1. #1

    [Win7 x64, NO SP] redirecting to us.search.yahoo.com

    Hi,
    I have encountered a redirecting problem since i had AVAST deactiveated for some update reasons (0n this forum).
    I must have clicked a link yesterday, don't knnow when or where, but now , i'm being redirected to mostly yahoo when searching on google. Not always but mostly.

    Even when i am on a webpage, sometimes letterfonts become having another colour and become 'links'.
    So this virus can alter my webpages .... very annoying.
    My helper softwaremaniac redirected me to this forum.
    Hopefully someone can help.

    I have tried several hours to clean with Malwarebytes, adw cleaner, Kaspersky, Hotman PRO....but no luck....

    ANY HELP WOULD BE MUCH APPRECIATED !


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2
    Moderator
    BSOD Kernel Dump Analyst
    Windows Update Senior Analyst
    softwaremaniac's Avatar
    Join Date
    Oct 2014
    Location
    Croatia
    Age
    22
    Posts
    5,170
    • specs System Specs
      • Motherboard:
        ASRock Fatal1ty P67 Main Board
      • CPU:
        Intel Core i7-2700K 3.5GHz
      • Memory:
        Crucial 2x8GB DDR3 1600 MHz
      • Graphics:
        Gigabyte GTX 1080 G1 Gaming 8 GB
      • Sound Card:
        Asus Xonar DSX
      • Hard Drives:
        WD Caviar Black 1TB SATA III 7200rpm, WD Caviar Black 6TB SATA III 7200rpm
      • Disk Drives:
        Samsung 840 Evo 250GB
      • Power Supply:
        Corsair GS 700W
      • Case:
        Silverstone KL04B Case
      • Cooling:
        CoolerMaster Arctic Freezer 7 Pro
      • Display:
        Philips Brilliance BDM4065UC 4K 3840x2160
      • Operating System:
        Windows 10 Pro 1703 x64

    Re: redirecting to us.search.yahoo.com

    Follow these instructions: Malware Removal Posting Instructions

  3. #3

    Re: redirecting to us.search.yahoo.com

    Result of Security Analysis by Rocket Grannie (x86) Updated: 28th August, 2017
    Running from:C:\Users\stefan\Downloads (21:23:23 - 08/28/2017)
    ***---------------------------------------------------------***
    Microsoft Windows 7 Home Premium X64 ==> Service Pack is out of Date
    UAC is Disabled
    Internet Explorer ==> is out of Date
    Default Browser: Google Chrome
    ***------------Antivirus - Antispyware - Firewall-----------***
    Microsoft Security Essentials (Disabled - up to Date)
    Avast Antivirus (Disabled - up to Date)
    Microsoft Security Essentials (Disabled - up to Date)
    Windows Defender (Disabled - up to Date)
    Avast Antivirus (Disabled - up to Date)
    Windows Firewall (Enabled)
    No other Firewall Installed
    ***-------Security Programs - Browsers - Miscellaneous------***
    Adobe Flash Player NPAPI (26.0.0.151)
    CCleaner (4.19) ==> is out of Date
    Defraggler (2.18) ==> is out of Date
    Google Chrome (60.0.3112.101)
    Java (8.0.250.18)
    Malwarebytes (2.2.1.1043) ==> is out of Date
    Microsoft Silverlight (5.1.40728.0)
    Mozilla Firefox (31.0) ==> is out of Date
    SUPERAntiSpyware (6.0.1212)
    Windows Live Essentials (14.0.8089.726) ==> is out of Date


    ***----------------Analysis Complete-------------------------***

  4. #4

    Re: redirecting to us.search.yahoo.com

    Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20-08-2017
    Gestart door stefan (Beheerder) op STEFAN-PC (28-08-2017 21:16:05)
    Gestart vanaf C:\Users\stefan\Downloads
    Geladen Profielen: stefan (Beschikbare Profielen: stefan & Administrator)
    Platform: Windows 7 Home Premium (X64) Taal: Nederlands (Nederland)
    Internet Explorer Versie 8 (Standaardbrowser: Chrome)
    Boot Modus: Normal
    Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials


    ==================== Processen (gefilterd) =================


    (Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)


    (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_46212ecee8bc70b6\stacsv64.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_46212ecee8bc70b6\AESTSr64.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Register (gefilterd) ====================


    (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)


    HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2017-08-12] (IDT, Inc.)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-17] (AVAST Software)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867952 2014-12-05] (Synaptics Incorporated)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\Policies\system: [DisableLockWorkstation] 0
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\Policies\system: [DisableChangePassword] 0
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: G - G:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {1158b302-d57e-11e6-9fd9-c80aa95a42da} - H:\AutoRun.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {1158b325-d57e-11e6-9fd9-c80aa95a42da} - G:\windows\AutoRun.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {1c7f7c8c-9110-11e6-b64c-c80aa95a42da} - G:\windows\AutoRun.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {44485e97-6e84-11e5-8b91-c80aa95a42da} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {44485e9f-6e84-11e5-8b91-c80aa95a42da} - G:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {491e5f76-ad34-11df-9e03-c80aa95a42da} - F:\SETUP.EXE
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {5e431590-8ab0-11e5-9ad7-c80aa95a42da} - G:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {8875dfa0-c261-11e4-92d0-c80aa95a42da} - G:\SETUP.EXE
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {ae6d8e9a-7496-11e5-9b62-c80aa95a42da} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {fbd3cea6-91ad-11e5-9c1c-c80aa95a42da} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {fbd3ceaa-91ad-11e5-9c1c-c80aa95a42da} - H:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
    GroupPolicy: Restrictie - Chrome <==== AANDACHT
    GroupPolicyScripts\User: Restrictie <==== AANDACHT
    GroupPolicyScripts-x32\User: Restrictie <==== AANDACHT
    CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
    CHR HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT


    ==================== Internet (gefilterd) ====================


    (Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)


    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{EBF010CA-C373-433B-8C19-68A4E6863FD6}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{FDE24501-435B-4515-BCCA-0DA8EB360091}: [DhcpNameServer] 192.168.1.1


    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM -> {0404899E-FCB3-47A9-BC4F-74FF7A718B36} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-08] (Oracle Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-17] (AVAST Software)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-08] (Oracle Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
    BHO-x32: Geen Naam -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Geen bestand
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2017-08-12] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-17] (AVAST Software)
    BHO-x32: Geen Naam -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Geen bestand
    BHO-x32: Geen Naam -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> Geen bestand
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2017-08-12] (Oracle Corporation)
    BHO-x32: Geen Naam -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> Geen bestand
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Geen bestand
    Toolbar: HKLM - Geen Naam - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Geen bestand
    Toolbar: HKLM-x32 - Geen Naam - {8dcb7100-df86-4384-8842-8fa844297b3f} - Geen bestand
    Toolbar: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> Geen Naam - {6F2CF24C-F970-4947-81FA-158F224B2362} - Geen bestand
    DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
    Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-08-24] (Microsoft Corporation)
    Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-08-24] (Microsoft Corporation)
    Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-08-24] (Microsoft Corporation)
    Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-08-24] (Microsoft Corporation)


    FireFox:
    ========
    FF ProfilePath: C:\Users\stefan\AppData\Roaming\TomTom\HOME\Profiles\9rhjvggm.default [2015-04-27]
    FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-04-27] [ niet getekend]
    FF ProfilePath: C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\98gxzurk.default-1444044290176 [2017-08-28]
    FF Extension: (Avast SafePrice) - C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\98gxzurk.default-1444044290176\Extensions\sp@avast.com.xpi [2017-08-28]
    FF Extension: (Avast Online Security) - C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\98gxzurk.default-1444044290176\Extensions\wrc@avast.com.xpi [2017-08-28]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-12] ()
    FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-08] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-08] (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-08-21] (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-12] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
    FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [Geen bestand]
    FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [Geen bestand]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
    FF Plugin-x32: @google.com/npwebplugin -> C:\Windows\system32\npwebplugin.dll [Geen bestand]
    FF Plugin-x32: @itstructures.com/ffactivex -> C:\Program Files\Firefox ActiveX Plugin\npffax.dll [2011-12-28] ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2017-08-12] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2017-08-12] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-08-21] (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
    FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll [Geen bestand]
    FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=8 -> C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll [Geen bestand]
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\trademanager\npAliSSOLogin.dll [Geen bestand]
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand]
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand]
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @squareclock.com/SQ3DPlayer_Production_HBMV1 -> C:\Users\stefan\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll [2016-02-05] (SquareClock SAS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll [2015-03-06] ( )
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll [2015-03-06] ( )


    Chrome:
    =======
    CHR DefaultProfile: Profile 1
    CHR HomePage: Profile 1 -> hxxp://www.google.be/
    CHR StartupUrls: Profile 1 -> "hxxp://www.google.be/"
    CHR DefaultSearchKeyword: Profile 1 -> t
    CHR Profile: C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-08-28]
    CHR Extension: (Google Presentaties) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
    CHR Extension: (Google Documenten) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
    CHR Extension: (Google Drive) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
    CHR Extension: (YouTube) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
    CHR Extension: (Adblock Plus) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
    CHR Extension: (Google Search) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
    CHR Extension: (Click to Tab) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ebicmkkcnhdiglneianohfjapmanjoek [2016-09-10]
    CHR Extension: (Nice Translator) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\echdnikijbegadnenjfmhfjflclkjcbp [2014-11-04]
    CHR Extension: (Google Spreadsheets) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
    CHR Extension: (Offline Documenten) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
    CHR Extension: (MagicScroll eBook Reader) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2014-11-04]
    CHR Extension: (AdBlock) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-05]
    CHR Extension: (Denfllow) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hehdcdgdfhanbcbdkakahgpfinojokob [2017-08-24]
    CHR Extension: (ActiveX hosting plugin) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlkjkojpmhmhcfdbeelefjdikpjeianb [2015-04-20]
    CHR Extension: (mail.com MailCheck) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpebgcnlaohcgdfhbffjajlnpifdkllg [2017-08-03]
    CHR Extension: (Right Inbox for Gmail) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mflnemhkomgploogccdmcloekbloobgb [2017-07-20]
    CHR Extension: (Search Box) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mknehpjhljpfaghmicofickbkdagooni [2014-11-04]
    CHR Extension: (Ghostery) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-08-09]
    CHR Extension: (Bookmarks Button) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmkenpelbkmeamekejjokaldhmmdkkkk [2017-08-25]
    CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
    CHR Extension: (Gmail) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
    CHR Extension: (Chrome Media Router) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-09]
    CHR Extension: (Audio Cutter) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2016-09-13]
    CHR Extension: (Streak CRM voor Gmail) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2017-06-15]
    CHR Profile: C:\Users\stefan\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-28]
    CHR HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hknpjpodmmapnfjhnblgmalmaanpajhc] - C:\ProgramData\VideoDownloaderUltimate\Chrome\VideoDownloaderUltimate.crx <niet gevonden>
    CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [pcnknkgiplafmoienldloaollebiklfl] - C:\Program Files (x86)\NBget\InternetDownload\VDE.crx [2013-04-26]


    ==================== Services (gefilterd) ====================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
    R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_46212ecee8bc70b6\AESTSr64.exe [89600 2017-08-12] (Andrea Electronics Corporation)
    R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-17] (AVAST Software s.r.o.)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-17] (AVAST Software)
    S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
    R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Bestand niet getekend]
    S4 GCL Service; C:\Program Files\T1T\Trust1Connector\gcl-service.exe [3774296 2016-11-08] ()
    S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [Bestand niet getekend]
    S4 lxdc_device; C:\Windows\system32\lxdccoms.exe [567216 2007-05-25] ( )
    S4 lxdc_device; C:\Windows\SysWOW64\lxdccoms.exe [537520 2007-05-25] ( )
    S4 NetcamStudioSvc64; C:\Program Files\Netcam Studio - 64-bit\NetcamStudio.Service.exe [3977024 2015-05-19] (Moonware Studios)
    S4 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
    S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [301760 2012-09-25] ()
    S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
    S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
    S4 Secure Hunter Service; C:\Program Files (x86)\SecureHunter\AntiMalwarePro\bin\shrtsrv.exe [47416 2016-02-23] (SecureHunter LLC) [Bestand niet getekend]
    R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_46212ecee8bc70b6\STacSV64.exe [314880 2017-08-12] (IDT, Inc.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
    S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]


    ===================== Drivers (gefilterd) ======================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    S3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [77832 2016-11-28] (Advanced Card Systems Ltd.)
    S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
    R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320008 2017-08-17] (AVAST Software s.r.o.)
    R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-17] (AVAST Software s.r.o.)
    R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-08-17] (AVAST Software s.r.o.)
    R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57728 2017-08-17] (AVAST Software s.r.o.)
    S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [104624 2017-08-17] (AVAST Software)
    S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-08-17] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146704 2017-08-17] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-08-17] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-08-17] (AVAST Software)
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015880 2017-08-17] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-08-17] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-08-17] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-08-17] (AVAST Software)
    S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2017-07-29] (??????????--??)
    S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
    S3 DCamUSBSTK02N; C:\Windows\SysWOW64\DRIVERS\STK02NW2.sys [101520 2007-03-12] (Syntek Ltd.)
    R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-04] (Disc Soft Ltd)
    S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2016-01-20] ()
    S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [15968 2016-01-20] ()
    S3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-08-12] (ELAN Microelectronic Corp.)
    S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-01-20] ()
    S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-01-20] ()
    U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-12] (REALiX(tm))
    U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
    S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
    S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0081.sys [38432 2015-11-30] (SoftEther Corporation)
    S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
    S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
    S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
    S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33520 2014-12-05] (Synaptics Incorporated)
    S3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2014-09-11] (Windows (R) Win 7 DDK provider)
    R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-06-04] (Windows (R) 2000 DDK provider)
    R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633296 2012-06-04] (Paragon)
    R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [389968 2012-06-04] (Paragon)
    S3 zghsser; C:\Windows\System32\DRIVERS\zghsser.sys [133960 2014-03-17] (ZTE Corporation)


    ==================== NetSvcs (gefilterd) ===================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)




    ==================== Een Maand Aangemaakt bestanden en mappen ========


    (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)


    2017-08-28 21:16 - 2017-08-28 21:17 - 000027714 _____ C:\Users\stefan\Downloads\FRST.txt
    2017-08-28 21:15 - 2017-08-28 21:16 - 000000000 ____D C:\FRST
    2017-08-28 21:15 - 2017-08-28 21:15 - 000000000 ____D C:\ProgramData\SWCUTemp
    2017-08-28 21:14 - 2017-08-28 21:14 - 002395648 _____ (Farbar) C:\Users\stefan\Downloads\FRST64.exe
    2017-08-28 16:18 - 2017-08-28 21:11 - 000043658 _____ C:\Windows\ntbtlog.txt
    2017-08-28 14:38 - 2017-08-28 14:38 - 000021452 _____ C:\Users\stefan\Desktop\aroma slim rom.zip
    2017-08-28 14:37 - 2017-08-27 16:19 - 000004121 _____ C:\Users\stefan\Desktop\aroma-config - kopie
    2017-08-28 14:32 - 2017-08-27 16:16 - 000075686 _____ C:\Users\stefan\Desktop\updater-script - aroma
    2017-08-28 14:04 - 2017-08-14 14:10 - 000066053 _____ C:\Users\stefan\Desktop\updater-script-original
    2017-08-28 11:59 - 2017-08-28 11:59 - 048750920 _____ C:\Users\stefan\Downloads\BDPUARLauncher.exe
    2017-08-28 11:57 - 2017-08-28 11:57 - 000290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
    2017-08-28 11:57 - 2017-08-28 11:57 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
    2017-08-28 11:56 - 2017-08-28 11:56 - 000752296 _____ C:\Users\stefan\Downloads\Adware Removal Tool by TSA.exe
    2017-08-28 11:54 - 2017-08-28 11:55 - 000218058 _____ C:\TDSSKiller.3.1.0.15_28.08.2017_11.54.16_log.txt
    2017-08-28 11:54 - 2017-08-28 11:54 - 004922400 _____ (AO Kaspersky Lab) C:\Users\stefan\Downloads\tdsskiller.exe
    2017-08-28 10:37 - 2017-08-28 10:37 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
    2017-08-28 09:35 - 2017-08-28 10:38 - 000000000 ____D C:\ProgramData\HitmanPro
    2017-08-28 09:34 - 2017-08-28 09:35 - 011584088 _____ (SurfRight B.V.) C:\Users\stefan\Downloads\HitmanPro_x64.exe
    2017-08-28 08:56 - 2017-08-28 08:56 - 000440562 _____ C:\Users\stefan\Desktop\setupapi.dev.zip
    2017-08-28 08:49 - 2017-08-28 08:49 - 000000000 ____D C:\Windows\system32\SPReview
    2017-08-28 08:03 - 2017-08-28 08:50 - 000000000 ____D C:\444f310cfc15188bae837ebc78
    2017-08-27 22:33 - 2017-08-27 22:33 - 008185288 _____ (Malwarebytes) C:\Users\stefan\Downloads\AdwCleaner.exe
    2017-08-27 22:28 - 2017-08-28 16:18 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
    2017-08-27 22:28 - 2017-08-28 14:45 - 000064880 _____ C:\Windows\ZAM_Guard.krnl.trace
    2017-08-27 22:28 - 2017-08-28 11:09 - 000068916 _____ C:\Windows\ZAM.krnl.trace
    2017-08-27 22:27 - 2017-08-27 22:27 - 006625600 _____ (Zemana Ltd. ) C:\Users\stefan\Downloads\Zemana.AntiMalware.Setup.exe
    2017-08-27 22:27 - 2017-08-27 22:27 - 000000000 ____D C:\Users\stefan\AppData\Local\Zemana
    2017-08-27 22:22 - 2017-08-27 22:22 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\stefan\Downloads\iExplore.exe
    2017-08-27 22:21 - 2017-08-27 22:21 - 000983168 _____ (Bleeping Computer, LLC) C:\Users\stefan\Downloads\rkill64.exe
    2017-08-27 22:20 - 2017-08-27 22:20 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\stefan\Downloads\rkill.exe
    2017-08-27 19:37 - 2017-08-27 20:23 - 000000000 ____D C:\655b4ca83bc64a86aeaf06582313
    2017-08-27 17:55 - 2017-08-27 19:02 - 000000000 ____D C:\ac4c1fa8911b574875d7525245
    2017-08-27 12:59 - 2017-04-13 06:09 - 000006255 _____ C:\Users\stefan\Downloads\aroma-config
    2017-08-27 12:59 - 2017-04-13 06:05 - 000045376 _____ C:\Users\stefan\Downloads\updater-script
    2017-08-27 11:08 - 2017-08-27 11:55 - 000000000 ____D C:\dc59eb761a5c80ac0e2d26c2ba
    2017-08-26 11:29 - 2017-08-26 11:53 - 1938437221 _____ C:\Users\stefan\Downloads\Bad_Boyz_Axon_7_US_2017U_7.1.1_v2.1.zip
    2017-08-25 15:15 - 2017-08-26 12:35 - 000000000 ____D C:\Users\stefan\Downloads\KITCHEN
    2017-08-24 14:28 - 2017-08-24 14:28 - 000888624 _____ C:\Users\stefan\Downloads\Aroma-Tut.rar
    2017-08-24 07:53 - 2017-08-24 07:54 - 000000000 ____D C:\9cae8c3de34a5a532af4711b8e
    2017-08-23 17:52 - 2017-08-23 17:52 - 000535290 _____ C:\Users\stefan\Downloads\kulinarisk-combimagnetron-hetelucht__AA-1415083-5.pdf
    2017-08-23 16:41 - 2017-08-23 16:42 - 000000000 ____D C:\80ed5da7469e630af8
    2017-08-22 21:42 - 2017-08-25 08:17 - 000000196 _____ C:\Users\stefan\ACLFile
    2017-08-22 17:38 - 2017-08-22 17:40 - 000000000 ____D C:\235d6ea06bf9600b48810d7f
    2017-08-22 17:32 - 2017-08-22 17:32 - 002884096 _____ (niemiro) C:\Users\stefan\Desktop\SFCFix.exe
    2017-08-22 16:57 - 2017-08-22 16:58 - 000000000 ____D C:\89cc7330450f265de9de
    2017-08-22 15:14 - 2017-08-22 15:16 - 000000000 ____D C:\bdd7f804becdf8a002ee5269d9b2
    2017-08-22 09:10 - 2017-08-22 09:12 - 000000000 ____D C:\ec61763e42b14a964258f3ebbb
    2017-08-21 08:43 - 2017-08-21 08:43 - 000000000 ____D C:\Program Files\Advanced Card Systems Ltd
    2017-08-21 08:38 - 2017-08-21 08:38 - 007066904 _____ (Belgian Government) C:\Users\stefan\Downloads\belgium_eid-quickinstaller_4.2.8.3252.exe
    2017-08-20 11:10 - 2017-08-20 11:13 - 000000000 ____D C:\5825a1d52772cdb846
    2017-08-19 10:52 - 2017-08-19 10:52 - 005289675 _____ C:\Users\stefan\Downloads\Magisk-v13.3.zip
    2017-08-17 18:32 - 2017-08-17 18:32 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
    2017-08-17 18:28 - 2014-12-05 03:46 - 000212208 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo20.dll
    2017-08-17 18:28 - 2014-12-05 03:45 - 000753392 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
    2017-08-17 18:28 - 2014-12-05 03:45 - 000409328 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
    2017-08-17 18:28 - 2014-12-05 03:45 - 000256240 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
    2017-08-17 18:28 - 2014-12-05 03:44 - 000584432 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
    2017-08-17 18:28 - 2014-12-05 03:44 - 000033520 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
    2017-08-17 18:28 - 2014-12-05 00:15 - 000195784 _____ C:\Windows\system32\pca-manta.bin
    2017-08-17 18:28 - 2014-12-05 00:15 - 000000092 _____ C:\Windows\system32\calibration.bin
    2017-08-17 18:28 - 2014-01-31 01:17 - 001795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
    2017-08-17 18:20 - 2017-08-17 18:20 - 000000000 ____D C:\Program Files\Synaptics
    2017-08-17 18:04 - 2017-08-17 18:04 - 000104624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
    2017-08-17 18:03 - 2017-08-17 18:03 - 000000000 ____D C:\Users\stefan\AppData\Roaming\AVAST Software
    2017-08-17 18:02 - 2017-08-17 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2017-08-17 18:01 - 2017-08-17 18:01 - 001015880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2017-08-17 18:01 - 2017-08-17 18:01 - 000146704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
    2017-08-17 18:01 - 2017-08-17 18:00 - 000585608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2017-08-17 18:01 - 2017-08-17 18:00 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
    2017-08-17 18:01 - 2017-08-17 18:00 - 000198768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2017-08-17 18:01 - 2017-08-17 18:00 - 000110352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2017-08-17 18:01 - 2017-08-17 18:00 - 000084392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
    2017-08-17 18:01 - 2017-08-17 18:00 - 000046984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
    2017-08-17 18:01 - 2017-08-17 17:58 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
    2017-08-17 18:01 - 2017-08-17 17:58 - 000320008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
    2017-08-17 18:01 - 2017-08-17 17:58 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
    2017-08-17 18:01 - 2017-08-17 17:58 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
    2017-08-17 18:00 - 2017-08-17 18:00 - 000400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2017-08-17 17:56 - 2017-08-17 17:56 - 000000000 ____D C:\Program Files\AVAST Software
    2017-08-17 17:45 - 2017-08-17 17:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
    2017-08-17 17:45 - 2017-08-17 17:45 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Synaptics
    2017-08-17 09:21 - 2017-08-17 09:23 - 000000000 ____D C:\990746c30ac77677f0e5
    2017-08-12 10:55 - 2017-08-12 10:55 - 000001666 _____ C:\AiOLog.txt
    2017-08-12 10:55 - 2013-02-11 09:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
    2017-08-12 10:55 - 2012-06-14 14:36 - 000107520 _____ C:\Windows\SysWOW64\zlib1.dll
    2017-08-12 10:55 - 2011-10-01 08:16 - 000445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
    2017-08-12 10:55 - 2011-10-01 08:16 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\openal32.dll
    2017-08-12 10:55 - 2010-03-18 20:21 - 000799568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdia100.dll
    2017-08-12 10:55 - 2006-08-26 00:28 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
    2017-08-12 10:55 - 2006-08-26 00:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
    2017-08-12 10:55 - 2005-01-20 19:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
    2017-08-12 10:55 - 1996-01-12 03:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb40032.dll
    2017-08-12 10:54 - 2017-08-28 20:50 - 000000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2017-08-12 10:54 - 2017-08-12 12:50 - 000003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2017-08-12 10:54 - 2017-08-12 10:55 - 000010822 _____ C:\Windows\unins001.dat
    2017-08-12 10:54 - 2017-08-12 10:54 - 001198049 _____ C:\Windows\unins001.exe
    2017-08-12 10:54 - 2014-01-25 13:30 - 000131072 _____ (Sereby Corporation) C:\Windows\SysWOW64\AiORuntimes.dll
    2017-08-12 10:54 - 2013-12-20 00:48 - 000617896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000279192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000170920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
    2017-08-12 10:54 - 2013-12-20 00:48 - 000108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
    2017-08-12 10:54 - 2013-09-19 23:00 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libssl32.dll
    2017-08-12 10:54 - 2013-09-11 09:55 - 000458608 _____ (AutoIt Team) C:\Windows\SysWOW64\autoitx3.dll
    2017-08-12 10:54 - 2013-08-31 20:40 - 003115385 _____ (Red Hat) C:\Windows\SysWOW64\cygwin1.dll
    2017-08-12 10:54 - 2013-02-11 09:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
    2017-08-12 10:54 - 2012-04-03 16:11 - 000138752 _____ C:\Windows\SysWOW64\libpng15.dll
    2017-08-12 10:54 - 2011-10-12 03:09 - 004033440 _____ (Intel Corporation) C:\Windows\SysWOW64\libmmd.dll
    2017-08-12 10:54 - 2010-06-27 17:44 - 000053248 _____ (Adobe Systems, Incorporated) C:\Windows\system\plugin.dll
    2017-08-12 10:54 - 2008-08-26 06:40 - 000162304 _____ C:\Windows\SysWOW64\libpng13.dll
    2017-08-12 10:54 - 2008-03-14 17:21 - 001008128 _____ (GnuWin32 <hxxp://gnuwin32.sourceforge.net>) C:\Windows\SysWOW64\libiconv2.dll
    2017-08-12 10:54 - 2006-08-26 00:07 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
    2017-08-12 10:54 - 2006-08-25 23:17 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
    2017-08-12 10:54 - 2005-05-06 13:52 - 000103424 _____ (GNU <www.gnu.org>) C:\Windows\SysWOW64\libintl3.dll
    2017-08-12 10:54 - 1996-01-12 03:00 - 000935632 _____ (Microsoft Corporation) C:\Windows\system\vb40016.dll
    2017-08-12 10:54 - 1994-11-17 13:00 - 000210944 _____ C:\Windows\system\msvcrt10.dll
    2017-08-12 10:54 - 1993-05-11 19:00 - 000398416 _____ (Microsoft Corporation) C:\Windows\system\vbrun300.dll
    2017-08-12 10:54 - 1992-10-21 00:00 - 000356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
    2017-08-12 10:54 - 1991-05-10 01:00 - 000271264 _____ C:\Windows\system\vbrun100.dll
    2017-08-12 10:51 - 2017-08-12 10:51 - 000000000 ____D C:\Windows\SysWOW64\URTTEMP
    2017-08-12 10:42 - 2017-08-08 16:38 - 000319552 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
    2017-08-12 10:41 - 2017-08-12 10:40 - 000264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2017-08-12 10:41 - 2017-08-12 10:40 - 000175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2017-08-12 10:41 - 2017-08-12 10:40 - 000174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2017-08-12 10:41 - 2017-08-08 16:38 - 000206912 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
    2017-08-12 10:41 - 2017-08-08 16:38 - 000206912 _____ (Oracle Corporation) C:\Windows\system32\java.exe
    2017-08-12 10:38 - 2017-08-12 10:55 - 000000000 ____D C:\AiO-Files
    2017-08-12 10:14 - 2016-09-30 11:50 - 000023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
    2017-08-12 10:14 - 2016-08-10 17:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
    2017-08-12 09:54 - 2017-08-12 09:54 - 000000000 ____D C:\Users\stefan\Desktop\superrs-kitchen3
    2017-08-12 08:49 - 2017-08-12 08:49 - 001049056 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
    2017-08-12 08:49 - 2017-08-12 08:49 - 000122848 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
    2017-08-12 08:47 - 2017-08-12 08:45 - 000655360 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
    2017-08-12 08:45 - 2017-08-12 08:45 - 001978880 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
    2017-08-12 08:45 - 2017-08-12 08:45 - 000536576 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
    2017-08-12 08:45 - 2017-08-12 08:45 - 000448512 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
    2017-08-12 08:45 - 2017-08-12 08:45 - 000255488 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll
    2017-08-12 08:45 - 2017-08-12 08:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
    2017-08-12 08:44 - 2017-08-12 08:44 - 000032840 _____ (ELAN Microelectronic Corp.) C:\Windows\system32\Drivers\ETDSMBus.sys
    2017-08-12 08:32 - 2017-08-27 22:50 - 000000000 ____D C:\ProgramData\ProductData
    2017-08-12 08:32 - 2017-08-27 22:13 - 000002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan)
    2017-08-12 08:32 - 2017-08-12 08:33 - 000000000 ____D C:\Users\stefan\AppData\LocalLow\IObit
    2017-08-12 08:32 - 2017-08-12 08:32 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
    2017-08-12 08:32 - 2017-08-12 08:32 - 000000000 ____D C:\Windows\IObit
    2017-08-12 08:25 - 2017-08-12 08:25 - 000003704 _____ C:\Windows\System32\Tasks\DriverMaxWelcome
    2017-08-12 08:25 - 2017-08-12 08:25 - 000003400 _____ C:\Windows\System32\Tasks\DriverMax Notification
    2017-08-12 08:25 - 2017-08-12 08:25 - 000003388 _____ C:\Windows\System32\Tasks\DriverMaxAgent
    2017-08-12 08:17 - 2017-08-12 08:17 - 000000000 ____D C:\Users\stefan\My Drivers
    2017-08-12 08:16 - 2017-08-12 08:16 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Innovative Solutions
    2017-08-12 08:16 - 2017-08-12 08:16 - 000000000 ____D C:\My Drivers
    2017-08-10 23:59 - 2017-08-11 00:01 - 000000000 ____D C:\a825dba740bd34582f
    2017-08-10 23:07 - 2017-08-11 09:30 - 000000000 ____D C:\Users\stefan\Downloads\sfc
    2017-08-10 21:18 - 2017-08-10 21:20 - 000000000 ____D C:\5c75ead3829f90f090ae2d4808
    2017-08-10 18:39 - 2017-08-10 18:39 - 000130016 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
    2017-08-10 17:43 - 2017-08-10 17:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
    2017-08-10 16:17 - 2017-08-10 16:17 - 000002263 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-08-10 16:17 - 2017-08-10 16:17 - 000002233 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
    2017-08-10 16:17 - 2017-08-10 16:17 - 000001411 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-08-10 16:17 - 2017-08-10 16:17 - 000001377 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Sjablonen
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Netwerkprinteromgeving
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Mijn documenten
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Menu Start
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Documents\Mijn video's
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Documents\Mijn muziek
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Documents\Mijn afbeeldingen
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Geschiedenis
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
    2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 ____D C:\Users\Administrator
    2017-08-10 16:17 - 2013-06-28 15:37 - 000000000 ____D C:\Users\Administrator\AppData\LocalGoogle
    2017-08-10 16:17 - 2012-06-09 16:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
    2017-08-10 16:17 - 2010-12-31 17:41 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
    2017-08-10 15:32 - 2017-08-10 15:34 - 000000000 ____D C:\MGADiagToolOutput
    2017-08-10 15:32 - 2017-08-10 15:32 - 000000000 ____D C:\ProgramData\Office Genuine Advantage
    2017-08-10 13:39 - 2017-08-10 13:39 - 000313366 _____ C:\Users\stefan\Downloads\WindowsUpdateDiagnostic.diagcab
    2017-08-10 13:37 - 2017-08-10 13:39 - 000000000 ____D C:\b864874f161274144f
    2017-08-10 13:32 - 2015-02-18 09:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2017-08-10 13:32 - 2015-02-18 09:04 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2017-08-10 10:54 - 2017-08-12 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.5
    2017-08-10 10:54 - 2017-08-12 09:40 - 000000000 ____D C:\Program Files\Python 3.5
    2017-08-10 08:24 - 2017-08-24 07:51 - 000000000 ____D C:\SFCFix
    2017-08-10 08:10 - 2017-08-24 07:51 - 000000000 ____D C:\Users\stefan\AppData\Local\niemiro
    2017-08-09 21:49 - 2017-08-09 21:49 - 000000000 ____D C:\4f42d37172017005abdf90d4e4ae7f9b
    2017-08-09 21:46 - 2017-08-10 21:29 - 000000000 ____D C:\Users\stefan\AppData\Roaming\GlarySoft
    2017-08-09 21:45 - 2017-08-10 21:29 - 000000000 ____D C:\Program Files (x86)\Glarysoft
    2017-08-09 21:37 - 2017-08-09 21:39 - 000000000 ____D C:\124259902c8503bf0cfceb
    2017-08-09 21:04 - 2017-08-09 21:04 - 000000000 ____D C:\Users\stefan\AppData\Local\NVIDIA
    2017-08-09 21:00 - 2017-08-09 21:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-08-09 21:00 - 2016-11-14 11:09 - 007513855 _____ C:\Windows\system32\nvcoproc.bin
    2017-08-09 20:59 - 2017-08-09 20:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-08-09 20:59 - 2016-12-07 13:08 - 000091192 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2017-08-09 20:59 - 2016-12-07 13:08 - 000076216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2017-08-09 20:58 - 2017-08-09 21:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-08-09 20:47 - 2017-08-09 20:49 - 000000000 ____D C:\ce51e115a100e2640a0e39dd055add
    2017-08-09 19:39 - 2017-08-09 19:44 - 000000000 ____D C:\2d61a63ce7f37211318de35760a1
    2017-08-09 18:57 - 2017-08-09 19:01 - 564744309 _____ C:\Users\stefan\Downloads\Windows6.1-KB947821-v34-x64.msu
    2017-08-09 18:20 - 2017-08-09 18:27 - 947070088 _____ (Microsoft Corporation) C:\Users\stefan\Downloads\windows6.1-KB976932-X64.exe
    2017-08-09 14:55 - 2017-08-09 14:57 - 000000000 ____D C:\dc04300b40b4c7a2e68eaddff4
    2017-08-09 11:48 - 2017-08-09 11:48 - 000000000 ____D C:\Users\stefan\Downloads\eicfg_removal_utility
    2017-08-09 11:24 - 2017-08-09 15:59 - 000002648 _____ C:\Windows\diagwrn.xml
    2017-08-09 11:24 - 2017-08-09 15:59 - 000001908 _____ C:\Windows\diagerr.xml
    2017-08-09 10:06 - 2017-08-09 10:06 - 000000000 ____D C:\Program Files (x86)\Belarc
    2017-08-09 09:51 - 2017-08-09 09:54 - 000000000 ____D C:\0b9632262526aafaa89609b1
    2017-08-09 08:07 - 2017-08-09 08:09 - 000000000 ____D C:\d4a37d9541a41d9611e143c200
    2017-08-09 07:35 - 2017-08-09 07:37 - 000000000 ____D C:\8a131cd49804b940bbfa84
    2017-08-09 07:04 - 2017-08-09 07:04 - 000000000 ____D C:\Windows\CheckSur
    2017-08-08 20:31 - 2017-08-08 20:32 - 000000000 ____D C:\ba6bbdcc354e83841a4d81
    2017-08-08 16:39 - 2017-08-08 16:39 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Sun
    2017-08-08 16:39 - 2017-08-08 16:38 - 000110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2017-08-08 16:34 - 2017-08-08 16:35 - 000000000 ____D C:\ProgramData\Git
    2017-08-08 16:34 - 2017-08-08 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
    2017-08-08 16:31 - 2017-08-08 16:35 - 000000000 ____D C:\Program Files\Git
    2017-08-06 15:11 - 2017-08-06 15:11 - 000039872 _____ C:\Users\stefan\Downloads\100km dodentocht2017.zip
    2017-08-02 19:28 - 2017-08-09 17:19 - 000000816 _____ C:\Users\Public\Desktop\PowerISO.lnk
    2017-08-02 19:28 - 2017-08-02 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
    2017-08-02 19:28 - 2017-08-02 19:28 - 000000000 ____D C:\Program Files\PowerISO
    2017-08-02 19:28 - 2017-06-07 02:36 - 000138296 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
    2017-08-02 18:47 - 2017-08-02 18:47 - 000000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
    2017-08-02 17:36 - 2017-08-02 17:36 - 000000000 ___HD C:\$AV_ASW
    2017-08-02 16:36 - 2017-08-02 16:36 - 000000000 ____D C:\Users\stefan\Documents\Add-in Express
    2017-08-02 16:14 - 2017-08-02 16:37 - 000000000 ____D C:\ProgramData\WinZip
    2017-08-02 16:14 - 2017-08-02 16:14 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.5
    2017-08-02 16:13 - 2017-08-02 16:13 - 000000000 ____D C:\ProgramData\UniqueId
    2017-08-02 13:15 - 2017-08-09 16:13 - 000000000 ____D C:\Users\stefan\Downloads\klachten steen
    2017-07-29 10:56 - 2017-07-29 10:57 - 000000000 ____D C:\Users\stefan\Downloads\arduino
    2017-07-29 10:41 - 2017-07-29 10:41 - 000000000 ____D C:\Program Files (x86)\Silabs
    2017-07-29 10:40 - 2017-07-29 10:40 - 000000000 ____D C:\SiLabs


    ==================== Een Maand Gewijzigd bestanden en mappen ========


    (Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)


    2017-08-28 20:18 - 2017-07-02 15:03 - 000000000 ____D C:\Users\stefan\AppData\LocalLow\Mozilla
    2017-08-28 20:04 - 2009-07-14 06:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2017-08-28 20:04 - 2009-07-14 06:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2017-08-28 19:57 - 2012-10-13 22:39 - 000000000 ____D C:\Windows\registration
    2017-08-28 19:57 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2017-08-28 17:29 - 2010-08-19 21:41 - 000000000 ____D C:\Users\stefan\Documents\svb
    2017-08-28 16:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
    2017-08-28 13:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
    2017-08-28 11:51 - 2010-08-29 13:31 - 000000000 ____D C:\Users\stefan\AppData\Roaming\BitTorrent
    2017-08-28 11:39 - 2014-11-04 11:20 - 000000000 ____D C:\AdwCleaner
    2017-08-28 09:32 - 2010-08-19 15:28 - 000000000 ____D C:\Users\stefan
    2017-08-28 09:31 - 2016-07-15 15:22 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2017-08-27 23:07 - 2015-09-28 17:18 - 000000000 ____D C:\Program Files (x86)\Advanced Scan to PDF Free
    2017-08-27 23:04 - 2014-09-09 09:16 - 000000000 ____D C:\Program Files (x86)\wanscam
    2017-08-27 23:03 - 2017-07-10 15:43 - 000000000 ____D C:\IPCClient
    2017-08-27 23:03 - 2016-08-29 12:01 - 000000000 ____D C:\Program Files\A-FF Find and Mount
    2017-08-27 23:03 - 2014-12-11 17:46 - 000000000 ____D C:\Program Files (x86)\DVDStyler
    2017-08-27 23:03 - 2014-08-17 16:28 - 000000000 ____D C:\Program Files (x86)\DVD Shrink
    2017-08-27 23:02 - 2010-08-20 10:51 - 000000000 ____D C:\Program Files (x86)\DVD Decrypter
    2017-08-27 23:01 - 2016-01-07 12:46 - 000000000 ____D C:\Program Files (x86)\Icecream PDF Converter
    2017-08-27 22:59 - 2016-08-02 12:20 - 000000000 ____D C:\Program Files (x86)\AceThinker PDF Writer
    2017-08-27 22:58 - 2016-08-29 12:13 - 000000000 ____D C:\Program Files\PowerDataRecovery
    2017-08-27 22:58 - 2015-01-19 14:58 - 000000000 ____D C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
    2017-08-27 22:56 - 2017-07-07 09:09 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Acrylic Wi-Fi Home
    2017-08-27 22:56 - 2017-07-07 09:09 - 000000000 ____D C:\Program Files\Acrylic Wi-Fi Home
    2017-08-27 22:40 - 2010-08-20 10:09 - 000000000 ____D C:\Users\stefan\AppData\Roaming\IObit
    2017-08-27 22:06 - 2010-12-11 12:44 - 000000000 ____D C:\Windows\Driver Cache
    2017-08-27 22:05 - 2011-10-16 09:44 - 000000000 ____D C:\Users\stefan\AppData\Local\TempImages
    2017-08-27 22:05 - 2010-08-29 13:32 - 000000000 ____D C:\Program Files (x86)\BitTorrent
    2017-08-26 15:40 - 2012-10-15 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2017-08-25 15:09 - 2009-11-14 05:50 - 001496908 _____ C:\Windows\system32\perfh013.dat
    2017-08-25 15:09 - 2009-11-14 05:50 - 000403654 _____ C:\Windows\system32\perfc013.dat
    2017-08-25 15:09 - 2009-07-14 07:13 - 000006722 _____ C:\Windows\system32\PerfStringBackup.INI
    2017-08-25 13:45 - 2017-01-08 18:24 - 000000262 __RSH C:\ProgramData\ntuser.pol
    2017-08-23 08:04 - 2017-03-12 16:42 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
    2017-08-22 19:26 - 2013-11-18 17:47 - 000000000 ____D C:\Users\stefan\Downloads\films
    2017-08-22 18:46 - 2013-12-02 20:45 - 000000000 ____D C:\Users\stefan\AppData\Roaming\vlc
    2017-08-21 09:01 - 2013-03-05 13:55 - 000000000 ____D C:\Program Files (x86)\Belgium Identity Card
    2017-08-19 14:12 - 2014-11-03 12:28 - 000000000 ____D C:\Users\stefan\Downloads\tijdelijk
    2017-08-18 18:14 - 2009-07-14 01:54 - 001000960 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
    2017-08-18 18:14 - 2009-07-14 01:50 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\gptext.dll
    2017-08-18 18:14 - 2009-07-14 01:38 - 000951808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
    2017-08-18 18:14 - 2009-07-14 01:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gptext.dll
    2017-08-17 17:55 - 2011-04-17 12:49 - 000000000 ____D C:\ProgramData\AVAST Software
    2017-08-12 12:50 - 2013-06-03 14:25 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2017-08-12 12:50 - 2013-06-03 14:25 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2017-08-12 12:50 - 2013-06-03 14:25 - 000000000 ____D C:\Windows\system32\Macromed
    2017-08-12 12:50 - 2009-11-13 22:05 - 000000000 ____D C:\Windows\SysWOW64\Macromed
    2017-08-12 10:54 - 2009-11-13 22:05 - 000000000 ____D C:\Windows\SysWOW64\Adobe
    2017-08-12 10:54 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system
    2017-08-12 10:52 - 2010-12-22 18:59 - 000006714 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2017-08-12 10:44 - 2014-07-30 14:26 - 000000000 ____D C:\ProgramData\Package Cache
    2017-08-12 10:41 - 2014-10-28 22:07 - 000000000 ____D C:\Program Files\Java
    2017-08-12 10:41 - 2013-10-23 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2017-08-12 10:40 - 2014-10-28 22:16 - 000096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2017-08-12 09:05 - 2015-11-19 12:40 - 000000000 ____D C:\Users\stefan\AppData\Local\Package Cache
    2017-08-12 08:49 - 2012-12-08 12:33 - 000118816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
    2017-08-12 08:45 - 2009-12-05 02:27 - 014060544 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
    2017-08-12 08:45 - 2009-12-05 02:27 - 004640256 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
    2017-08-12 08:45 - 2009-12-05 02:27 - 001425408 _____ (IDT, Inc.) C:\Windows\sttray64.exe
    2017-08-12 08:45 - 2009-12-05 02:27 - 000564224 _____ (IDT, Inc.) C:\Windows\system32\idt64mp1.exe
    2017-08-12 08:45 - 2009-12-05 02:27 - 000442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
    2017-08-12 08:45 - 2009-12-05 02:27 - 000162304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
    2017-08-12 08:45 - 2009-12-05 02:27 - 000090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
    2017-08-12 08:45 - 2009-12-05 02:27 - 000068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
    2017-08-12 08:32 - 2011-09-18 11:02 - 000000000 ____D C:\ProgramData\IObit
    2017-08-12 08:32 - 2010-08-20 10:09 - 000000000 ____D C:\Program Files (x86)\IObit
    2017-08-12 08:16 - 2011-10-27 12:07 - 000000000 ____D C:\Users\stefan\AppData\Local\Innovative Solutions
    2017-08-10 21:15 - 2015-12-03 15:26 - 000000000 ____D C:\Program Files\Common Files\AV
    2017-08-10 18:31 - 2009-07-14 07:08 - 000032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
    2017-08-10 16:17 - 2010-12-31 17:42 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
    2017-08-09 21:03 - 2009-12-05 02:54 - 000000000 ____D C:\ProgramData\NVIDIA
    2017-08-09 16:22 - 2016-09-26 13:23 - 000000000 ____D C:\Users\stefan\Downloads\Wienerberger
    2017-08-09 14:08 - 2012-10-13 14:17 - 000000000 ___HD C:\Windows\Minidump
    2017-08-09 14:08 - 2010-08-21 16:52 - 000000000 ____D C:\Users\stefan\AppData\Roaming\DAEMON Tools Lite
    2017-08-09 07:39 - 2010-11-29 18:09 - 000000000 ____D C:\Users\stefan\AppData\Local\ElevatedDiagnostics
    2017-08-08 21:14 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
    2017-08-08 21:14 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2017-08-08 21:14 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-08-08 21:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
    2017-08-08 21:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
    2017-08-08 21:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\manifeststore
    2017-08-08 21:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
    2017-08-08 21:13 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Windows Defender
    2017-08-08 21:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\oobe
    2017-08-08 21:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
    2017-08-08 20:31 - 2013-08-20 15:53 - 000000000 ____D C:\Windows\system32\MRT
    2017-08-08 20:24 - 2010-08-21 16:47 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2017-08-08 19:46 - 2017-07-02 19:28 - 000000000 ____D C:\Python27
    2017-08-08 16:42 - 2013-10-23 15:35 - 000000000 ____D C:\ProgramData\Oracle
    2017-08-08 16:39 - 2014-10-28 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
    2017-08-04 07:37 - 2015-06-23 09:52 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2017-08-02 16:18 - 2011-08-23 09:55 - 000000000 ____D C:\Download
    2017-07-29 10:40 - 2009-11-13 21:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2017-07-29 10:32 - 2013-03-05 13:42 - 000000000 ____D C:\Program Files\DIFX
    2017-07-29 10:25 - 2011-11-05 00:00 - 000058368 _____ (??????????--??) C:\Windows\system32\Drivers\CH341S64.SYS
    2017-07-29 10:25 - 2005-07-30 00:00 - 000006712 _____ (??????????--??) C:\Windows\SysWOW64\CH341PT.DLL
    2017-07-29 10:05 - 2014-08-17 16:47 - 000000000 ____D C:\Program Files (x86)\PowerISO


    ==================== Bestanden in de root van sommige mappen =======


    2013-08-30 18:00 - 2013-05-27 08:10 - 006583664 _____ (AVAST Software) C:\Program Files\AVA
    2014-11-04 12:50 - 2014-11-04 12:50 - 000000201 _____ () C:\Program Files (x86)\1N5420HE.bat
    2012-05-25 16:27 - 2015-03-04 17:52 - 000038459 _____ () C:\Users\stefan\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (Windows).ADR
    2015-03-04 17:50 - 2015-03-04 17:50 - 000038447 _____ () C:\Users\stefan\AppData\Roaming\Door tabs gescheiden waarden (Windows).ADR
    2013-08-08 11:08 - 2015-11-27 13:21 - 000000592 _____ () C:\Users\stefan\AppData\Roaming\wklnhst.dat
    2010-08-19 16:41 - 2010-08-19 16:41 - 000000000 _____ () C:\Users\stefan\AppData\Local\AtStart.txt
    2016-12-14 09:17 - 2016-12-14 09:17 - 000000000 _____ () C:\Users\stefan\AppData\Local\BIT273E.tmp
    2016-05-01 12:45 - 2016-05-01 12:45 - 000000000 _____ () C:\Users\stefan\AppData\Local\BIT4115.tmp
    2010-11-21 18:03 - 2014-06-12 11:05 - 000005632 _____ () C:\Users\stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2010-08-19 16:41 - 2010-08-19 16:41 - 000000000 _____ () C:\Users\stefan\AppData\Local\DSwitch.txt
    2012-06-21 12:23 - 2013-09-11 17:16 - 000004096 ____H () C:\Users\stefan\AppData\Local\keyfile3.drm
    2010-08-19 16:41 - 2010-08-19 16:41 - 000000000 _____ () C:\Users\stefan\AppData\Local\QSwitch.txt
    2012-12-14 18:52 - 2012-12-14 18:52 - 000001464 _____ () C:\Users\stefan\AppData\Local\recently-used.xbel
    2010-12-25 14:47 - 2012-11-25 12:42 - 000007634 _____ () C:\Users\stefan\AppData\Local\resmon.resmoncfg
    2016-02-05 11:32 - 2016-02-05 11:32 - 000353118 _____ () C:\Users\stefan\AppData\Local\SquareClock.Production_HBMV1Icon.ico
    2016-12-25 12:27 - 2016-12-25 12:27 - 000000182 _____ () C:\Users\stefan\AppData\Local\uts.ini
    2010-11-21 18:01 - 2010-11-21 18:07 - 000000088 __RSH () C:\ProgramData\1AEE2A949C.sys
    2010-08-19 16:41 - 2017-04-25 15:30 - 000000748 _____ () C:\ProgramData\HPWALog.txt
    2010-11-21 18:01 - 2017-05-18 16:52 - 000002828 ___SH () C:\ProgramData\KGyGaAvL.sys
    2010-11-26 15:18 - 2010-12-10 09:18 - 000000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
    2015-07-30 11:44 - 2015-07-30 11:44 - 000004934 _____ () C:\ProgramData\tjuhahbw.brs


    Sommige bestanden in TEMP:
    ====================
    2017-08-12 08:27 - 2017-08-12 08:27 - 006048120 _____ (Innovative Solutions ) C:\Users\stefan\AppData\Local\Temp\update170812.exe


    ==================== Bamital & volsnap ======================


    (Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)


    C:\Windows\system32\winlogon.exe => Bestand is getekend
    C:\Windows\system32\wininit.exe => Bestand is getekend
    C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
    C:\Windows\explorer.exe => Bestand is getekend
    C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
    C:\Windows\system32\svchost.exe => Bestand is getekend
    C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
    C:\Windows\system32\services.exe => Bestand is getekend
    C:\Windows\system32\User32.dll => Bestand is getekend
    C:\Windows\SysWOW64\User32.dll => Bestand is getekend
    C:\Windows\system32\userinit.exe => Bestand is getekend
    C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
    C:\Windows\system32\rpcss.dll => Bestand is getekend
    C:\Windows\system32\dnsapi.dll => Bestand is getekend
    C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
    C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend


    LastRegBack: 2011-06-25 22:15


    ==================== Eind van FRST.txt ===========

  5. #5

    Re: redirecting to us.search.yahoo.com

    Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 20-08-2017
    Gestart door stefan (28-08-2017 21:18:05)
    Gestart vanaf C:\Users\stefan\Downloads
    Windows 7 Home Premium (X64) (2010-08-19 13:28:39)
    Boot Modus: Normal
    ==========================================================




    ==================== Accounts: =============================


    Administrator (S-1-5-21-998262437-1437487422-401129983-500 - Administrator - Enabled) => C:\Users\Administrator
    Gast (S-1-5-21-998262437-1437487422-401129983-501 - Limited - Enabled)
    HomeGroupUser$ (S-1-5-21-998262437-1437487422-401129983-1002 - Limited - Enabled)
    stefan (S-1-5-21-998262437-1437487422-401129983-1001 - Administrator - Enabled) => C:\Users\stefan


    ==================== Security Center ========================


    (Als een item is opgenomen in de fixlist, zal het worden verwijderd.)


    AV: Microsoft Security Essentials (Disabled - Up to date) {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
    AS: Microsoft Security Essentials (Disabled - Up to date) {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}


    ==================== Ge´nstalleerde programma's ======================


    (Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)


    1AVMonitor version 1.7.8.11 (HKLM-x32\...\{B1D0FF50-8C97-45A2-84A7-05E1C05395F8}_is1) (Version: 1.7.8.11 - PCWinSoft Systems Informatica Ltda)
    7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    ACS Unified PC/SC Driver 4.0.0.7 (HKLM\...\{A3284A5C-2932-4FEC-974B-34CD3FFDC954}) (Version: 4.0.7 - Advanced Card Systems Ltd.)
    ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
    Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
    Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.0) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
    Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
    AKVIS Sketch (HKLM\...\{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}) (Version: 15.0.2674.10091 - AKVIS)
    Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
    Anime Studio Pro 9.5 (HKLM\...\Anime Studio Pro_is1) (Version: 9.5 - Smith Micro Software, Inc.)
    Any Video Converter Professional 3.0.7 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
    Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
    Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
    Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
    Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.3.0 - )
    Axon7Toolkit (HKLM-x32\...\{8AF9CA00-7B7E-41FE-BD1D-E8BC35C97EE3}_is1) (Version: 1.1.1 - benkores)
    Belgium e-ID middleware 4.2.8 (build 3252) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73252}) (Version: 4.2.3252 - Belgian Government)
    Bing Bar Platform (HKLM-x32\...\{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}) (Version: 6.3.2322.0 - Microsoft Corporation) Hidden
    Binreader (HKLM-x32\...\{3D47B2C0-8748-4450-99AE-0746A5A74C8E}) (Version: 1.0.0 - Binreader)
    Boilsoft Video Splitter 6.34 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version: - Boilsoft, Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
    CinemaHD 4 Free (HKLM-x32\...\{A2FA92C7-DEEE-4508-8BC3-F0A85B5FADA8}) (Version: 4.0.5533.27174 - Engelmann Media GmbH) Hidden
    CinemaHD 4 Free (HKLM-x32\...\{d6fdf5fc-8c5f-48c0-a314-83b565e1dc97}) (Version: 4.0.5533.27229 - Engelmann Media GmbH)
    Clone Files Checker (HKLM-x32\...\Clone Files Checker_is1) (Version: 3.0 - SORCIM Technologies Pvt Ltd)
    Compatibiliteitspakket voor het 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Contents (HKLM-x32\...\{D7D99A66-493F-468B-BCE1-6F88612B89D5}) (Version: 1.6.1.109 - Corel Corporation) Hidden
    Convert XLS (HKLM-x32\...\Convert XLS_is1) (Version: - Softinterface, Inc.)
    Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation)
    Corel PaintShop Photo Pro X3 (HKLM-x32\...\{DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}) (Version: 1.00.0000 - Corel Corporation) Hidden
    CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
    CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
    DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
    DDR - Pen Drive Recovery (DEMO) 4.0.1.6 (HKLM-x32\...\DDR - Pen Drive Recovery (DEMO)) (Version: 4.0.1.6 - )
    Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
    DeviceIO (HKLM-x32\...\{D3BCC13A-E4F2-45EE-846F-D143CEDDDBCB}) (Version: 1.6.1.109 - Corel Corporation) Hidden
    DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 2.6 - DiskInternals Research)
    DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.0.4.2 - DivX, Inc. )
    EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
    EaseUS Partition Master 11.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
    Easy GIF Animator 5.5 (HKLM-x32\...\Easy GIF Animator_is1) (Version: Easy GIF Animator 5.0 - Karlis Blumentals)
    EasyTune version 1.2.3 (HKLM-x32\...\{F015AA47-5058-47F7-A877-7F864BEC3E1A}_is1) (Version: 1.2.3 - Sly Software Solutions)
    FastStone Photo Resizer 3.0 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.0 - FastStone Soft.)
    Firefox ActiveX Plugin r39 (HKLM\...\{97F2985C-B74A-4672-960E-E3769AE5657A}}_is1) (Version: - )
    Freemake Audio Converter versie 1.1.8 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation)
    Git version 2.14.0.2 (HKLM\...\Git_is1) (Version: 2.14.0.2 - The Git Development Community)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
    Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
    Google Earth (HKLM-x32\...\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}) (Version: 6.0.3.2197 - Google)
    Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    GrabIt 1.7.3 Beta (build 1010) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
    Handbrake 0.9.4 (HKLM-x32\...\Handbrake) (Version: 0.9.4 - )
    Handset WinDriver 1.02.03.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
    HomeByMe (HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\SquareClock_Production_HBMV1) (Version: - 3DVIA SAS)
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
    HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
    HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
    HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
    HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
    HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
    HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
    HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC)
    ICA (HKLM-x32\...\{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation) Hidden
    iCare Data Recovery Pro (HKLM-x32\...\{F7EAB243-4D0C-47F5-A4F1-74D350E45489}_is1) (Version: 7.6 - iCare Recovery)
    Icecream Screen Recorder versie 4.89 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 4.89 - Icecream Apps)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6230.0 - IDT)
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.4.2.0 - LIGHTNING UK!)
    Infix PDF Editor versie 6.1.9.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.1.9.0 - Iceni Technology)
    InternetCalls (HKLM-x32\...\InternetCalls_is1) (Version: 4.11 build 688 - Finarea S.A. Switzerland)
    IPM_PSP_Pro (HKLM-x32\...\{DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}) (Version: 1.00.0000 - Corel Corporation) Hidden
    Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
    Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
    Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
    Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
    KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version: - )
    K-Lite Codec Pack 9.5.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.5 - )
    KML/KMZ to GPX Converter 1.2.2009.11 (HKLM-x32\...\KML/KMZ to GPX Converter_is1) (Version: - HotelResortClub.com)
    Lexmark 1300 Series (HKLM\...\Lexmark 1300 Series) (Version: - Lexmark International, Inc.)
    Lexmark X1100 Series (HKLM-x32\...\Lexmark X1100 Series) (Version: - Lexmark International, Inc.)
    Lighten PDF to Word Converter (Giveawayoftheday) version 4.0.0 (HKLM-x32\...\{C2401A6F-6002-4137-99B8-C30FA92147F3}_is1) (Version: 4.0.0 - Lighten Software Limited)
    LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
    Macrium Reflect Free Edition (HKLM\...\{330CEE90-4706-4FF6-82B7-7B82C8F850C9}) (Version: 5.0.5154 - Paramount Software (UK) Ltd.)
    Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
    Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
    MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
    MailWasher (HKLM-x32\...\{AAC06A0D-1DDF-4337-AB06-18DB2FA42FA1}) (Version: 7.2.0 - Firetrust)
    Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    MediaCoder 0.7.0-rc1 (HKLM-x32\...\MediaCoder) (Version: 0.7.0-rc1 - Broad Intelligence)
    MediaInfo 0.7.35 (32-bit) (HKLM-x32\...\MediaInfo) (Version: 0.7.35 - MediaArea.net)
    Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
    Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
    Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
    Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
    Microsoft .NET Framework 4.5.1 (HKLM\...\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
    Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{952DCCD8-4039-46C8-BC8B-5C1EB6C8E130}) (Version: 4.0.1651.0 - Microsoft Corporation)
    Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
    Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
    Microsoft Outlook Personal Folders Backup (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
    Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
    Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{5158F1F5-FA1B-4D49-B546-55A5004B89BD}) (Version: 9.7.0621 - Microsoft Corporation)
    Microsoft-invoegtoepassing Opslaan als PDF of XPS voor 2007 Microsoft Office-programma's (HKLM-x32\...\{90120000-00B2-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation)
    Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
    MKVtoolnix 4.4.0 (HKLM-x32\...\MKVtoolnix) (Version: 4.4.0 - Moritz Bunkus)
    MLE (HKLM-x32\...\{D84B7C7E-2E4D-4002-8CA8-EED4EDB333AC}) (Version: 1.0.0.23 - Corel Corporation) Hidden
    Mozilla Firefox 31.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 nl)) (Version: 31.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
    MP3 Cutter 2 (HKLM-x32\...\MP3 Cutter_is1) (Version: - MP3Cutter.org)
    Mp3tag v2.78 (HKLM-x32\...\Mp3tag) (Version: v2.78 - Florian Heidenreich)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    Netcam Studio - 64-bit (HKLM\...\{15EA5AE0-5406-421C-8F76-E7A512E312DE}) (Version: 1.1.9.0 - Moonware) Hidden
    Netcam Studio - 64-bit (HKLM\...\Netcam Studio - 64-bit 1.1.9.0) (Version: 1.1.9.0 - Moonware)
    Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
    No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
    Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
    NVIDIA Grafisch stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
    NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.2 - OBS Project)
    oPlayer (HKLM-x32\...\{AA1B7F27-A49D-4D7F-9755-570AF5597160}) (Version: 1.0.30 - object)
    Outlook Password by Thegrideon Software (HKLM-x32\...\Outlook Password) (Version: - Thegrideon Software)
    Paragon Backup & Recovery™ 2012 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
    PDF To Excel Converter V3.0 (HKLM-x32\...\PDF To Excel Converter_is1) (Version: - hxxp://www.PDFExcelConverter.com)
    PoiEdit (HKLM-x32\...\PoiEdit) (Version: - )
    Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.1 - Popcorn Time) <==== AANDACHT
    Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
    PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
    PowerISO (HKLM-x32\...\PowerISO) (Version: 6.9 - Power Software Ltd)
    PSPH10Pro (HKLM-x32\...\{DA4A2F61-1E26-4D51-94BB-36D77678BDAD}) (Version: 1.00.0000 - Corel Corporation) Hidden
    PSPPContent (HKLM-x32\...\{DF8B9311-ADE7-4EDE-B121-326CAA3D225D}) (Version: 1.00.0000 - Corel Corporation) Hidden
    PSPPRO_DCRAW (HKLM-x32\...\{DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}) (Version: 13.0.0 - Corel Corporation) Hidden
    PureHD (HKLM-x32\...\{D875FFEE-2FCE-4774-902A-749198C00A68}) (Version: 1.6.1.109 - Corel Corporation) Hidden
    PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    Python 2.7.12 (64-bit) (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C666}) (Version: 2.7.12150 - Python Software Foundation)
    Python 3.5.0 (64-bit) (HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\{e599f76f-2b95-44da-a280-77548b1b2a21}) (Version: 3.5.150.0 - Python Software Foundation)
    Python 3.5.0 Add to Path (64-bit) (HKLM\...\{810503AC-4E50-4A21-BD5A-BFA973480B35}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 Core Interpreter (64-bit) (HKLM\...\{9D059C5B-80A5-46AA-BC8A-FD41E89D0A49}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 Development Libraries (64-bit) (HKLM\...\{6EA6724A-71C6-43EE-BE9F-80E3C0DC8A4F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 Executables (64-bit) (HKLM\...\{9C67D7CC-26D3-4535-9D0A-F4591AD9B11F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 Launcher (32-bit) (HKLM-x32\...\{A095BD6B-4F39-46A4-9AA1-8F7296492974}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 pip Bootstrap (64-bit) (HKLM\...\{6ADAF31E-EEE6-4251-BE5A-EFD7868D3930}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 Standard Library (64-bit) (HKLM\...\{5741118B-D61A-4F27-BB80-0CAED22FE20B}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 Tcl/Tk Support (64-bit) (HKLM\...\{47483182-8783-45CB-9120-77FDB241E2FF}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 Test Suite (64-bit) (HKLM\...\{B2AB1292-01D1-4972-BF56-43531A2AA3BA}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    Python 3.5.0 Utility Scripts (64-bit) (HKLM\...\{2B5129D0-C4C1-4322-8888-D0B6CDA6DCD2}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
    QLBCASL (HKLM-x32\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden
    Quick Image Resizer 2.7.1 (HKLM-x32\...\DzSoftWebPhotoResizer_is1) (Version: 2.7.1 - DzSoft Ltd)
    QuickMirror (HKLM-x32\...\QuickMirror) (Version: - )
    QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
    Radmin Viewer 3.5 (HKLM-x32\...\{199127DC-7BDB-41AB-825B-4229A86F8F0D}) (Version: 3.50.0000 - Famatech)
    Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
    Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2214 - CyberLink Corp.) Hidden
    Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.850.0 - SAMSUNG Electronics Co., Ltd.)
    SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
    Secure Hunter Anti-Malware Professional Edition version 1.0.1.256 (HKLM-x32\...\E32E9E8D-BCF7-4763-BD25-121500F05460_is1) (Version: 1.0.1.256 - SecureHunter, LLC.)
    Security Monitor Pro 5 (HKLM-x32\...\Security Monitor Pro DotNet5_is1) (Version: - DeskShare Inc.)
    Setup (HKLM-x32\...\{D1612A3D-0DCC-4055-BB6A-0036F31158A0}) (Version: 1.6.1.109 - Corel Corporation) Hidden
    Setup Wizard (HKLM-x32\...\{665C721C-49A3-49E9-AED0-EBEDC1327D57}) (Version: - )
    Share (HKLM-x32\...\{D94ABC2B-5CA9-48B2-9266-15AB78384D3C}) (Version: 1.6.1.109 - Corel Corporation) Hidden
    Share64 (HKLM\...\{D5FE818E-F1C7-44F8-A3C0-C08761906E27}) (Version: 1.6.1.109 - Corel Corporation) Hidden
    SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
    Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
    Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{3DEE7030-D3B8-4ABE-92AA-A6BAF67EF762}) (Version: 6.5 - Silicon Laboratories, Inc.)
    SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
    Some PDF Images Extract 2.0 (HKLM-x32\...\Some PDF Images Extract_is1) (Version: - SomePDF.com)
    STK02N 2.4 (HKLM-x32\...\{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}) (Version: 2.4 - Syntek)
    Stuurprogrammapakket voor Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (05/30/2015 4.0.0.7) (HKLM\...\1955D686C48CCCD0F157D8D8170D36D03D484A51) (Version: 05/30/2015 4.0.0.7 - Advanced Card Systems Ltd.)
    Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) (HKLM\...\3FE3642036A0F4AEC17772437CE14BB1E67006AA) (Version: 10/04/2011 4.0.0.5 - Fedict)
    Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
    Sweet Home 3D version 5.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1 - eTeks)
    swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.42.2 - Synaptics Incorporated)
    Taalpakket voor Microsoft .NET Framework 4.5 - NLD (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50709 - Microsoft Corporation)
    Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium)
    TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Uw bedrijfsnaam)
    TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
    Total Video Converter 3.70 100621 (HKLM-x32\...\Total Video Converter 3.70_is1) (Version: - EffectMatrix Inc.)
    TrainingPeaks Device Agent (HKLM-x32\...\{04D7046E-DCCF-42AB-A501-177968C6F870}) (Version: 3.0.93 - TrainingPeaks)
    Trogon MAC Scanner version 2.5 (HKLM-x32\...\{8F9216E8-21AC-4307-AE08-F5CBBCBEFE53}_is1) (Version: 2.5 - Trogon Software)
    Trust1Connector (HKLM\...\{940F66A7-B6A6-4D93-B4DA-541781484946}) (Version: 1.2.4 - Trust1team)
    Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version: - File Recovery Ltd.)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
    Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
    VC80CRTRedist - 8.0.50727.4053 (HKLM-x32\...\{5EE7D259-D137-4438-9A5F-42F432EC0421}) (Version: 1.1.0 - DivX, Inc) Hidden
    Vegas Pro 12.0 (64-bit) (HKLM\...\{EE45F85E-ED91-11E2-9CD7-F04DA23A5C58}) (Version: 12.0.670 - Sony)
    Video Cartoonizer versie 1.4.0 (HKLM-x32\...\{24DA5847-2D6E-41F0-AACD-99B311A162F5}_is1) (Version: 1.4.0 - Cartoonizevideo.com)
    VideoActiveX version 1.1.0.1 (HKLM\...\VideoActiveX_is1) (Version: 1.1.0.1 - Fov)
    VideoLAN Movie Creator (HKLM-x32\...\VLMC) (Version: - )
    Vidmex 1.39 (HKLM-x32\...\Vidmex) (Version: - )
    VIO (HKLM-x32\...\{D9C4FA35-7C6B-4C9E-863B-58C4D7472F41}) (Version: 1.6.1.109 - Corel Corporation) Hidden
    VlanOn (HKLM-x32\...\{7A79858F-FA77-4051-8B57-46D3AB10FF87}) (Version: 3.0.0 - Belgacom)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
    web control version 1.0.0.9 (HKLM-x32\...\{7DEBACD4-13DE-46DF-974F-F3F264D1E897}_is1) (Version: 1.0.0.9 - )
    Who Is On My Wifi version 2.1.2 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 2.1.2 - IO3O LLC)
    Winamp (HKLM-x32\...\Winamp) (Version: 5.61 - Nullsoft, Inc)
    WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: 11.6.1.4734 - ZJMedia Digital Technology Ltd.)
    Windows Live - Hulpprogramma voor uploaden (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Live aanmeldhulp (HKLM-x32\...\{1BD6AE96-4742-4498-9D03-9451C7E5A214}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{CD19EDD9-1632-4002-9212-7478E4BA0423}) (Version: 14.0.8089.726 - Microsoft Corporation)
    Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
    Windows Mobile Apparaatcentrum (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
    Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)
    Windows-stuurprogrammapakket - Silicon Laboratories Inc. (silabser) Ports (09/19/2016 6.7.4.261) (HKLM\...\9E2C239D42290B984A9E2B350A67AF8BC8BD11B9) (Version: 09/19/2016 6.7.4.261 - Silicon Laboratories Inc.)
    WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
    WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
    Wondershare PDF Converter (Build 4.0.5) (HKLM-x32\...\{A888A8D1-ACCB-4EBE-AAA8-903D2B8FB6A4}_is1) (Version: 4.0.5 - Wondershare Software)
    XiaoMiFlash (HKLM-x32\...\{9AF75396-D38E-4F07-831C-9F78923DC015}) (Version: 1.0.0 - XiaoMi)
    Xilisoft Video Converter Ultimate 6 (HKLM-x32\...\Xilisoft Video Converter Ultimate 6) (Version: 6.0.7.0707 - Xilisoft)
    YoutubeMovieMaker (HKLM-x32\...\{E084C471-FA8F-4468-93F1-25B3A13ED942}) (Version: 15.06 - Youtube Movie Maker)
    ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
    ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)


    ==================== Aangepaste CLSID (gefilterd): ==========================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    CustomCLSID: HKU\S-1-5-21-998262437-1437487422-401129983-1001_Classes\CLSID\{DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611}\InprocServer32 -> C:\Program Files\Macrium\Reflect\RShellExt.dll (Paramount Software UK Ltd)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Geen bestand
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-06-14] (Igor Pavlov)
    ContextMenuHandlers1: [Advanced SystemCare] -> {7C8D3E6A-13A6-4D8F-BF77-D267D0F9AC21} => -> Geen bestand
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-01-17] ()
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
    ContextMenuHandlers1: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2009-12-30] ()
    ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.)
    ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-06-25] (Florian Heidenreich)
    ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2009-11-25] (Microsoft Corporation)
    ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
    ContextMenuHandlers2: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2009-12-30] ()
    ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-06-25] (Florian Heidenreich)
    ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => c:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2010-01-07] (Ulead Systems, Inc.)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-06-14] (Igor Pavlov)
    ContextMenuHandlers4: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2009-12-30] ()
    ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.)
    ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-06-25] (Florian Heidenreich)
    ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
    ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-08-13] (Piriform Ltd)
    ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
    ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-06-14] (Igor Pavlov)
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
    ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
    ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
    ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-08-13] (Piriform Ltd)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
    ContextMenuHandlers2_S-1-5-21-998262437-1437487422-401129983-1001: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RShellExt.dll [2012-09-25] (Paramount Software UK Ltd)


    ==================== Geplande Taken (gefilterd) =============


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    Task: {05AA8D5C-2E39-415A-AD11-8719E9B26F0A} - System32\Tasks\{28E822A4-7C70-4D37-B8AE-CA22A4F6A638} => C:\Windows\system32\pcalua.exe -a C:\Users\stefan\Downloads\HijackThis.exe -d C:\Users\stefan\Downloads
    Task: {0CC7AFB3-604C-4879-9BF4-A4CCCB973371} - System32\Tasks\{8D138075-FAE3-4CCD-83DA-4BD463311536} => C:\Users\stefan\Downloads\Yamb-2.1.0.0_beta2_setup.exe
    Task: {17C6D178-67D7-4257-B2C6-376950F74738} - System32\Tasks\{DFF49360-BD51-461E-A010-BA4CE0F04B90} => E:\setup.EXE
    Task: {230D6B55-C59C-4BCE-B18C-4BAC3D125592} - System32\Tasks\{7B305C36-23EC-4969-A9F3-22A9475C342E} => C:\Users\stefan\Downloads\mp4creator\mp4creator.exe
    Task: {24E4B1A8-35FE-4631-9630-FE59AE291848} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-17] (AVAST Software)
    Task: {25A9B684-A0CB-4567-AB30-F0057E544E2D} - System32\Tasks\{502B6831-3981-4F48-A463-56E58B880ED2} => C:\Windows\system32\pcalua.exe -a E:\Setup.EXE -d E:\
    Task: {2652441E-524D-4F95-B9F6-23E8025A7CB1} - System32\Tasks\GoogleUpdateTaskMachineUA1ce5addc77f728d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {2A5E202D-2824-43C3-9AAC-86F1B0CC3E90} - System32\Tasks\GoogleUpdateTaskMachineCore1ce5addc5af66b1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
    Task: {2E9FABAB-8123-43A7-BF97-0B6478DE50CB} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
    Task: {358483FC-B34C-453E-8D3D-B86D08831992} - System32\Tasks\DriverMaxWelcome => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
    Task: {55D95FA7-0989-42AA-80F2-F7A9E3027322} - System32\Tasks\{3C913616-DD03-4C81-A0B6-681495F66050} => C:\Users\stefan\Downloads\mp4creator\mp4creator.exe
    Task: {58822575-8344-44A0-9E1B-7A1ABAEE9FC1} - System32\Tasks\{EA3854A3-BC27-48DE-9188-3991A34B650D} => C:\Users\stefan\Downloads\Yamb-2.1.0.0_beta2_setup.exe
    Task: {59F1338E-D491-4B41-866E-7DA450BBFCC4} - System32\Tasks\{65856AB6-3200-401F-9032-6E482F4BAFB8} => C:\drivers\printer\X1100\drivers\Win_XP2K\x64\lxbkpswx.exe
    Task: {5DCD3BC4-928F-45E9-89F0-617C7C6F457A} - System32\Tasks\{4CED938E-BE32-456C-9147-70D059E4F472} => C:\Users\stefan\Downloads\Yamb-2.1.0.0_beta2_setup.exe
    Task: {649F0326-3258-4BFC-B68B-6B3CA1EBFBB4} - \ASC4_AutoUpdate -> Geen bestand <==== AANDACHT
    Task: {7BFAFB64-1FB2-4F24-BD20-2B2B6FE10AF5} - System32\Tasks\{8FFFBB29-2922-49EF-AAFF-D2737E65B10C} => C:\drivers\printer\X1100\drivers\Win_XP2K\x64\lxbkpswx.exe
    Task: {807F7B23-8586-44E3-836D-75A4E2C0867A} - System32\Tasks\{720AE88A-C7F7-45DB-8DE1-C915C8B400AF} => C:\Users\stefan\Downloads\mp4muxer-0.9.3.exe
    Task: {841178C5-75EC-4C46-BC8C-808918FD99F3} - System32\Tasks\{6AB0207F-E1C6-483E-A090-84D63C10B272} => C:\Windows\system32\pcalua.exe -a C:\Users\stefan\Downloads\YambInstaller-2.0.0.8.exe -d C:\Users\stefan\Downloads
    Task: {875D6F3B-B47B-40D3-B8EB-C654F8FCE214} - System32\Tasks\SafeZone scheduled Autoupdate 1458730726 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
    Task: {8DC05A47-17BA-42A7-941D-81F87D0AA310} - System32\Tasks\Driver Booster SkipUAC (stefan) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
    Task: {92849CE9-49A0-4FD4-A678-6C52DE18D1BB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-998262437-1437487422-401129983-1001
    Task: {9325B766-2EE4-4514-B0CF-1DFFDBF13560} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
    Task: {955A7896-24BD-4312-AFF3-B6F251D6194B} - \Hewlett-Packard\HP Assistant\PC Tuneup -> Geen bestand <==== AANDACHT
    Task: {AF658E01-9E7B-40C8-85F5-3DF0487C394E} - System32\Tasks\{2513C8B7-F409-4066-817F-A6830AA3D9E1} => C:\Program Files\Lexmark X1100 Series\Drivers\X64\lxbkpswx.exe
    Task: {B1500430-0EF5-45FF-8102-12692FF90F94} - System32\Tasks\{06A5BB1A-8257-47ED-947C-D7F7DB28075F} => C:\Users\stefan\Downloads\cjsX1100EN.exe
    Task: {C5443D95-30B5-45B4-A4F2-56C55B45D4C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-12] (Adobe Systems Incorporated)
    Task: {C5DC4C65-F593-48AC-8FC6-5DF45E4D941D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
    Task: {D3FF0F42-252F-40D9-AA10-E42D7ACD9EC0} - System32\Tasks\DriverMax Notification => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
    Task: {D6667469-171F-4085-9E92-FB806FDE3B51} - \Hewlett-Packard\HP Assistant\HP Total Care Tune-Up -> Geen bestand <==== AANDACHT
    Task: {E3BF5A61-0589-4D4C-82E4-C35D3CC23C98} - System32\Tasks\{BD494A44-939E-4B28-8488-43E84E13618C} => C:\Users\stefan\Downloads\mp4creator\mp4creator.exe
    Task: {E6A4402E-BD9C-4D56-B126-91949F9173F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
    Task: {E8058091-90EC-4F21-B5C0-9C649EF3A120} - System32\Tasks\{287F1535-A371-4FA0-84EE-ED985693A317} => C:\Users\stefan\Downloads\mp4muxer-0.9.3.exe


    (Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)


    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForstefan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe


    ==================== Snelkoppelingen & WMI ========================


    (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)




    Shortcut: C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamb 2.1.0.0 beta 2\Yamb - Website.lnk -> hxxp://yamb.unite-video.com
    Shortcut: C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPB Software Vlaanderen 1.7.1\EPB Software Vlaanderen 1.7.1.lnk -> C:\Program Files (x86)\EPB Software Vlaanderen 1.7.1\start.bat ()


    ShortcutWithArgument: C:\Users\stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"


    ==================== Geladen Modules (gefilterd) ==============


    2017-06-02 17:21 - 2013-08-26 14:12 - 000087040 _____ () C:\Windows\System32\redmonnt.dll
    2010-10-09 18:48 - 2010-03-15 11:28 - 000166400 _____ () C:\Program Files\WinRAR\rarext.dll
    2009-12-30 19:48 - 2009-12-30 19:48 - 000124560 _____ () c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
    2017-01-17 03:30 - 2017-01-17 03:30 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
    2017-08-17 17:58 - 2017-08-17 17:58 - 000162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
    2017-08-17 17:59 - 2017-08-17 17:59 - 000831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
    2017-08-17 17:59 - 2017-08-17 17:59 - 000276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
    2017-08-08 10:48 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
    2017-08-08 10:48 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
    2017-08-17 17:59 - 2017-08-17 17:59 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
    2017-08-17 17:59 - 2017-08-17 17:59 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
    2017-08-17 17:59 - 2017-08-17 17:59 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
    2017-08-28 11:23 - 2017-08-28 11:23 - 005895544 _____ () C:\Program Files\AVAST Software\Avast\defs\17082800\algo.dll
    2017-08-17 17:59 - 2017-08-17 17:59 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
    2017-08-17 17:59 - 2017-08-17 17:59 - 000231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
    2017-08-17 18:00 - 2017-08-17 18:00 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
    2017-08-17 18:00 - 2017-08-17 18:00 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2017-08-17 17:58 - 2017-08-17 17:58 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
    2017-07-17 19:30 - 2017-07-17 19:30 - 000863744 _____ () C:\Windows\mod_frst.exe


    ==================== Alternate Data Streams (gefilterd) =========


    (Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
    AlternateDataStreams: C:\ProgramData\Temp:054B9966 [126]
    AlternateDataStreams: C:\ProgramData\Temp:4BF2F6B5 [184]
    AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 [156]
    AlternateDataStreams: C:\ProgramData\Temp:CB9FA647 [332]


    ==================== Veilige Modus (gefilterd) ===================


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"


    ==================== Bestandskoppeling (gefilterd) ===============


    (Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)




    ==================== Internet Explorer vertrouwde/beperkte toegang ===============


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\alipay.com -> hxxps://alipay.com
    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\alipay.com -> hxxp://alipay.com
    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\alisoft.com -> hxxps://alisoft.com
    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\alisoft.com -> hxxp://alisoft.com
    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\allsubs.org -> hxxps://www.allsubs.org
    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\google.com -> hxxps://mail.google.com
    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\ondertitel.com -> hxxps://www.ondertitel.com
    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\taobao.com -> hxxps://taobao.com
    IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\taobao.com -> hxxp://taobao.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\00hq.com -> Pheenix - Buy this domain today. | 00HQ.com is for sale.
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\1-2005-search.com -> 1-2005-search.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\1-se.com -> 1-se.com


    Er zijn 11085 Meer websites.




    ==================== Hosts inhoud: ===============================


    (Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)


    2009-07-14 04:34 - 2014-09-10 10:01 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts




    ==================== Andere gebieden ============================


    (Momenteel is er geen automatische fix voor dit onderdeel.)


    HKU\S-1-5-21-998262437-1437487422-401129983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
    Windows Firewall is ingeschakeld.


    ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==


    MSCONFIG\Services: !SASCORE => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdvancedSystemCareService => 2
    MSCONFIG\Services: bthserv => 2
    MSCONFIG\Services: Com4QLBEx => 2
    MSCONFIG\Services: Disc Soft Lite Bus Service => 3
    MSCONFIG\Services: FirebirdServerDefaultInstance => 2
    MSCONFIG\Services: GCL Service => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: hpqwmiex => 2
    MSCONFIG\Services: LightScribeService => 2
    MSCONFIG\Services: lxdc_device => 2
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: NetcamStudioSvc64 => 3
    MSCONFIG\Services: NitroReaderDriverReadSpool3 => 2
    MSCONFIG\Services: nvsvc => 2
    MSCONFIG\Services: PSI_SVC_2 => 2
    MSCONFIG\Services: ReflectService.exe => 2
    MSCONFIG\Services: RichVideo => 2
    MSCONFIG\Services: rpcapd => 3
    MSCONFIG\Services: Secure Hunter Service => 2
    MSCONFIG\Services: TomTomHOMEService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BitTorrent Ultra Accelerator.lnk => C:\Windows\pss\BitTorrent Ultra Accelerator.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dyn Updater Tray Icon.lnk => C:\Windows\pss\Dyn Updater Tray Icon.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^STK02N 2.4 PNP Monitor.lnk => C:\Windows\pss\STK02N 2.4 PNP Monitor.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MailWasherPro.lnk => C:\Windows\pss\MailWasherPro.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
    MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
    MSCONFIG\startupreg: aliim => "C:\Program Files (x86)\TradeManager\AliIM.exe" /autorun
    MSCONFIG\startupreg: beid => "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
    MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    MSCONFIG\startupreg: EaseUS Cleanup => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe" 10 300
    MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\TrayPopupE\TrayTipAgentE.exe"
    MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
    MSCONFIG\startupreg: InternetCalls => "C:\Program Files (x86)\InternetCalls.com\InternetCalls\internetcalls.exe" -nosplash -minimized
    MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
    MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
    MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
    MSCONFIG\startupreg: ROC_roc_ssl_v12 => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
    MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
    MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
    MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
    MSCONFIG\startupreg: WirelessAssistant => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized


    ==================== Firewall regels (gefilterd) ===============


    (Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


    FirewallRules: [{19D24B9E-4F5C-4454-ACC5-6944C9A426D2}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    FirewallRules: [{71274413-F453-482D-8414-DC8B993EC853}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    FirewallRules: [TCP Query User{D809A40E-68F2-46E8-9811-885742840517}C:\program files (x86)\wanscam\videoclient.exe] => (Allow) C:\program files (x86)\wanscam\videoclient.exe
    FirewallRules: [UDP Query User{D700136D-59D9-4913-9C13-493C1969F3F5}C:\program files (x86)\wanscam\videoclient.exe] => (Allow) C:\program files (x86)\wanscam\videoclient.exe
    FirewallRules: [TCP Query User{311DCA28-86D9-4566-98FF-1A2D2A61E6A2}C:\program files (x86)\wanscam\camerastatus.exe] => (Allow) C:\program files (x86)\wanscam\camerastatus.exe
    FirewallRules: [UDP Query User{7BBA3FE1-C2C1-4523-9F20-305F32631EA0}C:\program files (x86)\wanscam\camerastatus.exe] => (Allow) C:\program files (x86)\wanscam\camerastatus.exe
    FirewallRules: [{0E6AA9B2-B1E3-4170-A0BD-429458BF39AE}] => (Allow) C:\Windows\System32\lxdccoms.exe
    FirewallRules: [{02862D91-3FA7-4354-84B2-515BAC99C88A}] => (Allow) C:\Windows\System32\lxdccoms.exe
    FirewallRules: [{C3EB85AF-7454-40CF-A5FF-C0DF081331C3}] => (Allow) C:\Windows\SysWOW64\lxdccoms.exe
    FirewallRules: [{F60E6CD9-C29A-4471-8986-CD8A802781A0}] => (Allow) C:\Windows\SysWOW64\lxdccoms.exe
    FirewallRules: [TCP Query User{86D6039C-4951-4133-9DC3-4AFAC5139B5B}C:\users\stefan\desktop\english\search tool.exe] => (Allow) C:\users\stefan\desktop\english\search tool.exe
    FirewallRules: [UDP Query User{47FF1065-282D-4570-9695-BE3557142734}C:\users\stefan\desktop\english\search tool.exe] => (Allow) C:\users\stefan\desktop\english\search tool.exe
    FirewallRules: [TCP Query User{D7FC2A25-1FE2-4FE2-9799-4971039C65FF}C:\program files (x86)\wanscam\camerastatus.exe] => (Allow) C:\program files (x86)\wanscam\camerastatus.exe
    FirewallRules: [UDP Query User{7DBBFBFC-F0EF-405D-9D3F-69E4ABAF7A37}C:\program files (x86)\wanscam\camerastatus.exe] => (Allow) C:\program files (x86)\wanscam\camerastatus.exe
    FirewallRules: [{19AD4C78-EE2C-414E-BAF6-8CB61450CF9A}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe
    FirewallRules: [{BFB74317-5343-4AFB-B2AD-C7517F0A4E38}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe
    FirewallRules: [TCP Query User{A3BA853F-E902-414A-82A6-80D3E346B1CD}C:\ipcclient\ipcc.exe] => (Allow) C:\ipcclient\ipcc.exe
    FirewallRules: [UDP Query User{64416234-AA1E-46E3-9C74-49D6EDB80E8B}C:\ipcclient\ipcc.exe] => (Allow) C:\ipcclient\ipcc.exe
    FirewallRules: [{0A8A92F9-23D6-40EA-978A-0C2B561F4110}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
    FirewallRules: [{50311C95-D084-418A-9E64-F5829834ADFC}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
    FirewallRules: [{264B3CA0-0B06-4180-8F5D-747F2B08E6C1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\IPC Client\IPC Client.exe] => Enabled:IPC Client.exe


    ==================== Herstelpunten =========================


    28-08-2017 08:08:22 Windows 7 Service Pack 1
    28-08-2017 10:36:57 Controlepunt van HitmanPro
    28-08-2017 10:37:37 Controlepunt van HitmanPro


    ==================== Defecte Apparaatbeheer Apparaten =============


    Name: avast! Firewall NDIS Filter Miniport
    Description: avast! Firewall NDIS Filter Miniport
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: ALWIL Software
    Service: aswNdis
    Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
    Resolution: A registry problem was detected.
    This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
    Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


    Name: ZAM Helper Driver
    Description: ZAM Helper Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ZAM
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.


    Name: ZAM Guard Driver
    Description: ZAM Guard Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ZAM_Guard
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.




    ==================== Eventlog fouten: =========================


    Applicatiefouten:
    ==================
    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000002dc,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000015DF070.72). hr = 0x80070005, Toegang geweigerd.
    .


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x00000720,(null),0,REG_BINARY,0000000001E5DF30.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
    Naam van schrijver: WMI Writer
    Instantie-id van schrijver: {2c2fd5a1-bbde-4bf1-b541-a6f2308669c4}


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x00000bdc,(null),0,REG_BINARY,00000000058FDF70.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
    Naam van schrijver: MSSearch Service Writer
    Instantie-id van schrijver: {25bd2d47-fb4b-4b75-b884-e44149cacecc}


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x00000720,(null),0,REG_BINARY,0000000001E5DF30.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
    Naam van schrijver: WMI Writer
    Instantie-id van schrijver: {2c2fd5a1-bbde-4bf1-b541-a6f2308669c4}


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x00000bdc,(null),0,REG_BINARY,00000000058FDF70.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
    Naam van schrijver: MSSearch Service Writer
    Instantie-id van schrijver: {25bd2d47-fb4b-4b75-b884-e44149cacecc}


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000002bc,(null),0,REG_BINARY,00000000026DE500.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
    Naam van schrijver: System Writer
    Instantie-id van schrijver: {1e22191b-cdfe-4571-89d2-c088fa713aeb}


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000001bc,(null),0,REG_BINARY,000000000226EC10.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {afbab4a2-367d-4d15-a586-71dbb18f8485}
    Naam van schrijver: Registry Writer
    Instantie-id van schrijver: {1495627e-6bdc-4094-99b1-97612e952965}


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000002bc,(null),0,REG_BINARY,00000000026DE500.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
    Naam van schrijver: System Writer
    Instantie-id van schrijver: {1e22191b-cdfe-4571-89d2-c088fa713aeb}


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000001fc,(null),0,REG_BINARY,000000000238EA50.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
    Naam van schrijver: Shadow Copy Optimization Writer
    Instantie-id van schrijver: {1c37919f-9488-498f-8d99-0705acec5f8b}


    Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
    Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000001c8,(null),0,REG_BINARY,00000000025FEE60.72). hr = 0x80070005, Toegang geweigerd.
    .




    Bewerking:
    BackupShutdown-gebeurtenis


    Context:
    Uitvoeringscontext: Writer
    Klasse-id van schrijver: {542da469-d3e1-473c-9f4f-7847f01fc64f}
    Naam van schrijver: COM+ REGDB Writer
    Instantie-id van schrijver: {b3016f05-dd52-41c4-b196-2161d80d7788}




    Systeemfouten:
    =============
    Error: (08/28/2017 08:05:52 PM) (Source: atapi) (EventID: 11) (User: )
    Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.


    Error: (08/28/2017 07:58:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart:
    Kan de service niet starten omdat deze is uitgeschakeld of omdat
    het geen ingeschakelde apparaten met zich heeft verbonden.


    Error: (08/28/2017 07:57:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: De volgende opstartstuurprogramma's zijn niet geladen:
    sptd


    Error: (08/28/2017 05:34:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart:
    Kan de service niet starten omdat deze is uitgeschakeld of omdat
    het geen ingeschakelde apparaten met zich heeft verbonden.


    Error: (08/28/2017 04:32:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart:
    Kan de service niet starten omdat deze is uitgeschakeld of omdat
    het geen ingeschakelde apparaten met zich heeft verbonden.


    Error: (08/28/2017 04:30:14 PM) (Source: atapi) (EventID: 11) (User: )
    Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.


    Error: (08/28/2017 04:19:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart:
    Kan de service niet starten omdat deze is uitgeschakeld of omdat
    het geen ingeschakelde apparaten met zich heeft verbonden.


    Error: (08/28/2017 04:19:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: De volgende opstartstuurprogramma's zijn niet geladen:
    sptd


    Error: (08/28/2017 01:51:48 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: ScRegSetValueExW-oproep voor Start is niet geslaagd vanwege deze fout:
    Toegang geweigerd.
    .


    Error: (08/28/2017 12:37:16 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: ScRegSetValueExW-oproep voor Start is niet geslaagd vanwege deze fout:
    Toegang geweigerd.
    .




    CodeIntegrity:
    ===================================
    Date: 2017-08-21 09:03:46.167
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 09:03:46.120
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 09:02:10.895
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 09:02:10.893
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 09:00:30.388
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 09:00:30.386
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 08:58:40.421
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 08:58:40.418
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 08:57:03.668
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


    Date: 2017-08-21 08:57:03.666
    Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand ge´nstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.




    ==================== Geheugen info ===========================


    Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
    Percentage geheugen in gebruik: 64%
    Totaal fysiek RAM-geheugen: 4062.93 MB
    Beschikbaar fysiek RAM-geheugen: 1462.42 MB
    Totaal Virtueel geheugen: 8123.99 MB
    Beschikbaar Virtual geheugen: 5403.33 MB


    ==================== Schijven ================================


    Drive c: () (Fixed) (Total:450.58 GB) (Free:114.37 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
    Drive d: (RECOVERY) (Fixed) (Total:12.99 GB) (Free:2.16 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
    Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32


    ==================== MBR & Partitietabel ==================


    ========================================================
    Disk: 0 (Size: 465.8 GB) (Disk ID: B132777F)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=450.6 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=2 GB) - (Type=0C)
    Partition 4: (Not Active) - (Size=13 GB) - (Type=07 NTFS)


    ==================== Eind van Addition.txt ============================

  6. #6
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,478

    Re: redirecting to us.search.yahoo.com

    Hi, raystef66.

    You should only have needed to disable your security software at the time of attempting the install. If it is not on now, please enable it. I also advise you to re-enable UAC.

    1. There are very few reasons why Java is needed on a personal computer. In addition, you have several outdated versions of Java on your computer which means that any web application can specify any vulnerable JRE installed to run attack code on your computer. If you don't need Java, uninstall it. One less update to worry about and, more importantly, one less potential vulnerability. In the event a program you use requires Java, you will be prompted to install it.

    If you decide to keep Java, uninstall the out-dated versions listed below. Should you elect to remove it completely, also uninstall Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation).

    Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
    Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)

    2. Another program installed on your computer that is generally no longer needed is Shockwave Player. I've never needed it on my computer and it is from 2008. If you decide to keep it, you need to update Adobe Shockwave Player 12.0 to the newest version 12.2.9.199 which is available here: http://get.adobe.com/shockwave/. When updating, watch for any pre-checked add-ons as they are not needed for the update. Otherwise install that version as well as the following:

    Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)

    4. P2P programs form a direct conduit on to your computer. They have always been a target of malware writers and are increasingly so of late. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

    With P2P file sharing, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with with good files. Please uninstall BitTorrent.

    5. Your version of Firefox is extremely outdated and has had numerous critical security updates. The current version is 55.0.3. To get the update, select "Help" from the Firefox menu, then pick "About Firefox."

    6. Please do the following to run FRST:

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
    • Please select the entire contents of the code box below, from the "Start::" line to "End", including both lies. Right-click and select "Copy ".
    Code:
    Start::
    CreateRestorePoint:
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
    BHO-x32: Geen Naam -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Geen bestand
    BHO-x32: Geen Naam -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Geen bestand
    BHO-x32: Geen Naam -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> Geen bestand
    BHO-x32: Geen Naam -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> Geen bestand
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Geen bestand
    Toolbar: HKLM - Geen Naam - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Geen bestand
    Toolbar: HKLM-x32 - Geen Naam - {8dcb7100-df86-4384-8842-8fa844297b3f} - Geen bestand
    Toolbar: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> Geen Naam - {6F2CF24C-F970-4947-81FA-158F224B2362} - Geen bestand
    FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [Geen bestand]
    FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [Geen bestand]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
    FF Plugin-x32: @google.com/npwebplugin -> C:\Windows\system32\npwebplugin.dll [Geen bestand]
    FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll [Geen bestand]
    FF Plugin-x32: @tools.google.com/Google Update;version=8 -> C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll [Geen bestand]
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand]
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand]
    GroupPolicy: Restrictie - Chrome <==== AANDACHT
    GroupPolicyScripts\User: Restrictie <==== AANDACHT
    GroupPolicyScripts-x32\User: Restrictie <==== AANDACHT
    CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
    CHR HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT
    S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
    C:\444f310cfc15188bae837ebc78
    C:\655b4ca83bc64a86aeaf06582313
    C:\ac4c1fa8911b574875d7525245
    C:\dc59eb761a5c80ac0e2d26c2ba
    C:\9cae8c3de34a5a532af4711b8e
    C:\80ed5da7469e630af8
    C:\235d6ea06bf9600b48810d7f
    C:\89cc7330450f265de9de
    C:\bdd7f804becdf8a002ee5269d9b2
    C:\ec61763e42b14a964258f3ebbb
    C:\Program Files\Advanced Card Systems Ltd
    C:\5825a1d52772cdb846
    C:\990746c30ac77677f0e5
    C:\5c75ead3829f90f090ae2d4808
    C:\4f42d37172017005abdf90d4e4ae7f9b
    C:\124259902c8503bf0cfceb
    C:\ce51e115a100e2640a0e39dd055add
    C:\2d61a63ce7f37211318de35760a1
    C:\0b9632262526aafaa89609b1
    C:\d4a37d9541a41d9611e143c200
    C:\8a131cd49804b940bbfa84
    C:\ba6bbdcc354e83841a4d81
    C:\Users\stefan\AppData\Roaming\IObit
    C:\Users\Administrator\AppData\Roaming\IObit
    C:\Windows\IObit
    C:\Users\stefan\AppData\LocalLow\IObit
    Task: {8DC05A47-17BA-42A7-941D-81F87D0AA310} - System32\Tasks\Driver Booster SkipUAC (stefan) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
    2017-08-12 08:32 - 2017-08-27 22:13 - 000002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan)
    Task: {955A7896-24BD-4312-AFF3-B6F251D6194B} - \Hewlett-Packard\HP Assistant\PC Tuneup -> Geen bestand <==== AANDACHT
    Task: {D6667469-171F-4085-9E92-FB806FDE3B51} - \Hewlett-Packard\HP Assistant\HP Total Care Tune-Up -> Geen bestand <==== AANDACHT
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
    AlternateDataStreams: C:\ProgramData\Temp:054B9966 [126]
    AlternateDataStreams: C:\ProgramData\Temp:4BF2F6B5 [184]
    AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 [156]
    AlternateDataStreams: C:\ProgramData\Temp:CB9FA647 [332]
    EmptyTemp:
    End::
    • Please right-click on FRST/FRST64 to run as administrator. When the tool opens, click "yes" to the disclaimer.
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
    • Please post the log in your next reply.


    7. Please download Adware Cleaner and save it to your Desktop.
    • Right-click on AdwCleaner.exe and select Run As Administrator
    • The tool will start to update the database, please wait a bit.
    • Click on the Scan button.
    • AdwCleaner will begin. Please be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.


    8. Please download Junkware Removal Tool to your desktop.
    • Temporarily disable your protection software now to avoid potential conflicts but be sure to re-enable upon completion!
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    raystef66 says thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  7. #7

    Re: redirecting to us.search.yahoo.com

    Hi, thanks for your help !
    I did the removals you asked (Java, Shockwave, bittorrent, Firefox updated)
    1. i coppied the text for FRST, ran it as admin and just ran FIX (i didn't have to drag and drop something, right ?)
    Hereby the log :
    Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 20-08-2017
    Gestart door stefan (29-08-2017 09:32:49) Run:1
    Gestart vanaf C:\Users\stefan\Downloads
    Geladen Profielen: stefan (Beschikbare Profielen: stefan & Administrator)
    Boot Modus: Normal
    ==============================================


    fixlist inhoud:
    *****************


    CreateRestorePoint:
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
    BHO-x32: Geen Naam -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Geen bestand
    BHO-x32: Geen Naam -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Geen bestand
    BHO-x32: Geen Naam -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> Geen bestand
    BHO-x32: Geen Naam -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> Geen bestand
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Geen bestand
    Toolbar: HKLM - Geen Naam - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Geen bestand
    Toolbar: HKLM-x32 - Geen Naam - {8dcb7100-df86-4384-8842-8fa844297b3f} - Geen bestand
    Toolbar: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> Geen Naam - {6F2CF24C-F970-4947-81FA-158F224B2362} - Geen bestand
    FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Geen bestand]
    FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [Geen bestand]
    FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [Geen bestand]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
    FF Plugin-x32: @google.com/npwebplugin -> C:\Windows\system32\npwebplugin.dll [Geen bestand]
    FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll [Geen bestand]
    FF Plugin-x32: @tools.google.com/Google Update;version=8 -> C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll [Geen bestand]
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand]
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand]
    GroupPolicy: Restrictie - Chrome <==== AANDACHT
    GroupPolicyScripts\User: Restrictie <==== AANDACHT
    GroupPolicyScripts-x32\User: Restrictie <==== AANDACHT
    CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
    CHR HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT
    S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
    C:\444f310cfc15188bae837ebc78
    C:\655b4ca83bc64a86aeaf06582313
    C:\ac4c1fa8911b574875d7525245
    C:\dc59eb761a5c80ac0e2d26c2ba
    C:\9cae8c3de34a5a532af4711b8e
    C:\80ed5da7469e630af8
    C:\235d6ea06bf9600b48810d7f
    C:\89cc7330450f265de9de
    C:\bdd7f804becdf8a002ee5269d9b2
    C:\ec61763e42b14a964258f3ebbb
    C:\Program Files\Advanced Card Systems Ltd
    C:\5825a1d52772cdb846
    C:\990746c30ac77677f0e5
    C:\5c75ead3829f90f090ae2d4808
    C:\4f42d37172017005abdf90d4e4ae7f9b
    C:\124259902c8503bf0cfceb
    C:\ce51e115a100e2640a0e39dd055add
    C:\2d61a63ce7f37211318de35760a1
    C:\0b9632262526aafaa89609b1
    C:\d4a37d9541a41d9611e143c200
    C:\8a131cd49804b940bbfa84
    C:\ba6bbdcc354e83841a4d81
    C:\Users\stefan\AppData\Roaming\IObit
    C:\Users\Administrator\AppData\Roaming\IObit
    C:\Windows\IObit
    C:\Users\stefan\AppData\LocalLow\IObit
    Task: {8DC05A47-17BA-42A7-941D-81F87D0AA310} - System32\Tasks\Driver Booster SkipUAC (stefan) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
    2017-08-12 08:32 - 2017-08-27 22:13 - 000002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan)
    Task: {955A7896-24BD-4312-AFF3-B6F251D6194B} - \Hewlett-Packard\HP Assistant\PC Tuneup -> Geen bestand <==== AANDACHT
    Task: {D6667469-171F-4085-9E92-FB806FDE3B51} - \Hewlett-Packard\HP Assistant\HP Total Care Tune-Up -> Geen bestand <==== AANDACHT
    AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
    AlternateDataStreams: C:\ProgramData\Temp:054B9966 [126]
    AlternateDataStreams: C:\ProgramData\Temp:4BF2F6B5 [184]
    AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 [156]
    AlternateDataStreams: C:\ProgramData\Temp:CB9FA647 [332]
    EmptyTemp:


    *****************


    Herstelpunt is succesvol gemaakt.
    Proces succesvol afgesloten.
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => sleutel niet gevonden.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => sleutel niet gevonden.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => sleutel niet gevonden.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\Classes\CLSID\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} => sleutel niet gevonden.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => waarde is succesvol verwijderd
    HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => waarde is succesvol verwijderd
    HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => sleutel niet gevonden.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => waarde is succesvol verwijderd
    HKLM\Software\Wow6432Node\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => sleutel niet gevonden.
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6F2CF24C-F970-4947-81FA-158F224B2362} => waarde is succesvol verwijderd
    HKLM\Software\Classes\CLSID\{6F2CF24C-F970-4947-81FA-158F224B2362} => sleutel niet gevonden.
    HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5 => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0 => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\MozillaPlugins\@alibaba.com/npwangwang;version=1.0 => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npwebplugin => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin => sleutel is succesvol verwijderd
    HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=8 => sleutel is succesvol verwijderd
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\Software\MozillaPlugins\FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand] => sleutel niet gevonden.
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand] => niet gevonden.
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\Software\MozillaPlugins\FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand] => sleutel niet gevonden.
    FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand] => niet gevonden.
    C:\Windows\system32\GroupPolicy\Machine => is succesvol verplaatst
    C:\Windows\system32\GroupPolicy\GPT.ini => is succesvol verplaatst
    C:\Windows\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst
    C:\Windows\system32\GroupPolicy\User => is succesvol verplaatst
    C:\Windows\SysWOW64\GroupPolicy\User => is succesvol verplaatst
    HKLM\SOFTWARE\Policies\Google => sleutel is succesvol verwijderd
    HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Policies\Google => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => sleutel is succesvol verwijderd
    HKLM\System\CurrentControlSet\Services\aspnet_state => sleutel is succesvol verwijderd
    aspnet_state => dienst is succesvol verwijderd
    C:\444f310cfc15188bae837ebc78 => is succesvol verplaatst
    C:\655b4ca83bc64a86aeaf06582313 => is succesvol verplaatst
    C:\ac4c1fa8911b574875d7525245 => is succesvol verplaatst
    C:\dc59eb761a5c80ac0e2d26c2ba => is succesvol verplaatst
    C:\9cae8c3de34a5a532af4711b8e => is succesvol verplaatst
    C:\80ed5da7469e630af8 => is succesvol verplaatst
    C:\235d6ea06bf9600b48810d7f => is succesvol verplaatst
    C:\89cc7330450f265de9de => is succesvol verplaatst
    C:\bdd7f804becdf8a002ee5269d9b2 => is succesvol verplaatst
    C:\ec61763e42b14a964258f3ebbb => is succesvol verplaatst
    C:\Program Files\Advanced Card Systems Ltd => is succesvol verplaatst
    C:\5825a1d52772cdb846 => is succesvol verplaatst
    C:\990746c30ac77677f0e5 => is succesvol verplaatst
    C:\5c75ead3829f90f090ae2d4808 => is succesvol verplaatst
    C:\4f42d37172017005abdf90d4e4ae7f9b => is succesvol verplaatst
    C:\124259902c8503bf0cfceb => is succesvol verplaatst
    C:\ce51e115a100e2640a0e39dd055add => is succesvol verplaatst
    C:\2d61a63ce7f37211318de35760a1 => is succesvol verplaatst
    C:\0b9632262526aafaa89609b1 => is succesvol verplaatst
    C:\d4a37d9541a41d9611e143c200 => is succesvol verplaatst
    C:\8a131cd49804b940bbfa84 => is succesvol verplaatst
    C:\ba6bbdcc354e83841a4d81 => is succesvol verplaatst
    C:\Users\stefan\AppData\Roaming\IObit => is succesvol verplaatst
    C:\Users\Administrator\AppData\Roaming\IObit => is succesvol verplaatst
    C:\Windows\IObit => is succesvol verplaatst
    C:\Users\stefan\AppData\LocalLow\IObit => is succesvol verplaatst
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DC05A47-17BA-42A7-941D-81F87D0AA310} => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DC05A47-17BA-42A7-941D-81F87D0AA310} => sleutel is succesvol verwijderd
    C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan) => is succesvol verplaatst
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (stefan) => sleutel is succesvol verwijderd
    "C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan)" => niet gevonden.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{955A7896-24BD-4312-AFF3-B6F251D6194B} => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{955A7896-24BD-4312-AFF3-B6F251D6194B} => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Assistant\PC Tuneup => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6667469-171F-4085-9E92-FB806FDE3B51} => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6667469-171F-4085-9E92-FB806FDE3B51} => sleutel is succesvol verwijderd
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Assistant\HP Total Care Tune-Up => sleutel is succesvol verwijderd
    C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS is succesvol verwijderd.
    C:\ProgramData\Temp => ":054B9966" ADS is succesvol verwijderd.
    C:\ProgramData\Temp => ":4BF2F6B5" ADS is succesvol verwijderd.
    C:\ProgramData\Temp => ":CB0AACC9" ADS is succesvol verwijderd.
    C:\ProgramData\Temp => ":CB9FA647" ADS is succesvol verwijderd.


    =========== EmptyTemp: ==========


    BITS transfer queue => 8388608 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11073974 B
    Java, Flash, Steam htmlcache => 506 B
    Windows/system/drivers => 2941944 B
    Edge => 0 B
    Chrome => 107859872 B
    Firefox => 57397325 B
    Opera => 0 B


    Temp, IE cache, history, cookies, recent:
    Users => 0 B
    Default => 66228 B
    Public => 0 B
    ProgramData => 0 B
    systemprofile32 => 57755 B
    LocalService => 173204 B
    NetworkService => 79342 B
    stefan => 440605018 B
    Administrator => 466222 B


    RecycleBin => 0 B
    EmptyTemp: => 600 MB tijdelijke gegevens verwijderd.


    ================================




    Het systeem moest herstart worden.


    ==== Eind van Fixlog 09:34:04 ====

  8. #8

    Re: redirecting to us.search.yahoo.com

    2. the adw gave a S3 before reboot and a C1 after reboot : i copy both inhere to be sure :
    # AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 29 07:44:46 2017
    # Updated on 2017/05/08 by Malwarebytes
    # Database: 08-25-2017.1
    # Running on Windows 7 Home Premium (X64)
    # Mode: scan
    # Support: Malwarebytes | Customer Support & Help Center


    ***** [ Services ] *****


    No malicious services found.


    ***** [ Folders ] *****


    PUP.Adware.Heuristic, \Downloaded Installers\M928366
    PUP.Adware.Heuristic, \Installer\M928366




    ***** [ Files ] *****


    PUP.Optional.SpyHunter, C:\Windows\System32\drivers\EsgScanner.sys




    ***** [ DLL ] *****


    No malicious DLLs found.


    ***** [ WMI ] *****


    No malicious WMI found.


    ***** [ Shortcuts ] *****


    No malicious shortcuts found.


    ***** [ Tasks ] *****


    No malicious tasks found.


    ***** [ Registry ] *****


    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{655847A1-FA36-46ED-923B-A5CD523696EA}
    PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{EBBC143E-44AC-4B9C-BCCE-9A0E42921F2A}
    PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
    PUP.Adware.Heuristic, [Key] - HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\M928366




    ***** [ Firefox (and derivatives) ] *****


    No malicious Firefox entries.


    ***** [ Chromium (and derivatives) ] *****


    No malicious Chromium entries.


    *************************


    C:/AdwCleaner/AdwCleaner[C0].txt - [6873 B] - [2017/8/27 20:41:15]
    C:/AdwCleaner/AdwCleaner[S0].txt - [5106 B] - [2014/11/4 9:24:13]
    C:/AdwCleaner/AdwCleaner[S1].txt - [7723 B] - [2017/8/27 20:38:44]
    C:/AdwCleaner/AdwCleaner[S2].txt - [3729 B] - [2017/8/28 9:39:57]




    ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########


    # AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 29 07:46:19 2017
    # Updated on 2017/05/08 by Malwarebytes
    # Running on Windows 7 Home Premium (X64)
    # Mode: clean
    # Support: Malwarebytes | Customer Support & Help Center


    ***** [ Services ] *****


    No malicious services deleted.


    ***** [ Folders ] *****


    Deleted: \Downloaded Installers\M928366
    Deleted: \Installer\M928366




    ***** [ Files ] *****


    Deleted: C:\Windows\System32\drivers\EsgScanner.sys




    ***** [ DLL ] *****


    No malicious DLLs cleaned.


    ***** [ WMI ] *****


    No malicious WMI cleaned.


    ***** [ Shortcuts ] *****


    No malicious shortcuts cleaned.


    ***** [ Tasks ] *****


    No malicious tasks deleted.


    ***** [ Registry ] *****


    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{655847A1-FA36-46ED-923B-A5CD523696EA}
    Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EBBC143E-44AC-4B9C-BCCE-9A0E42921F2A}
    Deleted: [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
    Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\M928366




    ***** [ Firefox (and derivatives) ] *****


    No malicious Firefox entries deleted.


    ***** [ Chromium (and derivatives) ] *****


    No malicious Chromium entries deleted.


    *************************


    ::Tracing keys deleted
    ::Winsock settings cleared
    ::Additional Actions: 0






    *************************


    C:/AdwCleaner/AdwCleaner[C0].txt - [6873 B] - [2017/8/27 20:41:15]
    C:/AdwCleaner/AdwCleaner[S0].txt - [5106 B] - [2014/11/4 9:24:13]
    C:/AdwCleaner/AdwCleaner[S1].txt - [7723 B] - [2017/8/27 20:38:44]
    C:/AdwCleaner/AdwCleaner[S2].txt - [3729 B] - [2017/8/28 9:39:57]
    C:/AdwCleaner/AdwCleaner[S3].txt - [3796 B] - [2017/8/29 7:44:47]




    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

  9. #9

    Re: redirecting to us.search.yahoo.com

    3. JRT log :

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.4 (07.09.2017)
    Operating System: Windows 7 Home Premium x64
    Ran by stefan (Limited) on di 29/08/2017 at 9:52:53,24
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








    File System: 29


    Successfully deleted: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll (File)
    Successfully deleted: C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll (File)
    Successfully deleted: C:\ProgramData\productdata (Folder)
    Successfully deleted: C:\Users\stefan\AppData\Roaming\new version available (Folder)
    Successfully deleted: C:\Users\stefan\Documents\add-in express (Folder)
    Successfully deleted: C:\Windows\system32\Tasks\DriverMax Notification (Task)
    Successfully deleted: C:\Windows\system32\Tasks\DriverMaxAgent (Task)
    Successfully deleted: C:\Windows\system32\Tasks\DriverMaxWelcome (Task)
    Successfully deleted: C:\Windows\system32\Tasks\DriverNavigator Scheduled Scan (Task)
    Successfully deleted: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job (Task)
    Successfully deleted: C:\xiaomi (Folder)
    Successfully deleted: C:\Program Files (x86)\dll-files.com fixer (Folder)
    Successfully deleted: C:\Program Files (x86)\trademanager (Folder)
    Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MY8UJN0 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VZMPUXS (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQMK3OH2 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVKPJKSW (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGOEEMW1 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O72J9JB0 (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZC2N0HV (Temporary Internet Files Folder)
    Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZRZ5AP3R (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MY8UJN0 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VZMPUXS (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQMK3OH2 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVKPJKSW (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGOEEMW1 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O72J9JB0 (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZC2N0HV (Temporary Internet Files Folder)
    Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZRZ5AP3R (Temporary Internet Files Folder)






    Registry: 0










    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on di 29/08/2017 at 9:57:33,60
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  10. #10

    Re: redirecting to us.search.yahoo.com

    By the way, after i ran your tools, the redirecting is as far as i know gone. I will wait for your analysis as whether you can find something that is being cleaned with this tools.
    I'll wait for you reply. In the mean time i do a follow up when i am on webpages to see if it remains OK :-)
    thnx !

  11. #11
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,478

    Re: redirecting to us.search.yahoo.com

    Excellent! Plus, with the uninstall of Java and Shockwave Player, you have less to worry about keeping updated.

    Please download Delfix from here.

    Ensure the following boxes are checked:
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Click Run

    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

    Following that, you can return to [Win7 x64] Unable to install SP1. and await instructions from softwaremaniac. However, please be alert to keeping your antivirus enabled when not following his instructions to disable it.
    raystef66 says thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  12. #12

    Re: redirecting to us.search.yahoo.com

    Thank you for your help ! It is much appreciated. As a matter of fact i'm running smoother now as before and up till now i did not encouter any redirecting anymore. I also removed some older programms which i did not use anymore. I de-installed a dozen of those :-)
    So GREAT HELP ! Thanks again !
    Here is the log :

    # DelFix v1.013 - Logfile created 29/08/2017 at 17:44:12
    # Updated 17/04/2016 by Xplode
    # Username : stefan - STEFAN-PC
    # Operating System : Windows 7 Home Premium (64 bits)


    ~ Removing disinfection tools ...


    Deleted : C:\FRST
    Deleted : C:\AdwCleaner
    Deleted : C:\TDSSKiller.3.1.0.15_28.08.2017_11.54.16_log.txt
    Deleted : C:\Users\stefan\Desktop\AdwCleaner[C1].txt
    Deleted : C:\Users\stefan\Desktop\AdwCleaner[S3].txt
    Deleted : C:\Users\stefan\Desktop\Fixlog.txt
    Deleted : C:\Users\stefan\Desktop\JRT.txt
    Deleted : C:\Users\stefan\Downloads\Addition.txt
    Deleted : C:\Users\stefan\Downloads\adwcleaner_7.0.1.0.exe
    Deleted : C:\Users\stefan\Downloads\FRST.txt
    Deleted : C:\Users\stefan\Downloads\FRST64.exe
    Deleted : C:\Users\stefan\Downloads\JRT.exe
    Deleted : C:\Users\stefan\Downloads\RGSA.exe
    Deleted : C:\Users\stefan\Downloads\SALog.txt
    Deleted : C:\Users\stefan\Downloads\tdsskiller.exe
    Deleted : HKLM\SOFTWARE\AdwCleaner
    Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis


    ~ Creating registry backup ... OK


    ~ Cleaning system restore ...


    Deleted : RP #618 [Windows 7 Service Pack 1 | 08/28/2017 06:08:22]
    Deleted : RP #619 [Controlepunt van HitmanPro | 08/28/2017 08:36:57]
    Deleted : RP #620 [Controlepunt van HitmanPro | 08/28/2017 08:37:37]
    Deleted : RP #621 [Removed Java 7 Update 51 | 08/29/2017 06:55:30]
    Deleted : RP #622 [Removed Java 7 Update 51 (64-bit) | 08/29/2017 06:56:34]
    Deleted : RP #623 [Removed Java 8 Update 144 (64-bit) | 08/29/2017 06:57:34]
    Deleted : RP #624 [Removed Java SE Development Kit 8 Update 25 (64-bit) | 08/29/2017 06:58:34]
    Deleted : RP #625 [Removed Adobe Shockwave Player 12.0. | 08/29/2017 07:01:29]
    Deleted : RP #626 [Removed Python 2.7.12 (64-bit) | 08/29/2017 07:02:29]
    Deleted : RP #627 [Python 3.5.0 (64-bit) | 08/29/2017 07:03:02]
    Deleted : RP #628 [Removed Python 2.7.12 (64-bit) | 08/29/2017 07:05:41]
    Deleted : RP #629 [Removed TomTom HOME Visual Studio Merge Modules | 08/29/2017 07:07:03]
    Deleted : RP #630 [Removed TomTom HOME. | 08/29/2017 07:07:28]
    Deleted : RP #631 [Removed Binreader | 08/29/2017 07:12:25]
    Deleted : RP #633 [Restore Point Created by FRST | 08/29/2017 07:32:54]
    Deleted : RP #634 [JRT Pre-Junkware Removal | 08/29/2017 07:52:57]
    Deleted : RP #635 [Removed 7-Zip 9.20 (x64 edition) | 08/29/2017 11:45:17]
    Deleted : RP #636 [CinemaHD 4 Free | 08/29/2017 11:50:02]
    Deleted : RP #637 [Removed Netcam Studio - 64-bit | 08/29/2017 11:56:55]
    Deleted : RP #638 [Removed Nitro Reader 3 | 08/29/2017 11:57:57]
    Deleted : RP #639 [Removed Radmin Viewer 3.5. | 08/29/2017 12:03:17]
    Deleted : RP #640 [Removed XiaoMiFlash | 08/29/2017 12:10:19]
    Deleted : RP #641 [Removed XiaoMiFlash | 08/29/2017 12:18:16]


    New restore point created !


    ########## - EOF - ##########

  13. #13
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    8,478

    Re: redirecting to us.search.yahoo.com

    I'm so happy I was able to help as well as you taking the initiative to do further cleanup! I know softwaremaniac will do his very best to help you get properly updated now.
    raystef66 and softwaremaniac say thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

Similar Threads

  1. Replies: 0
    Last Post: 02-02-2014, 04:29 AM
  2. Not Even Yahoo Employees Want To Use Yahoo Mail
    By JMH in forum Social Media News
    Replies: 0
    Last Post: 12-02-2013, 05:04 AM
  3. Replies: 0
    Last Post: 01-15-2013, 06:27 PM
  4. Replies: 0
    Last Post: 11-17-2012, 08:31 PM
  5. Replies: 0
    Last Post: 07-28-2012, 02:57 AM

Log in

Log in