• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Updates

Status
Niet open voor verdere reacties.

robistop

Junior lid
Lid geworden
24 jan 2015
Berichten
99
Waarderingsscore
0
Ik wist niet waar ik het moest plaatsen dus ik doe het maar hier, want volgens mij heb ik windows 7 maar ook dat niet zeker want ben niet zo handig :mellow: .

Maar het probleem waar het om gaat is dat mijn computer geen Windows Updates meer installeerd, als ik het zelf probeer te zoeken en te installeren lukt het niet en ook elke keer wanneer ik mijn computer uit zet staat er update 1 van de 40 downloaden. als ik mijn computer weer aanzet en ik kijk bij de updates zijn ze allemaal mislukt, iemand enig idee hoe dit kan ? vind het ook erg irritant dat downloaden want duurt onzetted lang.

Ik heb hierdoor ook zo een idee dat mijn computer trager gaat werken, ook doen sommige usb ports het niet meer lijkt het wel en ook is mijn interverbinding niet heel goed (maar heb ziggo dus waarschijnlijk ligt dat gewoon aan ziggo hoor daar niemand positief over)

alvast bedankt,
 
Ga eens naar de instellingen van Windows update. En zet deze dan geheel op handmatig. Herstart daarna de pc eens en zoek vervolgens handmatig naar nieuwe updates.
 
Oke bedankt zal het morgen proberen !
 
ik heb ook ziggo en heb snel internet ( draadloos 49,66 mb)
maar gezien dat jij meer problemen ervaart, doe het volgende eens.

Download MalwareBytes Anti-Malware. www.malwarebytes.org

Let op bij de installatie van MBAM: in het laatste installatievenster staan twee vinkjes bij de meldingen,
haal nu het bovenste vinkje weg (MBAM als volledige demo-versie gebruiken) en maak de installatie af.
Daarna kan je Malwarebytes MBAM als gratis versie telken opnieuw gebruiken!

Windows 2000 en Windows XP: dubbelklik op mbam-setup.exe.
Windows Vista, Windows 7, Windows 8: en Windows 10: via rechtsklik op mbam-setup.exe en kies voor "Als Administrator uitvoeren".

Klik in het menu van Malwarebytes ANTI-MALWARE op nstellingen" en daar op "Detectie en Bescherming" en zet vervolgens een vinkje bij "Scan naar rootkits".

Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.


Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.


Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
Klik op de nieuwste Scan Log.
Klik op "Exporteer" en kies de optie "Tekstbestand (*.txt)".

Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.

MBAM-Log posten:
Kopieer nu de inhoud van het zojuist opgeslagen log en plak dit in uw nieuwe antwoord erbij.
 
alwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 12-5-2016
Scantijd: 17:45
Logboekbestand: mbam scanlog.txt
Beheerder: Ja

Versie: 2.2.1.1043
Malware-database: v2016.05.12.05
Rootkit-database: v2016.05.06.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: rob

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 289103
Verstreken tijd: 7 min, 30 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(Geen kwaadaardige items gedetecteerd)

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 63
PUP.Optional.MultiPlug.UNS, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{37476589-E48E-439E-A706-56189E2ED4C4}_is1, In quarantaine, [27de2da81e7b13238e5a2510b74b5aa6],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{89310413-97E0-4F09-AA75-390A7F4D4918}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{0347B640-EC8E-4F40-AFAE-E4B4285C61BE}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{03FF7591-BAC2-4ECE-9B67-BB2AF2978B7D}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{4A3639A7-C0B4-49C2-AF0C-D0403F67F2FC}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0347B640-EC8E-4F40-AFAE-E4B4285C61BE}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{03FF7591-BAC2-4ECE-9B67-BB2AF2978B7D}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4A3639A7-C0B4-49C2-AF0C-D0403F67F2FC}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0347B640-EC8E-4F40-AFAE-E4B4285C61BE}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{03FF7591-BAC2-4ECE-9B67-BB2AF2978B7D}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4A3639A7-C0B4-49C2-AF0C-D0403F67F2FC}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{89310413-97E0-4F09-AA75-390A7F4D4918}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{89310413-97E0-4F09-AA75-390A7F4D4918}, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\TYPELIB\{10F67E56-58A9-4A52-A48A-A28A75FF9FBB}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FF618FF-DB01-4CC8-8159-F299DD1495FE}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\INTERFACE\{4045D057-EE1F-4E62-8693-B84E850D6157}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\INTERFACE\{740A899A-06BB-4D02-A96E-3091C5B14CE9}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\INTERFACE\{920AB458-4C48-4EE1-B081-A9D021E01074}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0FF618FF-DB01-4CC8-8159-F299DD1495FE}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4045D057-EE1F-4E62-8693-B84E850D6157}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{740A899A-06BB-4D02-A96E-3091C5B14CE9}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{920AB458-4C48-4EE1-B081-A9D021E01074}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0FF618FF-DB01-4CC8-8159-F299DD1495FE}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4045D057-EE1F-4E62-8693-B84E850D6157}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{740A899A-06BB-4D02-A96E-3091C5B14CE9}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{920AB458-4C48-4EE1-B081-A9D021E01074}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{10F67E56-58A9-4A52-A48A-A28A75FF9FBB}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{10F67E56-58A9-4A52-A48A-A28A75FF9FBB}, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\TYPELIB\{FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\INTERFACE\{1EA56CF8-1B08-4B8B-BAD9-77D0A2F55837}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\INTERFACE\{AFE44F7D-9EB4-426B-AB34-4DAB85ECDF91}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\INTERFACE\{D75E8573-4E73-4642-8517-A6348042151C}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\INTERFACE\{DC00432C-FF74-41C6-BE9E-7F2224FDB437}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1EA56CF8-1B08-4B8B-BAD9-77D0A2F55837}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AFE44F7D-9EB4-426B-AB34-4DAB85ECDF91}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D75E8573-4E73-4642-8517-A6348042151C}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DC00432C-FF74-41C6-BE9E-7F2224FDB437}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1EA56CF8-1B08-4B8B-BAD9-77D0A2F55837}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AFE44F7D-9EB4-426B-AB34-4DAB85ECDF91}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D75E8573-4E73-4642-8517-A6348042151C}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{DC00432C-FF74-41C6-BE9E-7F2224FDB437}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\TYPELIB\{41F978F3-431A-4464-A789-5C0692D562FB}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\INTERFACE\{138E44EF-8988-4DC7-8F48-FBC4FCEF83D1}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\INTERFACE\{BB50CC62-09E1-4DD9-912C-F1DA4D6D71D8}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\INTERFACE\{E481A870-86C7-44E1-97DF-E759FC147CBE}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\INTERFACE\{FE332809-93C1-48DF-929F-AEC0BC4BFCFE}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{138E44EF-8988-4DC7-8F48-FBC4FCEF83D1}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BB50CC62-09E1-4DD9-912C-F1DA4D6D71D8}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E481A870-86C7-44E1-97DF-E759FC147CBE}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FE332809-93C1-48DF-929F-AEC0BC4BFCFE}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{138E44EF-8988-4DC7-8F48-FBC4FCEF83D1}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BB50CC62-09E1-4DD9-912C-F1DA4D6D71D8}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E481A870-86C7-44E1-97DF-E759FC147CBE}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FE332809-93C1-48DF-929F-AEC0BC4BFCFE}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{41F978F3-431A-4464-A789-5C0692D562FB}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{41F978F3-431A-4464-A789-5C0692D562FB}, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In quarantaine, [18ed696c544583b3a41a2e8031d25ba5],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7f1ced53}, In quarantaine, [0ef7b81daeeb3402d73e5f23d0337987],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In quarantaine, [9570d8fd53469a9cb608c6e8788b35cb],
PUP.Optional.MultiPlug, HKU\S-1-5-21-287123594-389976410-2398887567-1000_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In quarantaine, [f11417bedcbd2511819ffc9e0003c33d],
PUP.Optional.MultiPlug, HKU\S-1-5-21-287123594-389976410-2398887567-1000_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In quarantaine, [f11417bedcbd2511819ffc9e0003c33d],

Registerwaarden: 2
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In quarantaine, [18ed696c544583b3a41a2e8031d25ba5]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In quarantaine, [9570d8fd53469a9cb608c6e8788b35cb]

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 8
PUP.Optional.MultiPlug, C:\Program Files (x86)\RobouSavveR, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.50Coupons, C:\Program Files (x86)\50Couponns, In quarantaine, [8b7a6b6a38610e28d2aaaac132d1a060],
PUP.Optional.FindBestDeal, C:\Program Files (x86)\FindBestDeeal, In quarantaine, [4cb9468f3e5b360042a4b6c105fefd03],
PUP.Optional.JoniCoupons, C:\Program Files (x86)\JoniiCouapon, In quarantaine, [4fb651845f3a37ff9970add0d033eb15],
PUP.Optional.MinimumPrice, C:\Program Files (x86)\MiNimuuMePrice, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.NewSaver, C:\Program Files (x86)\NewwSaver, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.RandomPrice, C:\Program Files (x86)\RandomPriice, In quarantaine, [df26b1241782e452c3296f178b78b64a],

Bestanden: 30
PUP.Optional.MultiPlug.UNS, C:\ProgramData\The AdBlocker\The AdBlocker.exe, In quarantaine, [27de2da81e7b13238e5a2510b74b5aa6],
PUP.Optional.MultiPlug, C:\Program Files (x86)\RobouSavveR\DvOJofxmzEtL16.tlb, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug, C:\Program Files (x86)\RobouSavveR\DvOJofxmzEtL16.dat, In quarantaine, [11f41bbadbbeb68097d503a9bf43916f],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\071ae3e4d5e8ee2cbb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\a99a93cd45c8f6c1bb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\23a9763700316e4abb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\508d37f1a64d63afbb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\769e86b727e42adbbb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\92fa68bf3906b26cbb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\9df0869df3918049bb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\a7739f6d0875f7b0bb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\b8cf1530471a0ceabb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\cd5b15e575e1c3d0bb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\d1644748bb142753bb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\da11fa9c3c4a040ebb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\ef762cc24ee969a9bb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\f3f8fa8e1b00c6ecbb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\13876545004951043530\ff9a431c66096748bb2a4936d1d04375.ini, In quarantaine, [d431aa2b3c5dd363d25fee7bab5846ba],
PUP.Optional.50Coupons, C:\Program Files (x86)\50Couponns\N5aLTtilGvBSI6.tlb, In quarantaine, [8b7a6b6a38610e28d2aaaac132d1a060],
PUP.Optional.50Coupons, C:\Program Files (x86)\50Couponns\N5aLTtilGvBSI6.dat, In quarantaine, [8b7a6b6a38610e28d2aaaac132d1a060],
PUP.Optional.FindBestDeal, C:\Program Files (x86)\FindBestDeeal\zNtu6lBPZ3lOp3.tlb, In quarantaine, [4cb9468f3e5b360042a4b6c105fefd03],
PUP.Optional.FindBestDeal, C:\Program Files (x86)\FindBestDeeal\zNtu6lBPZ3lOp3.dat, In quarantaine, [4cb9468f3e5b360042a4b6c105fefd03],
PUP.Optional.JoniCoupons, C:\Program Files (x86)\JoniiCouapon\mRlNN4fhfNiTOh.tlb, In quarantaine, [4fb651845f3a37ff9970add0d033eb15],
PUP.Optional.JoniCoupons, C:\Program Files (x86)\JoniiCouapon\mRlNN4fhfNiTOh.dat, In quarantaine, [4fb651845f3a37ff9970add0d033eb15],
PUP.Optional.MinimumPrice, C:\Program Files (x86)\MiNimuuMePrice\XUCVzMJgAFwyTb.tlb, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.MinimumPrice, C:\Program Files (x86)\MiNimuuMePrice\XUCVzMJgAFwyTb.dat, In quarantaine, [56af23b23b5e68ce226d9ee344bfeb15],
PUP.Optional.NewSaver, C:\Program Files (x86)\NewwSaver\y1g6GquOCe3ZbI.tlb, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.NewSaver, C:\Program Files (x86)\NewwSaver\y1g6GquOCe3ZbI.dat, In quarantaine, [8c79dcf9f5a475c1ca29c6bc2ad950b0],
PUP.Optional.RandomPrice, C:\Program Files (x86)\RandomPriice\CerSndfTgnpiTa.tlb, In quarantaine, [df26b1241782e452c3296f178b78b64a],
PUP.Optional.RandomPrice, C:\Program Files (x86)\RandomPriice\CerSndfTgnpiTa.dat, In quarantaine, [df26b1241782e452c3296f178b78b64a],

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)


(end)
 
dat is best veel rommel, geen wonder dat jou windows niet goed werkt.

ik laat abraham verder helpen, die is de virusexpert!

ik heb hem een bericht gestuurd en hij zal jou snel verder helpen!
 
Laatst bewerkt door een moderator:
Ik zelf zou nu niets meer doen met die computer dan alleen maar wachten op de instructies van Abraham54. Als je nu allerlei fix dingen gaat uitvoeren is de kans op schade alleen maar groter.
 
Ik jouw discussie verplaatst.

Doe nu het volgende: download
52063a40e2e64-Farbar_Recovery_Scan_Tool_canned.png
Farbar Recovery Scan Tool 32 of 64 bit van n van de onderstaande links
Farbar Recovery Scan Tool 32 bit (x86)
Farbar Recovery Scan Tool 64 bit (x64)
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
Opmerkingen: Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

Antivirusprogramma en actieve malwarescanners dienen al voor je FRST.exe start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

FRST opstarten:
  • Windows 2000 en Windows XP: dubbelklik op FRST.exe.
  • Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".

FRST start op:
  • Wanneer het programma is geopend klik dan op de knop Yes bij de disclaimer.
  • Druk vervolgens op de Scan knop.
  • Aansluitend zal een logbestand - FRST.txt en Addition-txt aangemaakt worden en op het bureaublad opgeslagen worden.
  • Post de inhoud van beide logbestanden in jouw volgende bericht.
.
 
Het lukt mij niet om frst 64Bit te downloaden , krijg steeds de melding : Mislukt - virus gedecteerd

--- Update ---

Ok het is gelukt heb frst op het bureaublad gezet en als administrator uitgevoerd dit is wat eruitkwam :

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:14-05-2016
Gestart door rob (Beheerder) op ROB-PC (15-05-2016 17:28:17)
Gestart vanaf C:\Users\rob\Desktop
Geladen Profielen: rob (Beschikbare Profielen: rob)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
( 2015 Microsoft Corporation) C:\Users\rob\AppData\Local\Microsoft\BingSvc\BingSvc.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Draadloos configuratie hulpprogramma\TWCU.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\rob\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\rob\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Run: [Akamai NetSession Interface] => C:\Users\rob\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Run: [BingSvc] => C:\Users\rob\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-05-12] ( 2015 Microsoft Corporation)
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Run: [MurGee.com Auto Clicker] => C:\Users\rob\AppData\Roaming\Auto Clicker\AutoClicker.exe [120304 2015-03-29] (MurGee.com)
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-287123594-389976410-2398887567-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Draadloos configuratie hulpprogramma.lnk [2002-01-01]
ShortcutTarget: TP-LINK Draadloos configuratie hulpprogramma.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Draadloos configuratie hulpprogramma\TWCU.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD [2014-11-25] ()
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD [2014-11-25] ()
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 192.168.192.58
Tcpip\..\Interfaces\{B763039F-8785-4B64-ADA9-9E2EB4DCEC6C}: [DhcpNameServer] 192.168.192.58
Tcpip\..\Interfaces\{ECA803D8-1A06-4154-8F5C-71291DFA5374}: [DhcpNameServer] 192.168.1.254 195.241.77.55 195.241.77.58

Internet Explorer:
==================
HKU\S-1-5-21-287123594-389976410-2398887567-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/
SearchScopes: HKU\S-1-5-21-287123594-389976410-2398887567-1000 -> {1DFC2C56-16DD-4CA0-86A5-C5D2ED5A85EF} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-14] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-07] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-14] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-07] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-14] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-14] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Documenten) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-06]
CHR Extension: (Google Drive) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Offline Documenten) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-12]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2015-06-06]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2015-01-20]

==================== Services (gefilterd) ========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [878368 2013-10-25] (IObit)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-04] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-11-27] (Microsoft Corporation)

===================== Drivers (gefilterd) ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [61440 2009-10-13] (Atheros Communications, Inc.)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 BFNVis64; C:\Windows\system32\drivers\XenoVa64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3341904 2012-03-26] (Broadcom Corporation)
S3 IAMTVE; C:\Windows\system32\drivers\IAMTVE.sys [43416 2007-04-11] (Intel Corporation)
S3 IAMTXPE; C:\Windows\system32\drivers\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation)
S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x64.sys [387344 2012-04-21] (Intel(R) Corporation)
S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X64.sys [77584 2012-04-21] (Intel(R) Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation )
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-05-15 17:28 - 2016-05-15 17:28 - 00013522 _____ C:\Users\rob\Desktop\FRST.txt
2016-05-15 17:25 - 2016-05-15 17:28 - 00000000 ____D C:\FRST
2016-05-15 17:25 - 2016-05-15 17:26 - 00026283 _____ C:\Users\rob\Downloads\Addition.txt
2016-05-15 17:25 - 2016-05-15 17:26 - 00019206 _____ C:\Users\rob\Downloads\FRST.txt
2016-05-15 17:24 - 2016-05-15 17:24 - 02382336 _____ (Farbar) C:\Users\rob\Desktop\FRST64.exe
2016-05-15 17:18 - 2016-05-15 17:18 - 01733120 _____ (Farbar) C:\Users\rob\Downloads\FRST (1).exe
2016-05-15 17:17 - 2016-05-15 17:17 - 01733120 _____ (Farbar) C:\Users\rob\Downloads\FRST.exe
2016-05-12 17:59 - 2016-05-12 17:59 - 00016792 _____ C:\Users\rob\Documents\mbam scanlog.txt
2016-05-01 13:55 - 2016-05-01 13:55 - 00302011 _____ C:\Users\rob\Downloads\WindowsUpdateDiagnostic.diagcab
2016-04-17 19:50 - 2016-04-17 19:50 - 00461472 _____ C:\Users\rob\Documents\pp nl.pptx

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-05-15 17:20 - 2009-07-14 06:45 - 00025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-15 17:20 - 2009-07-14 06:45 - 00025792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-15 17:19 - 2002-01-01 03:36 - 00000000 ____D C:\Users\rob\AppData\Roaming\Skype
2016-05-15 17:03 - 2015-06-06 18:19 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-15 15:58 - 2015-02-05 16:15 - 00000000 ____D C:\Users\rob\AppData\Local\Akamai
2016-05-15 11:57 - 2015-06-06 18:19 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-15 11:57 - 2015-02-06 17:34 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-15 11:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-13 12:07 - 2015-06-06 18:20 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 12:07 - 2015-06-06 18:20 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-12 19:27 - 2015-01-20 08:32 - 00000000 ____D C:\Users\rob\AppData\Local\Google
2016-05-12 18:11 - 2015-01-20 08:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-12 17:58 - 2015-06-06 18:19 - 00004052 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-12 17:58 - 2015-06-06 18:19 - 00003800 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-12 17:57 - 2015-04-06 18:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-12 17:54 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2016-05-12 17:53 - 2015-02-24 11:04 - 00000000 ____D C:\ProgramData\The AdBlocker
2016-05-12 17:47 - 2015-06-26 17:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 17:44 - 2015-04-06 18:21 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-12 17:44 - 2015-04-06 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-12 17:44 - 2015-04-06 18:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-05 12:19 - 2002-01-01 03:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-01 14:14 - 2014-11-27 09:34 - 01635528 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-05-01 14:14 - 2011-04-12 15:00 - 00742452 _____ C:\Windows\system32\perfh013.dat
2016-05-01 14:14 - 2011-04-12 15:00 - 00150682 _____ C:\Windows\system32\perfc013.dat
2016-05-01 14:14 - 2009-07-14 07:13 - 01635528 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-01 14:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-01 13:59 - 2014-01-01 10:55 - 00000000 ____D C:\Users\rob\AppData\Local\ElevatedDiagnostics
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bestanden in de root van sommige mappen =======

2015-01-28 17:45 - 2015-01-28 17:45 - 0000017 _____ () C:\Users\rob\AppData\Local\resmon.resmoncfg

Bestanden om te verplaatsen of verwijderen:
====================
C:\Users\rob\.critauthority.dat


Sommige bestanden in TEMP:
====================
C:\Users\rob\AppData\Local\Temp\bf42b6f18916a804f395bc5ca3f63664.dll
C:\Users\rob\AppData\Local\Temp\BingSvc.exe
C:\Users\rob\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\rob\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\rob\AppData\Local\Temp\e7e6e3c3c244f01d68dc6342d9b219d3.dll
C:\Users\rob\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2016-05-08 15:03

==================== Eind van FRST.txt ============================






Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:14-05-2016
Gestart door rob (2016-05-15 17:28:36)
Gestart vanaf C:\Users\rob\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-01-20 06:03:40)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-287123594-389976410-2398887567-500 - Administrator - Disabled)
Gast (S-1-5-21-287123594-389976410-2398887567-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-287123594-389976410-2398887567-1002 - Limited - Enabled)
rob (S-1-5-21-287123594-389976410-2398887567-1000 - Administrator - Enabled) => C:\Users\rob

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Microsoft Security Essentials (Disabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Disabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Genstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.0.6 - IObit)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Auto Clicker v1.9 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 1.9 - MurGee.com)
Auto Mouse Click v8.1 (HKLM-x32\...\{F5E3859D-0720-41F0-BAF5-4CBCDFD8F406}_is1) (Version: 8.0 - MurGee.com)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation)
Skype 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
TP-LINK 300Mbps Wireless USB Adapter Stuurprogramma (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Draadloos configuratie hulpprogramma (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wolfteam (HKLM-x32\...\Wolfteam) (Version: - )

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {12EFFC1A-B5FF-4E77-AA93-68868C419FE1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4D55F3A1-C8B1-41F9-9E9C-6128AF256A9F} - System32\Tasks\{BD51223B-25D6-4776-A7F8-50F46448F302} => pcalua.exe -a "C:\ProgramData\The AdBlocker\The AdBlocker.exe" -c /progname=The AdBlocker /progver=3.4.2 /progpub=The AdBlocker /proguninstallurl=asdahjka.com /deleteappfolder=0 /VERYSILENT
Task: {56F7BFAB-3F79-4B9F-9AF7-4F9F689DDB2B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-19] (Piriform Ltd)
Task: {92559685-301C-42BF-9404-676637B55A67} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== AANDACHT
Task: {94E446BB-10B9-4DB5-A635-4BC9890A13E9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-12] (Google Inc.)
Task: {BF12DEE4-221D-4BC3-A51E-FC6769BEFD99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-12] (Google Inc.)
Task: {FC9D9496-F9C5-466F-A914-D57AACE266F9} - System32\Tasks\ASC7_SkipUac_rob => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-11-14] (IObit)

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

==================== Geladen Modules (gefilterd) ==============

2015-01-20 08:31 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2002-01-01 01:15 - 2012-10-25 17:19 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Draadloos configuratie hulpprogramma\TWCU.exe
2015-01-20 16:22 - 2013-10-25 13:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2015-02-06 17:38 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-06 17:38 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-06 17:38 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-06 17:38 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-02-06 17:38 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-06 17:38 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-02-06 17:38 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-02-06 17:38 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-02-06 17:38 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-02-06 17:38 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-02-06 17:38 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:59 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2002-01-01 01:15 - 2012-10-25 17:19 - 01403904 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Draadloos configuratie hulpprogramma\nicLan.dll
2002-01-01 01:15 - 2012-12-04 17:22 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Draadloos configuratie hulpprogramma\DC_WFF.dll
2002-01-01 01:15 - 2012-10-25 17:19 - 00293376 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Draadloos configuratie hulpprogramma\WJRtl.dll
2015-02-06 17:38 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-05-13 12:07 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 12:07 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-05-13 12:07 - 2016-05-11 13:48 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)

AlternateDataStreams: C:\Windows\system32\OEMLOGO.BMP:com.dropbox.attributes [324]

==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)

IE trusted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\aeriagames.com -> hxxp://aeriagames.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-287123594-389976410-2398887567-1000\...\100sexlinks.com -> 100sexlinks.com

Er zijn 4788 Meer websites.


==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-287123594-389976410-2398887567-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\rob\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.192.58
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

(Momenteel is er geen automatische fix voor dit onderdeel.)


==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [TCP Query User{54DEE0FF-3582-4BAF-B556-A41772C777CD}C:\users\rob\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rob\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5F85D031-791D-44B1-B5AD-3D88EEEFEE1D}C:\users\rob\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\rob\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{64FB1E26-602F-45AA-A4D3-536F398C8FB7}C:\aeriagames\wolfteam\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam\wolfteam.bin
FirewallRules: [UDP Query User{93EACD1A-237D-4F59-8422-6CFE37931ADE}C:\aeriagames\wolfteam\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam\wolfteam.bin
FirewallRules: [{E0958F68-617B-4C3F-A607-3136DA78C308}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB1D97A-AFBB-4794-B35B-72561F6E3985}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{928F0BCA-34E4-467E-B55F-951E810DE4FD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2A311D62-9421-446D-91D4-D53FACD33EED}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{63DBE846-4EB6-449A-813B-7AE34DB9CD56}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{85506330-57D5-4D1F-9AAD-C2CA812B9C49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{8B192CBF-A442-4270-B2A8-EC4E75A8FB24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{8911592B-233C-40F4-AC70-DB7C92018306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{B9919B76-F7CA-47BA-926C-E7E121DB0BC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{9F0346F5-7C31-448A-A577-4D576BD7C083}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{3EA7EAAA-5CEB-4260-88F8-EDAE2FABE117}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [TCP Query User{C866FCFE-537E-405A-B037-FFA0C6C18CD0}C:\users\rob\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rob\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7D9632C0-5F6D-452E-BA8E-1AD2AF5EFDC2}C:\users\rob\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\rob\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{47BA36F4-49B3-4F9C-B9FD-0C04797B91AD}C:\aeriagames\wolfteam\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam\wolfteam.bin
FirewallRules: [UDP Query User{E33EF7F2-2A18-4526-B7F9-A97EB26B0CFF}C:\aeriagames\wolfteam\wolfteam.bin] => (Allow) C:\aeriagames\wolfteam\wolfteam.bin
FirewallRules: [{E5EFD8F5-1728-4A52-8C2F-CC835B764869}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Herstelpunten =========================

06-05-2016 15:02:08 Windows Update
07-05-2016 22:28:07 Windows Update
08-05-2016 21:36:22 Windows Update
10-05-2016 21:32:58 Windows Update
12-05-2016 10:27:34 Windows Update
14-05-2016 22:33:50 Windows Update

==================== Defecte Apparaatbeheer Apparaten =============

Name: Standaard-PS/2-toetsenbord
Description: Standaard-PS/2-toetsenbord
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (standaardtoetsenbord)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (05/15/2016 03:58:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: rob-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rob\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (05/15/2016 03:58:17 PM) (Source: MsiInstaller) (EventID: 11310) (User: rob-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rob\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (05/15/2016 11:58:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2016 11:58:35 AM) (Source: MsiInstaller) (EventID: 11310) (User: rob-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rob\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (05/15/2016 11:57:50 AM) (Source: MsiInstaller) (EventID: 11310) (User: rob-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rob\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (05/14/2016 08:49:42 PM) (Source: MsiInstaller) (EventID: 11310) (User: rob-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rob\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (05/14/2016 08:49:23 PM) (Source: MsiInstaller) (EventID: 11310) (User: rob-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rob\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (05/14/2016 03:59:08 PM) (Source: MsiInstaller) (EventID: 11310) (User: rob-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rob\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (05/14/2016 03:58:50 PM) (Source: MsiInstaller) (EventID: 11310) (User: rob-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\rob\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (05/14/2016 11:51:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systeemfouten:
=============
Error: (05/15/2016 11:56:59 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN-uitbreidingsmodule kan niet worden gestart.

Pad naar module: C:\Windows\system32\Rtlihvs.dll
Foutcode: 126

Error: (05/15/2016 11:56:55 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (05/15/2016 11:56:55 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (05/14/2016 10:59:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80070308: KB3108664: Beveiligingsupdate voor Windows 7 voor x64-systemen.

Error: (05/14/2016 10:59:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80070308: Beveiligingsupdate voor Microsoft .NET Framework 3.5.1 op Windows 7 en Windows Server 2008 R2 SP1 voor x64 (KB3127220).

Error: (05/14/2016 10:59:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80070308: KB3075226: Beveiligingsupdate voor Windows 7 voor x64-systemen.

Error: (05/14/2016 10:59:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80070308: KB3147071: Update voor Windows 7 voor x64-systemen.

Error: (05/14/2016 10:58:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80070308: KB3138901: Update voor Windows 7 voor x64-systemen.

Error: (05/14/2016 10:58:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80070308: KB3084135: Beveiligingsupdate voor Windows 7 voor x64-systemen.

Error: (05/14/2016 10:58:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden genstalleerd, foutcode 0x80070308: KB3115858: Beveiligingsupdate voor Windows 7 voor x64-systemen.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage geheugen in gebruik: 36%
Totaal fysiek RAM-geheugen: 4095.11 MB
Beschikbaar fysiek RAM-geheugen: 2599.13 MB
Totaal Virtueel geheugen: 8188.43 MB
Beschikbaar Virtual geheugen: 6180.32 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:397.33 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)]

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00050920)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Eind van Addition.txt ============================
 
Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


We gaan
51a5c8edc4692-icon1337952077.png
Schakel in de Add-ons van Firefox Avast SafePrice uit.


Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer en plak de volgende (blauwe tekst in het code-venster) in het lege kladblokvenster.

Code:
[B][color=#0000FF]
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

C:\Users\rob\AppData\Local\Temp\bf42b6f18916a804f3 95bc5ca3f63664.dll
C:\Users\rob\AppData\Local\Temp\e7e6e3c3c244f01d68 dc6342d9b219d3.dll

cmd: ipconfig /flushdns
cmd: netsh winsock reset
[/COLOR][/B]

Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
  • Als het programma wordt gestart, klik dan op Ja in de popup.
  • Druk op de Fix knop.
  • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:16-05-2016
Gestart door rob (2016-05-16 18:59:54) Run:1
Gestart vanaf C:\Users\rob\Desktop
Geladen Profielen: rob (Beschikbare Profielen: rob)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************

start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

C:\Users\rob\AppData\Local\Temp\bf42b6f18916a804f3 95bc5ca3f63664.dll
C:\Users\rob\AppData\Local\Temp\e7e6e3c3c244f01d68 dc6342d9b219d3.dll

cmd: ipconfig /flushdns
cmd: netsh winsock reset
*****************

Herstelpunt is succesfol gemaakt.
Proces succesvol afgesloten.
"C:\Users\rob\AppData\Local\Temp\bf42b6f18916a804f3 95bc5ca3f63664.dll" => niet gevonden.
"C:\Users\rob\AppData\Local\Temp\e7e6e3c3c244f01d68 dc6342d9b219d3.dll" => niet gevonden.

========= ipconfig /flushdns =========


Windows IP-configuratie

De DNS-omzettingscache is leeggemaakt.

========= Eind van CMD: =========


========= netsh winsock reset =========


De Winsock-catalogus is opnieuw ingesteld.
De computer dient opnieuw te worden opgestart om het opnieuw instellen te voltooien.


========= Eind van CMD: =========

EmptyTemp: => 726.7 MB tijdelijke gegevens verwijderd.


Het systeem moest herstart worden.

==== Eind van Fixlog 19:00:26 ====
 
Graag de twee logs in n keer posten - gebruik de tools in de volgorde zoals aangegeven.

Stap 1
Download
51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg
Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:
  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van dit log in je volgende bericht.

Stap 2
Download
52186926180a1-adwcleaner_nieuw.png
AdwCleaner by Xplode.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
AdwCleaner opstarten:
  • Windows 2000 en Windows XP: dubbelklik op adwcleaner.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".
AdwCleaner is opgestart:
  • Klik op de knop Scan
  • Is de scan gereed, klik dan op de knop Verwijderen
  • Klik bij AdwCleaner Afsluiting van de programma's op OK
  • Klik bij AdwCleaner Herstarten noodzakelijk op OK
AdwCleaner logbestand:
  • Nadat de PC opnieuw is opgestart, opent een logfile.
  • Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0, of 1, of 2].txt
  • Post vervolgens de inhoud van dit log in je volgende bericht.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Ultimate x64
Ran by rob (Administrator) on di 17-05-2016 at 15:29:18,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 17

Failed to delete: C:\Users\rob\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8AME6VC1 (Temporary Internet Files Folder)
Failed to delete: C:\Users\rob\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JLZ2OBG4 (Temporary Internet Files Folder)
Successfully deleted: C:\ProgramData\5030274c000025f1 (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\rob\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\LaunchSignup (Task)
Successfully deleted: C:\Users\rob\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\80W50Q7A (Temporary Internet Files Folder)
Successfully deleted: C:\Users\rob\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OZWQBNX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARINSTALLER_UPDATE-81DDC37D.pf (File)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARINSTALLER_UPDATE-81EACBF9.pf (File)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARMANAGER_A6282D74-3DB3249A.pf (File)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARMANAGER_F3B2E431-9C6578A6.pf (File)
Successfully deleted: C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-5F22D041.pf (File)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\80W50Q7A (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8AME6VC1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9OZWQBNX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JLZ2OBG4 (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 17-05-2016 at 15:32:09,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v5.117 - Logbestand aangemaakt 17/05/2016 op 15:33:43
# Laatste update 15/05/2016 door Xplode
# Database : 2016-05-15.2 [Server]
# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (X64)
# Gebruikersnaam : rob - ROB-PC
# Gestart vanuit : C:\Users\rob\Desktop\adwcleaner_5.117.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum

***** [ Services ] *****


***** [ Mappen ] *****

[-] Map verwijderd : C:\ProgramData\The AdBlocker
[-] Map verwijderd : C:\ProgramData\{036a5528-729e-a98f-036a-a552872954a1}
[-] Map verwijderd : C:\ProgramData\{23cdb6e5-81a7-add1-23cd-db6e581adb96}
[#] Map verwijderd : C:\ProgramData\Application Data\The AdBlocker
[#] Map verwijderd : C:\ProgramData\Application Data\{036a5528-729e-a98f-036a-a552872954a1}
[#] Map verwijderd : C:\ProgramData\Application Data\{23cdb6e5-81a7-add1-23cd-db6e581adb96}
[-] Map verwijderd : C:\Program Files (x86)\Mail Control
[-] Map verwijderd : C:\Program Files (x86)\CheaapMe
[-] Map verwijderd : C:\Program Files (x86)\EExstrraCoupon
[-] Map verwijderd : C:\Program Files (x86)\ISuaver
[-] Map verwijderd : C:\Program Files (x86)\SHoppDDRop
[-] Map verwijderd : C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

***** [ Bestanden ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Snelkoppelingen ] *****


***** [ Geplande taken ] *****


***** [ Register ] *****

[-] Sleutel verwijderd : HKLM\SOFTWARE\3a0a591f-8294-d11d-9d07-3df03c117c51
[-] Sleutel verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Sleutel verwijderd : HKCU\Software\Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Sleutel verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Sleutel verwijderd : HKCU\Software\WEBAPP
[-] Sleutel verwijderd : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Sleutel verwijderd : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Sleutel verwijderd : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Sleutel verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Sleutel verwijderd : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

***** [ Internetbrowsers ] *****

[-] [C:\Users\rob\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] verwijderd : nfengeggddojhakldhlpjdlddgkkjkdd

*************************

:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3165 bytes] - [17/05/2016 15:33:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [3345 bytes] - [17/05/2016 15:32:35]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3311 bytes] ##########
 
Download
51c590ce361e7-ComboFix_resized_2.png
ComboFix via n van deze locaties:
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!

Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
ComboFix opstarten:
  • Windows Vista, Windows 7 en Windows 8: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".
ComboFix is opgestart:
  • Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
  • Combofix sluit tijdens de scan de internet verbinding probeer deze tussentijds niet te herstellen!
  • Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
  • Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
  • Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
  • Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt
Belangrijke opmerking:
  • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Start dan de computer opnieuw op.
 
[hjt]
combofix 16-04-29.01 - rob 17-05-2016 17:34:33.1.2 - x64
microsoft windows 7 ultimate 6.1.7601.1.1252.31.1043.18.4095.2721 [gmt 2:00]
gestart vanuit: c:\users\rob\desktop\combofix.exe
av: microsoft security essentials *disabled/updated* {768124d7-f5f7-6d2f-ddc2-94dfa4017c95}
sp: microsoft security essentials *disabled/updated* {cde0c533-d3cd-62a1-e772-afaddf863628}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
.
(((((((((((((((((((( bestanden gemaakt van 2016-04-17 to 2016-05-17 ))))))))))))))))))))))))))))))
.
.
2016-05-17 15:39 . 2016-05-17 15:39 -------- d-----w- c:\users\default\appdata\local\temp
2016-05-17 13:36 . 2016-05-17 13:36 -------- d-----w- c:\users\rob\appdata\roaming\productdata
2016-05-17 13:32 . 2016-05-17 13:33 -------- d-----w- c:\adwcleaner
2016-05-15 15:32 . 2016-04-20 01:13 11695896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3a09a84e-636e-4d18-92b4-4b5c84b2c61f}\mpengine.dll
2016-05-15 15:25 . 2016-05-16 17:02 -------- d-----w- c:\frst
2016-05-15 10:12 . 2016-05-15 10:12 1167568 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{46f10047-42d0-4c11-b987-c0e5b32725f3}\gapaengine.dll
2016-05-08 09:34 . 2016-04-20 01:13 11695896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-12 15:57 . 2015-04-06 16:21 192216 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2016-04-22 07:57 . 2010-11-21 03:27 453288 ------w- c:\windows\system32\mpsigstub.exe
2016-03-10 12:09 . 2015-04-06 16:21 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-10 12:08 . 2015-04-06 16:21 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-10 12:08 . 2015-04-06 16:21 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-07 12:14 . 2016-03-07 12:14 97888 ----a-w- c:\windows\syswow64\windowsaccessbridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_current_user\software\microsoft\windows\currentversion\run]
"akamai netsession interface"=c:\users\rob\appdata\local\akamai\netsession_win.exe [2014-10-29 4673432]
"steam"=c:\program files (x86)\steam\steam.exe [2016-04-30 3077712]
"skype"=c:\program files (x86)\skype\phone\skype.exe [2016-02-10 50599552]
"bingsvc"=c:\users\rob\appdata\local\microsoft\bingsvc\bingsvc.exe [2016-05-12 144008]
"murgee.com auto clicker"=c:\users\rob\appdata\roaming\auto clicker\autoclicker.exe [2015-03-29 120304]
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
"aeria ignite"=c:\program files (x86)\aeria games\ignite\aeriaignite.exe [2013-06-06 1925656]
"sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe [2016-01-29 594992]
.
c:\programdata\microsoft\windows\start menu\programs\startup\
tp-link draadloos configuratie hulpprogramma.lnk - c:\program files (x86)\tp-link\tp-link draadloos configuratie hulpprogramma\twcu.exe -nogui [2002-1-1 846848]
.
c:\users\default user\appdata\roaming\microsoft\windows\start menu\programs\startup\
run.cmd [2014-11-25 9338]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 0 (0x0)
"consentpromptbehavioruser"= 0 (0x0)
"enableuiadesktoptoggle"= 0 (0x0)
.
[hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
"noresolvetrack"= 1 (0x1)
.
[hkey_local_machine\software\wow6432node\microsoft\windows nt\currentversion\windows]
"loadappinit_dlls"=1 (0x1)
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\msmpsvc]
@="service"
.
r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [x]
r2 liveupdatesvc;liveupdate;c:\program files (x86)\iobit\liveupdate\liveupdate.exe;c:\program files (x86)\iobit\liveupdate\liveupdate.exe [x]
r2 skypeupdate;skype updater;c:\program files (x86)\skype\updater\updater.exe;c:\program files (x86)\skype\updater\updater.exe [x]
r3 b06diag;broadcom netxtreme ii diag driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\sysnative\drivers\bxdiaga.sys [x]
r3 bfn7x64;bigfoot networks killer gaming service;c:\windows\system32\drivers\xeno7x64.sys;c:\windows\sysnative\drivers\xeno7x64.sys [x]
r3 bfnvis64;bigfoot networks killer gaming service;c:\windows\system32\drivers\xenova64.sys;c:\windows\sysnative\drivers\xenova64.sys [x]
r3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys;c:\windows\sysnative\drivers\bxfcoe.sys [x]
r3 bxois;bxois;c:\windows\system32\drivers\bxois.sys;c:\windows\sysnative\drivers\bxois.sys [x]
r3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\sysnative\drivers\dmvsc.sys [x]
r3 eaglex64;eaglex64;c:\windows\system32\drivers\eaglex64.sys;c:\windows\sysnative\drivers\eaglex64.sys [x]
r3 iamtve;stuurprogramma voor intel(r) active management technology - kcs;c:\windows\system32\drivers\iamtve.sys;c:\windows\sysnative\drivers\iamtve.sys [x]
r3 iamtxpe;stuurprogramma voor intel(r) active management technology - kcs;c:\windows\system32\drivers\iamtxpe.sys;c:\windows\sysnative\drivers\iamtxpe.sys [x]
r3 ieetwcollectorservice;internet explorer etw collector service;c:\windows\system32\ieetwcollector.exe;c:\windows\sysnative\ieetwcollector.exe [x]
r3 ifcoemp;ifcoemp;c:\windows\system32\drivers\ifm60x64.sys;c:\windows\sysnative\drivers\ifm60x64.sys [x]
r3 ifcoevb;ifcoevb;c:\windows\system32\drivers\ifp60x64.sys;c:\windows\sysnative\drivers\ifp60x64.sys [x]
r3 ioatdma1;ioatdma1;c:\windows\system32\drivers\qd162x64.sys;c:\windows\sysnative\drivers\qd162x64.sys [x]
r3 ioatdma2;intel(r) quickdata technology device ver.2;c:\windows\system32\drivers\qd262x64.sys;c:\windows\sysnative\drivers\qd262x64.sys [x]
r3 nisdrv;microsoft network inspection system;c:\windows\system32\drivers\nisdrvwfp.sys;c:\windows\sysnative\drivers\nisdrvwfp.sys [x]
r3 nissrv;microsoft netwerkinspectie;c:\program files\microsoft security client\nissrv.exe;c:\program files\microsoft security client\nissrv.exe [x]
r3 rdpvideominiport;remote desktop video miniport driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\sysnative\drivers\rdpvideominiport.sys [x]
r3 synth3dvsc;synth3dvsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\sysnative\drivers\synth3dvsc.sys [x]
r3 terminpt;microsoft remote desktop input driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\sysnative\drivers\terminpt.sys [x]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\sysnative\drivers\tsusbflt.sys [x]
r3 tsusbgd;remote desktop generic usb device;c:\windows\system32\drivers\tsusbgd.sys;c:\windows\sysnative\drivers\tsusbgd.sys [x]
r3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\sysnative\drivers\tsusbhub.sys [x]
r3 vgpu;vgpu;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\sysnative\drivers\rdvgkmd.sys [x]
r3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe;c:\windows\sysnative\wat\watadminsvc.exe [x]
r3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
r3 xspirit;xspirit;c:\windows\xspirit.sys;c:\windows\xspirit.sys [x]
s2 advancedsystemcareservice7;advanced systemcare service 7;c:\program files (x86)\iobit\advanced systemcare 7\ascservice.exe;c:\program files (x86)\iobit\advanced systemcare 7\ascservice.exe [x]
s2 amd external events utility;amd external events utility;c:\windows\system32\atiesrxx.exe;c:\windows\sysnative\atiesrxx.exe [x]
s2 c2cautoupdatesvc;skype click to call updater;c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe;c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe [x]
s2 c2cpnrsvc;skype click to call pnr service;c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe;c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe [x]
s2 diagtrack;diagnostics tracking service;c:\windows\system32\svchost.exe;c:\windows\sysnative\svchost.exe [x]
s3 atcl001;ndis miniport driver for atheros l1 gigabit ethernet controller;c:\windows\system32\drivers\l160x64.sys;c:\windows\sysnative\drivers\l160x64.sys [x]
s3 rtl8192cu;300mbps wireless usb adapter;c:\windows\system32\drivers\rtl8192cu.sys;c:\windows\sysnative\drivers\rtl8192cu.sys [x]
.
.
--- andere services/drivers in geheugen ---
.
*newlycreated* - ws2ifsl
.
[hkey_local_machine\software\wow6432node\microsoft\active setup\installed components\{8a69d345-d564-463c-aff1-a69d9e530f96}]
2016-05-13 10:04 1186968 ----a-w- c:\program files (x86)\google\chrome\application\50.0.2661.102\installer\chrmstp.exe
.
inhoud van de 'gedeelde taken' map
.
2016-05-17 c:\windows\tasks\googleupdatetaskmachinecore.job
- c:\program files (x86)\google\update\googleupdate.exe [2015-06-06 15:55]
.
2016-05-17 c:\windows\tasks\googleupdatetaskmachineua.job
- c:\program files (x86)\google\update\googleupdate.exe [2015-06-06 15:55]
.
.
--------- x64 entries -----------
.
.
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"msc"=c:\program files\microsoft security client\msseces.exe [2016-01-29 1340192]
.
------- bijkomende scan -------
.
ulocal page = c:\windows\system32\blank.htm
ustart page = hxxp://www.google.nl/
mlocal page = c:\windows\syswow64\blank.htm
uinternet settings,proxyoverride = <local>
ie: e&xporteren naar microsoft excel - c:\progra~2\micros~2\office12\excel.exe/3000
ie: {{07ba1da9-f501-4796-8728-74d1b91a6cd5} - c:\program files (x86)\pokerstars.eu\pokerstarsupdate.exe
trusted zone: aeriagames.com
tcp: dhcpnameserver = 192.168.192.58
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}]
@denied: (a 2) (everyone)
@="flashbroker"
"localizedstring"="@c:\\windows\\system32\\macromed\\flash\\flashutil64_17_0_0_188_activex.exe,-101"
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\elevation]
"enabled"=dword:00000001
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\localserver32]
@=c:\\windows\\system32\\macromed\\flash\\flashutil64_17_0_0_188_activex.exe
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}]
@denied: (a 2) (everyone)
@="iflashbroker6"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\proxystubclsid32]
@="{00020424-0000-0000-c000-000000000046}"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
"version"="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}]
@denied: (a 2) (everyone)
@="flashbroker"
"localizedstring"="@c:\\windows\\syswow64\\macromed\\flash\\flashutil32_17_0_0_188_activex.exe,-101"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\elevation]
"enabled"=dword:00000001
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\localserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flashutil32_17_0_0_188_activex.exe
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="shockwave flash object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_17_0_0_188.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\miscstatus]
@="0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\progid]
@="shockwaveflash.shockwaveflash.17"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_17_0_0_188.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="shockwaveflash.shockwaveflash"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="macromedia flash factory object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_17_0_0_188.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\progid]
@="flashfactory.flashfactory.1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_17_0_0_188.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="flashfactory.flashfactory"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}]
@denied: (a 2) (everyone)
@="iflashbroker6"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\proxystubclsid32]
@="{00020424-0000-0000-c000-000000000046}"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
"version"="1.0"
.
[hkey_local_machine\system\controlset001\control\pcw\security]
@denied: (full) (everyone)
.
------------------------ andere aktieve processen ------------------------
.
c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
.
**************************************************************************
.
voltooingstijd: 2016-05-17 17:45:54 - machine werd herstart
combofix-quarantined-files.txt 2016-05-17 15:45
.
pre-run: 427.347.795.968 bytes beschikbaar
post-run: 426.953.428.992 bytes beschikbaar
.
- - end of file - - 76b3449847ee5af7045abe9f31122676
a36c5e4f47e84449ff07ed3517b43a31

[/hjt]

--- Update ---

[hjt]
combofix 16-04-29.01 - rob 17-05-2016 17:34:33.1.2 - x64
microsoft windows 7 ultimate 6.1.7601.1.1252.31.1043.18.4095.2721 [gmt 2:00]
gestart vanuit: c:\users\rob\desktop\combofix.exe
av: microsoft security essentials *disabled/updated* {768124d7-f5f7-6d2f-ddc2-94dfa4017c95}
sp: microsoft security essentials *disabled/updated* {cde0c533-d3cd-62a1-e772-afaddf863628}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
.
(((((((((((((((((((( bestanden gemaakt van 2016-04-17 to 2016-05-17 ))))))))))))))))))))))))))))))
.
.
2016-05-17 15:39 . 2016-05-17 15:39 -------- d-----w- c:\users\default\appdata\local\temp
2016-05-17 13:36 . 2016-05-17 13:36 -------- d-----w- c:\users\rob\appdata\roaming\productdata
2016-05-17 13:32 . 2016-05-17 13:33 -------- d-----w- c:\adwcleaner
2016-05-15 15:32 . 2016-04-20 01:13 11695896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3a09a84e-636e-4d18-92b4-4b5c84b2c61f}\mpengine.dll
2016-05-15 15:25 . 2016-05-16 17:02 -------- d-----w- c:\frst
2016-05-15 10:12 . 2016-05-15 10:12 1167568 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{46f10047-42d0-4c11-b987-c0e5b32725f3}\gapaengine.dll
2016-05-08 09:34 . 2016-04-20 01:13 11695896 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-12 15:57 . 2015-04-06 16:21 192216 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2016-04-22 07:57 . 2010-11-21 03:27 453288 ------w- c:\windows\system32\mpsigstub.exe
2016-03-10 12:09 . 2015-04-06 16:21 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-10 12:08 . 2015-04-06 16:21 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-10 12:08 . 2015-04-06 16:21 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-07 12:14 . 2016-03-07 12:14 97888 ----a-w- c:\windows\syswow64\windowsaccessbridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_current_user\software\microsoft\windows\currentversion\run]
"akamai netsession interface"=c:\users\rob\appdata\local\akamai\netsession_win.exe [2014-10-29 4673432]
"steam"=c:\program files (x86)\steam\steam.exe [2016-04-30 3077712]
"skype"=c:\program files (x86)\skype\phone\skype.exe [2016-02-10 50599552]
"bingsvc"=c:\users\rob\appdata\local\microsoft\bingsvc\bingsvc.exe [2016-05-12 144008]
"murgee.com auto clicker"=c:\users\rob\appdata\roaming\auto clicker\autoclicker.exe [2015-03-29 120304]
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
"aeria ignite"=c:\program files (x86)\aeria games\ignite\aeriaignite.exe [2013-06-06 1925656]
"sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe [2016-01-29 594992]
.
c:\programdata\microsoft\windows\start menu\programs\startup\
tp-link draadloos configuratie hulpprogramma.lnk - c:\program files (x86)\tp-link\tp-link draadloos configuratie hulpprogramma\twcu.exe -nogui [2002-1-1 846848]
.
c:\users\default user\appdata\roaming\microsoft\windows\start menu\programs\startup\
run.cmd [2014-11-25 9338]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 0 (0x0)
"consentpromptbehavioruser"= 0 (0x0)
"enableuiadesktoptoggle"= 0 (0x0)
.
[hkey_current_user\software\microsoft\windows\currentversion\policies\explorer]
"noresolvetrack"= 1 (0x1)
.
[hkey_local_machine\software\wow6432node\microsoft\windows nt\currentversion\windows]
"loadappinit_dlls"=1 (0x1)
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\msmpsvc]
@="service"
.
r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [x]
r2 liveupdatesvc;liveupdate;c:\program files (x86)\iobit\liveupdate\liveupdate.exe;c:\program files (x86)\iobit\liveupdate\liveupdate.exe [x]
r2 skypeupdate;skype updater;c:\program files (x86)\skype\updater\updater.exe;c:\program files (x86)\skype\updater\updater.exe [x]
r3 b06diag;broadcom netxtreme ii diag driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\sysnative\drivers\bxdiaga.sys [x]
r3 bfn7x64;bigfoot networks killer gaming service;c:\windows\system32\drivers\xeno7x64.sys;c:\windows\sysnative\drivers\xeno7x64.sys [x]
r3 bfnvis64;bigfoot networks killer gaming service;c:\windows\system32\drivers\xenova64.sys;c:\windows\sysnative\drivers\xenova64.sys [x]
r3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys;c:\windows\sysnative\drivers\bxfcoe.sys [x]
r3 bxois;bxois;c:\windows\system32\drivers\bxois.sys;c:\windows\sysnative\drivers\bxois.sys [x]
r3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\sysnative\drivers\dmvsc.sys [x]
r3 eaglex64;eaglex64;c:\windows\system32\drivers\eaglex64.sys;c:\windows\sysnative\drivers\eaglex64.sys [x]
r3 iamtve;stuurprogramma voor intel(r) active management technology - kcs;c:\windows\system32\drivers\iamtve.sys;c:\windows\sysnative\drivers\iamtve.sys [x]
r3 iamtxpe;stuurprogramma voor intel(r) active management technology - kcs;c:\windows\system32\drivers\iamtxpe.sys;c:\windows\sysnative\drivers\iamtxpe.sys [x]
r3 ieetwcollectorservice;internet explorer etw collector service;c:\windows\system32\ieetwcollector.exe;c:\windows\sysnative\ieetwcollector.exe [x]
r3 ifcoemp;ifcoemp;c:\windows\system32\drivers\ifm60x64.sys;c:\windows\sysnative\drivers\ifm60x64.sys [x]
r3 ifcoevb;ifcoevb;c:\windows\system32\drivers\ifp60x64.sys;c:\windows\sysnative\drivers\ifp60x64.sys [x]
r3 ioatdma1;ioatdma1;c:\windows\system32\drivers\qd162x64.sys;c:\windows\sysnative\drivers\qd162x64.sys [x]
r3 ioatdma2;intel(r) quickdata technology device ver.2;c:\windows\system32\drivers\qd262x64.sys;c:\windows\sysnative\drivers\qd262x64.sys [x]
r3 nisdrv;microsoft network inspection system;c:\windows\system32\drivers\nisdrvwfp.sys;c:\windows\sysnative\drivers\nisdrvwfp.sys [x]
r3 nissrv;microsoft netwerkinspectie;c:\program files\microsoft security client\nissrv.exe;c:\program files\microsoft security client\nissrv.exe [x]
r3 rdpvideominiport;remote desktop video miniport driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\sysnative\drivers\rdpvideominiport.sys [x]
r3 synth3dvsc;synth3dvsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\sysnative\drivers\synth3dvsc.sys [x]
r3 terminpt;microsoft remote desktop input driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\sysnative\drivers\terminpt.sys [x]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\sysnative\drivers\tsusbflt.sys [x]
r3 tsusbgd;remote desktop generic usb device;c:\windows\system32\drivers\tsusbgd.sys;c:\windows\sysnative\drivers\tsusbgd.sys [x]
r3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\sysnative\drivers\tsusbhub.sys [x]
r3 vgpu;vgpu;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\sysnative\drivers\rdvgkmd.sys [x]
r3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe;c:\windows\sysnative\wat\watadminsvc.exe [x]
r3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
r3 xspirit;xspirit;c:\windows\xspirit.sys;c:\windows\xspirit.sys [x]
s2 advancedsystemcareservice7;advanced systemcare service 7;c:\program files (x86)\iobit\advanced systemcare 7\ascservice.exe;c:\program files (x86)\iobit\advanced systemcare 7\ascservice.exe [x]
s2 amd external events utility;amd external events utility;c:\windows\system32\atiesrxx.exe;c:\windows\sysnative\atiesrxx.exe [x]
s2 c2cautoupdatesvc;skype click to call updater;c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe;c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe [x]
s2 c2cpnrsvc;skype click to call pnr service;c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe;c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe [x]
s2 diagtrack;diagnostics tracking service;c:\windows\system32\svchost.exe;c:\windows\sysnative\svchost.exe [x]
s3 atcl001;ndis miniport driver for atheros l1 gigabit ethernet controller;c:\windows\system32\drivers\l160x64.sys;c:\windows\sysnative\drivers\l160x64.sys [x]
s3 rtl8192cu;300mbps wireless usb adapter;c:\windows\system32\drivers\rtl8192cu.sys;c:\windows\sysnative\drivers\rtl8192cu.sys [x]
.
.
--- andere services/drivers in geheugen ---
.
*newlycreated* - ws2ifsl
.
[hkey_local_machine\software\wow6432node\microsoft\active setup\installed components\{8a69d345-d564-463c-aff1-a69d9e530f96}]
2016-05-13 10:04 1186968 ----a-w- c:\program files (x86)\google\chrome\application\50.0.2661.102\installer\chrmstp.exe
.
inhoud van de 'gedeelde taken' map
.
2016-05-17 c:\windows\tasks\googleupdatetaskmachinecore.job
- c:\program files (x86)\google\update\googleupdate.exe [2015-06-06 15:55]
.
2016-05-17 c:\windows\tasks\googleupdatetaskmachineua.job
- c:\program files (x86)\google\update\googleupdate.exe [2015-06-06 15:55]
.
.
--------- x64 entries -----------
.
.
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"msc"=c:\program files\microsoft security client\msseces.exe [2016-01-29 1340192]
.
------- bijkomende scan -------
.
ulocal page = c:\windows\system32\blank.htm
ustart page = hxxp://www.google.nl/
mlocal page = c:\windows\syswow64\blank.htm
uinternet settings,proxyoverride = <local>
ie: e&xporteren naar microsoft excel - c:\progra~2\micros~2\office12\excel.exe/3000
ie: {{07ba1da9-f501-4796-8728-74d1b91a6cd5} - c:\program files (x86)\pokerstars.eu\pokerstarsupdate.exe
trusted zone: aeriagames.com
tcp: dhcpnameserver = 192.168.192.58
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}]
@denied: (a 2) (everyone)
@="flashbroker"
"localizedstring"="@c:\\windows\\system32\\macromed\\flash\\flashutil64_17_0_0_188_activex.exe,-101"
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\elevation]
"enabled"=dword:00000001
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\localserver32]
@=c:\\windows\\system32\\macromed\\flash\\flashutil64_17_0_0_188_activex.exe
.
[hkey_local_machine\software\classes\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}]
@denied: (a 2) (everyone)
@="iflashbroker6"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\proxystubclsid32]
@="{00020424-0000-0000-c000-000000000046}"
.
[hkey_local_machine\software\classes\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
"version"="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}]
@denied: (a 2) (everyone)
@="flashbroker"
"localizedstring"="@c:\\windows\\syswow64\\macromed\\flash\\flashutil32_17_0_0_188_activex.exe,-101"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\elevation]
"enabled"=dword:00000001
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\localserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flashutil32_17_0_0_188_activex.exe
.
[hkey_local_machine\software\classes\wow6432node\clsid\{b019e3bf-e7e5-453c-a2e4-d2c18ca0866f}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="shockwave flash object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_17_0_0_188.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\miscstatus]
@="0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\progid]
@="shockwaveflash.shockwaveflash.17"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_17_0_0_188.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb6e-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="shockwaveflash.shockwaveflash"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}]
@denied: (a 2) (everyone)
@="macromedia flash factory object"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\inprocserver32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_17_0_0_188.ocx
"threadingmodel"="apartment"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\progid]
@="flashfactory.flashfactory.1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\toolboxbitmap32]
@=c:\\windows\\syswow64\\macromed\\flash\\flash32_17_0_0_188.ocx, 1"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\typelib]
@="{d27cdb6b-ae6d-11cf-96b8-444553540000}"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\version]
@="1.0"
.
[hkey_local_machine\software\classes\wow6432node\clsid\{d27cdb70-ae6d-11cf-96b8-444553540000}\versionindependentprogid]
@="flashfactory.flashfactory"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}]
@denied: (a 2) (everyone)
@="iflashbroker6"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\proxystubclsid32]
@="{00020424-0000-0000-c000-000000000046}"
.
[hkey_local_machine\software\classes\wow6432node\interface\{299817da-1fac-4ce2-8f48-a108237013bd}\typelib]
@="{fab3e735-69c7-453b-a446-b6823c6df1c9}"
"version"="1.0"
.
[hkey_local_machine\system\controlset001\control\pcw\security]
@denied: (full) (everyone)
.
------------------------ andere aktieve processen ------------------------
.
c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
.
**************************************************************************
.
voltooingstijd: 2016-05-17 17:45:54 - machine werd herstart
combofix-quarantined-files.txt 2016-05-17 15:45
.
pre-run: 427.347.795.968 bytes beschikbaar
post-run: 426.953.428.992 bytes beschikbaar
.
- - end of file - - 76b3449847ee5af7045abe9f31122676
a36c5e4f47e84449ff07ed3517b43a31
[/hjt]
 
Dat ziet er goed uit.


Ga naar de site van de
51a5de408905c-th_EsetLogo.png
ESET Online Scanner
  • Klik op de knop ESET Online Scanner
  • Zet een vinkje bij YES, I accept the Terms of Use
  • Klik op Start
  • Sta het ActiveX control toe om te installeren.
    • Zet een vinkje bij de volgende opties:
    • Enable detection of potentially unwanted applications
    • Indien verborgen, open vervolgens Advanced Settings en vink ondervermelde instellingen aan
    • Remove found threats
    • Scan archives
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • Notabene: deaktiveer tijdelijk de eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • Klik op Start
  • De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
  • is de scan klaar, daarna mag jij het venster sluiten omdat de scan klaar is.
  • Ga vervolgens naar C:\Program Files\ESET\ESET Online Scanner (Windows 64-bit: C:\Program Files (x86)\ESET\ESET Online Scanner) en klik daar op log.txt
  • Selekteer, kopieer en plak dan de inhoud van dit log in je volgende bericht.

Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, esetsmartinstaller_enu.exe.
De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven.
Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan.
 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5d38179caae47f448c2832f19fdc4c7f
# end=init
# utc_time=2016-05-19 04:22:59
# local_time=2016-05-19 06:22:59 (+0100, West-Europa (zomertijd))
# country="Netherlands"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29525
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5d38179caae47f448c2832f19fdc4c7f
# end=updated
# utc_time=2016-05-19 04:26:45
# local_time=2016-05-19 06:26:45 (+0100, West-Europa (zomertijd))
# country="Netherlands"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5d38179caae47f448c2832f19fdc4c7f
# engine=29525
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-05-19 05:38:30
# local_time=2016-05-19 07:38:30 (+0100, West-Europa (zomertijd))
# country="Netherlands"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 7335363 86659904 0 0
# scanned=188612
# found=2
# cleaned=2
# scan_time=4305
sh=F3A605C9B56DEDC4192C3FA0FC3C512A46FFFE41 ft=1 fh=35a933684e14d98f vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application (deleted)" ac=C fn="C:\instal div.21-01\Toxicz - Advanced SystemCare Pro V7.0.6.361.exe"
sh=8AE673E609467DE1551346DF44AADFBCCE15E573 ft=1 fh=6aacd5eac5d86bf9 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\instal div.21-01\ccv328\CcleanerV3.28.exe"
 
Geen malware meer gevoden, mooi dus.
Wel nog twee toolbars verwijderd die je kan missen.

Hoe gaat het nu?
 
Mijn pc is sneller en heb ook geen problemen meer gehad met de usb poorten. alleen lukt het zoeken naar updates nog niet en als ik een update aanvink om te downloaden dan begint mijn pc automatisch windows 10 te downloaden terwijl ik daar helemaal geen interesse in heb..
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan