Laptop erg traag

peppy · 2 mei 2016

Mijne Heren,

Mijn laptop Compaq Presario CQ70 is de laatste tijd merkbaar erg traag. Kunt u mij aub hierin advies en hulp bieden ?

Alvast dank voor uw moeite.

Mvg,
Peppy

porrelaar · 3 mei 2016

Je vraag is verplaatst van Algemeen naar Hijack This, Virussen en Spyware.
Je zult hulp krijgen van Abraham54 wanneer hij weer online is. Dat wordt dinsdagmorgen op zijn vroegst...

Abraham54 · 3 mei 2016

Hallo Peppy, doe het volgende nu eerst: download

Farbar Recovery Scan Tool 32 of 64 bit van n van de onderstaande links
Farbar Recovery Scan Tool 32 bit (x86)
Farbar Recovery Scan Tool 64 bit (x64)
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
Opmerkingen: Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

Antivirusprogramma en actieve malwarescanners dienen al voor je FRST.exe start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

FRST opstarten:

Windows 2000 en Windows XP: dubbelklik op FRST.exe.
Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".

FRST start op:

Wanneer het programma is geopend klik dan op de knop Yes bij de disclaimer.
Druk vervolgens op de Scan knop.
Aansluitend zal een logbestand - FRST.txt en Addition-txt aangemaakt worden en op het bureaublad opgeslagen worden.
Post de inhoud van beide logbestanden in jouw volgende bericht.

.

peppy · 3 mei 2016

Hartelijk dank Abraham54 dat u de moeite neemt om mee te helpen mijn probleem op te lossen.

Hieronder het FRST.txt logbestand :

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:03-05-2016
Ran by Putri (administrator) on PUTRILAPTOP (03-05-2016 23:16:49)
Running from C:\Users\Putri\Downloads
Loaded Profiles: Putri (Available Profiles: Putri)
Platform: Microsoft Windows Vista Home Basic Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(SupportSoft, Inc.) C:\Program Files\KPN\bin\sprtsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Google Inc.) C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(SupportSoft, Inc.) C:\Program Files\KPN\bin\sprtcmd.exe
(mquadr.at software engineering und consulting GmbH) C:\Program Files\KPN\KPN Update\KPNAssistentUpdater.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(BlackBerry Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Acronis) C:\Program Files\Easy Computing\True Image\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
() C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Skype Technologies S.A.) C:\Users\Putri\Downloads\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(BlackBerry Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Acer Cloud Technology) C:\Program Files\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow32.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
() C:\IPCameraTool2\IPCameraTool.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\update.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(RealNetworks, Inc.) C:\Program Files\Real\realplayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\updrgui.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avconfig.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avconfig.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-10-09] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Google Quick Search Box] => C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [122368 2009-07-18] (Google Inc.)
HKLM\...\Run: [NeroCheck] => C:\Windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [KPN] => C:\Program Files\KPN\bin\sprtcmd.exe [198184 2008-06-06] (SupportSoft, Inc.)
HKLM\...\Run: [KPNAssistentUpdater] => C:\Program Files\KPN\KPN Update\KPNAssistentUpdater.exe [1964928 2010-09-30] (mquadr.at software engineering und consulting GmbH)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328 2010-03-24] (Sony Corporation)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [Easy Computing?True?Image Monitor] => C:\Program Files\Easy Computing\True Image\TrueImageMonitor.exe [476552 2012-02-29] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [65536 2012-02-29] (Acronis)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\realplayer\update\realsched.exe [295512 2015-08-05] (RealNetworks, Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [807392 2016-03-17] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ProductUpdater] => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-03-03] ()
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [4351216 2009-05-26] (Yahoo! Inc.)
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-07-18] (Google Inc.)
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [206112 2008-10-24] (Macrovision Corporation)
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Run: [Facebook Update] => C:\Users\Putri\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-22] (Facebook Inc.)
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Run: [Skype] => C:\Users\Putri\Downloads\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\MountPoints2: {7fe52f17-a8b1-11e2-97f2-f44e36b87280} - G:\LaunchU3.exe -a
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [879616 2008-01-21] (Microsoft Corporation)
ShellExecuteHooks: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll [51656 2009-09-16] (EasyBits Software Corp.)
ShellExecuteHooks: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DriveSelect.lnk [2003-11-11]
ShortcutTarget: DriveSelect.lnk -> C:\Program Files\321Studios\Xpress\DriveSelect.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-29]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-04-29]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-29]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk [2016-04-29]
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
Startup: C:\Users\Putri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2010-08-17]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 09 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 10 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 11 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 12 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 13 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 14 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 15 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 16 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 17 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 23 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 24 C:\Program Files\Avira\Antivirus\avsda.dll [507984 2015-10-05] (Avira Operations GmbH & Co. KG)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 195.241.77.55 195.241.77.58
Tcpip\..\Interfaces\{BA39D7ED-EA2A-4363-AE58-E7DD83A4A0CB}: [DhcpNameServer] 192.168.2.254 195.241.77.55 195.241.77.58
Tcpip\..\Interfaces\{E0EF5A13-B46D-43F1-ABEA-ECC2C806F6CE}: [DhcpNameServer] 192.168.2.254 195.241.77.55 195.241.77.58

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nl&c=91&bd=Presario&pf=cnnb
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://nl.msn.com/?rd=1
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.nl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
SearchScopes: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.nl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
SearchScopes: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> {6A69D3FE-4D72-4685-9C52-CF020587C6C7} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> {7D555ECE-6027-46A9-BB13-8513F3ED9F92} URL = hxxp://www.google.nl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
SearchScopes: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16] (Microsoft Corporation.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll [2013-12-16] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Users\Putri\Downloads\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Putri\AppData\Roaming\Mozilla\Firefox\Profiles\lz5vviiy.default-1459115408102
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2008-08-06] (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivXInstaller\DivX Web Player\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivXInstaller\DivX Player\npDivxPlayerPlugin.dll [2009-05-19] (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin: @google.com/npwebplugin -> C:\Windows\system32\npwebplugin.dll [2014-12-03] ()
FF Plugin: @itstructures.com/ffactivex -> C:\IPCOcx\npffax.dll [2014-11-14] ()
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2009-05-26] (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.4.19 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2015-08-05] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.4.19 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2015-08-05] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin: @rim.com/npappworld -> C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll [2012-11-09] ()
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-11-28] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2001-01-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2001-01-01] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\PDF XChange Editor 3.0 Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-892295542-3345536890-4220559716-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Putri\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll [2009-08-03] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2015-08-05] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2015-08-05] (RealPlayer)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-04-16] [not signed]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-04-16] [not signed]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-04-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-12] [not signed]
FF HKLM\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-08-05] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxps://nl.search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=926458&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\45.0.2454.101\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U23) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files\DivXInstaller\DivX Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll => No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\45.0.2454.101\gears.dll => No File
CHR Plugin: (Office Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll (Microsoft Corporation)
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\DivXInstaller\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll => No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll => No File
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bing) - C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-02-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-06-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-30]
CHR Extension: (Google Wallet) - C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-28]
CHR HKLM\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Users\Putri\Downloads\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKU\S-1-5-21-892295542-3345536890-4220559716-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-892295542-3345536890-4220559716-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [106496 2012-02-29] (Acronis) [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc.exe [940304 2016-03-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [466504 2016-03-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [466504 2016-03-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\AVWEBGRD.EXE [1236896 2016-03-17] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 CCDMonitorService; C:\Program Files\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-09-10] (Acer Incorporated) [File not signed]
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2009-08-05] (Macrovision Europe Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-03-03] (Freemake) [File not signed]
R2 gupdate1ca098192c18e30; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-15] (Nero AG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
S2 SkypeUpdate; C:\Users\Putri\Downloads\Updater\Updater.exe [327296 2016-01-29] (Skype Technologies)
R2 sprtsvc_KPN; C:\Program Files\KPN\bin\sprtsvc.exe [202016 2008-06-06] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [109016 2016-03-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136272 2016-03-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 CDRPDACC; C:\Program Files\321Studios\Shared\CDRPDACC.SYS [5273 2003-10-28] (Arrowkey) [File not signed]
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-05-03] (Malwarebytes)
R3 Pcouffin; C:\Windows\System32\Drivers\Pcouffin.sys [34528 2009-07-19] (VSO Software) [File not signed]
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2006-10-02] (Padus, Inc.) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb.sys [68608 2014-05-06] (BlackBerry Limited)
R0 snapman; C:\Windows\System32\DRIVERS\snapman.sys [77856 2012-02-29] (Acronis) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [28000 2012-02-29] (Acronis) [File not signed]
R0 timounter; C:\Windows\System32\DRIVERS\timntr.sys [201920 2012-02-29] (Acronis) [File not signed]
S3 F-Secure Standalone Minifilter; \??\C:\Users\Putri\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-03 23:16 - 2016-05-03 23:18 - 00038222 _____ C:\Users\Putri\Downloads\FRST.txt
2016-05-03 23:15 - 2016-05-03 23:16 - 00000000 ____D C:\FRST
2016-05-03 20:23 - 2016-05-03 20:23 - 00000822 _____ C:\Users\Putri\Desktop\FRST.exe - Shortcut.lnk
2016-05-03 20:21 - 2016-05-03 20:22 - 01728000 _____ (Farbar) C:\Users\Putri\Downloads\FRST.exe
2016-05-02 20:54 - 2016-05-02 20:55 - 01533288 _____ (Igor Pavlov) C:\Users\Putri\Downloads\abFiles_Setup1_00_2014.exe
2016-04-29 01:02 - 2016-04-29 01:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCameraTool2
2016-04-29 01:02 - 2016-04-29 01:02 - 00000000 ____D C:\IPCameraTool2
2016-04-29 00:55 - 2016-04-29 00:55 - 00000000 ____D C:\Users\Putri\AppData\Local\Nico Mak Computing
2016-04-29 00:53 - 2016-04-29 00:53 - 00001903 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-04-29 00:53 - 2016-04-29 00:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-04-29 00:52 - 2016-04-29 00:57 - 00000000 ____D C:\Users\Putri\AppData\Local\WinZip
2016-04-29 00:50 - 2016-04-29 00:51 - 00000000 ____D C:\Program Files\WinZip
2016-04-29 00:46 - 2016-04-29 00:47 - 00706024 _____ (WinZip Computing, S.L.) C:\Users\Putri\Downloads\winzip20-softonic.exe
2016-04-29 00:34 - 2016-04-29 01:02 - 00000656 _____ C:\Users\Putri\Desktop\IPCameraTool.lnk
2016-04-29 00:34 - 2016-04-29 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCameraTool
2016-04-19 23:42 - 2016-04-19 23:42 - 00568226 _____ C:\Users\Putri\Desktop\GreenCard.pdf
2016-04-16 22:57 - 2016-04-16 22:57 - 00272843 _____ C:\Users\Putri\Desktop\Belasting maart2016.pdf
2016-04-16 22:35 - 2016-04-19 23:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-16 22:21 - 2016-04-16 22:21 - 00001046 _____ C:\Users\Public\Desktop\Avira Launcher.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-03 23:13 - 2009-07-20 23:45 - 00001044 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-03 23:03 - 2014-08-24 00:12 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-03 22:56 - 2009-07-18 10:34 - 00000000 ____D C:\Users\Putri\AppData\Roaming\Skype
2016-05-03 22:47 - 2012-04-03 20:49 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-03 22:12 - 2009-07-20 23:45 - 00001040 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-03 22:02 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-03 22:02 - 2006-11-02 14:45 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-03 21:53 - 2012-02-10 17:09 - 00001084 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-892295542-3345536890-4220559716-1000UA.job
2016-05-03 20:35 - 2012-02-10 17:09 - 00001062 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-892295542-3345536890-4220559716-1000Core.job
2016-05-03 20:31 - 2015-07-28 02:37 - 00022528 _____ C:\Users\Putri\Desktop\Lasten.xls
2016-05-03 20:11 - 2015-09-20 21:26 - 00000000 ____D C:\IPCClient
2016-05-02 23:47 - 2016-02-27 12:03 - 00000000 ____D C:\Indonesia 2016
2016-05-02 22:46 - 2009-07-17 20:58 - 00000000 ____D C:\Users\Putri
2016-04-30 20:48 - 2009-12-19 20:34 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-04-29 01:00 - 2015-09-20 20:06 - 00000000 ____D C:\IPCameraTool
2016-04-29 00:53 - 2015-09-20 19:31 - 00000000 ____D C:\ProgramData\WinZip
2016-04-24 21:50 - 2009-03-20 15:30 - 00000286 _____ C:\ProgramData\hpqp.ini
2016-04-24 21:48 - 2010-03-17 10:02 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-04-24 21:48 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-22 23:35 - 2006-11-02 14:58 - 00032654 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-20 00:37 - 2013-12-31 13:55 - 00000000 ____D C:\MyPics
2016-04-20 00:08 - 2015-02-16 19:13 - 00000000 ____D C:\Suriname 2014 2015
2016-04-20 00:00 - 2008-11-08 10:41 - 00108038 _____ C:\Windows\system32\perfh013.dat
2016-04-20 00:00 - 2008-11-08 10:41 - 00037386 _____ C:\Windows\system32\perfc013.dat
2016-04-20 00:00 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-04-20 00:00 - 2006-11-02 12:33 - 00135604 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 23:12 - 2014-08-24 00:12 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-04-19 23:12 - 2014-04-02 21:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-18 23:05 - 2014-08-24 00:12 - 00000942 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-18 23:05 - 2014-08-24 00:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-17 21:57 - 2015-02-02 01:24 - 00000000 ____D C:\Sol activiteiten
2016-04-17 19:55 - 2014-02-14 16:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-16 23:52 - 2009-07-20 23:34 - 00002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-16 22:42 - 2014-03-13 18:26 - 00002633 _____ C:\Users\Putri\AppData\Roaming\Microsoft\Windows\Start Menu\Microsoft Office Word 2003.lnk
2016-04-16 22:19 - 2012-10-21 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-07 20:47 - 2012-04-03 20:49 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-07 20:47 - 2011-07-29 17:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-05 19:53 - 2009-07-17 21:13 - 00110600 _____ C:\Users\Putri\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-05 19:51 - 2006-11-02 14:44 - 01748336 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2014-06-07 22:37 - 2014-06-08 00:01 - 6103040 _____ () C:\Program Files\GUT1E20.tmp
2014-06-07 18:41 - 2014-06-08 00:01 - 6103040 _____ () C:\Program Files\GUT92DE.tmp
2010-11-01 21:58 - 2015-11-03 20:31 - 0038144 _____ () C:\Users\Putri\AppData\Roaming\Rim.Desktop.Exception.log
2010-10-23 21:02 - 2014-02-01 00:34 - 0005242 _____ () C:\Users\Putri\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-05-15 23:30 - 2015-11-03 20:31 - 0003927 _____ () C:\Users\Putri\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-12-02 22:08 - 2015-11-03 20:31 - 0003619 _____ () C:\Users\Putri\AppData\Roaming\Rim.Transcoder.Exception.log
2009-07-17 22:12 - 2009-07-17 22:12 - 0000000 _____ () C:\Users\Putri\AppData\Local\AtStart.txt
2010-05-15 17:08 - 2015-12-24 14:24 - 0000680 _____ () C:\Users\Putri\AppData\Local\d3d9caps.dat
2016-03-11 23:48 - 2016-03-11 23:48 - 0003584 _____ () C:\Users\Putri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-07-17 22:12 - 2009-07-17 22:12 - 0000000 _____ () C:\Users\Putri\AppData\Local\DSwitch.txt
2013-05-16 18:59 - 2013-05-16 18:59 - 0004096 ____H () C:\Users\Putri\AppData\Local\keyfile3.drm
2009-07-17 22:12 - 2009-07-17 22:12 - 0000000 _____ () C:\Users\Putri\AppData\Local\QSwitch.txt
2010-02-20 20:38 - 2010-02-20 20:38 - 0000000 _____ () C:\Users\Putri\AppData\Local\rx_image.Cache
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01436B36.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01535CFD.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01623E12.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01821A49.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01915F32.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01A13BF6.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01B03A9E.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01D0797D.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01DF5F49.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER01FE0DDC.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER14561547.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER146654DE.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER148539B3.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER14942D12.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER14A4074D.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER14B44DC8.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER14D36443.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER14F266BB.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER1502428B.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER152126A6.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER26214CAD.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2640314F.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER26505E14.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER26604DF2.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER267F4944.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER268E2E40.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER26AE1366.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER26BD1CD0.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER26CD366B.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER26EC66C4.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 57182208 _____ () C:\Users\Putri\AppData\Local\TempNER2AA82CD6.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2CE5701F.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2CF45D03.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2D047A5A.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2D23767D.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2D334509.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2D521238.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2D623B25.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2D711E1F.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2D906E5D.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER2DA01AD4.TMP
2015-06-26 23:12 - 2015-06-26 23:12 - 56763212 _____ () C:\Users\Putri\AppData\Local\TempNER402718BE.wav
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER44994230.TMP
2015-06-26 23:13 - 2015-06-26 23:13 - 50666828 _____ () C:\Users\Putri\AppData\Local\TempNER45A33D6C.wav
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER4FFE7EB7.TMP
2003-11-11 20:09 - 2003-11-11 20:10 - 0825552 _____ () C:\Users\Putri\AppData\Local\TempNER53CA153C.TMP
2015-06-26 23:14 - 2015-06-26 23:15 - 48345404 _____ () C:\Users\Putri\AppData\Local\TempNER65916952.wav
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER71730029.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER71E04823.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER71F018BE.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER71FF6784.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER720F4AE1.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER721E2CD6.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER721E3D6C.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER722E72AE.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER723E6952.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNER724D5F90.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNER85B272AE.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNER85F16952.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0061440 _____ () C:\Users\Putri\AppData\Local\TempNER863F1649.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0010240 _____ () C:\Users\Putri\AppData\Local\TempNER863F5F90.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNER865E6DF1.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNER869C5AF1.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0010240 _____ () C:\Users\Putri\AppData\Local\TempNER86FA41BB.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 20566016 _____ () C:\Users\Putri\AppData\Local\TempNER870A26E9.TMP
2003-11-11 20:11 - 2003-11-11 20:11 - 0825552 _____ () C:\Users\Putri\AppData\Local\TempNER8F734DB7.TMP
2015-06-26 23:12 - 2015-06-26 23:12 - 45268988 _____ () C:\Users\Putri\AppData\Local\TempNER972B6784.wav
2015-06-26 23:13 - 2015-06-26 23:14 - 43474412 _____ () C:\Users\Putri\AppData\Local\TempNERA1972CD6.wav
2011-03-14 21:16 - 2011-03-14 21:16 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNERA7F201EB.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNERA84F0BB3.TMP
2011-03-14 21:16 - 2011-03-14 21:17 - 16605184 _____ () C:\Users\Putri\AppData\Local\TempNERA88E12DB.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0010240 _____ () C:\Users\Putri\AppData\Local\TempNERA88E2EA6.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERAD981649.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERADA86DF1.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERADC75AF1.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERADD741BB.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERADE626E9.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERAE0501EB.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERAE150BB3.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERAE342EA6.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERAE4412DB.TMP
2015-06-26 23:02 - 2015-06-26 23:02 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERAE53153C.TMP
2015-06-26 23:11 - 2015-06-26 23:11 - 30775964 _____ () C:\Users\Putri\AppData\Local\TempNERB5170029.wav
2011-03-14 21:17 - 2011-03-14 21:17 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNERC31F153C.TMP
2011-03-14 21:17 - 2011-03-14 21:17 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNERC35E7E87.TMP
2011-03-14 21:17 - 2011-03-14 21:17 - 0010240 _____ () C:\Users\Putri\AppData\Local\TempNERC39C390C.TMP
2011-03-14 21:17 - 2011-03-14 21:17 - 16453632 _____ () C:\Users\Putri\AppData\Local\TempNERC3AC0F3E.TMP
2003-11-11 20:09 - 2003-11-11 20:09 - 0825552 _____ () C:\Users\Putri\AppData\Local\TempNERC61C5F90.TMP
2015-06-26 23:15 - 2015-06-26 23:15 - 65599676 _____ () C:\Users\Putri\AppData\Local\TempNERD5D05F90.wav
2011-03-14 21:16 - 2011-03-14 21:16 - 0022528 _____ () C:\Users\Putri\AppData\Local\TempNERD8E00029.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0022528 _____ () C:\Users\Putri\AppData\Local\TempNERD8E04823.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD8EC7E87.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD90B390C.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD91B0F3E.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0010240 _____ () C:\Users\Putri\AppData\Local\TempNERD92E18BE.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD93A0099.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNERD93E6784.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD9490124.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD959305E.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD978440D.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD988491C.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 0018432 _____ () C:\Users\Putri\AppData\Local\TempNERD98C4AE1.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD9974D06.TMP
2015-06-26 23:03 - 2015-06-26 23:03 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERD9B74DB7.TMP
2011-03-14 21:16 - 2011-03-14 21:16 - 48660480 _____ () C:\Users\Putri\AppData\Local\TempNERDA093D6C.TMP
2011-03-14 21:17 - 2011-03-14 21:17 - 0038912 _____ () C:\Users\Putri\AppData\Local\TempNERDD150099.TMP
2011-03-14 21:17 - 2011-03-14 21:17 - 0038912 _____ () C:\Users\Putri\AppData\Local\TempNERDE0F0124.TMP
2011-03-14 21:17 - 2011-03-14 21:17 - 0010240 _____ () C:\Users\Putri\AppData\Local\TempNERDF27305E.TMP
2011-03-14 21:17 - 2011-03-14 21:17 - 77347872 _____ () C:\Users\Putri\AppData\Local\TempNERDF37440D.TMP
2015-06-26 23:12 - 2015-06-26 23:13 - 59827868 _____ () C:\Users\Putri\AppData\Local\TempNERE07A4AE1.wav
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE09A6032.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE0A92C3B.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE0B915A1.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE0C85422.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE0E83EF6.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE0F70822.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE1075991.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE116409D.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE13612E1.TMP
2015-06-26 23:07 - 2015-06-26 23:07 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE145798B.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE9AE63CB.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE9BE6BFC.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE9DD7F96.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE9EC7FF5.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERE9FC4E45.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNEREA1B323B.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNEREA2B2213.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNEREA4A260D.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNEREA5A6B89.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNEREA69030A.TMP
2015-06-26 23:14 - 2015-06-26 23:14 - 53475116 _____ () C:\Users\Putri\AppData\Local\TempNERF60D72AE.wav
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF810301C.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF81F0BDB.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF83E56AE.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF84E0732.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF85E0120.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF86D759A.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF88C2350.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF89C22EE.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF8BB4B40.TMP
2015-06-26 23:06 - 2015-06-26 23:06 - 0000044 _____ () C:\Users\Putri\AppData\Local\TempNERF8CB5878.TMP
2015-06-26 23:11 - 2015-06-26 23:12 - 47557484 _____ () C:\Users\Putri\AppData\Local\TempNERF9574823.wav
2009-03-20 15:30 - 2016-04-24 21:50 - 0000286 _____ () C:\ProgramData\hpqp.ini
2009-07-19 09:50 - 2015-10-07 07:49 - 0000021 _____ () C:\ProgramData\hpqp.txt
2016-03-04 21:12 - 2016-03-04 21:12 - 0000016 _____ () C:\ProgramData\mntemp
2009-03-20 15:35 - 2009-03-20 15:35 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2008-11-08 03:38 - 2008-11-08 03:38 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-03-20 15:33 - 2009-03-20 15:33 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2008-11-08 03:31 - 2008-11-08 03:33 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-03-20 15:31 - 2009-03-20 15:31 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2009-03-20 15:34 - 2009-03-20 15:34 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2008-11-08 03:30 - 2008-11-08 03:31 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2008-11-08 03:33 - 2008-11-08 03:37 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2009-03-20 15:35 - 2009-03-20 15:35 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

Some files in TEMP:
====================
C:\Users\Putri\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-04-24 22:01

==================== End of FRST.txt ============================

Hierbij het Addition.txt bestand :

Additional scan result of Farbar Recovery Scan Tool (x86) Version:03-05-2016
Ran by Putri (2016-05-03 23:21:33)
Running from C:\Users\Putri\Downloads
Microsoft Windows Vista Home Basic Service Pack 2 (X86) (2009-03-20 12:46:28)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-892295542-3345536890-4220559716-500 - Administrator - Disabled)
Guest (S-1-5-21-892295542-3345536890-4220559716-501 - Limited - Enabled)
Putri (S-1-5-21-892295542-3345536890-4220559716-1000 - Administrator - Enabled) => C:\Users\Putri

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3GP to MPEG Converter 2.0.1 (HKLM\...\3GP to MPEG Converter) (Version: 2.0.1 - ZISUN Freeware)
AAC Decoder (HKLM\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.)
Aangifte inkomstenbelasting 2008 (HKLM\...\Aangifte inkomstenbelasting 2008) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2009 (HKLM\...\Aangifte inkomstenbelasting 2009) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2010 (HKLM\...\Aangifte inkomstenbelasting 2010) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2011 (HKLM\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_719d6f144d0c086a0dfa7ff76bb9ac1) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Ahead Nero Burning ROM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version: - )
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
AOP Framework (HKLM\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.11.2000.2 - Acer Incorporated)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Bing Bar (HKLM\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
BlackBerry App World Browser Plugin (HKLM\...\{A5A725A2-442A-455C-B1F7-027857C7DEB7}) (Version: 4.2.1.8 - Research In Motion Limited)
BlackBerry Desktop Software 7.1 (HKLM\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Software Updater (HKLM\...\{E755A98B-F45F-4008-A1A5-FC4CB4D2177A}) (Version: 8.0.0.66 - Research In Motion Ltd)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camera Support Core Library (Version: 7.0.3.20 - Canon) Hidden
Camera Window (Version: 4.6.2 - Canon) Hidden
Canon Camera Support Core Library (HKLM\...\InstallShield_{26BDE7D8-93F0-4A07-AD47-1707DB417941}) (Version: 7.0.3.20 - Canon)
Canon Camera Window for ZoomBrowser EX (HKLM\...\InstallShield_{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}) (Version: 4.6.2 - Canon)
Canon Internet Library for ZoomBrowser EX (HKLM\...\InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A}) (Version: 1.3.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\InstallShield_{DE286975-ACF1-45B8-9EF7-34E162B2C817}) (Version: 1.1.1.41 - Canon)
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\InstallShield_{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}) (Version: 1.1 - Canon)
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\InstallShield_{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}) (Version: 1.0.3 - Canon)
Canon Utilities PhotoStitch 3.1 (HKLM\...\InstallShield_{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}) (Version: 3.1.13 - Canon)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.1.0 - Conexant)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)
DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DriveImage XML (Private Edition) (HKLM\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.30 - Runtime Software)
DVD X Copy Platinum 4.0.3 (HKLM\...\DVDXCopyPlatinum) (Version: - )
DVD X Rescue (HKLM\...\DVD X Rescue) (Version: 2.1.2 - 321 Studios)
DVDXCopy Platinum 4.0.3 (HKLM\...\DVDXCopy Platinum 4.0.3) (Version: - )
DVDXCopy Xpress 2.0.1 (HKLM\...\DVDXCopyXpress) (Version: - )
Easy Computing*True*Image (HKLM\...\True Image) (Version: - Easy Computing)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Quick Search Box (HKLM\...\Quick Search Box) (Version: 1.2.1151.245 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
H.264 Decoder (HKLM\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.1.0 - DivX, Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Help and Support (HKLM\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.1.0 - Hewlett-Packard Company)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Total Care Setup (HKLM\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
Huur- en zorgtoeslag 2011 (HKLM\...\Huur- en zorgtoeslag 2011) (Version: - Belastingdienst)
Inkjet Printer/Scanner Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Internet Library (Version: 1.3.3 - Canon Inc.) Hidden
IPCameraTool (HKLM\...\{3442293B-19C5-416C-BE86-D02638EA83C1}_is1) (Version: 1.1.2.4 - xinghuaan)
Jasc Paint Shop Pro 8 (HKLM\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.04.0000 - Uw bedrijfsnaam)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
LimeWire Plus 1.8 (HKLM\...\LimeWire Plus) (Version: 1.8 - CorporateTravel)
Magic Desktop (HKLM\...\EasyBits Magic Desktop) (Version: - EasyBits Software AS)
Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Editie 2003 (HKLM\...\{90110413-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MKV Splitter (HKLM\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.1 - DivX, Inc.)
Movavi Video Converter 16 (HKLM\...\Movavi Video Converter 16) (Version: 16.2.0 - Movavi)
MovieEdit Task (Version: 1.1.1.41 - Canon) Hidden
Mozilla Firefox 45.0.2 (x86 nl) (HKLM\...\Mozilla Firefox 45.0.2 (x86 nl)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Nero CoverDesigner (HKLM\...\{6F4B3CA0-8872-4F68-B972-E9D5306DCDD3}) (Version: 12.0.02900 - Nero AG)
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.1009 - Nero AG)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF-XChange Editor (HKLM\...\{c53dab1b-dc1a-4337-bcca-74dfa74e2203}) (Version: 3.0.307.1 - Tracker Software Products (Canada) Ltd.)
PDF-XChange Editor (Version: 3.0.307.1 - Tracker Software Products (Canada) Ltd.) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version: - )
PhotoStitch (Version: 3.1.13 - Canon) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.6.02.06173 - Sony Corporation)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
Prerequisite installer (Version: 12.0.0010 - Nero AG) Hidden
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
RAW Image Task 1.1 (Version: 1.1 - Canon) Hidden
RealDownloader (Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20133 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RemoteCapture Task 1.0.3 (Version: 1.0.3 - Canon) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype 7.21 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0 - DivX, Inc) Hidden
Verzoek of wijziging voorlopige aanslag 2011 (HKLM\...\Verzoek of wijziging voorlopige aanslag 2011) (Version: - Belastingdienst)
Verzoek of wijziging voorlopige aanslag 2013 (HKLM\...\Verzoek of wijziging voorlopige aanslag 2013) (Version: - Belastingdienst)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EE}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Yahoo! Search Protection (HKLM\...\Yahoo! Search Defender) (Version: - ) <==== ATTENTION
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-892295542-3345536890-4220559716-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Putri\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-892295542-3345536890-4220559716-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Putri\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-892295542-3345536890-4220559716-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Putri\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-892295542-3345536890-4220559716-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader.dll ()
CustomCLSID: HKU\S-1-5-21-892295542-3345536890-4220559716-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Putri\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0311D335-D058-4019-85FD-C6BD4E4B8B97} - System32\Tasks\{81545414-64B3-4862-8FAD-425680B89D72} => pcalua.exe -a C:\Users\Putri\Downloads\abPhoto_Setup1_00_2014(2).exe -d C:\Users\Putri\Downloads
Task: {071B9A2E-94BD-4C03-BB95-EF4615EEFD4C} - System32\Tasks\{46B59500-E4C9-4065-A21D-6401C7FE3033} => pcalua.exe -a C:\Users\Putri\Downloads\abPhoto_Setup1_00_2014.exe -d C:\Users\Putri\Downloads
Task: {092978A4-3E80-4628-81C2-1C35C20CB8E8} - System32\Tasks\{562ADD0F-725D-4EB5-AA5B-323DF79374BF} => pcalua.exe -a C:\Windows\system32\ISUSPM.cpl -c Software Updates
Task: {10E82463-C68D-4982-BDE2-29BE2B446F99} - System32\Tasks\{B4016C7E-EBD9-41E6-BEB6-3B959C0C1169} => pcalua.exe -a E:\SETUP.EXE -d E:\ -c /AUTORUN
Task: {14CE1191-108A-4A2F-B756-75D21865C4BE} - System32\Tasks\{4416F19E-AD59-4B6E-BC2F-AA2A65C4F3AB} => pcalua.exe -a C:\Users\Putri\Downloads\abPhoto_Setup1_00_2014(6).exe -d C:\Users\Putri\Downloads
Task: {1657791E-CDF8-4AA9-886F-AB44B50751EE} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {233ED7E5-3D06-4749-9F78-2FA37D15D00C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {26849A0D-000D-4C2A-BB8A-2A10E6B0A0A7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-892295542-3345536890-4220559716-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {2687B3F6-E312-4AFE-BEB0-511DD49B1381} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-892295542-3345536890-4220559716-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {3923055A-B010-4C73-A3E0-B6102C182BB7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-892295542-3345536890-4220559716-1000UA => C:\Users\Putri\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-22] (Facebook Inc.)
Task: {3FE0DF15-0F42-497A-93C4-3A1633372425} - System32\Tasks\{102F9FDF-595F-4DA0-BE16-99CAC9C94B5A} => pcalua.exe -a C:\Users\Putri\Downloads\abFiles_Setup1_00_2014.exe -d C:\Users\Putri\Downloads
Task: {46157C43-88E2-46E8-AFC3-61FA82362AB7} - System32\Tasks\{428E9308-6A62-4912-B9B9-D8D11B1C5D4B} => pcalua.exe -a "C:\Program Files\321Studios\DVDXCopy_Platinum\PcSetup.exe" -d "C:\Program Files\321Studios\DVDXCopy_Platinum"
Task: {50A79315-3324-41BA-859F-26BD5D8F4940} - System32\Tasks\{FE25FAFC-9A39-4C0F-AE99-C27814B39EE7} => pcalua.exe -a C:\Users\Putri\Downloads\avira_antivir_premium_en.exe -d C:\Windows\system32
Task: {5774A5E3-E1B1-4212-AB43-1DCE3C141EB5} - System32\Tasks\BacKGroundAgent => C:\Program Files\Acer\AOP Framework\BackgroundAgent.exe [2015-09-10] (Acer Incorporated)
Task: {6B446C58-3689-479B-A5D3-4F895A8DD3F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6FB7F884-C744-49F0-98C7-7E515190C047} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {7741632B-C240-4247-8305-90F86D586CB3} - System32\Tasks\{B727C1F9-4B6A-4C90-BB03-6F11E61CD913} => pcalua.exe -a "C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe" -c /M{26BDE7D8-93F0-4A07-AD47-1707DB417941} /l1033
Task: {7BDB8309-06A0-4963-9EB9-75BAFD5B36A6} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2015-05-06] (Nero AG)
Task: {7D4F1031-440D-4C51-B06F-6C60460DEA11} - System32\Tasks\Microsoft\Office Genuine Advantage\OGALogon => C:\Windows\system32\OGAExec.exe [2009-08-03] ()
Task: {87B8B44B-0FB1-45AD-A718-E3FE58B9BF3C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {8DD7737F-606D-4B82-894B-D64AF162F11D} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {943A51B7-889F-4DC5-A236-9CD7DD538FE9} - System32\Tasks\{DF344FA9-EEC5-4CDD-B668-01017DDCFF2E} => pcalua.exe -a C:\Users\Putri\Downloads\abPhoto_Setup1_00_2014(3).exe -d C:\Users\Putri\Downloads
Task: {A338A010-3EDE-4D7C-8BE0-FF0C43AFE399} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-892295542-3345536890-4220559716-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {B3DE5E4E-EA1C-442C-9093-F8158FC33E2F} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-03-02] ()
Task: {B4A27991-AEDB-4D2F-B19E-B859FDC3C11A} - System32\Tasks\{17E2F46F-6533-4610-9178-13E2C9B96CCF} => C:\Users\Putri\Downloads\Phone\Skype.exe [2016-03-01] (Skype Technologies S.A.)
Task: {B60B23FC-71C7-4EEB-B4B0-9CDA06D187C6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B6713345-937F-4CDE-801C-FD0DB19CA308} - System32\Tasks\{22CCAE44-FCCC-4CC2-BCD8-4323037E409F} => pcalua.exe -a C:\Users\Putri\Downloads\WAG200G.exe -d C:\Users\Putri\Downloads
Task: {B8F29233-8E35-4BD2-9D0A-A8E7A5C9C300} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-892295542-3345536890-4220559716-1000Core => C:\Users\Putri\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-22] (Facebook Inc.)
Task: {C28326E9-4193-4C96-8F38-8555E4DA12A4} - System32\Tasks\{0B35CAC1-D333-4BA2-BEDA-1E5F62AC80F2} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.155/en/abandoninstall?source=lightinstaller&page=tsInstall&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {CDDF6524-060D-40F8-9B74-490841154EE0} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-892295542-3345536890-4220559716-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {D85525F6-DE76-40CC-BD8F-D7BECE18757A} - System32\Tasks\{AAA7140A-B8FC-47A9-AFF2-FF798608BEDA} => pcalua.exe -a "C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Unwise.exe" -c /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG
Task: {F0ABAF0D-0878-47F5-A8FD-CF5B8DA1FE0F} - System32\Tasks\{69FC0F81-884B-4780-A8F7-287F0E29D6B3} => pcalua.exe -a "E:\DVDXcopy\DVDXCopy Platinum 4.0.3.8 I.exe" -d E:\DVDXcopy

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-892295542-3345536890-4220559716-1000Core.job => C:\Users\Putri\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-892295542-3345536890-4220559716-1000UA.job => C:\Users\Putri\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-12 11:34 - 2014-08-12 11:34 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2008-11-08 04:22 - 2008-10-06 10:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2008-11-08 04:22 - 2008-10-06 10:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-11-08 03:37 - 2008-09-15 16:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2015-08-16 15:16 - 2015-07-28 16:33 - 00088928 _____ () C:\Program Files\Acer\clear.fi plug-in\Clearfishellext.dll
2010-01-30 14:57 - 2011-11-12 02:10 - 00103424 _____ () C:\Program Files\Google\Quick Search Box\bin\1.2.1151.245\rlz.dll
2015-10-21 00:40 - 2016-03-03 10:34 - 00073216 _____ () C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2011-06-17 12:46 - 2011-06-17 12:46 - 02408448 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2011-06-17 12:46 - 2011-06-17 12:46 - 08626176 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2011-06-17 12:46 - 2011-06-17 12:46 - 00212992 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-07-18 01:23 - 2009-05-26 21:06 - 00102400 _____ () C:\Program Files\Yahoo!\Messenger\clientmanager.dll
2009-07-18 01:23 - 2009-05-26 21:06 - 00913408 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2016-04-29 01:02 - 2015-01-27 14:16 - 00288768 _____ () C:\IPCameraTool2\IPCameraTool.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Putri\Documents\000e050yGo2.gif:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\321.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\73 Tegenstellingen 1.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\73 Tegenstellingen.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\anker Ancam Negara Berkembang.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\aydan9mos_078_large.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\Bericht van de bank.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\Biaya viskal.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\Cara menikmati fasilitas bebas fiskal di Bandara bagi pemegang nomor pokok wajib pajak.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\certificate of birth.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\contoh surat.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\Daftar 50 HP Termahal.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\DSCF4225 copy_filtered_filtered copy.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\DSCF4235 copy copy copy_filtered_filtered_filtered copy - Copy.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\DSCF4235 copy copy copy_filtered_filtered_filtered copy.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\DSCF4243 copy_filtered_filtered copy_filtered.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\DSCF4295 .jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0003.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0005.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0006.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0008.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0016.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0017.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0034b.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0038.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0039.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0040.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0050.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0051.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0052.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0053.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0095.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0100 copy.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0121.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0122.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0127.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0133.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0170.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\IMG_0180.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\Kelengkapan Surat Permohonan VISA Atas Nam1.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\Kelengkapan Surat Permohonan Visa Atas Nama.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\kroon.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\MINANG~1 copy.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\My Best Friend Effie.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\Office2007TrialActivationKey.txt:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\On Wed.doc:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\PC140718.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\PW.SPEEDY.txt:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\SDC10548.JPG:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\sekxy_filtered - Copy.jpg:Roxio EMC Stream [38]
AlternateDataStreams: C:\Users\Putri\Documents\Surat Pernyataan.doc:Roxio EMC Stream [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7723 more sites.

IE trusted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-892295542-3345536890-4220559716-1000\...\123simsen.com -> www.123simsen.com

There are 7723 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2015-10-07 19:54 - 00440254 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123simsen.com
127.0.0.1 www.123simsen.com

There are 15128 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-892295542-3345536890-4220559716-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Putri\Desktop\Fly.jpg
DNS Servers: 192.168.2.254 - 195.241.77.55
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WMPNSS-Out-TCP] => (Allow) C:\Program Files\Windows Media Player\wmpnetwk.exe
FirewallRules: [WMPNSS-In-TCP] => (Allow) C:\Program Files\Windows Media Player\wmpnetwk.exe
FirewallRules: [WMPNSS-Out-UDP] => (Allow) C:\Program Files\Windows Media Player\wmpnetwk.exe
FirewallRules: [WMPNSS-In-UDP] => (Allow) C:\Program Files\Windows Media Player\wmpnetwk.exe
FirewallRules: [WMPNSS-WMP-Out-TCP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP] => (Allow) C:\Program Files\Windows Media Player\wmplayer.exe
FirewallRules: [{84ED6746-D323-484C-84DD-5B8CDC3ADBAC}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{A5D6D998-DE2C-474A-A43B-5BA6384BDB67}] => (Allow) C:\Program Files\HP\QuickPlay\QP.exe
FirewallRules: [{18FE8673-B910-4004-84F5-FA9411D7E779}] => (Allow) C:\Program Files\HP\QuickPlay\QPService.exe
FirewallRules: [{8F465CDD-B921-4244-A98B-0A59C8B1D397}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{5E46A1BD-FAFD-4085-8D90-1747FB27BAF2}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{0C195A0F-6F5D-44DF-91F5-B1CBCBD4C081}C:\program files\limewire plus\limewire.exe] => (Block) C:\program files\limewire plus\limewire.exe
FirewallRules: [UDP Query User{00554505-0B50-43AB-B7D5-BFB9BDC1A8CB}C:\program files\limewire plus\limewire.exe] => (Block) C:\program files\limewire plus\limewire.exe
FirewallRules: [{836BDA96-4256-4510-B9D1-C7C34610DB0F}] => (Allow) C:\Program Files\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{75E803BD-C247-425E-9F75-A48158330B0A}] => (Allow) C:\Program Files\IncrediMail\Bin\ImpCnt.exe
FirewallRules: [{A00E5572-7E14-47FB-91AC-E386A64708DD}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{BA3D3B94-372A-4751-85F2-D843C35DF8E7}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{62F37F62-C3B5-4165-BF9A-FEAEDD8BF6EA}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{746EE97F-A670-4A2A-B0DA-9DCD1C59A446}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [TCP Query User{249CA63A-DB11-42BD-9513-8A2B16D15E2A}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [UDP Query User{C6B595B0-2BD0-44AE-81B5-52F119138C3C}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files\yahoo!\messenger\yahoomessenger.exe
FirewallRules: [{E67F9574-06D9-443D-AC82-3445F6882F5A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FC8F7F11-0648-41AD-B187-BEE7EF08D6E1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A13333B3-45A0-4FBB-B3D3-1DE07EEBF3E3}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EE199F88-235B-4E7C-BD4D-8D02ECBAEA28}] => (Allow) svchost.exe
FirewallRules: [{6474D12E-7A3E-4697-91FF-A94DA5111BB1}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{7A9D0501-C819-433A-9142-6D40B19DFC72}C:\users\putri\downloads\phone\skype.exe] => (Block) C:\users\putri\downloads\phone\skype.exe
FirewallRules: [UDP Query User{E63EADF2-E0A6-42D4-AEF9-0A9F42276BF4}C:\users\putri\downloads\phone\skype.exe] => (Block) C:\users\putri\downloads\phone\skype.exe
FirewallRules: [TCP Query User{B6D84F52-B718-4C60-8FA5-E95D55DB257C}C:\users\putri\downloads\phone\skype.exe] => (Allow) C:\users\putri\downloads\phone\skype.exe
FirewallRules: [UDP Query User{D1D0F203-82BF-412B-9479-00EC59EDA182}C:\users\putri\downloads\phone\skype.exe] => (Allow) C:\users\putri\downloads\phone\skype.exe
FirewallRules: [{46B95EF2-C2F6-4C3E-827A-AB709CED7AD5}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{51844DEE-B1B3-4885-9D3C-739D3808475B}] => (Allow) C:\Program Files\IncrediMail\Bin\IncMail.exe
FirewallRules: [{2FD29961-8A79-4074-94C1-DDEC301E9D99}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{15478F42-08FE-49CF-9196-79D50118A661}] => (Allow) C:\Program Files\IncrediMail\Bin\ImApp.exe
FirewallRules: [{21F05AE5-FE93-4D00-9B3E-B759288F5C67}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DD059DB8-70BB-4089-B01C-5FB22EF34F0D}] => (Allow) LPort=2869
FirewallRules: [{938BB50D-5FFB-47B9-92B9-DD4B023346E5}] => (Allow) LPort=1900
FirewallRules: [{73D885A6-DDCF-4389-A22D-B5852E817571}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{7361418B-57E1-4733-9458-6C0790249448}] => (Allow) LPort=4481
FirewallRules: [{129750C2-7CDB-4DD3-B55D-1E67DBBCBCFF}] => (Allow) LPort=4481
FirewallRules: [{4B7F5E81-B152-4407-B9FD-92FB38F52958}] => (Allow) LPort=4482
FirewallRules: [{3BEDDC8D-4F56-4E6F-AF13-CC326DC24373}] => (Allow) LPort=4482
FirewallRules: [{779D46E9-00C6-4CA6-9583-EB6D52026DBE}] => (Allow) LPort=80
FirewallRules: [{3450A8D5-CDDD-4BD2-90ED-B059C62D9D70}] => (Allow) LPort=80
FirewallRules: [{3DA8FA65-8689-4155-BF93-0D0FFD3760C5}] => (Allow) LPort=80
FirewallRules: [{FD69ADF1-8599-4F15-B769-78BB76271718}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{75AD3896-23C2-46F5-9B60-C923EACE06AD}] => (Allow) C:\Users\Putri\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{1FA05142-B899-42D4-A688-F4601ECB1EFA}] => (Allow) C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{9C141297-E828-4FCE-9E22-3F33B3EDBF08}] => (Allow) C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{5B3E394F-DBD7-41D6-9FC2-0D35C0FE15BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{558E7899-3A88-494C-9F0E-22B26791DD3C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BF89BEC7-81BF-4DD7-A178-10366F568775}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B6D2A9B6-67E4-436B-A713-C5781387D780}] => (Allow) C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{40FE14AF-FBBF-4C8C-82F1-5B94886A2B59}] => (Allow) C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe
FirewallRules: [{7E33BE9C-FD15-40D0-A175-B59EE57CEDD0}] => (Allow) LPort=4481
FirewallRules: [{87068090-FE9C-46EB-8FD5-8C9078E227C2}] => (Allow) LPort=4481
FirewallRules: [{211258A0-D69F-4845-9BCB-386753F0923B}] => (Allow) LPort=4482
FirewallRules: [{44C94FB1-576A-4FF7-B45E-6CDC72D6650F}] => (Allow) LPort=4482
FirewallRules: [{54EF21D1-0297-4CFA-B2C4-0FD4038F12AE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F3474F3E-9E49-4DC5-9ECD-79589A1F1148}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1D3584B0-CAC0-483C-B9B9-794D63AAA98C}] => (Allow) C:\Program Files\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{928A5039-9977-4DEC-922D-7B3D093592CB}] => (Allow) C:\Program Files\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{FC232E2D-1B27-42B0-8645-212011840CBF}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{332D6437-F5C3-4A5E-B28B-73AA9C4231D7}] => (Allow) C:\Program Files\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{DAA3A07B-0CF3-4D28-826C-4FAE3C0508EF}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F6765600-F1B3-48CE-B3FD-73C26AA13FA2}] => (Allow) C:\Program Files\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{20C480DF-AE0A-4B24-852B-291ABAB83993}] => (Allow) C:\Program Files\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{6CA3901F-B1F9-4C92-B869-FA0790E022DF}] => (Allow) C:\Program Files\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{5E3BBF75-DB56-4E01-A0BF-D79C624DEB18}] => (Allow) C:\Program Files\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{5B1C2047-9390-4723-8123-F4B4318932B1}] => (Allow) C:\Program Files\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{6416FD38-2EC3-4E57-99DC-2F412272954A}] => (Allow) C:\Users\Putri\AppData\Local\Temp\nsm7850.tmp\CnetInstaller-10134414.exe
FirewallRules: [{3FAD44AF-A047-4BEA-BF29-D01620F082EF}] => (Allow) C:\Users\Putri\AppData\Local\Temp\nsm7850.tmp\CnetInstaller-10134414.exe
FirewallRules: [{9BC286AF-2A7E-4064-85DF-26C80AB77D9F}] => (Allow) C:\Users\Putri\Downloads\Phone\Skype.exe
FirewallRules: [{2B1858A8-AA57-4B92-BA5B-AFBDF57D94DA}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{212A0A99-8D59-4127-A88D-E1A35ECF766F}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{90B1EA26-E211-48F8-96E8-0C1C473F0749}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BE04D477-5EF0-4AFB-8B4C-638162A797A3}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{EEDA424C-F98D-4961-AB94-269174EB3A86}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5949C26D-6341-4B8E-8097-25145B555F2F}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A87B469F-2823-4B5F-9518-44E7C3E7F37B}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{54F7B074-D726-489C-9EF4-483EE2C78688}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{89A1D519-4813-4629-9991-4D5DB1EBF559}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6FD7F512-22D6-4890-99F4-E6BC3BC75945}] => (Allow) C:\Program Files\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E780EDA2-BB9D-4659-B087-276B85314CA4}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{75BB16ED-05FC-4A08-A1E8-A239C148B799}] => (Allow) C:\Program Files\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{A06BF7EF-6C47-44E3-A257-7E04E0A1BC65}C:\ipcameratool\ipcameratool.exe] => (Allow) C:\ipcameratool\ipcameratool.exe
FirewallRules: [UDP Query User{1A03A1EF-0B97-41BB-A2F6-807A4FC71BCF}C:\ipcameratool\ipcameratool.exe] => (Allow) C:\ipcameratool\ipcameratool.exe
FirewallRules: [TCP Query User{1EFFB761-952A-4B1D-9328-F7DDCF9978F8}C:\ipcclient\ipcc.exe] => (Allow) C:\ipcclient\ipcc.exe
FirewallRules: [UDP Query User{88170DE7-8C2D-45B9-A5F9-D67ECBFF977B}C:\ipcclient\ipcc.exe] => (Allow) C:\ipcclient\ipcc.exe
FirewallRules: [TCP Query User{D89B7BFA-5019-4298-BB82-ED5EBE3E140E}C:\ipcclient\ipcc.exe] => (Allow) C:\ipcclient\ipcc.exe
FirewallRules: [UDP Query User{6A4D7DBB-D647-4A4F-ADC5-863965AAAA61}C:\ipcclient\ipcc.exe] => (Allow) C:\ipcclient\ipcc.exe
FirewallRules: [TCP Query User{E0DB7A7C-32E7-409C-B6A9-0533C3DA96FA}C:\ipcameratool\ipcameratool.exe] => (Allow) C:\ipcameratool\ipcameratool.exe
FirewallRules: [UDP Query User{FCD77846-0D60-4FF1-9B41-015D72612E4E}C:\ipcameratool\ipcameratool.exe] => (Allow) C:\ipcameratool\ipcameratool.exe
FirewallRules: [{F82613ED-D5FD-4E2D-886B-00F84CA3A7F3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9B521112-4853-42BA-836C-7B7B8F9E3843}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EA5EF21F-2AF3-4DE8-84EB-CC6C18EE21AF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{5CDD2FE3-2C8C-4E24-92AB-E31EC79942B5}C:\ipcameratool2\ipcameratool.exe] => (Allow) C:\ipcameratool2\ipcameratool.exe
FirewallRules: [UDP Query User{B0042567-41B2-434F-8301-D1976F213F58}C:\ipcameratool2\ipcameratool.exe] => (Allow) C:\ipcameratool2\ipcameratool.exe
FirewallRules: [TCP Query User{F7FD46E8-8E53-41F2-B229-61EF25A3A62B}C:\ipcameratool2\ipcameratool.exe] => (Allow) C:\ipcameratool2\ipcameratool.exe
FirewallRules: [UDP Query User{B5D7BE41-CDED-4A7A-B007-0FDAFDF46081}C:\ipcameratool2\ipcameratool.exe] => (Allow) C:\ipcameratool2\ipcameratool.exe

==================== Restore Points =========================

15-03-2016 01:31:11 Windows Update
15-03-2016 20:22:05 Language Pack Removal
18-03-2016 01:21:51 Scheduled Checkpoint
23-03-2016 00:24:48 Scheduled Checkpoint
28-03-2016 00:18:07 Language Pack Removal
31-03-2016 20:30:56 Language Pack Removal
31-03-2016 20:38:35 Windows Update
05-04-2016 20:14:53 Language Pack Removal
05-04-2016 20:47:04 Windows Update
07-04-2016 19:46:49 Language Pack Removal
08-04-2016 23:42:48 Windows Update
10-04-2016 21:23:30 Language Pack Removal
16-04-2016 22:39:12 Language Pack Removal
17-04-2016 20:04:38 Windows Update
17-04-2016 20:31:19 Language Pack Removal
19-04-2016 23:39:47 Language Pack Removal
24-04-2016 22:18:45 Language Pack Removal

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft 6to4 Adapter #12
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft 6to4 Adapter #13
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft ISATAP Adapter #6
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2016 12:46:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 63025

Error: (05/03/2016 12:46:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 63025

Error: (05/03/2016 12:46:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/03/2016 12:46:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 59983

Error: (05/03/2016 12:46:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 59983

Error: (05/03/2016 12:46:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/03/2016 12:46:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 54023

Error: (05/03/2016 12:46:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 54023

Error: (05/03/2016 12:46:39 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/03/2016 12:46:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 51371

System errors:
=============
Error: (05/03/2016 11:26:47 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 11:19:40 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 11:12:33 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 11:05:26 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 10:58:18 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 10:51:11 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 10:44:04 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 10:36:57 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 10:29:50 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

Error: (05/03/2016 10:22:43 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: The ICS_IPV6 failed to configure IPv6 stack.

CodeIntegrity:
===================================
Date: 2016-04-19 00:16:42.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:16:34.888
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:16:29.138
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:16:22.199
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:16:13.753
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:16:04.800
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:15:58.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:15:54.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:15:50.924
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-04-19 00:15:44.868
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T1600 @ 1.66GHz
Percentage of memory in use: 69%
Total physical RAM: 3002.45 MB
Available physical RAM: 912.2 MB
Total Virtual: 6239.14 MB
Available Virtual: 3178.89 MB

==================== Drives ================================

Drive c: (Putri) (Fixed) (Total:223 GB) (Free:59.66 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:9.88 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (IP CAMERA) (CDROM) (Total:0.69 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 23E2EF5D)
Partition 1: (Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Abraham54 · 4 mei 2016

Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.

We gaan

Schakel in de Add-ons van Firefox Avast SafePrice uit.

Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer en plak de volgende (blauwe tekst in het code-venster) in het lege kladblokvenster.

Code:

[B][color=#0000FF]
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Toolbar: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab

Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 17 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 23 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)













cmd: ipconfig /flushdns
cmd: netsh winsock reset
[/COLOR][/B]

Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken

Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
Als het programma wordt gestart, klik dan op Ja in de popup.
Druk op de Fix knop.
Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
Post de inhoud van dit logbestand in jouw volgende bericht.

peppy · 4 mei 2016

Hierbij het Fix logbestand :

Fix result of Farbar Recovery Scan Tool (x86) Version:03-05-2016
Ran by Putri (2016-05-04 21:13:48) Run:1
Running from C:\Users\Putri\Downloads
Loaded Profiles: Putri & (Available Profiles: Putri)
Boot Mode: Normal

==============================================

fixlist content:
*****************
????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????*???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

*****************

????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????*??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? => Error: No automatic fix found for this entry.

==== End of Fixlog 21:13:49 ====

--- Update ---

Abraham54, ik heb van boven vermelde Fixlog n opmerking : Op de originele fixlist result van het logbestand bestaat enkel uit Chinese tekens (lees: alfabet).

--- Update ---

Abraham54, ik heb van boven vermelde Fixlog n opmerking : Op de originele fixlist result van het logbestand bestaat enkel uit Chinese tekens (lees: alfabet).

Abraham54 · 5 mei 2016

Ik wil graag weten van jou in welke applicatie het log opende?
Want zo te zien is het fix-log niet geopend in kladblok.

peppy · 6 mei 2016

Stom...mijn fout Abraham54, ik had het met Wordpad geopend.
Ik heb de instructie opnieuw opgevolgd en post hierbij de fix-log in notepad :

Fix result of Farbar Recovery Scan Tool (x86) Version:06-05-2016 02
Ran by Putri (2016-05-06 01:42:29) Run:3
Running from C:\Users\Putri\Downloads
Loaded Profiles: Putri (Available Profiles: Putri)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

Toolbar: HKU\S-1-5-21-892295542-3345536890-4220559716-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab

Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 17 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
Winsock: Catalog9 23 C:\Windows\system32\LavasoftTcpService.dll [345360 2015-09-29] (Lavasoft Limited)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

cmd: ipconfig /flushdns
cmd: netsh winsock reset
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-892295542-3345536890-4220559716-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value removed successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => key removed successfully.
HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93} => key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}" => key removed successfully.
HKCR\CLSID\{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} => key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => key removed successfully.
HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} => key not found.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => key removed successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => key removed successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => key removed successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017" => key removed successfully.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => key removed successfully.
"HKCR\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}" => key removed successfully.

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= netsh winsock reset =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

Abraham54 · 6 mei 2016

Download

MalwareBytes Anti-Malware.

Let op bij de installatie van MBAM: in het laatste installatievenster staan twee vinkjes bij de meldingen,
haal nu het bovenste vinkje weg (MBAM als volledige demo-versie gebruiken) en maak de installatie af.
Daarna kan je Malwarebytes MBAM als gratis versie telken opnieuw gebruiken!

Windows 2000 en Windows XP: dubbelklik op mbam-setup.exe.
Windows Vista, Windows 7, Windows 8: en Windows 10: via rechtsklik op mbam-setup.exe en kies voor "Als Administrator uitvoeren".

Klik in het menu van Malwarebytes ANTI-MALWARE op nstellingen" en daar op "Detectie en Bescherming" en zet vervolgens een vinkje bij "Scan naar rootkits".

Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.

Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.

Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
Klik op de nieuwste Scan Log.
Klik op "Exporteer" en kies de optie "Tekstbestand (*.txt)".
Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.

MBAM-Log posten:

Kopieer nu de inhoud van het zojuist opgeslagen log en plak dit in uw nieuwe antwoord erbij.

peppy · 7 mei 2016

Hierbij het MBAM Scanlog :

Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 6-5-2016
Scantijd: 21:16:11
Logboekbestand: MBAM scanlog.txt
Beheerder: Ja

Versie: 2.2.1.1043
Malware-database: v2016.02.16.06
Rootkit-database: v2016.05.06.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows Vista Service Pack 2
Processor: x86
Bestandssysteem: NTFS
Gebruiker: Putri

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 353028
Verstreken tijd: 3 u., 28 min, 13 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(Geen kwaadaardige items gedetecteerd)

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)

Registerwaarden: 0
(Geen kwaadaardige items gedetecteerd)

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 0
(Geen kwaadaardige items gedetecteerd)

Bestanden: 0
(Geen kwaadaardige items gedetecteerd)

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)

(end)

Abraham54 · 7 mei 2016

Graag de twee logs in n keer posten - gebruik de tools in de volgorde zoals aangegeven.

Stap ?1?
Download

Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:

Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.

Junkware Removal Tool by Thisisu opstarten:

Windows 2000 en Windows XP: dubbelklik op JRT.exe.
Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
JRT.exe zal daarna Windows gaan scannen.
Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
Post de inhoud van dit log in je volgende bericht.

Stap ?2?
Download

AdwCleaner by Xplode.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:

Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

AdwCleaner opstarten:

Windows 2000 en Windows XP: dubbelklik op adwcleaner.exe.
Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".

AdwCleaner is opgestart:

Klik op de knop Scan
Is de scan gereed, klik dan op de knop Verwijderen
Klik bij AdwCleaner ? Afsluiting van de programma's op OK
Klik bij AdwCleaner ? Herstarten noodzakelijk op OK

AdwCleaner logbestand:

Nadat de PC opnieuw is opgestart, opent een logfile.
Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0, of 1, of 2].txt
Post vervolgens de inhoud van dit log in je volgende bericht.

peppy · 7 mei 2016

Hierbij het JRT.txt logbestand :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows Vista (TM) Home Basic x86
Ran by Putri (Administrator) on za 07-05-2016 at 20:57:11,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 139

Successfully deleted: C:\ProgramData\apn (Folder)
Successfully deleted: C:\ProgramData\lavasoft\web companion (Folder)
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\Users\Putri\AppData\Local\{06D7774C-2009-4FFE-9606-9FA00029245D} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{07B906CC-E0BA-4E49-9B8E-BF9CE346F797} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{0A2566BE-AEE3-4D6D-AF24-97E1D6AA66EB} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{16194BF0-DCEA-4E49-8D2C-024FBD44F011} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{17561F95-1B9D-4585-AC6A-251CF20C8786} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{1E74536B-265D-4A91-8220-C1A38991BF76} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{24D3B3D4-BA1D-4988-B8D7-E7D61173864A} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{253D6AE8-5057-4E3F-A158-1F7556A3AB68} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{2A4B80CC-15E4-4A82-B439-408C0728BDCB} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{310E51EF-88B0-43F0-B0AA-0DBF10709032} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{3CB4C3F3-506A-44F1-AAE5-B670155CA7C0} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{492920DC-4554-46CD-85F9-3A7FB9031DD4} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{4F45FFE0-D85A-4CA1-87AD-D4FA7A210814} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{544483C4-49CE-4B5F-8D84-4AD2FF7233D3} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{5825AB20-A0CC-4DEA-95FA-84734D98E53A} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{594FAD41-E5DE-4998-92C9-F678262FA873} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{5E1889C6-6586-49C9-AC7D-36252AA48DEC} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{5F0576A3-3545-46F1-ACF4-D64C07817373} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{6456A94F-9066-4FA0-867D-00B506A3253D} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{69DB80F7-5003-4685-84E5-484DFC5A3566} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{6FDB4E5E-C8C3-4FA0-81CD-D40744E7E6EC} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{7D4F470A-010B-48C1-8570-F8CEB7DEFEB3} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{7F0A28EC-EBEE-44A6-A386-3AF41C70AF0C} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{86C2487C-6CB0-4FF7-8C30-38E917488369} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{8DFE155D-0CDE-4BAA-8DE2-D6545024676A} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{8FD88D5A-656B-4DB2-B06A-E1E6C1470B74} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{907FC63D-0FDA-41C5-951C-9D4C78C45791} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{933F5D10-0000-49A3-A1A2-F07A567DB6CD} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{9AB1B1C4-12E3-415D-B200-5B86D479400A} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{A0B9121F-3E76-4FA3-84EF-58727ACE4A0E} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{A1814F9F-C9E1-4806-99C9-C1A683CFD699} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{C239DF7C-2F69-4C01-A158-3C40DF7BF8CD} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{C8697BA6-5E80-46CF-9A1B-A98CD0B0CCF2} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{CDCB54C5-588A-45D7-A0F4-535D6C890781} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{DF850CD2-1A07-4966-A7D9-9C31FB83FD87} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{E3E5637C-4633-4908-BABA-DC438DE67EF9} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\{E4DB8B2B-332C-49D2-BCDF-4243B94F9C19} (Empty Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\apn (Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\nico mak computing (Folder)
Successfully deleted: C:\Users\Putri\AppData\Roaming\lavasoft\web companion (Folder)
Successfully deleted: C:\Users\Putri\AppData\Roaming\Mozilla\Firefox\Profiles\rzui1r1r.default\extensions\safesearchplus@avira.com\search.xml (File)
Successfully deleted: C:\Users\Putri\Documents\add-in express (Folder)
Successfully deleted: C:\Program Files\GUT1E20.tmp (File)
Successfully deleted: C:\Program Files\GUT92DE.tmp (File)
Successfully deleted: C:\Program Files\lavasoft\web companion (Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\21T01F6Q (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2884Y09E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UZKWA93 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3EKFH966 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WKQI662 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46NSWPVD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5A9IXH4K (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7K90LQ1H (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ADMW85C (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9KEGRHUS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6FP6OO4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B2YWG842 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BAGAZ3DB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C3XKQNS8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CU0J9LRG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVZRW6BX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EM0067JZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOTMOT2U (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EV8ZYXJ6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EX2ZAR2O (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H8W2NM05 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9NBDUH3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HD4B4KE4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTVDXQ4C (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8PEHPG3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IK1ZQ0D3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IV87DQBQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JDRANXZF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L28H0JMZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LARAMHFV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MMVQSE6W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N1WMNUFF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NH4KRPUR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJ0BXVMG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OTNCXRYE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P1UPTU51 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2EKCCRE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6B7SYK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWRDXTD2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5V0NQ1Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U11A23RC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8SGHS6F (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VSP30IE3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VT72TTCH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Putri\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VWYWY5GV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\prefetch\FREEMAKEERRORREPORTER.EXE-FE15BDA8.pf (File)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\21T01F6Q (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2884Y09E (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2UZKWA93 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3EKFH966 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WKQI662 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46NSWPVD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5A9IXH4K (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7K90LQ1H (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ADMW85C (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9KEGRHUS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A6FP6OO4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B2YWG842 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BAGAZ3DB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C3XKQNS8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CU0J9LRG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CVZRW6BX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EM0067JZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOTMOT2U (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EV8ZYXJ6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EX2ZAR2O (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H8W2NM05 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9NBDUH3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HD4B4KE4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTVDXQ4C (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I8PEHPG3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IK1ZQ0D3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IV87DQBQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JDRANXZF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L28H0JMZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LARAMHFV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MMVQSE6W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N1WMNUFF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NH4KRPUR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJ0BXVMG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OTNCXRYE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P1UPTU51 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2EKCCRE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6B7SYK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWRDXTD2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T5V0NQ1Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U11A23RC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8SGHS6F (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VSP30IE3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VT72TTCH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VWYWY5GV (Temporary Internet Files Folder)

Registry: 4

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\YahooAUService (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on za 07-05-2016 at 21:08:09,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hierbij het AdwCleaner logbestand :

# AdwCleaner v5.115 - Logbestand aangemaakt 07/05/2016 op 21:39:20
# Laatste update 01/05/2016 door Xplode
# Database : 2016-05-04.2 [Server]
# Besturingssysteem : Windows Vista (TM) Home Basic Service Pack 2 (X86)
# Gebruikersnaam : Putri - PUTRILAPTOP
# Gestart vanuit : C:\Users\Putri\Downloads\adwcleaner_5.115.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum

***** [ Services ] *****

[-] Service verwijderd : YahooAUService

***** [ Mappen ] *****

[-] Map verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
[-] Map verwijderd : C:\Users\Putri\AppData\Roaming\RPEng
[-] Map verwijderd : C:\Users\Putri\AppData\Roaming\Yahoo!\Companion
[-] Map verwijderd : C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd

***** [ Bestanden ] *****

[-] Bestand verwijderd : C:\Windows\system32\lavasofttcpservice.dll
[-] Bestand verwijderd : C:\Windows\system32\LavasoftTcpServiceOff.ini
[-] Bestand verwijderd : C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaabfjnbeinlpljodiajipidiompfl_0.localstorage
[-] Bestand verwijderd : C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaabfjnbeinlpljodiajipidiompfl_0.localstorage-journal
[-] Bestand verwijderd : C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage
[-] Bestand verwijderd : C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage-journal

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Snelkoppelingen ] *****

***** [ Geplande taken ] *****

***** [ Register ] *****

[-] Sleutel verwijderd : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Waarde verwijderd : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Sleutel verwijderd : HKCU\Software\APN
[-] Sleutel verwijderd : HKCU\Software\MGShareware
[-] Sleutel verwijderd : HKCU\Software\Yahoo\Companion
[-] Sleutel verwijderd : HKCU\Software\Yahoo\YFriendsBar
[-] Sleutel verwijderd : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Sleutel verwijderd : HKLM\SOFTWARE\APN
[-] Sleutel verwijderd : HKLM\SOFTWARE\Yahoo\Companion
[-] Sleutel verwijderd : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Sleutel verwijderd : HKU\.DEFAULT\Software\Yahoo\Companion
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-892295542-3345536890-4220559716-1000\Software\Yahoo\Companion
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Sleutel verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com

***** [ Internetbrowsers ] *****

[-] [C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] verwijderd : mystart.incredimail.com
[-] [C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] verwijderd : websearch.ask.com
[-] [C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] verwijderd : ask.com
[-] [C:\Users\Putri\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] verwijderd : fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9089 bytes] - [07/05/2016 21:39:20]
C:\AdwCleaner\AdwCleaner[R0].txt - [11628 bytes] - [02/04/2014 21:12:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [11948 bytes] - [02/04/2014 21:17:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [8808 bytes] - [07/05/2016 21:19:03]
C:\AdwCleaner\AdwCleaner[S2].txt - [9442 bytes] - [07/05/2016 21:33:49]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9456 bytes] ##########

Abraham54 · 7 mei 2016

We kijken verder.

Download

ComboFix via n van deze locaties:

Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!

Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Opmerkingen:

Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

ComboFix opstarten:

Windows Vista, Windows 7 en Windows 8: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".

ComboFix is opgestart:

Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
Combofix sluit tijdens de scan de internet verbinding probeer deze tussentijds niet te herstellen!
Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt

Belangrijke opmerking:

Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
Start dan de computer opnieuw op.

peppy · 9 mei 2016

Hallo Abraham54,
Na de ComboFix scan heeft de log niet automatisch opgestart.
Als ik C:\ComboFix.txt aanklik, dan zie ik hieronder de submap Putri (C) dit het bestand pagefile.sys (3.381.704 KB) tegen.
Is dit het juiste bestand wat u nodig heeft ?

Abraham54 · 9 mei 2016

Ja - de inhoud van C:\ComboFix.txt posten.
Wat betreft die Submap - vreemd maar niet belangrijk.

Als we klaar zijn ruimen we - dus ook de map C;\ComboFix.

peppy · 9 mei 2016

Bij het openen van de file pagefile.sys wordt gevraagd met welke programma deze moet worden geopend. Met welke prog kan deze het best worden geopend zodat ik het voor u kan posten ?

Abraham54 · 9 mei 2016

Nee, klik ComboFix.txt met rechts aan en kies voor Openen met
Kies dan voor Kladblok.

peppy · 9 mei 2016

Dit zou het ComboFixt.txt moeten zijn :

ComboFix 16-04-29.01 - Putri 08-05-2016 1:22:34.1.2 - x86
Microsoft Windows Vista Home Basic 6.0.6002.2.1252.31.1033.18.3002.1279 [GMT 2:00]
Gestart vanuit: C:\Users\Putri\Downloads\ComboFix.exe
AV: Avira Antivirus *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Abraham54 · 9 mei 2016

Dat is geen log.

ComboFix verwijderen:

ga daarvoor naar Start - Uitvoeren:
kopieer en plak hierin het volgende: Combofix /Uninstall
klik daarna op OK.
ComboFix start op en het lijkt erop dat het tool zich installeert, maar dat is niet zo;
indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.

Voorbeeld:

Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken.

Dit zal Combofix verwijderen inclusief gerelateerde mappen en bestanden,
herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies,
gaat verborgen bestanden en systeembestanden terug verbergen
en reset Systeemherstel opnieuw.

peppy · 10 mei 2016

Melding dat ComboFix succesvol is verwijderd.

Laptop erg traag

Gevestigd lid

Senior

Abraham54

Gast

Gevestigd lid

Abraham54

Gast

Gevestigd lid

Abraham54

Gast

Gevestigd lid

Abraham54

Gast

Gevestigd lid

Abraham54

Gast

Gevestigd lid

Abraham54

Gast

Gevestigd lid

Abraham54

Gast

Gevestigd lid

Abraham54

Gast

Gevestigd lid

Abraham54

Gast

Gevestigd lid

Wij waarderen jouw privacy