Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:01-05-2016 Gestart door Coby (2016-05-02 12:43:33) Run:1 Gestart vanaf C:\Users\Coby\Desktop Geladen Profielen: Coby (Beschikbare Profielen: Coby) Boot Modus: Normal ============================================== fixlist inhoud: ***************** start CreateRestorePoint: CloseProcesses: Task: {2FE32245-352C-43FC-8068-DE3A082020B7} - System32\Tasks\ksv3026 => C:\Program Files (x86)\QuickSearch\ksv3026.exe [2016-04-25] () <==== AANDACHT Task: {A1C656D0-54FC-462C-8F53-D8B24FA12AB5} - System32\Tasks\Nimeckreelule Log => C:\Program Files (x86)\Nimeckreelule\Nmclogtask.exe Task: {A96A8FCD-61FF-4293-B7E4-393813AC2E7C} - System32\Tasks\Dravsynlether Core => C:\Program Files (x86)\Dravsynlether\Drvcoretsk.exe Task: {E7445E50-E853-4593-8563-B1E07F676AA9} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe ShortcutWithArgument: C:\Users\Coby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc --disable-quic ShortcutWithArgument: C:\Users\Coby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc --disable-quic ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc --disable-quic ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://yeabests.cc --disable-quic AlternateDataStreams: C:\Windows:AstInfo [0] AlternateDataStreams: C:\Windows:nlsPreferences [0] FirewallRules: [{F827A0B2-2F33-4605-BDAB-9CCE81CB42F5}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCmgrInstallGuide.exe FirewallRules: [{0FBF1785-E34D-4C6A-8472-3B2056AFEB0F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe FirewallRules: [{16830367-6E9F-48DD-90FF-82D25D43936B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCMgr.exe FirewallRules: [{772885D8-9635-435C-A78D-0AF0D48525DD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe FirewallRules: [{438C2EBA-4353-4DD3-BDE3-BB7419B5A8CA}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMDL.exe FirewallRules: [{394C6736-232D-4A89-B920-CEAA71A60865}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{3162C425-CAF6-48A9-8D38-871E93CD1EE9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\bugreport.exe FirewallRules: [{C3E81C5B-DD54-4DEC-A14D-221262363DB9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCFileOpen.exe FirewallRules: [{07148F2D-9E69-4314-9442-912D30E68D9D}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCLeakScan.exe FirewallRules: [{3C9FF88C-56B4-447E-94AB-A8E083027136}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPConfig.exe FirewallRules: [{177E1E0A-7EE4-473F-A75C-75DEEBD3AE47}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCSoftMgr.exe FirewallRules: [{5BF4510E-9525-4CB4-B372-5DF233187A99}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{EF62B0A0-FB91-4532-9EC9-1D7518D17CE7}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCBTU.exe FirewallRules: [{26C5CA0B-FCE8-494D-9C2D-BA8623105556}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCClinic.exe FirewallRules: [{2380FC95-D3BF-4516-8938-06DA308794EB}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCLaunch.exe FirewallRules: [{C5503F55-6399-4E71-98AA-3216F8AEA65C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{F70D5E70-F3AD-4FC0-8408-29D054463430}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCSoftGame.exe FirewallRules: [{3BEF5801-19F9-4817-9AC3-8793E44EA875}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCSysOptimize.exe FirewallRules: [{0F129E87-D586-411C-BC54-404294353A65}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCUpdateAVLib.exe FirewallRules: [{9C80092D-81D8-429B-89CF-936ACEC73DE8}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQRepair.exe FirewallRules: [{586C1058-91FC-41BD-B8D0-064ADFB9BFC0}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\Uninst.exe FirewallRules: [{A52C76C3-AD60-4EE7-92F6-C3DF5CDAC146}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCPatch.exe FirewallRules: [{0719F1BC-6DC7-4C81-AD0F-06786D34DFFE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TpkUpdate.exe FirewallRules: [{989C3F03-C8DD-4A3C-A7A4-41E393DBE999}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMRouterMgr.exe FirewallRules: [{C925FCC6-5844-402F-927F-6ACF30AC41B6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMAccountProtection.exe FirewallRules: [{C93F6E37-78BB-4A49-875C-512424C4E1B9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMAdBlock.exe FirewallRules: [TCP Query User{E2FCF56B-35FD-4A39-A12C-73BD3FD61367}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe] => (Block) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [UDP Query User{0A0537A4-6830-456B-B84F-B540D04C7AE8}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe] => (Block) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{5756FCC0-9F10-439C-BB3E-9DCA89EF31D7}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\bugreport_xf.exe FirewallRules: [{98B01EE1-1564-4243-B8B7-C227C970237A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\tencentdl.exe FirewallRules: [{181B4B6A-577B-4CC1-8D46-87D0C10E8BB5}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\tencentdl.exe FirewallRules: [{FF75B188-F717-4F1E-824D-9EF437C74523}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\bugreport_xf.exe HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\badu\uc.exe HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTRAY.EXE [362304 2016-04-29] (Tencent) HKLM\...\Winlogon: [Userinit] wscript C:\WINDOWS\run.vbs, HKU\S-1-5-21-503092519-2811942456-882599974-1000\...\Run: [Yeaplayer] => C:\Program Files (x86)\Yeaplayer\Yeaplayermd.exe /autostart HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=o400493_1&s=o400493_1 HKU\S-1-5-21-503092519-2811942456-882599974-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.qq.com/?unc=o400493_1&s=o400493_1 SearchScopes: HKU\S-1-5-21-503092519-2811942456-882599974-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321538&octid=EB_ORIGINAL_CTID&ISID=M4B223ACB-55E3-45BC-B8B0-E518F4D969F9&SearchSource=58&CUI=&UM=8&UP=SP82B464F4-AFC8-4AF2-9949-68844B603535&D=042916&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-503092519-2811942456-882599974-1000 -> {E1A1345E-9886-421C-8D65-0800B7F144F5} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321538&octid=EB_ORIGINAL_CTID&ISID=M4B223ACB-55E3-45BC-B8B0-E518F4D969F9&SearchSource=58&CUI=&UM=8&UP=SP82B464F4-AFC8-4AF2-9949-68844B603535&D=042916&q={searchTerms}&SSPV= BHO: ????????? -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat [2016-04-29] (Tencent) BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll => Geen bestand FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [Geen bestand] FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\npQMExtensionsMozilla.dll [2016-04-29] (Tencent Technology (Shenzhen) Company Limited) R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-04-29] (DotC United Inc) R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe [313936 2016-04-29] (Tencent) U2 QQRepair184f; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepair184f [140608 2016-05-01] () S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\QQRepairFixSVC [140608 2016-05-01] () R2 zdengine; C:\Program Files (x86)\QuickSearch\zdengine.exe [1806206 2016-04-29] (zdengine) [Bestand niet getekend] R2 2120890f6e7f6ce115bf92c0e9bdae71; "C:\Program Files\24fb083b9dac707c1654a4c67889bf23\cbe22a87fdbd13aa610f47d6c8088444.exe" [X] S2 BugreportW; "C:\Program Files (x86)\hohobnd\cloguing.exe" {154DFF63-3402-4815-941A-AAD63AE8B428} [X] S2 Drvcoresrv; "C:\Program Files (x86)\Dravsynlether\Drvcoresrv.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X] S2 GoogleChromeUpService; geen ImagePath S2 GoogleChromeUpSvc; geen ImagePath S2 Nmclogservice; "C:\Program Files (x86)\Nimeckreelule\Nmclogservice.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X] S2 rijufoze; geen ImagePath S2 rocufyky; geen ImagePath S2 Update thirteen degrees; "C:\Program Files (x86)\thirteen degrees\updatethirteendegrees.exe" [X] S2 Util thirteen degrees; "C:\Program Files (x86)\thirteen degrees\bin\utilthirteendegrees.exe" [X] S2 xoquqysezbt; geen ImagePath S2 zigipyro; geen ImagePath 1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-29] (DotC United Inc) R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [184952 2016-04-18] (Tencent) R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQSysMonX64.sys [154744 2016-04-29] (????) R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [44664 2016-04-29] (Tencent) R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [172664 2016-05-01] () R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [99480 2016-04-29] (Tencent) R2 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys [143992 2016-04-29] (Tencent Technology(Shenzhen) Company Limited) R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [97400 2016-04-29] (????) R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TS888x64.sys [38520 2016-05-01] (Tencent) S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSDefenseBT64.sys [28984 2016-04-29] (Tencent) R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [57976 2016-04-29] () R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSSysKit64.sys [96888 2016-04-29] (????) R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [80768 2016-04-13] (Huorong Borui (Beijing) Technology Co., Ltd. R2 zdwfp; C:\WINDOWS\system32\Drivers\zdwfp64.sys [46352 2016-03-04] (zdengine) R1 {8aba2929-3d93-42fa-a897-27a387ab0426}Gw64; C:\Windows\System32\drivers\{8aba2929-3d93-42fa-a897-27a387ab0426}Gw64.sys [48744 2016-04-28] (StdLib) R1 f8fa4a50b59f81ab1b3f37368889c14e; system32\DRIVERS\f8fa4a50b59f81ab1b3f37368889c14e.sys [X] Winsock: Catalog9 01 C:\WINDOWS\system32\zdengine.dll Geen bestand Winsock: Catalog9 02 C:\WINDOWS\system32\zdengine.dll Geen bestand Winsock: Catalog9 03 C:\WINDOWS\system32\zdengine.dll Geen bestand Winsock: Catalog9 04 C:\WINDOWS\system32\zdengine.dll Geen bestand Winsock: Catalog9 16 C:\WINDOWS\system32\zdengine.dll Geen bestand Winsock: Catalog9-x64 01 C:\WINDOWS\system32\zdengine64.dll [354958 2016-04-29] (zdengine) Winsock: Catalog9-x64 02 C:\WINDOWS\system32\zdengine64.dll [354958 2016-04-29] (zdengine) Winsock: Catalog9-x64 03 C:\WINDOWS\system32\zdengine64.dll [354958 2016-04-29] (zdengine) Winsock: Catalog9-x64 04 C:\WINDOWS\system32\zdengine64.dll [354958 2016-04-29] (zdengine) Winsock: Catalog9-x64 16 C:\WINDOWS\system32\zdengine64.dll [354958 2016-04-29] (zdengine) C:\Windows\System32\drivers\{8aba2929-3d93-42fa-a897-27a387ab0426}Gw64.sys C:\Users\Coby\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 C:\ProgramData\a.bat C:\ProgramData\adb.exe C:\ProgramData\AdbWinApi.dll C:\ProgramData\AdbWinUsbApi.dll C:\ProgramData\apptj.exe C:\ProgramData\conhost.exe C:\ProgramData\fastboot.exe C:\ProgramData\hp.exe C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys C:\Windows\System32\Drivers\TFsFltX64.sys C:\Windows\System32\DRIVERS\MPCKpt.sys C:\WINDOWS\SysWOW64\zdengineOff.ini C:\WINDOWS\system32\zdengineOff.ini C:\WINDOWS\system32\Drivers\zdwfp64.sys C:\WINDOWS\system32\zdengine64.dll C:\WINDOWS\SysWOW64\zdengine.dll C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???? C:\ProgramData\msiql.exe.lnk C:\Users\Coby\AppData\Roaming\MCorp C:\Program Files\Common Files\Tencent C:\ProgramData\TXQMPC C:\Users\Coby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC??? C:\Users\Coby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\???? C:\WINDOWS\Tasks\UCBrowserUpdater.job C:\WINDOWS\System32\Tasks\UCBrowserUpdater C:\Users\Coby\AppData\Local\UCBrowser C:\WINDOWS\system32\Drivers\ucguard.sys C:\ProgramData\Tencent C:\Users\Coby\AppData\Roaming\svrupg.exe C:\Users\Coby\AppData\Local\Yeaplayer C:\Users\Coby\AppData\Roaming\UPUpdata C:\Users\Coby\AppData\Local\392C0E40-1461924002-11DD-AE45-3085A941414A C:\Users\Coby\AppData\Roaming\gplyra C:\Users\Coby\AppData\Local\tuto_monetize_120160428 C:\WINDOWS\System32\Tasks\Dravsynlether Core C:\WINDOWS\System32\Tasks\ksv3026 C:\Users\Coby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage C:\Program Files (x86)\Yeaplayer C:\Program Files (x86)\Nimeckreelule C:\Program Files (x86)\thirteen degrees C:\program files (x86)\common files\tencent c:\program files\24fb083b9dac707c1654a4c67889bf23 C:\Program Files (x86)\CleanBrowser C:\Program Files (x86)\Tencent C:\Program Files (x86)\UCBrowser C:\Program Files (x86)\Dravsynlether C:\Program Files (x86)\QuickSearch C:\Program Files (x86)\Nimeckreelule HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdengine => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver" cmd: ipconfig /flushdns cmd: netsh winsock reset Hosts: EmptyTemp: end ***************** Herstelpunt is succesfol gemaakt. Proces succesvol afgesloten. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2FE32245-352C-43FC-8068-DE3A082020B7}" => sleutel is succesvol verwijderd. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FE32245-352C-43FC-8068-DE3A082020B7}" => sleutel is succesvol verwijderd. C:\WINDOWS\System32\Tasks\ksv3026 => is succesvol verplaatst. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ksv3026" => sleutel is succesvol verwijderd. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1C656D0-54FC-462C-8F53-D8B24FA12AB5}" => sleutel is succesvol verwijderd. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1C656D0-54FC-462C-8F53-D8B24FA12AB5}" => sleutel is succesvol verwijderd. C:\WINDOWS\System32\Tasks\Nimeckreelule Log => is succesvol verplaatst. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Nimeckreelule Log" => sleutel is succesvol verwijderd. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A96A8FCD-61FF-4293-B7E4-393813AC2E7C}" => sleutel is succesvol verwijderd. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A96A8FCD-61FF-4293-B7E4-393813AC2E7C}" => sleutel is succesvol verwijderd. C:\WINDOWS\System32\Tasks\Dravsynlether Core => is succesvol verplaatst. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dravsynlether Core" => sleutel is succesvol verwijderd. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7445E50-E853-4593-8563-B1E07F676AA9}" => sleutel is succesvol verwijderd. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7445E50-E853-4593-8563-B1E07F676AA9}" => sleutel is succesvol verwijderd. C:\WINDOWS\System32\Tasks\UCBrowserUpdater => is succesvol verplaatst. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserUpdater" => sleutel is succesvol verwijderd. C:\WINDOWS\Tasks\UCBrowserUpdater.job => is succesvol verplaatst. C:\Users\Coby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => snelkoppeling argument is succesvol verwijderd.. C:\Users\Coby\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk => snelkoppeling argument is succesvol verwijderd.. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => snelkoppeling argument is succesvol verwijderd.. C:\Users\Public\Desktop\Google Chrome.lnk => snelkoppeling argument is succesvol verwijderd.. C:\Windows => ":AstInfo" ADS is succesvol verwijderd.. C:\Windows => ":nlsPreferences" ADS is succesvol verwijderd.. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F827A0B2-2F33-4605-BDAB-9CCE81CB42F5} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0FBF1785-E34D-4C6A-8472-3B2056AFEB0F} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16830367-6E9F-48DD-90FF-82D25D43936B} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{772885D8-9635-435C-A78D-0AF0D48525DD} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{438C2EBA-4353-4DD3-BDE3-BB7419B5A8CA} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{394C6736-232D-4A89-B920-CEAA71A60865} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3162C425-CAF6-48A9-8D38-871E93CD1EE9} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3E81C5B-DD54-4DEC-A14D-221262363DB9} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07148F2D-9E69-4314-9442-912D30E68D9D} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C9FF88C-56B4-447E-94AB-A8E083027136} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{177E1E0A-7EE4-473F-A75C-75DEEBD3AE47} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5BF4510E-9525-4CB4-B372-5DF233187A99} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EF62B0A0-FB91-4532-9EC9-1D7518D17CE7} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{26C5CA0B-FCE8-494D-9C2D-BA8623105556} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2380FC95-D3BF-4516-8938-06DA308794EB} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5503F55-6399-4E71-98AA-3216F8AEA65C} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F70D5E70-F3AD-4FC0-8408-29D054463430} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BEF5801-19F9-4817-9AC3-8793E44EA875} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F129E87-D586-411C-BC54-404294353A65} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C80092D-81D8-429B-89CF-936ACEC73DE8} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{586C1058-91FC-41BD-B8D0-064ADFB9BFC0} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A52C76C3-AD60-4EE7-92F6-C3DF5CDAC146} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0719F1BC-6DC7-4C81-AD0F-06786D34DFFE} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{989C3F03-C8DD-4A3C-A7A4-41E393DBE999} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C925FCC6-5844-402F-927F-6ACF30AC41B6} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C93F6E37-78BB-4A49-875C-512424C4E1B9} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E2FCF56B-35FD-4A39-A12C-73BD3FD61367}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0A0537A4-6830-456B-B84F-B540D04C7AE8}C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5756FCC0-9F10-439C-BB3E-9DCA89EF31D7} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{98B01EE1-1564-4243-B8B7-C227C970237A} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{181B4B6A-577B-4CC1-8D46-87D0C10E8BB5} => waarde is succesvol verwijderd. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF75B188-F717-4F1E-824D-9EF437C74523} => waarde is succesvol verwijderd. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\apphide => waarde is succesvol verwijderd. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => waarde is succesvol verwijderd. HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => waarde met succes hersteld HKU\S-1-5-21-503092519-2811942456-882599974-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Yeaplayer => waarde is succesvol verwijderd. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => waarde met succes hersteld HKU\S-1-5-21-503092519-2811942456-882599974-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => waarde met succes hersteld "HKU\S-1-5-21-503092519-2811942456-882599974-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" => sleutel is succesvol verwijderd. HKCR\CLSID\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} => sleutel niet gevonden. "HKU\S-1-5-21-503092519-2811942456-882599974-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E1A1345E-9886-421C-8D65-0800B7F144F5}" => sleutel is succesvol verwijderd. HKCR\CLSID\{E1A1345E-9886-421C-8D65-0800B7F144F5} => sleutel niet gevonden. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => sleutel is succesvol verwijderd. "HKCR\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => sleutel is succesvol verwijderd. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}" => sleutel is succesvol verwijderd. "HKCR\Wow6432Node\CLSID\{50F4150A-48B2-417A-BE4C-C83F580FB904}" => sleutel is succesvol verwijderd. "HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/npAndroidAssistant" => sleutel is succesvol verwijderd. "HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/QQPCMgr" => sleutel is succesvol verwijderd. C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\npQMExtensionsMozilla.dll => niet gevonden. MPCProtectService => Kon service niet stoppen. MPCProtectService => dienst kon niet worden verwijderd QQPCRTP => dienst niet gevonden. QQRepair184f => dienst niet gevonden. QQRepairFixSVC => dienst niet gevonden. zdengine => dienst niet gevonden. 2120890f6e7f6ce115bf92c0e9bdae71 => dienst niet gevonden. BugreportW => dienst niet gevonden. Drvcoresrv => dienst is succesvol verwijderd. GoogleChromeUpService => dienst is succesvol verwijderd. GoogleChromeUpSvc => dienst is succesvol verwijderd. Nmclogservice => dienst is succesvol verwijderd. rijufoze => dienst is succesvol verwijderd. rocufyky => dienst is succesvol verwijderd. Update thirteen degrees => dienst niet gevonden. Util thirteen degrees => dienst niet gevonden. xoquqysezbt => dienst is succesvol verwijderd. zigipyro => dienst is succesvol verwijderd. 1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-29] (DotC United Inc) => Fout: Geen automatische fix gevonden voor dit item. QMUdisk => dienst niet gevonden. QQSysMonX64 => dienst niet gevonden. softaal => dienst niet gevonden. SRepairDrv => dienst is succesvol verwijderd. TAOAccelerator => dienst niet gevonden. TAOKernelDriver => dienst niet gevonden. TFsFlt => dienst niet gevonden. TS888x64 => dienst niet gevonden. TSDefenseBt => dienst is succesvol verwijderd. tsnethlpx64 => dienst niet gevonden. TSSysKit => dienst niet gevonden. UCGuard => Kon service niet stoppen. UCGuard => dienst is succesvol verwijderd. zdwfp => Kon service niet stoppen. zdwfp => dienst is succesvol verwijderd. {8aba2929-3d93-42fa-a897-27a387ab0426}Gw64 => Kon service niet stoppen. {8aba2929-3d93-42fa-a897-27a387ab0426}Gw64 => dienst is succesvol verwijderd. f8fa4a50b59f81ab1b3f37368889c14e => dienst niet gevonden. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004" => sleutel is succesvol verwijderd. "HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000016" => sleutel is succesvol verwijderd. C:\Windows\System32\drivers\{8aba2929-3d93-42fa-a897-27a387ab0426}Gw64.sys => is succesvol verplaatst. "C:\Users\Coby\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108" => niet gevonden. C:\ProgramData\a.bat => is succesvol verplaatst. C:\ProgramData\adb.exe => is succesvol verplaatst. C:\ProgramData\AdbWinApi.dll => is succesvol verplaatst. C:\ProgramData\AdbWinUsbApi.dll => is succesvol verplaatst. C:\ProgramData\apptj.exe => is succesvol verplaatst. C:\ProgramData\conhost.exe => is succesvol verplaatst. C:\ProgramData\fastboot.exe => is succesvol verplaatst. C:\ProgramData\hp.exe => is succesvol verplaatst. C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys => is succesvol verplaatst. C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys => is succesvol verplaatst. C:\Windows\System32\Drivers\TFsFltX64.sys => is succesvol verplaatst. Kon niet verplaatsen "C:\Windows\System32\DRIVERS\MPCKpt.sys" => Gepland te verplaatsen bij herstart. C:\WINDOWS\SysWOW64\zdengineOff.ini => is succesvol verplaatst. C:\WINDOWS\system32\zdengineOff.ini => is succesvol verplaatst. C:\WINDOWS\system32\Drivers\zdwfp64.sys => is succesvol verplaatst. C:\WINDOWS\system32\zdengine64.dll => is succesvol verplaatst. C:\WINDOWS\SysWOW64\zdengine.dll => is succesvol verplaatst. =========== "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????" ========== niet gevonden ========= Eind -> "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????" ======== C:\ProgramData\msiql.exe.lnk => is succesvol verplaatst. C:\Users\Coby\AppData\Roaming\MCorp => is succesvol verplaatst. C:\Program Files\Common Files\Tencent => is succesvol verplaatst. C:\ProgramData\TXQMPC => is succesvol verplaatst. =========== "C:\Users\Coby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???" ========== niet gevonden ========= Eind -> "C:\Users\Coby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???" ======== =========== "C:\Users\Coby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ========== niet gevonden ========= Eind -> "C:\Users\Coby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ======== "C:\WINDOWS\Tasks\UCBrowserUpdater.job" => niet gevonden. "C:\WINDOWS\System32\Tasks\UCBrowserUpdater" => niet gevonden. C:\Users\Coby\AppData\Local\UCBrowser => is succesvol verplaatst. C:\WINDOWS\system32\Drivers\ucguard.sys => is succesvol verplaatst. C:\ProgramData\Tencent => is succesvol verplaatst. C:\Users\Coby\AppData\Roaming\svrupg.exe => is succesvol verplaatst. C:\Users\Coby\AppData\Local\Yeaplayer => is succesvol verplaatst. C:\Users\Coby\AppData\Roaming\UPUpdata => is succesvol verplaatst. C:\Users\Coby\AppData\Local\392C0E40-1461924002-11DD-AE45-3085A941414A => is succesvol verplaatst. C:\Users\Coby\AppData\Roaming\gplyra => is succesvol verplaatst. C:\Users\Coby\AppData\Local\tuto_monetize_120160428 => is succesvol verplaatst. "C:\WINDOWS\System32\Tasks\Dravsynlether Core" => niet gevonden. "C:\WINDOWS\System32\Tasks\ksv3026" => niet gevonden. C:\Users\Coby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage => is succesvol verplaatst. "C:\Program Files (x86)\Yeaplayer" => niet gevonden. "C:\Program Files (x86)\Nimeckreelule" => niet gevonden. "C:\Program Files (x86)\thirteen degrees" => niet gevonden. C:\program files (x86)\common files\tencent => is succesvol verplaatst. c:\program files\24fb083b9dac707c1654a4c67889bf23 => is succesvol verplaatst. "C:\Program Files (x86)\CleanBrowser" => niet gevonden. C:\Program Files (x86)\Tencent => is succesvol verplaatst. "C:\Program Files (x86)\UCBrowser" => niet gevonden. "C:\Program Files (x86)\Dravsynlether" => niet gevonden. "C:\Program Files (x86)\QuickSearch" => niet gevonden. "C:\Program Files (x86)\Nimeckreelule" => niet gevonden. "HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP" => sleutel is succesvol verwijderd. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP" => sleutel is succesvol verwijderd. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\zdengine" => sleutel is succesvol verwijderd. "HKLM\System\CurrentControlSet\Control\SafeBoot\Network\zdwfp" => sleutel is succesvol verwijderd. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= Eind van CMD: ========= ========= netsh winsock reset ========= Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107 Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= Eind van CMD: ========= C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst. Hosts met succes hersteld. EmptyTemp: => 1.3 GB tijdelijke gegevens verwijderd. Resultaat van geplande bestanden te verplaatsen (Boot Modus: Normal) (Datum&Tijd: 2016-05-02 12:47:10) "C:\Windows\System32\DRIVERS\MPCKpt.sys" => Kon niet verplaatsen ==== Eind van Fixlog 12:47:10 ====