Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 21-09-2016
Gestart door Jasper (23-09-2016 12:34:38) Run:1
Gestart vanaf C:\Users\Jasper\Desktop
Geladen Profielen: Jasper (Beschikbare Profielen: Jasper)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
start
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3280333162-937765043-293338858-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2487C6CED52D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Geen bestand
Task: {2832F492-96F4-44CD-9A53-5EE8357FC596} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {3534C7F9-7ECA-4AE0-B11D-09FACCF38E37} - System32\Tasks\Aritisp Launcher => C:\Program Files (x86)\Pleqok\phihuward.exe [2016-09-16] (Kunshan Aunbox software co.,Ltd)
Task: {3D1877CC-DEBD-44A0-8B45-EBBBB8ECF8CB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {3D5EEF43-BFB3-4F81-B9A0-E99ADEC7AEDE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Geen bestand <==== AANDACHT
Task: {42534267-653D-457A-97BB-B09E62F33D2D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {4EFE6793-9C5D-4205-946E-7385EB831B12} - System32\Tasks\SugarBlast => c:\programdata\{302bbb60-2eea-0a5c-302b-bbb602eeed80}\9177298860804513750b.exe <==== AANDACHT
Task: {589F06E0-B7AE-4F33-9B4E-CE2AA9AC17E8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {5AB03B96-020B-4082-BC8E-DCF8983BDECE} - \Microsoft\Windows\Setup\gwx\rundetector -> Geen bestand <==== AANDACHT
Task: {5BFAD12C-7952-4BF4-A75C-7E8C4D901C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: {6E5B5455-7786-44A8-9D89-1DD0F9B08CA8} - System32\Tasks\BloatRemove => c:\programdata\{4a3564fd-c8a5-41e7-4a35-564fdc8a93f7}\5853125071572029307b.exe <==== AANDACHT
Task: {78738373-3587-4ADD-90EE-64D980C4A068} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Geen bestand <==== AANDACHT
Task: {8FAD86DC-DB6B-4138-95B9-661D81304441} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-30] (Tencent) <==== AANDACHT
Task: {92DC3A4E-EECD-4BF2-85C0-BD00DB2B5A2F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {952FF6FB-2EFA-4A8A-A4E6-A13EA933A663} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {A1AC4CCF-CB43-4702-B79B-17050E5DC469} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {AE1A79D6-9A20-4912-B2AD-589B14284C45} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {D70EC45D-C588-4804-87D0-6D648C84B66D} - \AutoPico Daily Restart -> Geen bestand <==== AANDACHT
Task: {E07F1B80-BC5F-4505-90C3-D3C5907C3F7C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Geen bestand <==== AANDACHT
Task: {F30A3B70-DFF3-405B-A220-DC4CD9BBD8EC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: C:\WINDOWS\Tasks\BloatRemove.job => c:\programdata\{4a3564fd-c8a5-41e7-4a35-564fdc8a93f7}\5853125071572029307b.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\SugarBlast.job => c:\programdata\{302bbb60-2eea-0a5c-302b-bbb602eeed80}\9177298860804513750b.exe <==== AANDACHT
MSCONFIG\startupfolder: C:^Users^Jasper^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Crack and Setup.lnk => C:\Windows\pss\Crack and Setup.lnk.Startup
FirewallRules: [{B19F38F7-C798-4879-AC52-EBF78FE331E5}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{D34B1867-D3D9-4CD1-B407-EF87E9F1A01E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{DDC0C9E0-32E5-4AFD-8771-76371B6E7494}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{CD9C1591-16F1-4560-BDA9-CBBB83E4BC98}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{3802C297-C10E-4C5E-8AE5-D632E73A868F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{F0FD02D2-0C8F-4E2B-B446-4BE943B1A8F6}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{6FE796E6-D863-4340-A191-155727EBEFFB}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{5DA71E69-1288-4E86-AEC1-39E039188D78}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{8BCF0678-76E0-435B-8823-348982BF1D63}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{3C7AC340-FCF8-4E83-9824-9C935EE7E059}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [TCP Query User{DC2A3478-1155-4A89-9F93-C5703E29EA2D}C:\users\jasper\appdata\local\temp\is-lleku.tmp\download\minithunderplatform.exe] => (Block) C:\users\jasper\appdata\local\temp\is-lleku.tmp\download\minithunderplatform.exe
FirewallRules: [UDP Query User{9CAE6D2D-4DED-46E8-9246-F83B67775AA3}C:\users\jasper\appdata\local\temp\is-lleku.tmp\download\minithunderplatform.exe] => (Block) C:\users\jasper\appdata\local\temp\is-lleku.tmp\download\minithunderplatform.exe
HKLM-x32\...\Run: [app] => C:\Program Files (x86)\sbqh\uc.exe
HKU\S-1-5-21-3280333162-937765043-293338858-1000\...\Run: [Installer] => C:\Users\Jasper\AppData\Local\Temp\is-LLEKU.tmp\51490.exe /autorun <===== AANDACHT
HKU\S-1-5-21-3280333162-937765043-293338858-1000\...\Run: [msiql] => C:\Users\Jasper\AppData\Local\Temp\00006506\msiql.exe /RUNNING <===== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
CHR dev: Chrome dev build gedetecteerd! <======= AANDACHT
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <niet gevonden>
R2 AritispLauncher; C:\Program Files (x86)\Pleqok\MlsReports.dll [323584 2016-09-16] () [Bestand niet getekend]
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [477400 2016-09-22] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-07-29] ()
U4 aspnet_state; geen ImagePath
U3 wpcsvc; geen ImagePath
C:\WINDOWS\System32\Tasks\ChelfNotify Task
C:\ProgramData\ChelfNotify
C:\Program Files (x86)\hyq4czqt
C:\Program Files (x86)\sbqh
C:\Windows\pss\Crack and Setup.lnk.Startup
C:\Program Files\KMSpico
C:\Program Files (x86)\WinSaber
C:\WINDOWS\Tasks\BloatRemove.job
C:\WINDOWS\Tasks\SugarBlast.job
C:\ProgramData\ChelfNotify
c:\programdata\{4a3564fd-c8a5-41e7-4a35-564fdc8a93f7}
C:\programdata\{302bbb60-2eea-0a5c-302b-bbb602eeed80}
C:\Program Files (x86)\Pleqok
C:\WINDOWS\Reimage.ini
C:\Users\Public\Thunder Network
C:\ProgramData\Thunder Network
C:\END
C:\Users\Jasper\Desktop\AutoTime.lnk
C:\Users\Jasper\AppData\Local\Apps\2.0
C:\Program Files (x86)\wjxbvkkv
C:\Users\Jasper\AppData\Local\Plvirygasuied
C:\WINDOWS\0c5a415156c76fef6f236a874c275b80.exe
Hosts:
EmptyTemp:
end
*****************

Fout: (0) Mislukt een herstelpunt maken.
Proces succesvol afgesloten.
"HKU\S-1-5-21-3280333162-937765043-293338858-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-2487C6CED52D}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2832F492-96F4-44CD-9A53-5EE8357FC596}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2832F492-96F4-44CD-9A53-5EE8357FC596}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3534C7F9-7ECA-4AE0-B11D-09FACCF38E37}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3534C7F9-7ECA-4AE0-B11D-09FACCF38E37}" => sleutel is succesvol verwijderd.
C:\WINDOWS\System32\Tasks\Aritisp Launcher => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Aritisp Launcher" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D1877CC-DEBD-44A0-8B45-EBBBB8ECF8CB}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D1877CC-DEBD-44A0-8B45-EBBBB8ECF8CB}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D5EEF43-BFB3-4F81-B9A0-E99ADEC7AEDE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D5EEF43-BFB3-4F81-B9A0-E99ADEC7AEDE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42534267-653D-457A-97BB-B09E62F33D2D}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42534267-653D-457A-97BB-B09E62F33D2D}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EFE6793-9C5D-4205-946E-7385EB831B12}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EFE6793-9C5D-4205-946E-7385EB831B12}" => sleutel is succesvol verwijderd.
C:\WINDOWS\System32\Tasks\SugarBlast => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SugarBlast" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{589F06E0-B7AE-4F33-9B4E-CE2AA9AC17E8}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{589F06E0-B7AE-4F33-9B4E-CE2AA9AC17E8}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AB03B96-020B-4082-BC8E-DCF8983BDECE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AB03B96-020B-4082-BC8E-DCF8983BDECE}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BFAD12C-7952-4BF4-A75C-7E8C4D901C93}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BFAD12C-7952-4BF4-A75C-7E8C4D901C93}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E5B5455-7786-44A8-9D89-1DD0F9B08CA8}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E5B5455-7786-44A8-9D89-1DD0F9B08CA8}" => sleutel is succesvol verwijderd.
C:\WINDOWS\System32\Tasks\BloatRemove => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BloatRemove" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78738373-3587-4ADD-90EE-64D980C4A068}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78738373-3587-4ADD-90EE-64D980C4A068}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FAD86DC-DB6B-4138-95B9-661D81304441} => sleutel niet gevonden. 
C:\WINDOWS\System32\Tasks\ChelfNotify Task => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ChelfNotify Task" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{92DC3A4E-EECD-4BF2-85C0-BD00DB2B5A2F}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92DC3A4E-EECD-4BF2-85C0-BD00DB2B5A2F}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{952FF6FB-2EFA-4A8A-A4E6-A13EA933A663}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{952FF6FB-2EFA-4A8A-A4E6-A13EA933A663}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1AC4CCF-CB43-4702-B79B-17050E5DC469}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1AC4CCF-CB43-4702-B79B-17050E5DC469}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE1A79D6-9A20-4912-B2AD-589B14284C45}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE1A79D6-9A20-4912-B2AD-589B14284C45}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D70EC45D-C588-4804-87D0-6D648C84B66D}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D70EC45D-C588-4804-87D0-6D648C84B66D}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E07F1B80-BC5F-4505-90C3-D3C5907C3F7C}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E07F1B80-BC5F-4505-90C3-D3C5907C3F7C}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F30A3B70-DFF3-405B-A220-DC4CD9BBD8EC}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F30A3B70-DFF3-405B-A220-DC4CD9BBD8EC}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => sleutel is succesvol verwijderd.
C:\WINDOWS\Tasks\BloatRemove.job => is succesvol verplaatst.
C:\WINDOWS\Tasks\SugarBlast.job => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Jasper^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Crack and Setup.lnk" => sleutel is succesvol verwijderd.
C:\Windows\pss\Crack and Setup.lnk.Startup => is succesvol verplaatst.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B19F38F7-C798-4879-AC52-EBF78FE331E5} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D34B1867-D3D9-4CD1-B407-EF87E9F1A01E} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DDC0C9E0-32E5-4AFD-8771-76371B6E7494} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CD9C1591-16F1-4560-BDA9-CBBB83E4BC98} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3802C297-C10E-4C5E-8AE5-D632E73A868F} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0FD02D2-0C8F-4E2B-B446-4BE943B1A8F6} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6FE796E6-D863-4340-A191-155727EBEFFB} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5DA71E69-1288-4E86-AEC1-39E039188D78} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BCF0678-76E0-435B-8823-348982BF1D63} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C7AC340-FCF8-4E83-9824-9C935EE7E059} => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC2A3478-1155-4A89-9F93-C5703E29EA2D}C:\users\jasper\appdata\local\temp\is-lleku.tmp\download\minithunderplatform.exe => waarde is succesvol verwijderd.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9CAE6D2D-4DED-46E8-9246-F83B67775AA3}C:\users\jasper\appdata\local\temp\is-lleku.tmp\download\minithunderplatform.exe => waarde is succesvol verwijderd.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\app => waarde is succesvol verwijderd.
HKU\S-1-5-21-3280333162-937765043-293338858-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Installer => waarde is succesvol verwijderd.
HKU\S-1-5-21-3280333162-937765043-293338858-1000\Software\Microsoft\Windows\CurrentVersion\Run\\msiql => waarde is succesvol verwijderd.
"HKLM\SOFTWARE\Policies\Google" => sleutel is succesvol verwijderd.
CHR dev: Chrome dev build gedetecteerd! <======= AANDACHT => Fout: Geen automatische fix gevonden voor dit item.
"HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek" => sleutel is succesvol verwijderd.
AritispLauncher => dienst is succesvol verwijderd.
winsaber => dienst is succesvol verwijderd.
EsgScanner => dienst is succesvol verwijderd.
aspnet_state => dienst is succesvol verwijderd.
wpcsvc => dienst is succesvol verwijderd.
"C:\WINDOWS\System32\Tasks\ChelfNotify Task" => niet gevonden.
C:\ProgramData\ChelfNotify => is succesvol verplaatst.
C:\Program Files (x86)\hyq4czqt => is succesvol verplaatst.
C:\Program Files (x86)\sbqh => is succesvol verplaatst.
"C:\Windows\pss\Crack and Setup.lnk.Startup" => niet gevonden.
"C:\Program Files\KMSpico" => niet gevonden.
C:\Program Files (x86)\WinSaber => is succesvol verplaatst.
"C:\WINDOWS\Tasks\BloatRemove.job" => niet gevonden.
"C:\WINDOWS\Tasks\SugarBlast.job" => niet gevonden.
"C:\ProgramData\ChelfNotify" => niet gevonden.
c:\programdata\{4a3564fd-c8a5-41e7-4a35-564fdc8a93f7} => is succesvol verplaatst.
C:\programdata\{302bbb60-2eea-0a5c-302b-bbb602eeed80} => is succesvol verplaatst.
C:\Program Files (x86)\Pleqok => is succesvol verplaatst.
C:\WINDOWS\Reimage.ini => is succesvol verplaatst.
C:\Users\Public\Thunder Network => is succesvol verplaatst.
C:\ProgramData\Thunder Network => is succesvol verplaatst.
C:\END => is succesvol verplaatst.
C:\Users\Jasper\Desktop\AutoTime.lnk => is succesvol verplaatst.
C:\Users\Jasper\AppData\Local\Apps\2.0 => is succesvol verplaatst.
C:\Program Files (x86)\wjxbvkkv => is succesvol verplaatst.
C:\Users\Jasper\AppData\Local\Plvirygasuied => is succesvol verplaatst.
C:\WINDOWS\0c5a415156c76fef6f236a874c275b80.exe => is succesvol verplaatst.
C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst.
Hosts met succes hersteld.

=========== EmptyTemp: ==========

BITS transfer queue => 569451 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14808852 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 947106 B
Edge => 6347563 B
Chrome => 0 B
Firefox => 380556382 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 455054 B
NetworkService => 78672304 B
Jasper => 62960335 B

RecycleBin => 0 B
EmptyTemp: => 520.1 MB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Eind van Fixlog 12:34:48 ====