Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keep seeing pop-ups on my computer, browsers don't work and slow computer


  • This topic is locked This topic is locked
10 replies to this topic

#1 Lijpestrijder

Lijpestrijder

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 09 September 2016 - 08:46 AM

Hi there,
 
My girlfriend tried to install some codec for a movie on our laptop, but she installed some infected software I guess.
Browsers like firefox are now called "f  i    re f  o  xx" (with spaces)  and don't work. I get pop-ups of anti-virus software on my desktop and browser. Also, the homepages of my browsers are some weird search engines. My laptop also became very slow in general. I think it's infected with a lot of wrongdoing stuff. Thanks in advance!
 
 
 
Frst.txt
 
 
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 31-08-2016
Gestart door pc (Beheerder) op NABIL-PC (09-09-2016 15:11:37)
Gestart vanaf C:\Users\pc\Downloads
Geladen Profielen: pc & Gast (Beschikbare Profielen: Nabil & pc & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Optimal Software s.r.o.) C:\Program Files (x86)\PC Speed Up\PCSUService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files\d813a96400718df32cbe975ad547a403\86ba3fc056f9df0bf08957c2cba7387a.exe
() C:\Program Files (x86)\BitX\bitxsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Optimal Software s.r.o.) C:\Program Files (x86)\PC Speed Up\SpeedCheckerService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(zdengine) C:\Program Files (x86)\OtherSearch\zdengine.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files\d813a96400718df32cbe975ad547a403\86ba3fc056f9df0bf08957c2cba7387a.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
() C:\Users\Gast\AppData\Local\Temp\ist9642.tmp\myuser.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
() C:\Program Files\d813a96400718df32cbe975ad547a403\86ba3fc056f9df0bf08957c2cba7387a.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Register (gefilterd) ===========================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-07-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-07-13] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-26] ( )
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-806224707-4145190528-131575124-501\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKU\S-1-5-21-806224707-4145190528-131575124-501\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_Plugin.exe [1173184 2016-06-02] (Adobe Systems Incorporated)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
ShellExecuteHooks:  - {6710C780-E20E-4C49-A87D-321850ED3D7C} - C:\Users\Nabil\AppData\Roaming\Microsoft\Windows\Cookies\tiich.dll [373760 2016-08-17] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} => C:\Program Files (x86)\Huwulephjoght\Grpoty\Kercotywukay.dll [2016-08-17] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-07-13] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-07-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Nabil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Geen bestand)
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Winsock: Catalog9 01 C:\Windows\system32\zdengine.dll Geen bestand 
Winsock: Catalog9 02 C:\Windows\system32\zdengine.dll Geen bestand 
Winsock: Catalog9 03 C:\Windows\system32\zdengine.dll Geen bestand 
Winsock: Catalog9 04 C:\Windows\system32\zdengine.dll Geen bestand 
Winsock: Catalog9 16 C:\Windows\system32\zdengine.dll Geen bestand 
Winsock: Catalog9-x64 01 C:\Windows\system32\zdengine64.dll [369527 2016-08-17] (zdengine)
Winsock: Catalog9-x64 02 C:\Windows\system32\zdengine64.dll [369527 2016-08-17] (zdengine)
Winsock: Catalog9-x64 03 C:\Windows\system32\zdengine64.dll [369527 2016-08-17] (zdengine)
Winsock: Catalog9-x64 04 C:\Windows\system32\zdengine64.dll [369527 2016-08-17] (zdengine)
Winsock: Catalog9-x64 16 C:\Windows\system32\zdengine64.dll [369527 2016-08-17] (zdengine)
Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{F163E4EC-8DDE-4F5A-9FCE-8024566893FB}: [DhcpNameServer] 192.168.1.254 213.75.63.75 213.75.63.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-806224707-4145190528-131575124-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-806224707-4145190528-131575124-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-806224707-4145190528-131575124-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-806224707-4145190528-131575124-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-806224707-4145190528-131575124-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
SearchScopes: HKU\S-1-5-21-806224707-4145190528-131575124-1003 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-806224707-4145190528-131575124-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-806224707-4145190528-131575124-501 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-806224707-4145190528-131575124-501 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-22] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-22] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-06-02] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-06-02] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-12-09] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-09-09] [ niet getekend]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Presentaties) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-08]
CHR Extension: (Google Documenten) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-08]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-08]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-08]
CHR Extension: (Google Spreadsheets) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-08]
CHR Extension: (Offline Documenten) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-08]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-08]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-08]
CHR HKLM-x32\...\Chrome\Extension: [cjofdnhdkbflacojpfpkchgafjahijbb] - C:\Users\Nabil\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx <niet gevonden>
 
==================== Services (gefilterd) ========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 3a674460fab65d31b7bfd224b906f01d; C:\Program Files\d813a96400718df32cbe975ad547a403\86ba3fc056f9df0bf08957c2cba7387a.exe [1251840 2016-08-17] () [Bestand niet getekend] <==== AANDACHT
R2 BitXService; C:\Program Files (x86)\BitX\bitxsvc.exe [1886208 2016-05-27] () [Bestand niet getekend]
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation.)
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd)
S3 Grpoty Helper; C:\Program Files (x86)\Huwulephjoght\Grpoty\GrpotyHlpnqt.exe [291008 2016-08-17] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [355808 2016-08-17] (DotC United Inc) <==== AANDACHT
S2 nfnverfierrizoght.exe; C:\Program Files (x86)\Cigutiontanish\nfnverfierrizoght.exe [413848 2016-08-17] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Bestand niet getekend]
R2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [445600 2016-01-28] (Optimal Software s.r.o.)
R2 SCService; C:\Program Files (x86)\PC Speed Up\SpeedCheckerService.exe [67232 2016-01-28] (Optimal Software s.r.o.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend]
S3 wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [22016 2012-05-13] (Apache Software Foundation) [Bestand niet getekend]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [9693696 2012-04-19] () [Bestand niet getekend]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 zdengine; C:\Program Files (x86)\OtherSearch\zdengine.exe [1666295 2016-08-17] (zdengine) [Bestand niet getekend] <==== AANDACHT
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
 
===================== Drivers (gefilterd) ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-11] (Lenovo)
S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-08] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-08-17] (DotC United Inc) <==== AANDACHT
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
U3 BcmSqlStartupSvc; geen ImagePath
U2 CLKMSVC10_3A60B698; geen ImagePath
U2 CLKMSVC10_C3B3B687; geen ImagePath
U2 DriverService; geen ImagePath
U2 iATAgentService; geen ImagePath
U2 idealife Update Service; geen ImagePath
U3 IGRS; geen ImagePath
U2 IviRegMgr; geen ImagePath
U2 nvUpdatusService; geen ImagePath
U2 Oasis2Service; geen ImagePath
U2 PCCarerService; geen ImagePath
U2 ReadyComm.DirectRouter; geen ImagePath
U2 RichVideo; geen ImagePath
U2 RtLedService; geen ImagePath
U2 SeaPort; geen ImagePath
U2 SoftwareService; geen ImagePath
U3 SQLWriter; geen ImagePath
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-09-09 15:09 - 2016-09-09 15:11 - 00061697 _____ C:\Users\pc\Downloads\Addition.txt
2016-09-09 15:07 - 2016-09-09 15:11 - 00034111 _____ C:\Users\pc\Downloads\FRST.txt
2016-09-09 15:06 - 2016-09-09 15:11 - 00000000 ____D C:\FRST
2016-09-09 15:06 - 2016-09-09 15:06 - 02397696 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2016-09-08 13:31 - 2016-09-08 14:57 - 00000000 ____D C:\Users\pc\Documents\Arduino
2016-09-08 13:31 - 2016-09-08 13:38 - 00000000 ____D C:\Users\pc\AppData\Local\Arduino15
2016-09-08 13:31 - 2016-09-08 13:31 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2016-09-08 13:31 - 2016-09-08 13:31 - 00001002 _____ C:\Users\Public\Desktop\Arduino.lnk
2016-09-08 13:31 - 2016-09-08 13:31 - 00000000 ____D C:\Users\pc\.oracle_jre_usage
2016-09-08 13:18 - 2016-09-08 13:18 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Sun
2016-09-08 13:17 - 2016-09-08 13:20 - 88111608 _____ C:\Users\pc\Downloads\arduino-1.6.11-windows.exe
2016-09-08 13:17 - 2016-09-08 13:17 - 00000000 ____D C:\Users\pc\AppData\Roaming\MCorp
2016-09-08 13:16 - 2016-09-08 13:16 - 03856720 _____ C:\Users\pc\Downloads\CP210x_Windows_Drivers.zip
2016-09-08 13:16 - 2016-09-08 13:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2016-09-08 13:16 - 2016-09-08 13:16 - 00000000 ____D C:\Windows\LastGood
2016-09-08 13:16 - 2016-09-08 13:16 - 00000000 ____D C:\Users\pc\AppData\Roaming\WinRAR
2016-09-08 13:13 - 2016-09-08 14:37 - 00000000 ____D C:\Users\pc\AppData\Local\Google
2016-09-08 13:13 - 2016-09-08 13:14 - 00002316 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-08 13:13 - 2016-09-08 13:13 - 00138768 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-08 13:13 - 2016-09-08 13:13 - 00001412 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Leadertech
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Intel Corporation
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\DAEMON Tools Pro
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Apple Computer
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Adobe
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Local\Adobe
2016-09-08 13:12 - 2016-09-08 13:31 - 00000000 ____D C:\Users\pc
2016-09-08 13:12 - 2016-09-08 13:13 - 00002097 _____ C:\Users\pc\Desktop\OneKey Recovery.lnk
2016-09-08 13:12 - 2016-09-08 13:13 - 00001129 _____ C:\Users\pc\Desktop\Cyberlink Power2Go.lnk
2016-09-08 13:12 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-09-08 13:12 - 2016-09-08 13:12 - 00000020 ___SH C:\Users\pc\ntuser.ini
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Sjablonen
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Netwerkprinteromgeving
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Mijn documenten
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Menu Start
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Documents\Mijn video's
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Documents\Mijn muziek
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Documents\Mijn afbeeldingen
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\AppData\Local\Geschiedenis
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-09-08 13:12 - 2013-06-08 12:14 - 00000000 ____D C:\Users\pc\AppData\Local\Microsoft Help
2016-09-08 13:12 - 2012-07-13 13:31 - 00000000 ____D C:\Users\pc\AppData\Roaming\Macromedia
2016-09-08 13:12 - 2011-10-10 10:19 - 00000000 ____D C:\Users\pc\AppData\Roaming\Media Center Programs
2016-09-08 13:12 - 2010-12-19 07:31 - 00000189 _____ C:\Users\pc\Desktop\Lenovo Telephony Start Now.url
2016-09-07 21:33 - 2016-09-07 21:33 - 00000000 ____D C:\Users\Gast\AppData\LocalLow\Adobe
2016-09-07 21:32 - 2016-09-07 21:32 - 06153217 _____ C:\Users\Gast\Downloads\Voorl-V2ers-afstudeerfase-2016-17.pdf
2016-09-07 21:30 - 2016-09-07 21:30 - 00002312 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-05 14:53 - 2016-09-05 14:53 - 00000000 ____D C:\Users\Gast\AppData\Roaming\qksee
2016-09-05 14:53 - 2016-09-05 14:53 - 00000000 ____D C:\Users\Gast\AppData\Roaming\eCyber
2016-09-05 14:52 - 2016-09-05 14:53 - 00000000 ____D C:\Program Files (x86)\vutcrsiw
2016-09-05 14:52 - 2016-09-05 14:53 - 00000000 ____D C:\Program Files (x86)\ldkifk6u
2016-09-05 14:52 - 2016-09-05 14:52 - 00000000 ____D C:\Users\Gast\AppData\Roaming\setup1
2016-09-05 14:52 - 2016-09-05 14:52 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-09-04 21:49 - 2016-09-04 21:49 - 00044792 _____ C:\Users\Gast\Downloads\Addition.txt
2016-09-04 21:48 - 2016-09-04 21:49 - 00047009 _____ C:\Users\Gast\Downloads\FRST.txt
2016-09-04 21:43 - 2016-09-04 21:43 - 02397696 _____ (Farbar) C:\Users\Gast\Downloads\FRST64.exe
2016-08-22 10:41 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-22 10:41 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-22 10:41 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-22 10:41 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-22 10:41 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-22 10:41 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-22 10:41 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-22 10:41 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-22 10:41 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-22 10:41 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-22 10:41 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-22 10:41 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-22 10:41 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-22 10:41 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-22 10:41 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-22 10:41 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-22 10:41 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-22 10:41 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-22 10:41 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-22 10:41 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-22 10:41 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-22 10:41 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-22 10:41 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-22 10:41 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-22 10:41 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-22 10:41 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-22 10:41 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-22 10:41 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-22 10:41 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-22 10:41 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-22 10:41 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-22 10:41 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-22 10:41 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-22 10:41 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-22 10:41 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-22 10:41 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-22 10:41 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-22 10:41 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-22 10:41 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-22 10:41 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-22 10:41 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-22 10:41 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-22 10:41 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-22 10:41 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-22 10:41 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-22 10:41 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-22 10:41 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-22 10:41 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-22 10:41 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-22 10:41 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-22 10:41 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-22 10:41 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-22 10:41 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-22 10:41 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-22 10:41 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-22 10:41 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-22 10:41 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-22 10:41 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-22 10:41 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-22 10:41 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-22 10:41 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-22 10:41 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-22 10:41 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-22 10:41 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-22 10:41 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-22 10:41 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-21 20:31 - 2016-08-21 20:31 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-21 20:29 - 2016-08-21 20:29 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-17 22:56 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-17 22:56 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-17 22:56 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 22:56 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-17 22:56 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-17 22:56 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-17 22:56 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-17 22:56 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-17 22:56 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-17 22:56 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-17 22:56 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-17 22:56 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-17 22:54 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-17 22:48 - 2016-08-17 23:49 - 00009704 _____ C:\Windows\SysWOW64\zdengineOff.ini
2016-08-17 22:48 - 2016-08-17 23:49 - 00009704 _____ C:\Windows\system32\zdengineOff.ini
2016-08-17 22:48 - 2016-08-17 22:48 - 00369527 _____ (zdengine) C:\Windows\system32\zdengine64.dll
2016-08-17 22:48 - 2016-08-17 22:48 - 00307863 _____ (zdengine) C:\Windows\SysWOW64\zdengine.dll
2016-08-17 22:48 - 2016-08-17 22:48 - 00001994 _____ C:\Windows\System32\Tasks\vwe3034
2016-08-17 22:47 - 2016-09-08 13:14 - 00000000 ____D C:\Program Files (x86)\OtherSearch
2016-08-17 22:47 - 2016-08-17 22:47 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
2016-08-17 22:47 - 2016-08-17 22:47 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\ASPackage
2016-08-17 22:47 - 2016-08-17 22:47 - 00000000 ____D C:\Program Files (x86)\6B2B9304-1471466855-E111-9CA3-DC0EA1FE3445
2016-08-17 22:46 - 2016-09-09 15:00 - 00001024 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-806224707-4145190528-131575124-1000UA.job
2016-08-17 22:46 - 2016-09-09 15:00 - 00000972 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-806224707-4145190528-131575124-1000Core.job
2016-08-17 22:46 - 2016-08-17 22:51 - 00000000 ____D C:\Users\Nabil\AppData\Local\Dropbox
2016-08-17 22:46 - 2016-08-17 22:46 - 00003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-806224707-4145190528-131575124-1000UA
2016-08-17 22:46 - 2016-08-17 22:46 - 00003602 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-806224707-4145190528-131575124-1000Core
2016-08-17 22:46 - 2016-08-17 22:46 - 00000000 ____D C:\ProgramData\Dropbox
2016-08-17 22:43 - 2016-09-08 13:12 - 00000000 ____D C:\Users\Nabil\AppData\Local\Ghawer
2016-08-17 22:43 - 2016-09-05 14:53 - 00000000 ____D C:\Program Files (x86)\Huwulephjoght
2016-08-17 22:43 - 2016-08-17 22:43 - 00113664 _____ C:\Users\Nabil\AppData\Local\tokzdx.dll
2016-08-17 22:43 - 2016-08-17 22:43 - 00002560 _____ C:\Users\Nabil\AppData\Local\uninstallssl.exe
2016-08-17 22:34 - 2016-08-17 22:34 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\MCorp
2016-08-17 22:29 - 2016-09-08 13:12 - 00001795 _____ C:\Users\Public\Desktop\MPC Desktop.lnk
2016-08-17 22:29 - 2016-09-08 13:12 - 00001788 _____ C:\Users\Public\Desktop\MPC AdCleaner.lnk
2016-08-17 22:29 - 2016-09-08 13:12 - 00001740 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-08-17 22:29 - 2016-08-17 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop
2016-08-17 22:29 - 2016-08-17 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
2016-08-17 22:16 - 2016-08-17 22:43 - 00000000 ____D C:\Users\Nabil\Documents\PCSpeedUp
2016-08-17 22:15 - 2016-09-07 21:13 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-08-17 22:15 - 2016-09-04 21:26 - 00000000 ____D C:\Program Files (x86)\PC Speed Up
2016-08-17 22:15 - 2016-09-04 15:05 - 00000340 _____ C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2016-08-17 22:15 - 2016-08-17 22:15 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-08-17 22:15 - 2016-08-17 22:15 - 00002720 _____ C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator
2016-08-17 22:15 - 2016-08-17 22:15 - 00001059 _____ C:\Users\Nabil\Desktop\PC Speed Up.lnk
2016-08-17 22:15 - 2016-08-17 22:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
2016-08-17 22:13 - 2016-08-17 22:13 - 00001629 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-17 22:13 - 2016-08-17 22:13 - 00001625 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-17 22:12 - 2016-08-17 22:13 - 00000199 _____ C:\ProgramData\Google Chrome.lnk.bat
2016-08-17 22:12 - 2016-08-17 22:13 - 00000190 _____ C:\ProgramData\Mozilla Firefox.lnk.bat
2016-08-17 22:12 - 2016-08-17 22:12 - 00008980 _____ C:\Windows\System32\Tasks\Nofentpharoty Verfier
2016-08-17 22:12 - 2016-08-17 22:12 - 00001647 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-17 22:12 - 2016-08-17 22:12 - 00000000 ___HD C:\Program Files (x86)\wke1E47
2016-08-17 22:11 - 2016-08-17 22:14 - 00000000 ____D C:\Users\Nabil\AppData\Local\gapaphsherfiedthozgh
2016-08-17 22:08 - 2016-08-17 22:29 - 00000000 ____D C:\Program Files (x86)\Cigutiontanish
2016-08-17 22:08 - 2016-08-17 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Se
2016-08-17 22:08 - 2016-08-17 22:08 - 00000000 ____D C:\Program Files\d813a96400718df32cbe975ad547a403
2016-08-17 22:07 - 2016-08-17 22:07 - 02509379 _____ C:\Windows\chromebrowser.exe
2016-08-17 17:35 - 2016-08-17 17:35 - 00142496 _____ C:\Windows\e2291ef892a7c468429e018f598343e7.exe
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-09-09 15:06 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-09 15:06 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-09 15:00 - 2015-12-04 13:43 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12e898f041f.job
2016-09-09 14:59 - 2012-07-13 13:29 - 00000000 ____D C:\ProgramData\VeriFace
2016-09-08 22:24 - 2015-12-04 13:43 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12e88ff6992a3.job
2016-09-08 13:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-08 13:24 - 2014-02-10 15:53 - 00000000 ____D C:\Program Files (x86)\Arduino
2016-09-08 13:16 - 2012-07-13 13:30 - 00000000 ____D C:\Program Files\DIFX
2016-09-08 13:13 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-08 13:12 - 2012-12-09 18:51 - 00000000 ____D C:\Users\Nabil\AppData\Local\PMB Files
2016-09-08 13:11 - 2012-09-22 21:08 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\Skype
2016-09-07 21:33 - 2014-07-25 00:38 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2016-09-07 21:33 - 2014-07-25 00:38 - 00000000 ____D C:\Users\Gast\AppData\Local\Adobe
2016-09-04 21:41 - 2012-11-15 12:56 - 00000000 ___RD C:\Users\Nabil\Dropbox
2016-09-04 21:24 - 2014-07-25 00:38 - 00000000 ____D C:\Users\Gast\AppData\Local\HTC MediaHub
2016-09-04 14:44 - 2015-09-10 10:30 - 00002364 _____ C:\Users\Nabil\Desktop\App-opstartprogramma van Chrome.lnk
2016-09-04 14:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-21 20:56 - 2014-07-25 00:39 - 00138768 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-21 20:53 - 2015-04-29 22:34 - 05320512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-21 20:31 - 2012-11-15 12:53 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\Dropbox
2016-08-18 00:12 - 2013-04-24 11:48 - 00000000 ____D C:\Users\Nabil\AppData\Local\HTC MediaHub
2016-08-17 23:38 - 2012-09-05 23:07 - 02319102 ____H C:\Users\Nabil\AppData\Local\IconCache.db.backup
2016-08-17 22:48 - 2013-09-07 12:40 - 00000002 _____ C:\END
2016-08-17 22:46 - 2016-06-28 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-17 22:14 - 2015-07-25 16:45 - 00000000 ____D C:\Users\Nabil\AppData\Local\CrashDumps
2016-08-17 22:11 - 2012-09-07 18:36 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\uTorrent
2016-08-10 10:43 - 2012-07-13 12:23 - 00746450 _____ C:\Windows\system32\perfh013.dat
2016-08-10 10:43 - 2012-07-13 12:23 - 00154112 _____ C:\Windows\system32\perfc013.dat
2016-08-10 10:43 - 2009-07-14 07:13 - 01672440 _____ C:\Windows\system32\PerfStringBackup.INI
 
==================== Bestanden in de root van sommige mappen =======
 
2015-04-15 13:56 - 2015-04-25 17:04 - 0000032 _____ () C:\ProgramData\anwblog2011.cfg
2016-01-10 22:42 - 2016-01-10 22:42 - 0004905 _____ () C:\ProgramData\lbogtyso.zat
2016-01-10 22:42 - 2016-01-10 22:42 - 0000016 _____ () C:\ProgramData\mntemp
2016-08-17 22:12 - 2016-08-17 22:13 - 0000199 _____ () C:\ProgramData\Google Chrome.lnk.bat
2016-08-17 22:12 - 2016-08-17 22:13 - 0000190 _____ () C:\ProgramData\Mozilla Firefox.lnk.bat
 
Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\Google Chrome.lnk.bat
C:\ProgramData\Mozilla Firefox.lnk.bat
C:\Program Files (x86)\Mozilla Firefox\wtsapi32.dll
C:\Program Files (x86)\Google\Chrome\Application\wtsapi32.dll
 
 
Sommige bestanden in TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\ICReinstall_FileZilla_3.exe
C:\Users\Nabil\AppData\Local\Temp\5E5F.exe
C:\Users\Nabil\AppData\Local\Temp\acc.exe
C:\Users\Nabil\AppData\Local\Temp\BitXUpdaterService.exe
C:\Users\Nabil\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Nabil\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpexmhly.dll
C:\Users\Nabil\AppData\Local\Temp\dxdiag.exe
C:\Users\Nabil\AppData\Local\Temp\ist7010.tmp.exe
C:\Users\Nabil\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Nabil\AppData\Local\Temp\MediaPlayer__11426.exe
C:\Users\Nabil\AppData\Local\Temp\MPCSetup_4.3.exe
C:\Users\Nabil\AppData\Local\Temp\msconfig.exe
C:\Users\Nabil\AppData\Local\Temp\nsp165D.tmp.exe
C:\Users\Nabil\AppData\Local\Temp\nsrB711.tmp.exe
C:\Users\Nabil\AppData\Local\Temp\update.exe
C:\Users\Nabil\AppData\Local\Temp\_unps.exe
 
 
==================== Bamital & volsnap =================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2015-11-11 14:19
 
==================== Eind van FRST.txt ============================
 
 
 
 
 
 
 
 
 
 
 
 
 

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:35 PM

Posted 09 September 2016 - 08:59 AM

Hello

  •   Welcome to Bleeping Computer.
  •   My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  •   Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  •   If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  •   Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  •   In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.
  •   Finally, please reply using the Post button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • The tool will start to update its database...please wait until complete.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a report (AdwCleaner[SX].txt) will open in Notepad (where the largest value of X represents the most recent report).
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.

 

2.

Please run FRST again and post the new FRST.txt


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Lijpestrijder

Lijpestrijder
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 09 September 2016 - 10:12 AM

I got two logs from adwcleaner because the first one froze when it was deleting malicious files.
 

# AdwCleaner v6.010 - Logbestand aangemaakt 09/09/2016 op 16:06:34
# *Updated on 12/08/2016 by ToolsLib
# Gebruik lokale database : 2016-09-09.2 [*Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (X64)
# Gebruikersnaam : pc - NABIL-PC
# Gestart vanuit : C:\Users\pc\Downloads\AdwCleaner.exe
# *Mode: Scan
# Ondersteuning : https://toolslib.net/forum
 
 
 
***** [ *Services ] *****
 
Service 3a674460fab65d31b7bfd224b906f01d
Service pcsuservice
Service SCService
Service MPCProtectService
Service MPCKpt
Service zdengine
Service PCSUService
Service nfnverfierrizoght.exe
 
 
***** [ Mappen ] *****
 
gevonden C:\Program Files (x86)\6B2B9304-1471466855-E111-9CA3-DC0EA1FE3445
gevonden C:\Users\Nabil\AppData\Local\Conduit
gevonden C:\Users\Nabil\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp
gevonden C:\Users\Nabil\AppData\Local\Popcorn Time
gevonden C:\Users\Nabil\AppData\LocalLow\Conduit
gevonden C:\Users\Nabil\AppData\Roaming\ASPackage
gevonden C:\Users\Nabil\AppData\Roaming\MCorp
gevonden C:\Users\Nabil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
gevonden C:\Users\Nabil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
gevonden C:\Users\Nabil\Documents\PCSpeedUp
gevonden C:\Users\pc\AppData\Roaming\MCorp
gevonden C:\Users\Gast\AppData\Roaming\eCyber
gevonden C:\Users\Gast\AppData\Roaming\qksee
gevonden C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\Profiles\az4kohc2.default\Smartbar
gevonden C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\Smartbar
gevonden C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\YourGSearchFinder_br
gevonden C:\ProgramData\Partner
gevonden C:\ProgramData\ChelfNotify
gevonden C:\ProgramData\Application Data\Partner
gevonden C:\ProgramData\Application Data\ChelfNotify
gevonden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
gevonden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
gevonden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc speed up
gevonden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up
gevonden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop
gevonden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Se
gevonden C:\Program Files (x86)\Conduit
gevonden C:\Program Files (x86)\MPC Cleaner
gevonden C:\Program Files (x86)\pc speed up
gevonden C:\Program Files (x86)\PC Speed Up
gevonden C:\Program Files (x86)\OtherSearch
gevonden C:\Program Files (x86)\Cigutiontanish
gevonden C:\Program Files (x86)\Mozilla Firefox\browser\features\googletestNT@mozillaonline.com
gevonden C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\MCorp
gevonden C:\Windows\SysWOW64\config\systemprofile\AppData\Local\zdengine
gevonden C:\Users\pc\AppData\Roaming\MCorp
 
 
***** [ Bestanden ] *****
 
gevonden C:\Users\Nabil\Desktop\PC Speed Up.lnk
gevonden C:\Windows\SysNative\zdengineOff.ini
gevonden C:\Windows\SysNative\zdengine64.dll
gevonden C:\Windows\SysNative\drivers\MPCKpt.sys
gevonden C:\END
gevonden C:\Users\Public\Desktop\MPC AdCleaner.lnk
gevonden C:\Users\Public\Desktop\MPC Cleaner.lnk
gevonden C:\Users\Public\Desktop\MPC Desktop.lnk
gevonden C:\ProgramData\Google Chrome.lnk.bat
gevonden C:\ProgramData\Mozilla Firefox.lnk.bat
gevonden C:\ProgramData\Application Data\Google Chrome.lnk.bat
gevonden C:\ProgramData\Application Data\Mozilla Firefox.lnk.bat
gevonden C:\Windows\chromebrowser.exe
gevonden C:\Windows\SysWOW64\zdengineOff.ini
gevonden C:\Windows\SysWOW64\zdengine.dll
gevonden C:\ProgramData\Google Chrome.lnk.bat
gevonden C:\ProgramData\Mozilla Firefox.lnk.bat
gevonden C:\ProgramData\Google Chrome.lnk.bat
gevonden C:\ProgramData\Mozilla Firefox.lnk.bat
gevonden C:\Program Files (x86)\Mozilla Firefox\wtsapi32.dll
gevonden C:\Program Files (x86)\Google\Chrome\Application\wtsapi32.dll
gevonden C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\Profiles\az4kohc2.default\invalidprefs.js
gevonden C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\invalidprefs.js
gevonden C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\Profiles\az4kohc2.default\searchplugins\Conduit.xml
gevonden C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\searchplugins\Conduit.xml
gevonden C:\Program Files (x86)\Mozilla Firefox\wtsapi32.dll
gevonden C:\Program Files (x86)\Mozilla Firefox\wtsapi32.dll
gevonden C:\Program Files (x86)\Mozilla Firefox\wtsapi32.dll
gevonden C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.mpc.am_0.localstorage
gevonden C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.mpc.am_0.localstorage-journal
 
 
***** [ DLL ] *****
 
*No malicious DLLs found.
 
 
***** [ WMI ] *****
 
*No malicious keys found.
 
 
***** [ Snelkoppelingen ] *****
 
Zoeken naar bestanden ...
 
 
***** [ Geplande taken ] *****
 
gevonden vwe3034
gevonden PC SpeedUp Service Deactivator
gevonden Nofentpharoty Verfier
 
 
***** [ Register ] *****
 
gevonden HKLM\SOFTWARE\Classes\Toolbar.CT2865317
gevonden HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SCService
gevonden HKLM\SOFTWARE\Classes\OverlayIcon.MyOverlayIcon
gevonden HKLM\SOFTWARE\Classes\OverlayIcon.MyOverlayIcon.1
gevonden HKLM\SOFTWARE\Classes\PCSU.Registry
gevonden HKLM\SOFTWARE\Classes\PCSU.Registry.1
gevonden HKLM\SOFTWARE\Classes\PCSU.SysUtils
gevonden HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataContainer
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataContainer.1
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataController
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataController.1
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataTable
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataTable.1
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataTableFields
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataTableFields.1
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataTableHolder
gevonden HKLM\SOFTWARE\Classes\zdengineLib.DataTableHolder.1
gevonden HKLM\SOFTWARE\Classes\zdengineLib.LSPLogic
gevonden HKLM\SOFTWARE\Classes\zdengineLib.LSPLogic.1
gevonden HKLM\SOFTWARE\Classes\zdengineLib.ReadOnlyManager
gevonden HKLM\SOFTWARE\Classes\zdengineLib.ReadOnlyManager.1
gevonden HKLM\SOFTWARE\Classes\zdengineLib.WFPController
gevonden HKLM\SOFTWARE\Classes\zdengineLib.WFPController.1
gevonden [x64] HKLM\SOFTWARE\Classes\CLSID\{6710C780-E20E-4C49-A87D-321850ED3D7C}
gevonden [x64] HKLM\SOFTWARE\Classes\CLSID\{B41B3408-923F-4B8B-85F2-146C509FA18C}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{3A71C84A-1CC4-4201-B037-C81CE118D66F}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{432599E9-40CF-41E3-951A-E1E81B7B1D29}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{7D215707-3E74-4E0E-A078-2C95E1CDE233}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{9295785F-8C01-4ED3-9322-8BE5C17CA141}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{C656BCEB-6B19-4992-9975-D53CEA283356}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{E26E880F-176C-4007-B2A7-B8F27621EC51}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{E776B534-9402-4049-87C3-089EC0F54BAF}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}
gevonden [x64] HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
gevonden HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
gevonden HKLM\SOFTWARE\Classes\AppID\{25B1494D-230A-42CF-BBF6-EC73868D13DC}
gevonden HKLM\SOFTWARE\Classes\AppID\{B38A71EA-343E-4D69-8FD6-67A57A0AEF61}
gevonden HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
gevonden HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
gevonden HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
gevonden HKLM\SOFTWARE\Classes\CLSID\{176F706B-5175-479C-A3DF-32420F6FB01A}
gevonden HKLM\SOFTWARE\Classes\CLSID\{38BE2BE8-EB8E-41D1-9D94-3B1697094D47}
gevonden HKLM\SOFTWARE\Classes\CLSID\{53C267B2-B01D-410F-A4DD-A32962EE55F4}
gevonden HKLM\SOFTWARE\Classes\CLSID\{8804A543-42D3-4D71-9685-B0243D5526F3}
gevonden HKLM\SOFTWARE\Classes\CLSID\{A0F322D5-6A13-4CAB-84CF-FABB5690618E}
gevonden HKLM\SOFTWARE\Classes\CLSID\{AC3E336C-B524-47F0-9AA2-5F67AA056086}
gevonden HKLM\SOFTWARE\Classes\CLSID\{C68E9BB6-3DBD-4C4B-910B-C5D84A7EBB03}
gevonden HKLM\SOFTWARE\Classes\CLSID\{F577A1BA-D82D-4BB2-8430-B767285D081D}
gevonden HKLM\SOFTWARE\Classes\Interface\{6C42038D-817A-472C-8C2A-EF46F1DA576D}
gevonden HKLM\SOFTWARE\Classes\Interface\{873C7DA8-195D-4D5A-B830-C5E2831901EA}
gevonden HKLM\SOFTWARE\Classes\Interface\{0FF03983-EAA6-4628-8E7C-387B2D4F8EF2}
gevonden HKLM\SOFTWARE\Classes\Interface\{3A71C84A-1CC4-4201-B037-C81CE118D66F}
gevonden HKLM\SOFTWARE\Classes\Interface\{432599E9-40CF-41E3-951A-E1E81B7B1D29}
gevonden HKLM\SOFTWARE\Classes\Interface\{7D215707-3E74-4E0E-A078-2C95E1CDE233}
gevonden HKLM\SOFTWARE\Classes\Interface\{9295785F-8C01-4ED3-9322-8BE5C17CA141}
gevonden HKLM\SOFTWARE\Classes\Interface\{B98E44C8-7BB7-4A4A-B8D2-60874CA109B2}
gevonden HKLM\SOFTWARE\Classes\Interface\{C656BCEB-6B19-4992-9975-D53CEA283356}
gevonden HKLM\SOFTWARE\Classes\Interface\{D5AC4B9C-8EE4-48AD-A77E-1560AD886A0B}
gevonden HKLM\SOFTWARE\Classes\Interface\{D6914FD3-FD8E-45AD-8993-901E7B2759FD}
gevonden HKLM\SOFTWARE\Classes\Interface\{E0106905-0EDD-4F56-BDB5-890A1F6E8F47}
gevonden HKLM\SOFTWARE\Classes\Interface\{E26E880F-176C-4007-B2A7-B8F27621EC51}
gevonden HKLM\SOFTWARE\Classes\Interface\{E776B534-9402-4049-87C3-089EC0F54BAF}
gevonden HKLM\SOFTWARE\Classes\Interface\{FCFBBE24-2ADA-4D6E-A381-DEC6E3EAEE21}
gevonden HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
gevonden HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
gevonden HKLM\SOFTWARE\Classes\TypeLib\{63492C58-6CD7-4FF7-8495-06A6869643EE}
gevonden HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
gevonden [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
gevonden [x64] HKLM\SOFTWARE\Speedchecker Limited
gevonden [x64] HKLM\SOFTWARE\Social2Se
gevonden [x64] HKLM\SOFTWARE\b`nl{y
gevonden [x64] HKLM\SOFTWARE\ompndb
gevonden [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
gevonden HKU\.DEFAULT\Software\b`nl{y
gevonden HKU\.DEFAULT\Software\ompndb
gevonden HKU\S-1-5-21-806224707-4145190528-131575124-501\Software\WajIEnhance
gevonden HKU\S-1-5-18\Software\b`nl{y
gevonden HKU\S-1-5-18\Software\ompndb
gevonden HKLM\SOFTWARE\Conduit
gevonden HKLM\SOFTWARE\MPC
gevonden HKLM\SOFTWARE\MPC AdCleaner
gevonden HKLM\SOFTWARE\Speedchecker Limited
gevonden HKLM\SOFTWARE\zdengine
gevonden HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
gevonden HKLM\SOFTWARE\youndooSoftware
gevonden HKLM\SOFTWARE\OtherSearch
gevonden HKLM\SOFTWARE\Social2Se
gevonden HKLM\SOFTWARE\b`nl{y
gevonden HKLM\SOFTWARE\MPC Desktop
gevonden HKLM\SOFTWARE\ompndb
gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPC
gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OtherSearch
Waarde HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [SpeedCheckerService.exe]
gevonden HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine
gevonden HKLM\SOFTWARE\CLASSES\APPID\zdengine.EXE
gevonden HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
Waarde HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION [SpeedCheckerService.exe]
gevonden HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
gevonden HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Waarde HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext [MPCInstalled]
 
 
***** [ Internetbrowsers ] *****
 
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.newtab.url" -  "hxxp://www.youndoo.com/?z=5765ceecc92aee775d7340ag9zbm5gbz3q1z1m0m1m&from=wak&uid=ST
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.defaultenginename" -  "youndoo"
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.defaultenginename.US" -  "data:text/plain,browser.search.defaultenginename.US=youndoo"
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.searchengine.hp" -  "hxxp://www.youndoo.com/?z=5765ceecc92aee775d7340ag9zbm5gbz3q1z1m0m1m&fro
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.searchengine.sp" -  "hxxp://www.youndoo.com/search/?from=wak&q={searchTerms}&type=sp&uid=ST75
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.searchengine.url" -  "hxxp://www.youndoo.com/search/?from=wak&q={searchTerms}&type=sp&uid=ST7
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.selectedEngine" -  "youndoo"
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.startup.homepage" -  "hxxp://www.youndoo.com/?z=5765ceecc92aee775d7340ag9zbm5gbz3q1z1m0m1m&from=wak&
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE" -  "[{\"b\":224520315,\"c\":\"mindspark.magnify\"
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.successUrl" -  "hxxp://www.youndoo.com/search/?&z=5765ceecc92aee775
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.uninstallTasks" -  "{\"prefBranchesToDelete\":[\"extensions.toolbar
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "keyword.URL" -  "hxxp://www.youndoo.com/search/?z=5765ceecc92aee775d7340ag9zbm5gbz3q1z1m0m1m&from=wak&uid=ST
Zoeken naar register-items ...
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [15063 bytes] - [09/09/2016 16:06:34]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15137 bytes] ##########








this is the second:

# AdwCleaner v6.010 - Logbestand aangemaakt 09/09/2016 op 16:42:51
# *Updated on 12/08/2016 by ToolsLib
# Gebruik lokale database : 2016-09-09.2 [*Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (X64)
# Gebruikersnaam : pc - NABIL-PC
# Gestart vanuit : C:\Users\pc\Downloads\AdwCleaner.exe
# *Mode: Scan
# Ondersteuning : https://toolslib.net/forum
 
 
 
***** [ *Services ] *****
 
Service MPCProtectService
Service MPCKpt
 
 
***** [ Mappen ] *****
 
gevonden C:\Program Files (x86)\MPC Cleaner
 
 
***** [ Bestanden ] *****
 
gevonden C:\Windows\SysNative\zdengine64.dll
gevonden C:\Windows\SysNative\drivers\MPCKpt.sys
gevonden C:\Windows\SysWOW64\zdengine.dll
gevonden C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\Profiles\az4kohc2.default\invalidprefs.js
 
 
***** [ DLL ] *****
 
*No malicious DLLs found.
 
 
***** [ WMI ] *****
 
*No malicious keys found.
 
 
***** [ Snelkoppelingen ] *****
 
Zoeken naar bestanden ...
 
 
***** [ Geplande taken ] *****
 
*No malicious task found.
 
 
***** [ Register ] *****
 
gevonden HKLM\SOFTWARE\MPC
 
 
***** [ Internetbrowsers ] *****
 
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.defaultenginename" -  "youndoo"
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.searchengine.sp" -  "hxxp://www.youndoo.com/search/?from=wak&q={searchTerms}&type=sp&uid=ST75
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "browser.search.selectedEngine" -  "youndoo"
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.BUTTON_STRUCTURE" -  "[{\"b\":224520315,\"c\":\"mindspark.magnify\"
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.successUrl" -  "hxxp://www.youndoo.com/search/?&z=5765ceecc92aee775
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "extensions.toolbar.mindspark._brMembers_.uninstallTasks" -  "{\"prefBranchesToDelete\":[\"extensions.toolbar
gevonden [C:\Users\Nabil\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\eu9iyi40.default\prefs.js] - "keyword.URL" -  "hxxp://www.youndoo.com/search/?z=5765ceecc92aee775d7340ag9zbm5gbz3q1z1m0m1m&from=wak&uid=ST
Zoeken naar register-items ...
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [15313 bytes] - [09/09/2016 16:06:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [2634 bytes] - [09/09/2016 16:42:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2707 bytes] ##########
 
 
 
This is the FRST log:

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 31-08-2016
Gestart door pc (Beheerder) op NABIL-PC (09-09-2016 17:05:22)
Gestart vanaf C:\Users\pc\Downloads
Geladen Profielen: pc (Beschikbare Profielen: Nabil & pc & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\BitX\bitxsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\BlueStacks\HD-Adb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Register (gefilterd) ===========================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2809856 2012-01-16] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-07-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [548864 2011-11-24] (Vimicro)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-07-13] (Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-14] (CyberLink Corp.)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-26] ( )
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
ShellExecuteHooks:  - {6710C780-E20E-4C49-A87D-321850ED3D7C} -  Geen bestand [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} =>  Geen bestand
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-15] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-07-13] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-07-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Nabil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Geen bestand)
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{F163E4EC-8DDE-4F5A-9FCE-8024566893FB}: [DhcpNameServer] 192.168.1.254 213.75.63.75 213.75.63.76
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-806224707-4145190528-131575124-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-806224707-4145190528-131575124-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
SearchScopes: HKU\S-1-5-21-806224707-4145190528-131575124-1003 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-806224707-4145190528-131575124-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-22] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-22] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-06-02] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-06-02] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-12-09] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-09-09] [ niet getekend]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Presentaties) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-08]
CHR Extension: (Google Documenten) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-09]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-09]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-09]
CHR Extension: (Google Spreadsheets) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-08]
CHR Extension: (Offline Documenten) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-09]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-08]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-09]
CHR Extension: (Chrome Media Router) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-09]
CHR HKLM-x32\...\Chrome\Extension: [cjofdnhdkbflacojpfpkchgafjahijbb] - C:\Users\Nabil\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx <niet gevonden>
 
==================== Services (gefilterd) ========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 BitXService; C:\Program Files (x86)\BitX\bitxsvc.exe [1886208 2016-05-27] () [Bestand niet getekend]
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation.)
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd)
S3 Grpoty Helper; C:\Program Files (x86)\Huwulephjoght\Grpoty\GrpotyHlpnqt.exe [291008 2016-08-17] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [355808 2016-09-08] (DotC United Inc) <==== AANDACHT
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Bestand niet getekend]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend]
S3 wampapache; c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe [22016 2012-05-13] (Apache Software Foundation) [Bestand niet getekend]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe [9693696 2012-04-19] () [Bestand niet getekend]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
 
===================== Drivers (gefilterd) ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-11] (Lenovo)
S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-08] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-09-08] (DotC United Inc) <==== AANDACHT
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [952832 2011-12-06] (Vimicro Corporation)
U3 BcmSqlStartupSvc; geen ImagePath
U2 CLKMSVC10_3A60B698; geen ImagePath
U2 CLKMSVC10_C3B3B687; geen ImagePath
U2 DriverService; geen ImagePath
U2 iATAgentService; geen ImagePath
U2 idealife Update Service; geen ImagePath
U3 IGRS; geen ImagePath
U2 IviRegMgr; geen ImagePath
U2 nvUpdatusService; geen ImagePath
U2 Oasis2Service; geen ImagePath
U2 PCCarerService; geen ImagePath
U2 ReadyComm.DirectRouter; geen ImagePath
U2 RichVideo; geen ImagePath
U2 RtLedService; geen ImagePath
U2 SeaPort; geen ImagePath
U2 SoftwareService; geen ImagePath
U3 SQLWriter; geen ImagePath
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-09-09 16:58 - 2016-09-09 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-09-09 16:52 - 2016-09-09 16:52 - 00000000 ____D C:\Users\pc\AppData\Roaming\MCorp
2016-09-09 16:50 - 2016-09-09 16:50 - 00000000 ____D C:\Users\pc\AppData\Local\Apple Computer
2016-09-09 16:47 - 2016-09-09 17:00 - 00000000 ____D C:\Users\pc\AppData\Local\HTC MediaHub
2016-09-09 16:47 - 2016-09-09 16:47 - 00000000 ____D C:\Users\pc\Documents\HTC
2016-09-09 16:47 - 2016-09-09 16:47 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Apple Computer
2016-09-09 16:45 - 2016-09-09 16:58 - 00001795 _____ C:\Users\Public\Desktop\MPC Desktop.lnk
2016-09-09 16:45 - 2016-09-09 16:58 - 00001788 _____ C:\Users\Public\Desktop\MPC AdCleaner.lnk
2016-09-09 16:45 - 2016-09-09 16:58 - 00001740 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-09-09 16:45 - 2016-09-09 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop
2016-09-09 16:45 - 2016-09-09 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
2016-09-09 16:24 - 2016-09-09 16:24 - 00000000 ____D C:\Users\pc\.android
2016-09-09 16:03 - 2016-09-09 16:03 - 03826240 _____ C:\Users\pc\Downloads\AdwCleaner (1).exe
2016-09-09 16:02 - 2016-09-09 16:43 - 00000000 ____D C:\AdwCleaner
2016-09-09 16:02 - 2016-09-09 16:02 - 03826240 _____ C:\Users\pc\Downloads\AdwCleaner.exe
2016-09-09 15:39 - 2016-09-09 15:39 - 00063590 _____ C:\Users\pc\Desktop\titel.txt
2016-09-09 15:37 - 2016-09-09 15:37 - 00061701 _____ C:\Users\pc\Desktop\Addition.txt
2016-09-09 15:09 - 2016-09-09 15:13 - 00061698 _____ C:\Users\pc\Downloads\Addition.txt
2016-09-09 15:07 - 2016-09-09 17:05 - 00027802 _____ C:\Users\pc\Downloads\FRST.txt
2016-09-09 15:06 - 2016-09-09 17:05 - 00000000 ____D C:\FRST
2016-09-09 15:06 - 2016-09-09 15:06 - 02397696 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe
2016-09-08 13:31 - 2016-09-08 14:57 - 00000000 ____D C:\Users\pc\Documents\Arduino
2016-09-08 13:31 - 2016-09-08 13:38 - 00000000 ____D C:\Users\pc\AppData\Local\Arduino15
2016-09-08 13:31 - 2016-09-08 13:31 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2016-09-08 13:31 - 2016-09-08 13:31 - 00001002 _____ C:\Users\Public\Desktop\Arduino.lnk
2016-09-08 13:31 - 2016-09-08 13:31 - 00000000 ____D C:\Users\pc\.oracle_jre_usage
2016-09-08 13:18 - 2016-09-08 13:18 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Sun
2016-09-08 13:17 - 2016-09-08 13:20 - 88111608 _____ C:\Users\pc\Downloads\arduino-1.6.11-windows.exe
2016-09-08 13:16 - 2016-09-08 13:16 - 03856720 _____ C:\Users\pc\Downloads\CP210x_Windows_Drivers.zip
2016-09-08 13:16 - 2016-09-08 13:16 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2016-09-08 13:16 - 2016-09-08 13:16 - 00000000 ____D C:\Users\pc\AppData\Roaming\WinRAR
2016-09-08 13:13 - 2016-09-09 16:50 - 00000000 ____D C:\Users\pc\AppData\Roaming\Apple Computer
2016-09-08 13:13 - 2016-09-08 14:37 - 00000000 ____D C:\Users\pc\AppData\Local\Google
2016-09-08 13:13 - 2016-09-08 13:14 - 00002316 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-08 13:13 - 2016-09-08 13:13 - 00138768 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-08 13:13 - 2016-09-08 13:13 - 00001412 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Leadertech
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Intel Corporation
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\DAEMON Tools Pro
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Adobe
2016-09-08 13:13 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Local\Adobe
2016-09-08 13:12 - 2016-09-09 16:24 - 00000000 ____D C:\Users\pc
2016-09-08 13:12 - 2016-09-08 13:13 - 00002097 _____ C:\Users\pc\Desktop\OneKey Recovery.lnk
2016-09-08 13:12 - 2016-09-08 13:13 - 00001129 _____ C:\Users\pc\Desktop\Cyberlink Power2Go.lnk
2016-09-08 13:12 - 2016-09-08 13:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-09-08 13:12 - 2016-09-08 13:12 - 00000020 ___SH C:\Users\pc\ntuser.ini
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Sjablonen
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Netwerkprinteromgeving
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Mijn documenten
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Menu Start
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Documents\Mijn video's
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Documents\Mijn muziek
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\Documents\Mijn afbeeldingen
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 _SHDL C:\Users\pc\AppData\Local\Geschiedenis
2016-09-08 13:12 - 2016-09-08 13:12 - 00000000 __SHD C:\Users\pc\IntelGraphicsProfiles
2016-09-08 13:12 - 2013-06-08 12:14 - 00000000 ____D C:\Users\pc\AppData\Local\Microsoft Help
2016-09-08 13:12 - 2012-07-13 13:31 - 00000000 ____D C:\Users\pc\AppData\Roaming\Macromedia
2016-09-08 13:12 - 2011-10-10 10:19 - 00000000 ____D C:\Users\pc\AppData\Roaming\Media Center Programs
2016-09-08 13:12 - 2010-12-19 07:31 - 00000189 _____ C:\Users\pc\Desktop\Lenovo Telephony Start Now.url
2016-09-07 21:33 - 2016-09-07 21:33 - 00000000 ____D C:\Users\Gast\AppData\LocalLow\Adobe
2016-09-07 21:32 - 2016-09-07 21:32 - 06153217 _____ C:\Users\Gast\Downloads\Voorl-V2ers-afstudeerfase-2016-17.pdf
2016-09-07 21:30 - 2016-09-07 21:30 - 00002312 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-05 14:52 - 2016-09-05 14:53 - 00000000 ____D C:\Program Files (x86)\vutcrsiw
2016-09-05 14:52 - 2016-09-05 14:53 - 00000000 ____D C:\Program Files (x86)\ldkifk6u
2016-09-05 14:52 - 2016-09-05 14:52 - 00000000 ____D C:\Users\Gast\AppData\Roaming\setup1
2016-09-04 21:49 - 2016-09-04 21:49 - 00044792 _____ C:\Users\Gast\Downloads\Addition.txt
2016-09-04 21:48 - 2016-09-04 21:49 - 00047009 _____ C:\Users\Gast\Downloads\FRST.txt
2016-09-04 21:43 - 2016-09-04 21:43 - 02397696 _____ (Farbar) C:\Users\Gast\Downloads\FRST64.exe
2016-08-22 10:41 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-22 10:41 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-22 10:41 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-22 10:41 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-22 10:41 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-22 10:41 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-22 10:41 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-22 10:41 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-22 10:41 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-22 10:41 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-22 10:41 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-22 10:41 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-22 10:41 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-22 10:41 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-22 10:41 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-22 10:41 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-22 10:41 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-22 10:41 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-22 10:41 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-22 10:41 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-22 10:41 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-22 10:41 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-22 10:41 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-22 10:41 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-22 10:41 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-22 10:41 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-22 10:41 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-22 10:41 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-22 10:41 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-22 10:41 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-22 10:41 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-22 10:41 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-22 10:41 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-22 10:41 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-22 10:41 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-22 10:41 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-22 10:41 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-22 10:41 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-22 10:41 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-22 10:41 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-22 10:41 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-22 10:41 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-22 10:41 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-22 10:41 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-22 10:41 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-22 10:41 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-22 10:41 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-22 10:41 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-22 10:41 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-22 10:41 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-22 10:41 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-22 10:41 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-22 10:41 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-22 10:41 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-22 10:41 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-22 10:41 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-22 10:41 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-22 10:41 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-22 10:41 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-22 10:41 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-22 10:41 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-22 10:41 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-22 10:41 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-22 10:41 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-22 10:41 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-22 10:41 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-21 20:31 - 2016-08-21 20:31 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-21 20:29 - 2016-08-21 20:29 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-17 22:56 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-17 22:56 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-17 22:56 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-17 22:56 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 22:56 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-17 22:56 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-17 22:56 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-17 22:56 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-17 22:56 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-17 22:56 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-17 22:56 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-17 22:56 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-17 22:56 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-17 22:56 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-17 22:54 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-17 22:48 - 2016-08-17 22:48 - 00369527 _____ (zdengine) C:\Windows\system32\zdengine64.dll
2016-08-17 22:46 - 2016-09-09 16:51 - 00001024 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-806224707-4145190528-131575124-1000UA.job
2016-08-17 22:46 - 2016-09-09 15:00 - 00000972 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-806224707-4145190528-131575124-1000Core.job
2016-08-17 22:46 - 2016-08-17 22:51 - 00000000 ____D C:\Users\Nabil\AppData\Local\Dropbox
2016-08-17 22:46 - 2016-08-17 22:46 - 00003998 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-806224707-4145190528-131575124-1000UA
2016-08-17 22:46 - 2016-08-17 22:46 - 00003602 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-806224707-4145190528-131575124-1000Core
2016-08-17 22:46 - 2016-08-17 22:46 - 00000000 ____D C:\ProgramData\Dropbox
2016-08-17 22:43 - 2016-09-09 16:44 - 00000000 ____D C:\Program Files (x86)\Huwulephjoght
2016-08-17 22:43 - 2016-09-08 13:12 - 00000000 ____D C:\Users\Nabil\AppData\Local\Ghawer
2016-08-17 22:43 - 2016-08-17 22:43 - 00113664 _____ C:\Users\Nabil\AppData\Local\tokzdx.dll
2016-08-17 22:43 - 2016-08-17 22:43 - 00002560 _____ C:\Users\Nabil\AppData\Local\uninstallssl.exe
2016-08-17 22:15 - 2016-09-09 16:47 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-08-17 22:15 - 2016-09-08 13:25 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-08-17 22:13 - 2016-08-17 22:13 - 00001629 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-17 22:13 - 2016-08-17 22:13 - 00001625 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-17 22:12 - 2016-08-17 22:12 - 00000000 ___HD C:\Program Files (x86)\wke1E47
2016-08-17 22:11 - 2016-08-17 22:14 - 00000000 ____D C:\Users\Nabil\AppData\Local\gapaphsherfiedthozgh
2016-08-17 22:08 - 2016-08-17 22:08 - 00000000 ____D C:\Program Files\d813a96400718df32cbe975ad547a403
2016-08-17 17:35 - 2016-08-17 17:35 - 00142496 _____ C:\Windows\e2291ef892a7c468429e018f598343e7.exe
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-09-09 16:59 - 2012-07-13 13:29 - 00000000 ____D C:\ProgramData\VeriFace
2016-09-09 16:58 - 2015-12-04 13:43 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12e88ff6992a3.job
2016-09-09 16:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-09 16:57 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-09 16:57 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-09 16:18 - 2015-12-04 13:43 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12e898f041f.job
2016-09-09 16:13 - 2016-06-28 21:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-08 13:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-08 13:24 - 2014-02-10 15:53 - 00000000 ____D C:\Program Files (x86)\Arduino
2016-09-08 13:16 - 2012-07-13 13:30 - 00000000 ____D C:\Program Files\DIFX
2016-09-08 13:13 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-08 13:12 - 2012-12-09 18:51 - 00000000 ____D C:\Users\Nabil\AppData\Local\PMB Files
2016-09-08 13:11 - 2012-09-22 21:08 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\Skype
2016-09-07 21:33 - 2014-07-25 00:38 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2016-09-07 21:33 - 2014-07-25 00:38 - 00000000 ____D C:\Users\Gast\AppData\Local\Adobe
2016-09-04 21:41 - 2012-11-15 12:56 - 00000000 ___RD C:\Users\Nabil\Dropbox
2016-09-04 21:24 - 2014-07-25 00:38 - 00000000 ____D C:\Users\Gast\AppData\Local\HTC MediaHub
2016-09-04 14:44 - 2015-09-10 10:30 - 00002364 _____ C:\Users\Nabil\Desktop\App-opstartprogramma van Chrome.lnk
2016-08-21 20:56 - 2014-07-25 00:39 - 00138768 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-21 20:53 - 2015-04-29 22:34 - 05320512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-21 20:31 - 2012-11-15 12:53 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\Dropbox
2016-08-18 00:12 - 2013-04-24 11:48 - 00000000 ____D C:\Users\Nabil\AppData\Local\HTC MediaHub
2016-08-17 23:38 - 2012-09-05 23:07 - 02319102 ____H C:\Users\Nabil\AppData\Local\IconCache.db.backup
2016-08-17 22:14 - 2015-07-25 16:45 - 00000000 ____D C:\Users\Nabil\AppData\Local\CrashDumps
2016-08-17 22:11 - 2012-09-07 18:36 - 00000000 ____D C:\Users\Nabil\AppData\Roaming\uTorrent
2016-08-10 10:43 - 2012-07-13 12:23 - 00746450 _____ C:\Windows\system32\perfh013.dat
2016-08-10 10:43 - 2012-07-13 12:23 - 00154112 _____ C:\Windows\system32\perfc013.dat
2016-08-10 10:43 - 2009-07-14 07:13 - 01672440 _____ C:\Windows\system32\PerfStringBackup.INI
 
==================== Bestanden in de root van sommige mappen =======
 
2015-04-15 13:56 - 2015-04-25 17:04 - 0000032 _____ () C:\ProgramData\anwblog2011.cfg
2016-01-10 22:42 - 2016-01-10 22:42 - 0004905 _____ () C:\ProgramData\lbogtyso.zat
2016-01-10 22:42 - 2016-01-10 22:42 - 0000016 _____ () C:\ProgramData\mntemp
 
Sommige bestanden in TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\ICReinstall_FileZilla_3.exe
C:\Users\Nabil\AppData\Local\Temp\5E5F.exe
C:\Users\Nabil\AppData\Local\Temp\acc.exe
C:\Users\Nabil\AppData\Local\Temp\BitXUpdaterService.exe
C:\Users\Nabil\AppData\Local\Temp\CodecFixDivx.exe
C:\Users\Nabil\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpexmhly.dll
C:\Users\Nabil\AppData\Local\Temp\dxdiag.exe
C:\Users\Nabil\AppData\Local\Temp\ist7010.tmp.exe
C:\Users\Nabil\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Nabil\AppData\Local\Temp\MediaPlayer__11426.exe
C:\Users\Nabil\AppData\Local\Temp\MPCSetup_4.3.exe
C:\Users\Nabil\AppData\Local\Temp\msconfig.exe
C:\Users\Nabil\AppData\Local\Temp\nsp165D.tmp.exe
C:\Users\Nabil\AppData\Local\Temp\nsrB711.tmp.exe
C:\Users\Nabil\AppData\Local\Temp\update.exe
C:\Users\Nabil\AppData\Local\Temp\_unps.exe
C:\Users\pc\AppData\Local\Temp\libeay32.dll
C:\Users\pc\AppData\Local\Temp\msvcr120.dll
C:\Users\pc\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2015-11-11 14:19
 
==================== Eind van FRST.txt ============================


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:35 PM

Posted 09 September 2016 - 05:59 PM

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

 

Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to its Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"
     
    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.
     
    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.
     
    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.
     
    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
     
    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and paste the mbam.log in your next reply.

.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

 

 

Let me know how the computer is running after you complete these steps.

 

 

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 Lijpestrijder

Lijpestrijder
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 10 September 2016 - 08:07 AM

Hi there, thanks for your help so far!

I've done all the steps above. Malwarebytes still gives me notifications every 2 seconds about it blocking a thread or something.
My laptop still isn't working as it should aswell.. Here is the log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scandatum: 10-9-2016
Scantijd: 14:25
Logboekbestand: 
Beheerder: Ja
 
Versie: 2.2.1.1043
Malware-database: v2016.09.10.04
Rootkit-database: v2016.08.15.01
Licentie: Proef
Malware-bescherming: Ingeschakeld
Bescherming tegen kwaadaardige websites: Ingeschakeld
Zelfbescherming: Uitgeschakeld
 
Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: pc
 
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 401790
Verstreken tijd: 21 min, 29 sec
 
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
 
Processen: 0
(Geen kwaadaardige items gedetecteerd)
 
Modules: 0
(Geen kwaadaardige items gedetecteerd)
 
Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)
 
Registerwaarden: 0
(Geen kwaadaardige items gedetecteerd)
 
Registerdata: 0
(Geen kwaadaardige items gedetecteerd)
 
Mappen: 0
(Geen kwaadaardige items gedetecteerd)
 
Bestanden: 0
(Geen kwaadaardige items gedetecteerd)
 
Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)
 
 
(end)


I'm not sure why the log says that it hasn't detected any harmfull files. In the scan it found A LOT of harmfull files.
 


#6 Lijpestrijder

Lijpestrijder
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 10 September 2016 - 08:31 AM

I'm also seeing that i'm running the free trial of the premium version, would that make any difference?



#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:35 PM

Posted 10 September 2016 - 02:01 PM

Can u please post the fixlog.txt. that FRST made when doing the fix. Please run Malwarebytes again and post the new log.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 Lijpestrijder

Lijpestrijder
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 11 September 2016 - 01:19 PM

FRST: 
 

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 31-08-2016
Gestart door pc (10-09-2016 14:12:40) Run:1
Gestart vanaf C:\Users\pc\Desktop
Geladen Profielen: pc (Beschikbare Profielen: Nabil & pc & Gast)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
AnySend (HKLM-x32\...\ASPackage) (Version:  - CMI Limited) <==== AANDACHT
OtherSearch
youndoo
 
 
 
 
CHR HKLM-x32\...\Chrome\Extension: [cjofdnhdkbflacojpfpkchgafjahijbb] - C:\Users\Nabil\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx <niet gevonden>
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [355808 2016-09-08] (DotC United Inc) <==== AANDACHT
C:\Program Files (x86)\MPC Cleaner
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-09-08] (DotC United Inc) <==== AANDACHT
C:\Windows\System32\DRIVERS\MPCKpt.sys
U3 BcmSqlStartupSvc; geen ImagePath
U2 CLKMSVC10_3A60B698; geen ImagePath
U2 CLKMSVC10_C3B3B687; geen ImagePath
U2 DriverService; geen ImagePath
U2 iATAgentService; geen ImagePath
U2 idealife Update Service; geen ImagePath
U3 IGRS; geen ImagePath
U2 IviRegMgr; geen ImagePath
U2 nvUpdatusService; geen ImagePath
U2 Oasis2Service; geen ImagePath
U2 PCCarerService; geen ImagePath
U2 ReadyComm.DirectRouter; geen ImagePath
U2 RichVideo; geen ImagePath
U2 RtLedService; geen ImagePath
U2 SeaPort; geen ImagePath
U2 SoftwareService; geen ImagePath
U3 SQLWriter; geen ImagePath
2016-09-09 16:58 - 2016-09-09 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-09-09 16:52 - 2016-09-09 16:52 - 00000000 ____D C:\Users\pc\AppData\Roaming\MCorp
2016-09-09 16:45 - 2016-09-09 16:58 - 00001795 _____ C:\Users\Public\Desktop\MPC Desktop.lnk
2016-09-09 16:45 - 2016-09-09 16:58 - 00001788 _____ C:\Users\Public\Desktop\MPC AdCleaner.lnk
2016-09-09 16:45 - 2016-09-09 16:58 - 00001740 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-09-09 16:45 - 2016-09-09 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop
2016-09-09 16:45 - 2016-09-09 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellExecuteHooks:  - {6710C780-E20E-4C49-A87D-321850ED3D7C} -  Geen bestand [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} =>  Geen bestand
ShellIconOverlayIdentifiers: [MyOverlayIcon] -> {B41B3408-923F-4B8B-85F2-146C509FA18C} =>  Geen bestand
Task: {0B2A2C03-5BD6-4994-86FF-B66D2CA63BBB} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe [2016-01-28] (Optimal Software s.r.o.) <==== AANDACHT
Task: {61B310F4-C316-4B4B-BAE3-77A812168E06} - System32\Tasks\vwe3034 => C:\Program Files (x86)\OtherSearch\vwe3034.exe [2016-07-12] () <==== AANDACHT
Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\PC Speed Up\PCSUSD.exe <==== AANDACHT
AlternateDataStreams: C:\Users\Nabil\Cookies:jKH8rkrtnjiiAXVWe9o [1938]
AlternateDataStreams: C:\Users\Nabil\Local Settings:hczXfx2xxH96sUhQhBa [1944]
AlternateDataStreams: C:\Users\Nabil\Desktop\KQKGhfuXr1S:bMrs5UvcgTgf0uZIRaOin44yOufX7 [2412]
AlternateDataStreams: C:\Users\Nabil\AppData\Local:hczXfx2xxH96sUhQhBa [1944]
AlternateDataStreams: C:\Users\Nabil\AppData\Local\Application Data:hczXfx2xxH96sUhQhBa [1944]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine => ""="service"
Emptytemp:
Hosts:
 
 
 
 
 
*****************
 
AnySend (HKLM-x32\...\ASPackage) (Version:  - CMI Limited) <==== AANDACHT => Fout: Geen automatische fix gevonden voor dit item.
OtherSearch => Fout: Geen automatische fix gevonden voor dit item.
youndoo => Fout: Geen automatische fix gevonden voor dit item.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb" => sleutel is succesvol verwijderd.
MPCProtectService => Kon service niet stoppen.
MPCProtectService => dienst kon niet worden verwijderd
 
"C:\Program Files (x86)\MPC Cleaner" map verplaatsing:
 
Kon niet verplaatsen "C:\Program Files (x86)\MPC Cleaner" => Gepland te verplaatsen bij herstart.
 
gupdate => dienst is succesvol verwijderd.
gupdatem => dienst is succesvol verwijderd.
McAfee SiteAdvisor Service => dienst is succesvol verwijderd.
MPCKpt => Kon service niet stoppen.
MPCKpt => dienst kon niet worden verwijderd
Kon niet verplaatsen "C:\Windows\System32\DRIVERS\MPCKpt.sys" => Gepland te verplaatsen bij herstart.
BcmSqlStartupSvc => dienst is succesvol verwijderd.
CLKMSVC10_3A60B698 => dienst is succesvol verwijderd.
CLKMSVC10_C3B3B687 => dienst is succesvol verwijderd.
DriverService => dienst is succesvol verwijderd.
iATAgentService => dienst is succesvol verwijderd.
idealife Update Service => dienst is succesvol verwijderd.
IGRS => dienst is succesvol verwijderd.
IviRegMgr => dienst is succesvol verwijderd.
nvUpdatusService => dienst is succesvol verwijderd.
Oasis2Service => dienst is succesvol verwijderd.
PCCarerService => dienst is succesvol verwijderd.
ReadyComm.DirectRouter => dienst is succesvol verwijderd.
RichVideo => dienst is succesvol verwijderd.
RtLedService => dienst is succesvol verwijderd.
SeaPort => dienst is succesvol verwijderd.
SoftwareService => dienst is succesvol verwijderd.
SQLWriter => dienst is succesvol verwijderd.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC => is succesvol verplaatst.
C:\Users\pc\AppData\Roaming\MCorp => is succesvol verplaatst.
C:\Users\Public\Desktop\MPC Desktop.lnk => is succesvol verplaatst.
C:\Users\Public\Desktop\MPC AdCleaner.lnk => is succesvol verplaatst.
C:\Users\Public\Desktop\MPC Cleaner.lnk => is succesvol verplaatst.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC Desktop => is succesvol verplaatst.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC AdCleaner => is succesvol verplaatst.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt2" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt3" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt4" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt5" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt6" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt7" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt8" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt9" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{6710C780-E20E-4C49-A87D-321850ED3D7C} => waarde is succesvol verwijderd.
HKCR\CLSID\{6710C780-E20E-4C49-A87D-321850ED3D7C} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt2" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt3" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt4" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt5" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt6" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt7" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt8" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt9" => sleutel is succesvol verwijderd.
HKCR\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => sleutel niet gevonden. 
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\MyOverlayIcon" => sleutel is succesvol verwijderd.
HKCR\CLSID\{B41B3408-923F-4B8B-85F2-146C509FA18C} => sleutel niet gevonden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B2A2C03-5BD6-4994-86FF-B66D2CA63BBB} => sleutel niet gevonden. 
C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator => niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC SpeedUp Service Deactivator => sleutel niet gevonden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61B310F4-C316-4B4B-BAE3-77A812168E06} => sleutel niet gevonden. 
C:\Windows\System32\Tasks\vwe3034 => niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\vwe3034 => sleutel niet gevonden. 
C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => niet gevonden.
"C:\Users\Nabil\Cookies" => ":jKH8rkrtnjiiAXVWe9o" ADS niet gevonden.
"C:\Users\Nabil\Local Settings" => ":hczXfx2xxH96sUhQhBa" ADS niet gevonden.
C:\Users\Nabil\Desktop\KQKGhfuXr1S => ":bMrs5UvcgTgf0uZIRaOin44yOufX7" ADS is succesvol verwijderd..
C:\Users\Nabil\AppData\Local => ":hczXfx2xxH96sUhQhBa" ADS is succesvol verwijderd..
"C:\Users\Nabil\AppData\Local\Application Data" => ":hczXfx2xxH96sUhQhBa" ADS niet gevonden.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\zdengine => sleutel niet gevonden. 
C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst.
Hosts met succes hersteld.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4337949 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 163301492 B
Edge => 0 B
Chrome => 285347706 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42337099 B
systemprofile32 => 33454 B
LocalService => 0 B
NetworkService => 65820 B
Nabil => 56649930769 B
pc => 10361800 B
Gast => 17215075 B
 
RecycleBin => 0 B
EmptyTemp: => 53.3 GB tijdelijke gegevens verwijderd.
 
================================
 
Resultaat van geplande bestanden te verplaatsen (Boot Modus: Normal) (Datum&Tijd: 10-09-2016 14:17:30)
 
"C:\Program Files (x86)\MPC Cleaner" => Kon niet verplaatsen
"C:\Windows\System32\DRIVERS\MPCKpt.sys" => Kon niet verplaatsen
 
==== Eind van Fixlog 14:17:35 ====

Attached Files

  • Attached File  mbam.txt   643.94KB   1 downloads


#9 Lijpestrijder

Lijpestrijder
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:35 PM

Posted 13 September 2016 - 02:57 PM

bump



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:35 PM

Posted 16 September 2016 - 06:50 AM

Please run FRST again as you did the first time you ran it and post the new FRST.txt. How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:03:35 PM

Posted 29 September 2016 - 07:24 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users