Virus obrisao google chrome i antivirus program

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Prilikom download jedne knjige sa net-a laptop mi je postao toliko "zarazen" da ovako nesto nikada do sada nisam imala. Virus je uklonio antivirus program McAfee i Google Chrome.
Koristila sam program Antimalware bytes da uklonim "zarazu". Iz servisa McAfee su pomogli da ponovo instaliram antivirus ali Google Chrome ne mogu cak ni da download, probala sam sa nekoliko sajtova.Kad pritisnem download posle par minuta dobijem": Thank you for download ali ga nigde nije skinuo.
Inace mi ni Internet Explorer sada ne radi kako treba,stalno prijavljuje: IE is not respond.
Dobila sam preporuku da se prijavim u ambulantu.

Ovo je kopija First.txt:

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:14-08-2015 01
Gestart door Gebruiker (Beheerder) op DELL (15-08-2015 20:53:28)
Gestart vanaf C:\Users\Gebruiker\Desktop
Geladen Profielen: Gebruiker (Beschikbare Profielen: Gebruiker)
Platform: Windows 8.1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser niet gedetecteerd!)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: [Link mogu videti samo ulogovani korisnici]

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [gpuminer] => C:\Users\Gebruiker\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [96 2015-05-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-07-02] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1080634544-94007974-565221382-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1080634544-94007974-565221382-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1080634544-94007974-565221382-1001\...\Run: [Lock12Status] => True
CHR HKLM\SOFTWARE\Policies\Google: Beleid restrictie <======= AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is ingeschakeld.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62024;https=127.0.0.1:62024
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1080634544-94007974-565221382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1080634544-94007974-565221382-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Link mogu videti samo ulogovani korisnici]
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2013-07-02] (Qualcomm®Atheros®)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-08-04] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-07-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-07-21] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 195.241.77.55 195.241.77.58
Tcpip\..\Interfaces\{97C21DF0-38FF-401B-93CC-EBC596B506BC}: [DhcpNameServer] 192.168.1.254 195.241.77.55 195.241.77.58
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-07-21] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-08-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-08-06]

Chrome:
=======
CHR dev: Chrome dev build gedetecteerd! <======= AANDACHT
CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-06]
CHR Extension: (Geen Naam) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-08-05]
CHR Extension: (Docs) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-06]
CHR Extension: (Google Drive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-06]
CHR Extension: (YouTube) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-06]
CHR Extension: (Google Search) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-06]
CHR Extension: (Google Sheets) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-06]
CHR Extension: (SiteAdvisor) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-08-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-06]
CHR Extension: (Gmail) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-06]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-08-06]
StartMenuInternet: Google Chrome - Chrome.exe

Opera:
=======
OPR Extension: (Internet Speed Checker) - C:\Users\Gebruiker\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbglkiiiofelplniblholffbhhjmdhhi [2015-08-05]

==================== Services (gefilterd) ========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-07-02] (Windows (R) Win 7 DDK provider) [Bestand niet getekend]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-08-05] (SurfRight B.V.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155368 2015-08-04] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-07-21] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2013-06-21] (Atheros) [Bestand niet getekend]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (gefilterd) ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-08-04] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2015-08-15 20:53 - 2015-08-15 20:54 - 00018578 _____ C:\Users\Gebruiker\Desktop\FRST.txt
2015-08-15 20:53 - 2015-08-15 20:53 - 00000000 ____D C:\FRST
2015-08-15 20:52 - 2015-08-15 20:52 - 02173952 _____ (Farbar) C:\Users\Gebruiker\Desktop\FRST64.exe
2015-08-15 20:50 - 2015-08-15 20:50 - 02173952 _____ (Farbar) C:\Users\Gebruiker\Downloads\FRST64.exe
2015-08-15 15:54 - 2015-08-15 15:54 - 00000000 ___RD C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-08-14 22:59 - 2015-08-14 22:59 - 00000000 ____D C:\Users\Public\Documents\atheros
2015-08-11 23:02 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 23:02 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 21:01 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 21:01 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 21:01 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 21:01 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 21:01 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 21:01 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 21:01 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 21:01 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 21:01 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 21:01 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 21:01 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 21:01 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 21:01 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 21:01 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 21:01 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 21:01 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 21:01 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 21:01 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 21:01 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 21:01 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 21:01 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 21:01 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 21:01 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 21:01 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 21:01 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 21:01 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 21:01 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 21:01 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 21:01 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 21:01 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 21:01 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 21:01 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 21:01 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 21:01 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 20:58 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 20:58 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 20:58 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 20:58 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 20:58 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 20:58 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 20:58 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 20:58 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 20:58 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 20:53 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 20:53 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 20:52 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 20:52 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 20:52 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 20:52 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 20:52 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 20:52 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 20:52 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 20:52 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 20:52 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 20:52 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 20:52 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 20:52 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 20:52 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 20:52 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 20:52 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 20:52 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 20:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 20:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 20:52 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-08 00:43 - 2015-08-08 00:43 - 00570780 _____ C:\Users\Gebruiker\Downloads\MediaPlayerSetup7.3.3.zip
2015-08-06 22:47 - 2015-08-06 22:47 - 00001928 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2015-08-06 22:47 - 2015-08-06 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-08-06 22:47 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-08-06 22:46 - 2015-08-13 22:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2015-08-06 22:46 - 2015-08-06 22:46 - 00000000 ____D C:\Program Files (x86)\McAfee.com
2015-08-06 22:45 - 2015-08-15 15:53 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-08-06 22:45 - 2015-08-06 22:47 - 00000000 ____D C:\Program Files\McAfee
2015-08-06 22:45 - 2015-08-06 22:45 - 00000000 ____D C:\Program Files\McAfee.com
2015-08-06 22:45 - 2015-08-06 22:45 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-06 22:41 - 2015-06-29 10:03 - 00254792 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2015-08-06 22:38 - 2015-08-06 22:38 - 07727368 _____ (McAfee, Inc.) C:\Users\Gebruiker\Downloads\McAfeeSetup-AutoLogin.exe
2015-08-06 22:00 - 2015-08-13 22:30 - 00000000 ____D C:\ProgramData\McAfee
2015-08-06 22:00 - 2015-08-13 22:29 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-08-06 21:24 - 2015-08-06 21:24 - 04923920 _____ (McAfee, Inc.) C:\Users\Gebruiker\Desktop\MCPR.exe
2015-08-06 13:57 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-06 13:57 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-06 13:57 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-06 13:57 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-06 13:57 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-06 13:57 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-06 13:57 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-06 13:57 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-06 13:57 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-06 13:57 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-06 13:57 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-06 13:57 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-06 13:57 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-08-06 13:57 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-08-06 13:57 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-08-06 13:57 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-08-06 13:56 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-06 13:56 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-06 13:56 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-06 13:56 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-06 13:56 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-06 13:56 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-06 13:56 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-06 13:56 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-06 13:56 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-06 13:56 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-06 13:56 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-06 13:56 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-06 13:56 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-06 13:56 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-06 13:56 - 2015-06-10 00:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-08-06 13:56 - 2015-06-10 00:39 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-08-06 13:56 - 2015-06-10 00:38 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-08-06 13:56 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-06 13:56 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-06 13:56 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2015-08-06 13:56 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-08-06 13:56 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2015-08-06 13:51 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-08-06 13:51 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-08-05 20:30 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-05 20:30 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-05 19:09 - 2015-08-15 20:41 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-05 19:08 - 2015-08-05 19:10 - 00001110 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-05 19:08 - 2015-08-05 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-05 19:08 - 2015-08-05 19:10 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-05 19:08 - 2015-08-05 19:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-05 19:08 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-05 19:08 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-05 19:08 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-05 18:56 - 2015-08-15 15:53 - 00004018 _____ C:\WINDOWS\setupact.log
2015-08-05 18:56 - 2015-08-05 18:56 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-05 18:55 - 2015-08-15 15:53 - 00223634 _____ C:\WINDOWS\PFRO.log
2015-08-05 01:44 - 2015-08-06 14:11 - 00000344 _____ C:\WINDOWS\system32\.crusader
2015-08-05 01:39 - 2015-08-05 01:39 - 00001887 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-08-05 01:39 - 2015-08-05 01:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-08-05 01:39 - 2015-08-05 01:39 - 00000000 ____D C:\Program Files\HitmanPro
2015-08-05 01:35 - 2015-08-05 18:50 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-05 01:35 - 2015-08-05 01:35 - 00000000 ____D C:\ProgramData\Hitman Pro
2015-08-05 01:34 - 2015-08-05 01:34 - 00000000 ____D C:\Users\Gebruiker\Downloads\Hitman Pro 3.5.9 Build 125 (x64) incl (zabranjeno)
2015-08-05 01:22 - 2015-08-15 15:53 - 00001048 _____ C:\WINDOWS\Tasks\MTJHASTzktjuePLoDBWEbduu6.job
2015-08-05 01:20 - 2015-08-05 18:54 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\12320
2015-08-05 01:19 - 2015-08-15 15:53 - 00001712 _____ C:\WINDOWS\Tasks\BYAIAMUF.job
2015-08-05 01:19 - 2015-08-05 02:07 - 00000000 ____D C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-08-05 01:18 - 2015-08-05 01:18 - 00000000 ____D C:\Program Files (x86)\predm
2015-08-05 01:09 - 2015-08-05 01:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-05 01:09 - 2015-08-05 01:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-05 01:09 - 2015-08-05 01:09 - 00000000 ____D C:\Program Files\MSBuild
2015-08-05 01:09 - 2015-08-05 01:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-05 01:09 - 2015-08-05 01:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-05 01:05 - 2015-08-05 01:05 - 00000000 ____D C:\ProgramData\4f754b0000032de
2015-08-05 01:05 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-05 01:05 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-05 01:03 - 2015-08-05 01:03 - 00000000 ____D C:\ProgramData\Service0082
2015-08-05 01:03 - 2015-08-05 01:03 - 00000000 ____D C:\ProgramData\2acd4cb5c435461892520f3241ad43b9
2015-08-05 01:01 - 2015-08-05 19:54 - 00000000 ____D C:\Program Files (x86)\806b8fed-eab4-4b2b-bd6d-6402db53ce3e
2015-08-05 01:01 - 2015-08-05 18:49 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-05 00:52 - 2015-08-13 18:52 - 00000376 _____ C:\WINDOWS\Tasks\RestoHopper.job
2015-08-05 00:52 - 2015-08-05 00:53 - 00003270 _____ C:\WINDOWS\System32\Tasks\RestoHopper
2015-08-05 00:51 - 2015-08-15 15:53 - 00000380 _____ C:\WINDOWS\Tasks\GiantFunds.job
2015-08-05 00:50 - 2015-08-05 00:59 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\cpuminer
2015-08-05 00:50 - 2015-08-05 00:50 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\Opera Software
2015-08-05 00:50 - 2015-08-05 00:50 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\Opera Software
2015-08-05 00:49 - 2015-08-05 01:07 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-05 00:49 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-08-05 00:47 - 2015-08-05 00:47 - 00000000 _____ C:\WINDOWS\prleth.sys
2015-08-05 00:47 - 2015-08-05 00:47 - 00000000 _____ C:\WINDOWS\hgfs.sys
2015-08-05 00:45 - 2015-08-05 00:45 - 01522576 _____ C:\Users\Gebruiker\Downloads\book+id89472806.pdf_10924_i40657934_il345.exe.zip
2015-08-02 18:16 - 2015-08-02 18:17 - 02384975 _____ C:\Users\Gebruiker\Downloads\Flappy Bird 1.1.0.ipa
2015-07-29 22:56 - 2015-07-29 22:57 - 01595835 _____ C:\Users\Gebruiker\Downloads\rapport Dolfijn.zip
2015-07-28 22:31 - 2015-08-15 20:45 - 01376869 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-26 00:01 - 2015-07-26 00:01 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\CEF
2015-07-19 18:55 - 2015-07-19 18:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-16 10:10 - 2015-07-16 10:10 - 00000000 _____ C:\WINDOWS\SysWOW64\REN9CC.tmp

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2015-08-15 20:54 - 2015-06-06 15:09 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\Skype
2015-08-15 20:48 - 2015-06-05 14:03 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1080634544-94007974-565221382-1001
2015-08-15 20:47 - 2015-07-12 20:20 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-15 20:31 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-15 15:53 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-15 15:52 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-15 15:50 - 2015-06-06 14:35 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-15 15:47 - 2015-07-10 18:32 - 00000000 ___HD C:\$Windows.~BT
2015-08-15 15:34 - 2015-06-09 16:35 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-14 23:17 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-14 23:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 18:53 - 2015-06-11 21:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-13 18:43 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-12 21:48 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-12 21:31 - 2015-06-09 15:44 - 00000000 ____D C:\Users\Gebruiker
2015-08-12 12:47 - 2015-07-12 20:20 - 00003828 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-12 12:17 - 2013-08-22 16:44 - 00482872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-11 23:16 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 23:16 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 23:16 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-11 23:16 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-11 23:15 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-11 23:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 23:02 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-11 21:32 - 2015-06-06 14:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-11 21:32 - 2015-06-06 14:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-11 21:31 - 2015-06-11 22:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-11 21:31 - 2015-06-06 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-11 21:29 - 2015-06-06 13:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-11 21:26 - 2015-06-06 13:21 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 21:25 - 2013-08-22 15:25 - 00000269 _____ C:\WINDOWS\win.ini
2015-08-11 11:42 - 2015-06-11 18:38 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\BitTorrent
2015-08-08 15:55 - 2014-11-21 15:11 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-11-21 15:11 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 00:49 - 2015-06-09 16:03 - 00001728 _____ C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-08 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 14:33 - 2015-07-11 17:27 - 00004958 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DELL-Gebruiker DELL
2015-08-06 22:46 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-06 16:52 - 2014-11-21 10:28 - 00000000 ____D C:\WINDOWS\SKB
2015-08-06 16:47 - 2014-11-21 10:44 - 01823174 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-06 16:47 - 2014-11-21 10:05 - 00806704 _____ C:\WINDOWS\system32\perfh013.dat
2015-08-06 16:47 - 2014-11-21 10:05 - 00162170 _____ C:\WINDOWS\system32\perfc013.dat
2015-08-06 14:11 - 2015-06-11 22:21 - 00000000 ____D C:\WINDOWS\AutoKMS
2015-08-06 13:58 - 2015-06-06 15:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-06 13:58 - 2014-11-21 15:07 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-05 02:07 - 2015-06-06 14:37 - 00000000 ____D C:\Program Files\Classic Shell
2015-08-05 02:05 - 2015-06-06 14:45 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\ClassicShell
2015-07-29 23:09 - 2015-06-05 13:57 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\Packages
2015-07-25 21:36 - 2015-06-09 16:28 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-18 18:53 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-18 18:51 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-17 09:53 - 2015-06-06 14:39 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-17 09:51 - 2015-06-06 14:39 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 17:26 - 2015-06-09 16:28 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-16 11:05 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-16 11:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-07-16 10:53 - 2015-06-06 14:36 - 00000000 ____D C:\ProgramData\Oracle
2015-07-16 10:10 - 2015-06-06 14:37 - 00000000 ____D C:\Program Files\Java
2015-07-16 10:10 - 2015-06-06 14:36 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-16 10:09 - 2015-06-06 14:37 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

==================== Bestanden in de root van sommige mappen =======

2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Gebruiker\AppData\Roaming\BYAIAMUF
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gebruiker\AppData\Roaming\MTJHASTzktjuePLoDBWEbduu6

Sommige bestanden in TEMP:
====================
C:\Users\Gebruiker\AppData\Local\Temp\failover.exe
C:\Users\Gebruiker\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Gebruiker\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Gebruiker\AppData\Local\Temp\Uninstall.exe


==================== Bamital & volsnap =================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2015-08-08 20:44

==================== Eind van log ============================
[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

createrestorepoint:
closeprocesses:
emptytemp:
Task: {061F1934-64CF-410D-A7C1-687A2FA53624} - System32\Tasks\RestoHopper => c:\programdata\{66d3dcd7-7bcb-918d-66d3-3dcd77bc735d}\priceless_soft_partner.exe <==== AANDACHT
Task: {0C8E9EB1-5C64-4C9A-9B40-38C4A71A9C6D} - \Superclean -> Geen bestand <==== AANDACHT
Task: {0D719D94-9464-4B24-BF4E-312EE1FE18A3} - \TKRDJJVYM1 -> Geen bestand <==== AANDACHT
Task: {0F6FFBDF-F3A1-41B5-907E-071E63FFEE21} - \globalUpdateUpdateTaskMachineUA -> Geen bestand <==== AANDACHT
Task: {13247E86-5E21-4BAC-9E88-1D71A99ABA01} - \fad96ebe-31a4-4408-b15f-f66aebe7dfaa-7 -> Geen bestand <==== AANDACHT
Task: {145D31EB-89A6-48B1-B411-EE7871D791E2} - \dd6aa243-1fdd-44b7-b068-2f07cccdd84d-5_user -> Geen bestand <==== AANDACHT
Task: {156AE08C-FBC0-4A81-A2B1-8B914C969497} - \dd6aa243-1fdd-44b7-b068-2f07cccdd84d-5 -> Geen bestand <==== AANDACHT
Task: {280F9789-7CBA-4669-ACF7-9F5164056EE9} - \APSnotifierPP2 -> Geen bestand <==== AANDACHT
Task: {28EBBBDC-E7DC-4E40-B04E-A3AD78EE4ABE} - \PC SpeedUp Service Deactivator -> Geen bestand <==== AANDACHT
Task: {293D96F7-B954-4EF3-9CAB-A5E504260D10} - \MTJHASTzktjuePLoDBWEbduu6 -> Geen bestand <==== AANDACHT
Task: {2AA6DBD0-4038-4E66-91E3-CDDCB554CB9D} - \fad96ebe-31a4-4408-b15f-f66aebe7dfaa-11 -> Geen bestand <==== AANDACHT
Task: {2E4E8866-FC8B-478B-845B-F13B13BA56C1} - \fad96ebe-31a4-4408-b15f-f66aebe7dfaa-6 -> Geen bestand <==== AANDACHT
Task: {30F81E21-0BD4-4C88-8FDE-9DE918D8D8E9} - \dd6aa243-1fdd-44b7-b068-2f07cccdd84d-10_user -> Geen bestand <==== AANDACHT
Task: {415F6A11-D960-4DF5-98A8-8AAB2BE12242} - \APSnotifierPP3 -> Geen bestand <==== AANDACHT
Task: {48835377-9A8A-4D25-9354-8543DF565CBF} - \dd6aa243-1fdd-44b7-b068-2f07cccdd84d-1-6 -> Geen bestand <==== AANDACHT
Task: {5E43B214-496D-4803-912E-C1955B5D12B6} - \dd6aa243-1fdd-44b7-b068-2f07cccdd84d-6 -> Geen bestand <==== AANDACHT
Task: {60DA825E-EC3D-495B-A657-19CBA1189EF2} - \Crossbrowse -> Geen bestand <==== AANDACHT
Task: {62693DED-023D-42EE-94C5-393B8E14E546} - \fad96ebe-31a4-4408-b15f-f66aebe7dfaa-5 -> Geen bestand <==== AANDACHT
Task: {68833ADB-2B65-4800-B1E8-35E05F73ACA3} - \fad96ebe-31a4-4408-b15f-f66aebe7dfaa-1-6 -> Geen bestand <==== AANDACHT
Task: {6DB223DB-A494-451B-9602-CF170638AB8F} - \AutoKMS -> Geen bestand <==== AANDACHT
Task: {8461386B-4D73-4AE0-A09C-A0A49895AA19} - \dd6aa243-1fdd-44b7-b068-2f07cccdd84d-7 -> Geen bestand <==== AANDACHT
Task: {84C03E07-899C-4079-BD6A-8B04E4A8633C} - \amiupdaterExi -> Geen bestand <==== AANDACHT
Task: {8A58C05A-8AB3-4D8D-9292-461B6CE00087} - \ASP -> Geen bestand <==== AANDACHT
Task: {8CDCF631-5089-4AD1-B0E4-EE39C8EEFB87} - \GiantFunds -> Geen bestand <==== AANDACHT
Task: {B31A2328-F822-4D42-AB74-BB9C6AA339BF} - \APSnotifierPP1 -> Geen bestand <==== AANDACHT
Task: {B55E2ECE-C778-430D-95B2-050DB8B1AF6B} - \fad96ebe-31a4-4408-b15f-f66aebe7dfaa-5_user -> Geen bestand <==== AANDACHT
Task: {B6EE7A4F-18CE-44AF-AA16-D77AA3936C99} - \amiupdaterExd -> Geen bestand <==== AANDACHT
Task: {B74A4C4C-9EB2-4357-A856-39D0A7FE451B} - \globalUpdateUpdateTaskMachineCore -> Geen bestand <==== AANDACHT
Task: {D5090383-08AB-4C28-9ADD-9221CE0747EC} - \dd6aa243-1fdd-44b7-b068-2f07cccdd84d-3 -> Geen bestand <==== AANDACHT
Task: {D7DF50A0-E424-4C89-882D-F404335973C3} - \dd6aa243-1fdd-44b7-b068-2f07cccdd84d-1-7 -> Geen bestand <==== AANDACHT
Task: {EFFA160C-95BD-44A3-92EB-9DDA6B4F6EC2} - \BYAIAMUF -> Geen bestand <==== AANDACHT
Task: {F93018C2-620B-432E-BA81-AA4513D5CDFA} - \fad96ebe-31a4-4408-b15f-f66aebe7dfaa-10_user -> Geen bestand <==== AANDACHT
Task: {FF5D361A-5B16-4686-8516-232AE1E3D87A} - \fad96ebe-31a4-4408-b15f-f66aebe7dfaa-1-7 -> Geen bestand <==== AANDACHT
Task: C:\WINDOWS\Tasks\BYAIAMUF.job => C:\Users\Gebruiker\AppData\Roaming\BYAIAMUF.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\GiantFunds.job => c:\programdata\{989dad11-af26-ce49-989d-dad11af2b446}\priceless_p_soft_partner.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\MTJHASTzktjuePLoDBWEbduu6.job => C:\Users\Gebruiker\AppData\Roaming\MTJHASTzktjuePLoDBWEbduu6.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\RestoHopper.job => c:\programdata\{66d3dcd7-7bcb-918d-66d3-3dcd77bc735d}\priceless_soft_partner.exe <==== AANDACHT
c:\programdata\{66d3dcd7-7bcb-918d-66d3-3dcd77bc735d}
c:\programdata\{989dad11-af26-ce49-989d-dad11af2b446}
C:\Users\Gebruiker\AppData\Roaming\BYAIAMUF.exe
C:\Users\Gebruiker\AppData\Roaming\MTJHASTzktjuePLoDBWEbduu6.exe
CHR HKLM\SOFTWARE\Policies\Google: Beleid restrictie <======= AANDACHT
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is ingeschakeld.
ProxyServer: [.DEFAULT] => http=127.0.0.1:62024;https=127.0.0.1:62024
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1080634544-94007974-565221382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1080634544-94007974-565221382-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/nl-nl/?ocid=iehp
RemoveProxy:
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Gebruiker\AppData\Roaming\BYAIAMUF
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Gebruiker\AppData\Roaming\MTJHASTzktjuePLoDBWEbduu6
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== AANDACHT

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

fixlog.txt je prikacen kao fajl




[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kakva je situacija sada?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 17 Avg 2015 19:29

Probala sam da skinem google chrome ali nigde ga nema, kao i ranije samo "thank you for download".Izgleda da se nista nije promenilo.

Dopuna: 17 Avg 2015 19:39

Kad startujem laptop i ulogujem se pojavi mi se crni prozorcic; vrlo brzo nestane zato ne mogu da stignem da procitam sta tacno pise, jedino znam da u onom narandzasto-zutom zaglavlju tog prozorcica jedna od reci je:system32, a onda u samom crnom prozorcicu pise nekih 4-5 reci. Ovo se pocelo pojavljivati od kako je laptop zarazen.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ponovo pokreni FRST, obelezi Addition.txt kvadrat, klikni na Scan i dostavi oba izvestaja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

Onaj prozorcic o kome sam pisala gore ima u sebi cmd, toliko sam uspela da vidim ako to nesto znaci!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

FRST izvestaj je prazan, probaj ponovo.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Evo ih oba ponovo:


[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

closeprocesses:
emptytemp:
createrestorepoint:
HKLM\...\Run: [gpuminer] => C:\Users\Gebruiker\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [96 2015-05-02] ()
HKU\S-1-5-21-1080634544-94007974-565221382-1001\...\Run: [Lock12Status] => True
C:\Users\Gebruiker\AppData\Roaming\cpuminer
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 195.241.77.55 195.241.77.58
Tcpip\..\Interfaces\{97C21DF0-38FF-401B-93CC-EBC596B506BC}: [DhcpNameServer] 192.168.1.254 195.241.77.55 195.241.77.58
cmd: ipconfig /flushdns
globalupdate Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.0 - globalupdate Inc.) <==== AANDACHT
FirewallRules: [{07875243-B5AF-428D-ACB0-CD580136047F}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
C:\Program Files (x86)\Crossbrowse

2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.