Jump to content


Photo

Virus keeps coming back after deleting it


  • This topic is locked This topic is locked
12 replies to this topic

#1 MartinLebrance

MartinLebrance

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 10 February 2016 - 06:27 AM

Hello,

 

First of all, I just read the FAQ for posting here and I hope this is all correct. The problem I have is that my virusscanners detected something about a month ago and I deleted it. The next month the scans came up empty but yesterday it detected something again..

 

I would like to thank you guys for helping me in advance!

 

Logs:

 

Malware bytes

_______________________________________

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 10-2-2016
Scan Time: 00:22
Logfile: bytes.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.02.09.05
Rootkit Database: v2016.02.08.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Beheerder
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 443775
Time Elapsed: 11 min, 28 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
_____________________________
FRST 
 
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:07-02-2016
Gestart door Beheerder (Beheerder) op REALPC (10-02-2016 00:23:31)
Gestart vanaf C:\Users\Beheerder\Downloads
Geladen Profielen: Beheerder &  (Beschikbare Profielen: Beheerder)
Platform: Windows 8.1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) D:\Program Files D\Nieuwe map\TeamViewer_Service.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe
(LogMeIn Inc.) D:\Program Files D\Hamachi\hamachi-2.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\loggingserver.exe
(LogMeIn, Inc.) D:\Program Files D\Hamachi\LMIGuardianSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) D:\Program Files D\Nieuwe map\TeamViewer.exe
(TeamViewer GmbH) D:\Program Files D\Nieuwe map\tv_w32.exe
(TeamViewer GmbH) D:\Program Files D\Nieuwe map\tv_x64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Spotify Ltd) C:\Users\Beheerder\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Flux Software LLC) C:\Users\Beheerder\AppData\Local\FluxSoftware\Flux\flux.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Elaborate Bytes AG) D:\Program Files D\VirtualCloneDrive\VCDDaemon.exe
(Insight Software Solutions) D:\Program Files (x86)\ShortKeys2\shortkey.exe
(DivX, LLC) C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Valve Corporation) D:\Program Files D\Steam\Steam.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Valve Corporation) D:\Program Files D\Steam\bin\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(LogMeIn Inc.) D:\Program Files D\Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) D:\Program Files D\Hamachi\LMIGuardianSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Users\Beheerder\Downloads\OSBuddy.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Spotify Ltd) C:\Users\Beheerder\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Beheerder\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Beheerder\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Beheerder\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Register (gefilterd) ===========================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-16] (NVIDIA Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => D:\Program Files D\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-11-27] (Sony Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [358336 2011-07-19] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2586696 2016-01-31] ()
HKLM-x32\...\Run: [BCSSync] => D:\Program Files D\Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-07-15] (Seagate Technology LLC)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3795880 2016-02-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Program Files D\Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [Steam] => D:\Program Files D\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [Spotify Web Helper] => C:\Users\Beheerder\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-02-04] (Spotify Ltd)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-17] (Electronic Arts)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-02] (Nota Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-07-15] (Seagate Technology LLC)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [f.lux] => C:\Users\Beheerder\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [uTorrent] => C:\Users\Beheerder\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-04] (BitTorrent Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [AceUpdater] => C:\Users\Beheerder\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\MountPoints2: {74177ad5-25e1-11e3-bf3f-00224d806f4f} - "H:\Autoplay.exe" -auto
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\MountPoints2: {ea61cb3b-5040-11e2-be6f-00224d806f4f} - "F:\setup.exe" 
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => D:\Program Files D\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Beheerder\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-02-04] (Spotify Ltd)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-17] (Electronic Arts)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-02] (Nota Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-07-15] (Seagate Technology LLC)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\Beheerder\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Beheerder\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-04] (BitTorrent Inc.)
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AceUpdater] => C:\Users\Beheerder\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {74177ad5-25e1-11e3-bf3f-00224d806f4f} - "H:\Autoplay.exe" -auto
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ea61cb3b-5040-11e2-be6f-00224d806f4f} - "F:\setup.exe" 
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => Geen bestand
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => D:\Program Files D\Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => D:\Program Files D\Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => D:\Program Files D\Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => D:\Program Files D\Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => D:\Program Files D\Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 2.lnk [2015-10-11]
ShortcutTarget: ShortKeys 2.lnk -> D:\Program Files (x86)\ShortKeys2\shortkey.exe (Insight Software Solutions)
Startup: C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-10-11]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel Core.lnk [2015-10-11]
ShortcutTarget: Intel Core.lnk -> C:\ProgramData\Intel Core\Intel Core.exe (Geen bestand)
Startup: C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2015-10-11]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 2.lnk [2016-02-09]
ShortcutTarget: ShortKeys 2.lnk -> D:\Program Files (x86)\ShortKeys2\shortkey.exe (Insight Software Solutions)
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 89.101.251.229 89.101.251.228
Tcpip\..\Interfaces\{59C36464-6D23-44EE-9356-4477123F0F79}: [DhcpNameServer] 89.101.251.229 89.101.251.228
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://nl.msn.com/
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://nl.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3149342564-3551317297-1658663929-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-16] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Geen Naam -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Geen bestand
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-20] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-16] (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~1\VIDEOC~1\WSBROW~1.DLL => Geen bestand
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files D\Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-19] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files D\Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-20] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-19] (Oracle Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\19.2.0.326\AVG SafeGuard toolbar_toolbar.dll [2016-01-31] (AVG Secure Search)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\19.2.0.326\AVG SafeGuard toolbar_toolbar.dll [2016-01-31] (AVG Secure Search)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-07] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.2.0\ViProtocol.dll [2016-01-31] (AVG Secure Search)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Geen bestand
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-07-19] (Citrix Systems, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxps://mysearch.avg.com?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=hp
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-12-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.2.0\\npsitesafety.dll [Geen bestand]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [Geen bestand]
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Program Files D\Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-10-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-10-16] (NVIDIA Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-11-27] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-01-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\Beheerder\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\Beheerder\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Geen bestand]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2011-07-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2011-06-02] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2011-07-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2011-07-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2011-07-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2011-07-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2011-07-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2011-07-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2011-05-06] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2011-06-02] (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\searchplugins\avg-secure-search.xml [2016-01-31]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2016-01-31]
FF Extension: iMacros for Firefox - C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-11-18]
FF Extension: AVG SafeGuard toolbar - C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\Extensions\avg@safeguard.xpi [2015-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-04-24] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com => niet gevonden
 
Chrome: 
=======
CHR Profile: C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bitford) - C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\agjcpjkkccmhfopfciohkkfolnjbbdoh [2015-07-21]
CHR Extension: (BetterTTV) - C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-07-08]
CHR Extension: (Adblock Plus) - C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-03]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-02-05]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2014-09-08]
CHR Extension: (MuteTab) - C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc [2015-04-19]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Cite This For Me: Web Citer) - C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle [2015-05-28]
CHR HKLM-x32\...\Chrome\Extension: [dnnajmlhehgnkclpdlggknanmcplloej] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx <niet gevonden>
 
==================== Services (gefilterd) ========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3646888 2016-02-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2016-02-04] (AVG Technologies CZ, s.r.o.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-23] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [Bestand niet getekend]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [Bestand niet getekend]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-16] (NVIDIA Corporation)
R2 Hamachi2Svc; D:\Program Files D\Hamachi\hamachi-2.exe [2546184 2015-11-12] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files D\Office\Office14\GROOVE.EXE [30963576 2010-01-21] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-16] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-04-13] ()
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-02-13] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-07-15] (Seagate Technology LLC)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-11-26] (Sony Corporation) [Bestand niet getekend]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend]
R2 TeamViewer9; D:\Program Files D\Nieuwe map\TeamViewer_Service.exe [5261584 2015-04-09] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [762320 2015-01-17] (Tunngle.net GmbH) [Bestand niet getekend]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [Bestand niet getekend]
R2 vToolbarUpdater19.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe [1875528 2016-01-31] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (gefilterd) ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [299440 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [296368 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255920 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-09-25] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
U0 irfswn; C:\Windows\System32\drivers\eatykp.sys [79064 2016-02-09] (Malwarebytes)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [44544 2013-01-15] (ManyCam LLC)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-10] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-10-16] (NVIDIA Corporation)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-09-25] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 OSFMount; \??\C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys [X]
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-02-10 00:23 - 2016-02-10 00:23 - 00049319 _____ C:\Users\Beheerder\Downloads\FRST.txt
2016-02-10 00:23 - 2016-02-10 00:23 - 00000000 ____D C:\FRST
2016-02-10 00:21 - 2016-02-10 00:21 - 02370560 _____ (Farbar) C:\Users\Beheerder\Downloads\FRST64.exe
2016-02-09 21:01 - 2016-02-09 21:01 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\eatykp.sys
2016-02-06 14:21 - 2016-02-06 14:21 - 00298768 _____ C:\WINDOWS\Minidump\020616-23546-01.dmp
2016-02-03 16:22 - 2016-02-03 16:22 - 00224674 _____ C:\Users\Beheerder\Downloads\McAfee, A. (2006). Mastering the three worlds of information technology, Harvard Business Review, Vol.84, Iss.11, p.141-149..pdf
2016-02-02 15:01 - 2016-02-02 15:01 - 00013791 _____ C:\Users\Beheerder\Downloads\[kat.cr]enron.the.smartest.guys.in.the.room.2005.docu.dvdrip.xvid.torrent
2016-01-31 11:32 - 2016-01-31 11:32 - 00296744 _____ C:\WINDOWS\Minidump\013116-17078-01.dmp
2016-01-31 01:22 - 2016-01-31 01:22 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\obf.u
2016-01-25 00:11 - 2016-01-25 00:11 - 00020155 _____ C:\Users\Beheerder\Downloads\Participation EBS2001 Prelim Eleum.xls.xlsx
2016-01-24 21:46 - 2016-01-24 21:46 - 00015707 _____ C:\Users\Beheerder\Downloads\[kat.cr]homeland.s05.season.5.720p.5.1ch.web.dl.reenc.deejayahmed.torrent
2016-01-22 12:53 - 2016-01-22 12:53 - 00255920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-01-21 18:29 - 2016-01-21 18:29 - 01044490 _____ C:\Users\Beheerder\Downloads\test1213_1a (1).pdf
2016-01-21 18:29 - 2016-01-21 18:29 - 00063362 _____ C:\Users\Beheerder\Downloads\test1213_1Answers.pdf
2016-01-21 17:33 - 2016-01-21 17:33 - 01044490 _____ C:\Users\Beheerder\Downloads\test1213_1a.pdf
2016-01-21 17:26 - 2016-01-21 17:26 - 02432903 _____ C:\Users\Beheerder\Downloads\All-cases-QM3-1.pdf
2016-01-21 00:11 - 2016-01-21 00:12 - 09918201 _____ C:\Users\Beheerder\Downloads\Meeting3 everything you need (1).pdf
2016-01-20 17:06 - 2016-01-20 17:06 - 00411677 _____ C:\Users\Beheerder\Downloads\test1314_1 CP4.pdf
2016-01-20 17:06 - 2016-01-20 17:06 - 00065157 _____ C:\Users\Beheerder\Downloads\test1314_1Answer.pdf
2016-01-20 17:02 - 2016-01-20 17:02 - 37947607 _____ C:\Users\Beheerder\Downloads\Meeting3 everything you need.pdf
2016-01-19 19:57 - 2016-01-20 17:06 - 00000000 ____D C:\Users\Beheerder\OSBuddy
2016-01-19 19:56 - 2016-01-19 19:56 - 00880432 _____ C:\Users\Beheerder\Downloads\OSBuddy (1).exe
2016-01-19 19:55 - 2016-01-19 19:55 - 00272884 _____ C:\Users\Beheerder\Downloads\OSBuddy.jar
2016-01-19 19:52 - 2016-01-19 19:52 - 00000000 ____D C:\Users\Beheerder\AppData\Roaming\Sun
2016-01-19 19:52 - 2016-01-19 19:52 - 00000000 ____D C:\Users\Beheerder\AppData\LocalLow\Oracle
2016-01-19 19:51 - 2016-01-19 19:51 - 00584288 _____ (Oracle Corporation) C:\Users\Beheerder\Downloads\chromeinstall-8u66.exe
2016-01-19 16:31 - 2016-01-19 16:31 - 00796333 _____ C:\Users\Beheerder\Downloads\test1314_2.pdf
2016-01-19 16:31 - 2016-01-19 16:31 - 00436970 _____ C:\Users\Beheerder\Downloads\test1314_1.pdf
2016-01-19 16:31 - 2016-01-19 16:31 - 00394017 _____ C:\Users\Beheerder\Downloads\test1415_1.pdf
2016-01-19 16:31 - 2016-01-19 16:31 - 00299986 _____ C:\Users\Beheerder\Downloads\test1415_2.pdf
2016-01-17 12:33 - 2016-01-17 12:33 - 01288704 _____ C:\Users\Beheerder\Downloads\Case6Tables.ppt
2016-01-15 21:37 - 2016-01-15 21:37 - 00004899 _____ C:\Users\Beheerder\Downloads\[kat.cr]american.horror.story.s05e12.hdtv.xvid.fum.ettv.torrent
2016-01-13 16:24 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 16:24 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 16:24 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 16:24 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 16:24 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 16:24 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 16:24 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-13 16:24 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-13 16:24 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 16:24 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-13 16:24 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-13 16:24 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 16:24 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-13 16:24 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-13 16:24 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-13 16:24 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-13 16:24 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-13 16:24 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 16:24 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-13 16:24 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-13 16:24 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-13 16:23 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 16:23 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-13 16:23 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-13 16:23 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 16:23 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 16:23 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 16:23 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 16:23 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 16:23 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 16:23 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 16:23 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 16:23 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 16:23 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 16:23 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 16:23 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 16:23 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 16:23 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 16:23 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\s

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,533 posts

Posted 12 February 2016 - 07:22 PM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.


[this is an automated reply]
This is an automated message. It does not count as help.

#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,282 posts

Posted 13 February 2016 - 07:14 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to the a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

[B](Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\loggingserver.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2586696 2016-01-31] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [AceUpdater] => C:\Users\Beheerder\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AceUpdater] => C:\Users\Beheerder\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => Geen bestand
Startup: C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel Core.lnk [2015-10-11]
ShortcutTarget: Intel Core.lnk -> C:\ProgramData\Intel Core\Intel Core.exe (Geen bestand)
SearchScopes: HKU\S-1-5-21-3149342564-3551317297-1658663929-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: Geen Naam -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Geen bestand
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~1\VIDEOC~1\WSBROW~1.DLL => Geen bestand
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.2.0\ViProtocol.dll [2016-01-31] (AVG Secure Search)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Geen bestand
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxps://mysearch.avg.com?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=hp
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.2.0\\npsitesafety.dll [Geen bestand]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\Beheerder\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\Beheerder\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Geen bestand]
FF SearchPlugin: C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\searchplugins\avg-secure-search.xml [2016-01-31]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2016-01-31]
CHR HKLM-x32\...\Chrome\Extension: [dnnajmlhehgnkclpdlggknanmcplloej] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx <niet gevonden>
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [Bestand niet getekend]
R2 vToolbarUpdater19.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe [1875528 2016-01-31] (AVG Secure Search)
U0 irfswn; C:\Windows\System32\drivers\eatykp.sys [79064 2016-02-09] (Malwarebytes)
S3 OSFMount; \??\C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys [X]
C:\Program Files (x86)\Popcorn Time
C:\Program Files (x86)\Skillbrains
C:\Users\Beheerder\AppData\Roaming\ACEStream
C:\Windows\System32\drivers\eatykp.sys[/B]

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===


Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===


Please paste the contents of the Addition.txt file that was created by running the Farbar tool.

Please let me know what problem persists with this computer.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,282 posts

Posted 21 February 2016 - 06:17 AM

Are you still with me?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 MartinLebrance

MartinLebrance

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 22 February 2016 - 06:34 AM

Sorry for the delay! I am still here but was very busy. I will do the recommended steps tonight!



#6 MartinLebrance

MartinLebrance

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 23 February 2016 - 05:09 PM

Ok so I am back and followed the steps. Sorry for the delay once again! Appreciate you helping me out.

So first up, the fixlog.txt:

 

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:21-02-2016 01
Gestart door Beheerder (2016-02-23 23:59:35) Run:1
Gestart vanaf C:\Users\Beheerder\Downloads
Geladen Profielen: Beheerder (Beschikbare Profielen: Beheerder)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\loggingserver.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2586696 2016-01-31] ()
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-10-16] ()
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\...\Run: [AceUpdater] => C:\Users\Beheerder\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AceUpdater] => C:\Users\Beheerder\AppData\Roaming\ACEStream\updater\ace_update.exe [22824 2014-10-01] ()
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => Geen bestand
Startup: C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel Core.lnk [2015-10-11]
ShortcutTarget: Intel Core.lnk -> C:\ProgramData\Intel Core\Intel Core.exe (Geen bestand)
SearchScopes: HKU\S-1-5-21-3149342564-3551317297-1658663929-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: Geen Naam -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Geen bestand
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\PROGRA~3\WONDER~1\VIDEOC~1\WSBROW~1.DLL => Geen bestand
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.2.0\ViProtocol.dll [2016-01-31] (AVG Secure Search)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Geen bestand
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxps://mysearch.avg.com?cid={6B6AB470-3907-42A7-AE9D-75A2992153A1}&mid=c39ae708e48047d2a1f5d16b0b6486bc-bd24bf4dbcb968ed10c536d96b072258756c2839&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2014-09-07 12:24:12&v=19.0.0.10&pid=safeguard&sg=&sap=hp
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.2.0\\npsitesafety.dll [Geen bestand]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\Beheerder\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @acestream.net/acestreamplugin,version=3.0.12 -> C:\Users\Beheerder\AppData\Roaming\ACEStream\player\npace_plugin.dll [2014-12-03] (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Geen bestand]
FF SearchPlugin: C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\searchplugins\avg-secure-search.xml [2016-01-31]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2016-01-31]
CHR HKLM-x32\...\Chrome\Extension: [dnnajmlhehgnkclpdlggknanmcplloej] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx <niet gevonden>
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [Bestand niet getekend]
R2 vToolbarUpdater19.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe [1875528 2016-01-31] (AVG Secure Search)
U0 irfswn; C:\Windows\System32\drivers\eatykp.sys [79064 2016-02-09] (Malwarebytes)
S3 OSFMount; \??\C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys [X]
C:\Program Files (x86)\Popcorn Time
C:\Program Files (x86)\Skillbrains
C:\Users\Beheerder\AppData\Roaming\ACEStream
C:\Windows\System32\drivers\eatykp.sys
 
End
*****************
 
Herstelpunt is succesfol gemaakt.
Proces succesvol afgesloten.
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe => Fout: Geen automatische fix gevonden voor dit item.
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\ToolbarUpdater.exe => Geen lopend proces gevonden
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.2.0\loggingserver.exe => Geen lopend proces gevonden
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe => Geen lopend proces gevonden
C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe => Geen lopend proces gevonden
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => waarde is succesvol verwijderd.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\vProt => waarde is succesvol verwijderd.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Lightshot => waarde is succesvol verwijderd.
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => waarde is succesvol verwijderd.
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AceUpdater => waarde is succesvol verwijderd.
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => waarde niet gevonden.
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\AceUpdater => waarde niet gevonden.
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL" => Waarde gegevens is succesvol verwijderd..
C:\Users\Beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel Core.lnk => is succesvol verplaatst.
C:\ProgramData\Intel Core\Intel Core.exe => niet gevonden.
"HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => sleutel is succesvol verwijderd.
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => sleutel is succesvol verwijderd.
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => sleutel niet gevonden. 
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => sleutel niet gevonden. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => sleutel is succesvol verwijderd.
"HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{451C804F-C205-4F03-B48E-537EC94937BF}" => sleutel is succesvol verwijderd.
"HKCR\Wow6432Node\CLSID\{451C804F-C205-4F03-B48E-537EC94937BF}" => sleutel is succesvol verwijderd.
"HKCR\Wow6432Node\PROTOCOLS\Handler\viprotocol" => sleutel is succesvol verwijderd.
"HKCR\Wow6432Node\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}" => sleutel is succesvol verwijderd.
"HKCR\PROTOCOLS\Handler\WSWSVCUchrome" => sleutel is succesvol verwijderd.
Firefox DefaultSearchEngine is succesvol verwijderd.
Firefox SelectedSearchEngine is succesvol verwijderd.
Firefox "homepage" is succesvol verwijderd.
"HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => sleutel is succesvol verwijderd.
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4" => sleutel is succesvol verwijderd.
"HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.0.12" => sleutel is succesvol verwijderd.
C:\Users\Beheerder\AppData\Roaming\ACEStream\player\npace_plugin.dll => is succesvol verplaatst.
"HKU\S-1-5-21-3149342564-3551317297-1658663929-1001\Software\MozillaPlugins\ubisoft.com/uplaypc" => sleutel is succesvol verwijderd.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll => niet gevonden.
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.0.12 => sleutel niet gevonden. 
C:\Users\Beheerder\AppData\Roaming\ACEStream\player\npace_plugin.dll => niet gevonden.
HKU\S-1-5-21-3149342564-3551317297-1658663929-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\MozillaPlugins\ubisoft.com/uplaypc => sleutel niet gevonden. 
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll => niet gevonden.
C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\searchplugins\avg-secure-search.xml => is succesvol verplaatst.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml => is succesvol verplaatst.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dnnajmlhehgnkclpdlggknanmcplloej" => sleutel is succesvol verwijderd.
Update service => Kon service niet stoppen.
Update service => dienst is succesvol verwijderd.
vToolbarUpdater19.2.0 => Kon service niet stoppen.
vToolbarUpdater19.2.0 => dienst is succesvol verwijderd.
irfswn => dienst niet gevonden.
OSFMount => dienst is succesvol verwijderd.
C:\Program Files (x86)\Popcorn Time => is succesvol verplaatst.
C:\Program Files (x86)\Skillbrains => is succesvol verplaatst.
C:\Users\Beheerder\AppData\Roaming\ACEStream => is succesvol verplaatst.
"C:\Windows\System32\drivers\eatykp.sys" => niet gevonden.
EmptyTemp: => 4 GB tijdelijke gegevens verwijderd.
 
 
Het systeem moest herstart worden.
 
==== Eind van Fixlog 00:00:32 ====
 
 
 
 
 
And 2nd the Adware log:
 

# AdwCleaner v5.036 - Logbestand aangemaakt 24/02/2016 op 00:02:32
# Laatste update 22/02/2016 door Xplode
# Database : 2016-02-22.2 [Server]
# Besturingssysteem : Windows 8.1  (x64)
# Gebruikersnaam : Beheerder - REALPC
# Gestart vanuit : C:\Users\Beheerder\Downloads\adwcleaner_5.036.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum
 
***** [ Services ] *****
 
 
***** [ Mappen ] *****
 
[-] Map Verwijderd : C:\Program Files\AVG SafeGuard toolbar
[-] Map Verwijderd : C:\Program Files (x86)\AVG SafeGuard toolbar
[-] Map Verwijderd : C:\Program Files (x86)\AVG Security Toolbar
[-] Map Verwijderd : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Map Verwijderd : C:\ProgramData\apn
[-] Map Verwijderd : C:\ProgramData\AVG SafeGuard toolbar
[-] Map Verwijderd : C:\ProgramData\AVG Secure Search
[-] Map Verwijderd : C:\ProgramData\AVG Security Toolbar
[-] Map Verwijderd : C:\ProgramData\Babylon
[-] Map Verwijderd : C:\ProgramData\StarApp
[-] Map Verwijderd : C:\ProgramData\WPM
[-] Map Verwijderd : C:\ProgramData\Avg_Update_1114tb
[-] Map Verwijderd : C:\Users\Beheerder\AppData\Local\AVG SafeGuard toolbar
[-] Map Verwijderd : C:\Users\Beheerder\AppData\Local\PackageAware
[-] Map Verwijderd : C:\Users\Beheerder\AppData\Local\PutLockerDownloader
[-] Map Verwijderd : C:\Users\Beheerder\AppData\LocalLow\.acestream
[-] Map Verwijderd : C:\Users\Beheerder\AppData\LocalLow\AVG SafeGuard toolbar
[-] Map Verwijderd : C:\Users\Beheerder\AppData\Roaming\.acestream
[-] Map Verwijderd : C:\Users\Beheerder\AppData\Roaming\Babylon
[-] Map Verwijderd : C:\Users\Beheerder\AppData\Roaming\iSafe
[-] Map Verwijderd : C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}
 
***** [ Bestanden ] *****
 
[-] Bestand Verwijderd : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
 
***** [ DLLs ] *****
 
 
***** [ Snelkoppelingen ] *****
 
 
***** [ geplande taken ] *****
 
[-] Taak Verwijderd : update-S-1-5-21-3149342564-3551317297-1658663929-1001
[-] Taak Verwijderd : update-sys
[-] Taak Verwijderd : update-S-1-5-21-3149342564-3551317297-1658663929-1001
[-] Taak Verwijderd : update-sys
 
***** [ Register ] *****
 
[-] Sleutel Verwijderd : HKCU\Software\Classes\Applications\ace_player.exe
[-] Sleutel Verwijderd : HKCU\Software\Classes\MIME\Database\Content Type\application/x-acestream-plugin
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Sleutel Verwijderd : HKCU\Software\d0dedab038ee17
[-] Sleutel Verwijderd : HKLM\SOFTWARE\d0dedab038ee17
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Sleutel Verwijderd : HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Sleutel Verwijderd : HKCU\Software\AceStream
[-] Sleutel Verwijderd : HKCU\Software\AVG Security Toolbar
[-] Sleutel Verwijderd : HKCU\Software\BI
[-] Sleutel Verwijderd : HKCU\Software\InstalledThirdPartyPrograms
[-] Sleutel Verwijderd : HKLM\SOFTWARE\AVG Security Toolbar
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Babylon
[-] Sleutel Verwijderd : HKLM\SOFTWARE\PIP
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{177586E7-E42E-4F38-83D1-D15B4AF5B714}
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Sleutel Verwijderd : HKU\.DEFAULT\Software\VNT
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E685771E24E83F4381D1DB5A45F7B41
[!] Sleutel Niet Verwijderd : [x64] HKLM\SOFTWARE\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41
[-] Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
[-] Sleutel Verwijderd : HKCU\Software\Classes\.acelive
[-] Sleutel Verwijderd : HKCU\Software\Classes\.acemedia
[-] Sleutel Verwijderd : HKCU\Software\Classes\.acestream
[-] Sleutel Verwijderd : HKCU\Software\Classes\.tslive
[-] Sleutel Verwijderd : HKCU\Software\Classes\acestream
[-] Sleutel Verwijderd : HKCU\Software\Classes\AceStream.file
 
***** [ Internetbrowsers ] *****
 
[-] [C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\prefs.js] [Preference] Verwijderd : user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://Vosteran.com/?f=1&a=vst_frg01_14_47_ch&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyCtAzy0AyD0AyEyEtB0FtN0D0Tzu0StCtDyDyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD[...]
[-] [C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\prefs.js] [Preference] Verwijderd : user_pref("extensions.srchvstrn.newTabUrl", "hxxp://Vosteran.com/?f=2&a=vst_frg01_14_47_ch&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyCtAzy0AyD0AyEyEtB0FtN0D0Tzu0StCtDyDyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytD[...]
[-] [C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\cnj4bs4e.default\prefs.js] [Preference] Verwijderd : user_pref("extensions.srchvstrn.tlbrSrchUrl", "hxxp://Vosteran.com/?f=3&a=vst_frg01_14_47_ch&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyCtAzy0AyD0AyEyEtB0FtN0D0Tzu0StCtDyDyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzy[...]
[-] [C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js] [Preference] Verwijderd : user_pref("browser.startup.homepage", "hxxp://Vosteran.com/?f=1&a=vst_frg01_14_47_ch&cd=2XzuyEtN2Y1L1QzuyB0AyBzytCzyyCtAzy0AyD0AyEyEtB0FtN0D0Tzu0StCtDyDyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1S[...]
[-] [C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Verwijderd : bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Beheerder\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Verwijderd : oilkkkefbalmbfppgjmgjoefbclebkce
 
*************************
 
:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [10964 bytes] - [24/02/2016 00:02:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [10432 bytes] - [24/02/2016 00:01:45]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11112 bytes] ##########
 
 
 


#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,282 posts

Posted 24 February 2016 - 06:42 AM

How is the computer running now?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#8 MartinLebrance

MartinLebrance

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 24 February 2016 - 02:55 PM

It appears to be running fine. The thing is that I get the virus notification on and off ever since I first deleted it. Is my computer clean from your perspective?



#9 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,282 posts

Posted 25 February 2016 - 06:57 AM

There could be some inactive remnant items that we do not see.

Run an online scan with Eset (easiest with Internet Explorer): http://www.eset.com/onlinescan/
To shorten the scanning time disable your antivirus program while scanning.

Select Enable detection of potentially unwanted applications.
Click Advanced Settings.

Deselect Remove found threats.

Select:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology


Click Start.

When the scan is finished, click on List of found threats and then Export to text file. Copy the content of the text file and paste its content in your reply.
<<<>>>

This may take awhile, do it when you know you will not need the computer for 1 or 2 hours.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#10 MartinLebrance

MartinLebrance

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 02 March 2016 - 02:43 AM

So i ran the scan, these are the resulsts:

 

C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application
C:\Program Files (x86)\Cheat Engine 6.3\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application
C:\Program Files (x86)\HyperCam 2\hctoolbar.exe Win32/Somoto.F potentially unwanted application
C:\ProgramData\VRK3Fo.au3 Win32/Injector.Autoit.BVZ trojan
C:\Users\All Users\VRK3Fo.au3 Win32/Injector.Autoit.BVZ trojan
C:\Users\Beheerder\AppData\LocalLow\Sun\Java\jre1.7.0_51\java_sp.dll a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Users\Beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\user.js JS/SecurityDisabler.B potentially unwanted application
C:\Windows\Installer\MSI803D.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSI8633.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
D:\1AA Backup desktop\login.php PHP/Phishing.Agent.A trojan
D:\1AA DOWNLOAD BACKUP\dffsetup-dinput8.exe a variant of Win32/Systweak potentially unwanted application
D:\1AA DOWNLOAD BACKUP\EAM.rar a variant of Win32/GameTool.CM potentially unsafe application
D:\1AA DOWNLOAD BACKUP\FreeSlideshowMaker.exe Win32/OpenCandy potentially unsafe application
D:\1AA DOWNLOAD BACKUP\HC2Setup (1).exe Win32/Somoto.F potentially unwanted application
D:\Backup\Downloads Folder 4-10-15\-=PyrosK=- Public RPC v1.23 for GTAV v1.20 Algatraz Protected D2.rar a variant of MSIL/Packed.Confuser.N suspicious application
D:\Backup\Downloads Folder 4-10-15\-=PyrosK=- Public RPC v1.23 for GTAV v1.20 Algatraz Protected.rar a variant of MSIL/Packed.Confuser.N suspicious application
D:\Backup\Downloads Folder 4-10-15\firesheep-0.1-1.xpi OSX/Sniffer.B potentially unsafe application
D:\Downloads\Adobe Media Encoder CC 2014 (v8.2) Multilingual Update 2 by Monkrus-=TEAM OS=-{HKRG}\Adobe.Media.Encoder.CC.2014.u2.Multilingual.iso a variant of Win32/HackTool.Patcher.CH potentially unsafe application
D:\Program Files D\steam_api.dll a variant of Win32/HackTool.Crack.DW potentially unsafe application
D:\Program Files D\uTorrent.exe a variant of Win32/Bunndle potentially unsafe application
D:\PS3 Modding\Tools\GTA V\Working Best\project gotham\PG 3.6\Project Gotham.exe a variant of MSIL/Packed.Confuser.K suspicious application
 
There is some really old stuff in there which I didnt even use/dont use anymore, so let me know 


#11 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,282 posts

Posted 02 March 2016 - 06:21 AM

Run the Scan again and remove everything.


If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingc...best-practices/
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#12 MartinLebrance

MartinLebrance

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 02 March 2016 - 04:55 PM

Well then, if that was everything. I would like to thank you very much for assisting me! I appreciate it a lot.



#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,282 posts

Posted 30 March 2016 - 06:11 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button