08-26 19:28:07.873
Description: De integriteit van het bestand \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe kan niet worden gecontroleerd, omdat het handtekeningcertificaat is ingetrokken. Ga bij de uitgever na of er een nieuwe, ondertekende versie van de kernelmodule beschikbaar is.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
9-lab Removal Tool (HKLM-x32\...\9-lab Removal Tool) (Version: - )
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-67b24d58-5f64-44e3-80eb-a02de7c5a867) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-6534134c-a796-4d3e-b533-b11a3e368817) (Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.3 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Chuzzle Deluxe (HKLM-x32\...\WTA-abb559d1-3bcb-4571-a4ea-ebc7be3bca3b) (Version: 2.2.0.95 - WildTangent) Hidden
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote v. 4.5.2 (HKLM-x32\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
F4200 (HKLM-x32\...\{C2524280-A5CF-4458-B809-167F13FAB56D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
FATE (HKLM-x32\...\WTA-8ce4df72-d970-4816-941d-67ae40ba33e3) (Version: 2.2.0.97 - WildTangent) Hidden
Feeding Frenzy (HKLM-x32\...\58c50223bbae2f87303e30871b40ce84) (Version: - Zylom)
Final Drive: Nitro (HKLM-x32\...\WTA-6c3dd565-5919-4516-9415-cdee7964d587) (Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galera fotogrfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogrfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii us?ugi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Channels (HKLM-x32\...\WildTangentGameProvider-packardbell-main) (Version: 6.2.0.5 - WildTangent, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{23CCE784-A812-4647-AEFF-1DCCD4E57478}) (Version: 11.50.0000 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Insaniquarium Deluxe (HKLM-x32\...\9a14c916588716e1e4a91a4414907685) (Version: - Zylom)
Insaniquarium Deluxe (HKLM-x32\...\WTA-a4762e6f-6930-4220-8485-ae0b48b2d21b) (Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-1debc207-54a7-42dc-9a25-13d8474aeaa8) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-b2f8703a-b21f-4200-aa14-d73d42ebbd28) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-617ebb65-a219-45af-b877-0224211d1a86) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.15 - Packard Bell)
Mah Jong Quest Deluxe (HKLM-x32\...\9fb83c04070e0b7da7fc6379b8f9b7a8) (Version: - Zylom)
Malwarebytes Anti-Malware versie 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.11100.9.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.6.10300 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{68AFA3A7-9265-4ABD-994A-ACA413E3715C}) (Version: 10.6.10400 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10600.4.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0413-0000-0000000FF1CE}) (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3508 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3507 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Penguins! (HKLM-x32\...\WTA-57335722-559b-4b36-b168-e50a3441e1b8) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-c999dca5-9dd6-4843-89ae-f982396ca78b) (Version: 2.2.0.98 - WildTangent) Hidden
Poczta us?ugi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-069dcc73-9033-413d-9182-953e8b28fed8) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-3a3bb547-4d4d-4cfc-bdfb-d85bca7fabad) (Version: 3.0.2.59 - WildTangent) Hidden
Pota Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros Direct Connect (HKLM-x32\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 3.0 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.0 - Qualcomm Atheros)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SKIP-BO Castaway Caper(TM) (HKLM-x32\...\9ae173205d6d9ab9cb67dc12f734faf1) (Version: - Zylom)
Slingo Deluxe (HKLM-x32\...\WTA-a75ec890-9b48-45bc-ab3d-346c7b63f275) (Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Uw bedrijfsnaam)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (HKLM-x32\...\WTA-787a319a-bf64-4c2c-88b7-e158abe2461b) (Version: 2.2.0.98 - WildTangent) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Verzoek of wijziging voorlopige aanslag 2014 (HKLM-x32\...\Verzoek of wijziging voorlopige aanslag 2014) (Version: - Belastingdienst)
Video Web Camera (HKLM-x32\...\{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2823.00 - CyberLink Corp.) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2823.00 - CyberLink Corp.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-814021bd-1fce-4177-b5fe-0d92d94465dd) (Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (HKLM-x32\...\WTA-0c3f762a-558d-4b04-9deb-d9d364c340b2) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3507 - Packard Bell)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell) (Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Zuma Deluxe (HKLM-x32\...\WTA-96a3841d-7118-4e2a-8fb1-d1ac9e3e7f5e) (Version: 2.2.0.95 - WildTangent) Hidden
??????? ??????????? ??? Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???????? ?????????? Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
????? Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - ?????????? ??????????) Hidden
?????????? Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
??????????? ?? Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
?????? ??????? ?? Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???? Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
???? ??? Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

**** End of log ****
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Je gebruikt Office 365 - is dit een legitieme versie of heb je een fix zoals KMSPico gebruikt?

Daarnaast zijn er mogelijk problemen met 365 doordat de met Windows meegeleverde 2010 starterpakket ook nog genstalleerd is.
Heb bij de setup van 365 geen vermelding gehad om dat oude Office pakket te verwijderen?


Ga naar Start\Uitvoeren en de opdracht luidt: services.msc.
Klik op de knop OK.
N.B.: Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken.

In het venster Services scroll je naar WLAN-AutoConfig.
Dubbelklikk op die vermelding, bij "Opstarttype" zet je de instelling op "Automatisch".

Klik nu eerst op de knop Toepassen; vervolgens klik je op de knop Stoppen, wacht even en klik uiteindelijk op OK.


In het venster Services scroll je nu naar Windows Media Player Network Sharing Service.
Dubbelklikk op die vermelding, bij "Opstarttype" zet je de instelling op "Uitgeschakeld".

Klik nu eerst op de knop Toepassen; vervolgens klik je op de knop Stoppen, wacht even en klik uiteindelijk op OK.

Sluit daarna het venster Services.


Ondertussen is de setup voor Windows 10 ook in jouw Windows erbij gekomen.
Denk jij er aan te upgraden of blijf je liever bij de huidige Windows?
 
Laatst bewerkt:
Re: Ads by DNSUnlocker moeilijk te verwijderen

Office 365 is een legitieme versie. Ik durf niet te zeggen of ik die melding gehad heb. De licentie verloopt online en in oktober af.
Windows 10 weet ik niet, verschilt dat erg met 7 ?
 
Re: Ads by DNSUnlocker moeilijk te verwijderen

Windows 10 raad ik jouw voorlopig nog niet aan, kijk daarvoor in het Windows 10 forum.

Ben je van plan het abonnement op Office 365 te verlengen?


En gebruik de Revo Uninstaller Shareware om het Office Starterspakket uit jouw Windows te verwijderen.
Download, installeer en gebruik de dertig dagen sharewareversie die alle mogelijkheden van de betaalde versie bevat: http://www.revouninstaller.com/index.html
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan