Author Topic: [Inactive - K] Windows update error 569 > virus  (Read 6974 times)

Offline shaan

  • Bronze Member
  • Posts: 15
[Inactive - K] Windows update error 569 > virus
« on: April 21, 2015, 10:26:20 AM »
Yesterday I was on google chrome when a pop up appeard saying: your filles are locked and sended you cannot shut down your browser, I opend my task manager and stopt google chrome.

this was on my home wifi network. 3 hours later i get a call on my home phone, it was sillent than a female computer voice said goodbye. I don't no if this is related to the pop up but is scared me a little.

Then I tried to update my windows but it didnĺt work, I got 2 error messages.
659 and 80070490

Then I did a virus scan and it found 66 infections ().
It deleted these files but still I canĺt update my windows.

After googling the problem I came across a link of the official windows forum.

hxxp://answers.microsoft.com/en-us/windows/forum/windows_other-windows_update/windows-7-error-codes-80070659-659-cant-install/e0564d1f-315b-4f17-9f30-bbd38953f7d3

There it said that this is a common problem after a virus infection >

They recommended this forum:

I hope you guys can help me.

If the solution is to reinstall or reboot my laptop than I will do that thatĺs no problem.

I got a Lenovo idea pad y500 with ssd and a hdd with windows 8.1
« Last Edit: May 07, 2015, 05:28:34 PM by kevinf80 »



Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #1 on: April 21, 2015, 12:35:10 PM »
I can not run the dds, i have windows 8.1. Is there a diffrent program or way that i can make these logs so you can help me?

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Windows update error 569 > virus
« Reply #2 on: April 22, 2015, 01:36:55 PM »
Hello shaan,

Continue as follows:

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Next,

Follow the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

Next,

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
'Could not load DDA driver'

  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....
Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Let me see those logs in your reply....

Thank you,

Kevin...

Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #3 on: April 23, 2015, 04:26:36 AM »
Thank you for your reply, this are my log files:
The antimalware found 121 problems

First the antimalware protection log protection log.

Update, 23-4-2015 11:50:36, SYSTEM, DENIES, Manual, Rootkit Database, 2015.2.25.1, 2015.4.21.1,
Update, 23-4-2015 11:50:36, SYSTEM, DENIES, Manual, Remediation Database, 2015.3.9.1, 2015.4.22.1,
Protection, 23-4-2015 11:50:37, SYSTEM, DENIES, Protection, Malware Protection, Starting,
Protection, 23-4-2015 11:50:37, SYSTEM, DENIES, Protection, Malware Protection, Started,
Protection, 23-4-2015 11:50:37, SYSTEM, DENIES, Protection, Malicious Website Protection, Starting,
Protection, 23-4-2015 11:50:37, SYSTEM, DENIES, Protection, Malicious Website Protection, Started,
Update, 23-4-2015 11:50:46, SYSTEM, DENIES, Manual, Malware Database, 2015.3.9.5, 2015.4.23.3,
Protection, 23-4-2015 11:50:46, SYSTEM, DENIES, Protection, Refresh, Starting,
Protection, 23-4-2015 11:50:46, SYSTEM, DENIES, Protection, Malicious Website Protection, Stopping,
Protection, 23-4-2015 11:50:46, SYSTEM, DENIES, Protection, Malicious Website Protection, Stopped,
Protection, 23-4-2015 11:50:57, SYSTEM, DENIES, Protection, Refresh, Success,
Protection, 23-4-2015 11:50:57, SYSTEM, DENIES, Protection, Malicious Website Protection, Starting,
Protection, 23-4-2015 11:50:58, SYSTEM, DENIES, Protection, Malicious Website Protection, Started,
Scan, 23-4-2015 12:07:31, SYSTEM, DENIES, Manual, Start: 23-4-2015 11:52:17, Duur: 14 min 52 sec, Bedreigingsscan, Voltooid, 1 Malware detectie, 123 niet-Malware Detecties,
Protection, 23-4-2015 12:08:08, SYSTEM, DENIES, Protection, Malware Protection, Starting,
Protection, 23-4-2015 12:08:08, SYSTEM, DENIES, Protection, Malware Protection, Started,
Protection, 23-4-2015 12:08:08, SYSTEM, DENIES, Protection, Malicious Website Protection, Starting,
Protection, 23-4-2015 12:08:12, SYSTEM, DENIES, Protection, Malicious Website Protection, Started,
Update, 23-4-2015 12:08:17, SYSTEM, DENIES, Scheduler, Failed, Unable to access update server,

(end)


Malware anti scan log

Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 23-4-2015
Scantijd: 11:52:17
Logbestand:
Beheerder: Ja

Versie: 2.01.6.1022
Malware Gegevensbestand: v2015.04.23.03
Rootkit Gegevensbestand: v2015.04.21.01
Licentie: Proef
Malwarebescherming: Ingeschakeld
Kwaadaardige Website Bescherming: Ingeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 8.1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: PC van Denies

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten Gescand: 473269
Verstreken Tijd: 14 m, 52 s

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(Geen kwaadaardige items gedetecteerd)

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 7
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantaine, [03fcb4bbf793221448a63d3f996aee12],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantaine, [03fcb4bbf793221448a63d3f996aee12],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantaine, [03fcb4bbf793221448a63d3f996aee12],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantaine, [5ca3eb840387c57172754ef419ead52b],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, In Quarantaine, [06f99cd37119bf773d42b297e41ff10f],
PUP.Optional.Enabler.A, HKLM\SOFTWARE\WOW6432NODE\GS.Enabler, In Quarantaine, [56a9fc735b2f053109c7be19e91a0af6],
PUP.Optional.Conduit.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, In Quarantaine, [a75874fbfd8db97d5bdee5f44eb51ee2],

Registerwaardes: 6
PUP.Optional.Conduit.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, http://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPC26C274A-021D-435C-84F3-4FC4A4414A76&q={searchTerms}, In Quarantaine, [25da37384a40b185548d6f5561a2619f]
PUP.Optional.Conduit.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantaine, [689798d7b9d114224b962b99f31045bb]
PUP.Optional.Conduit.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0BBFBAB0-F38C-4371-97D4-1A48BCC7EB18}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN14469348659410165&UM=1, In Quarantaine, [fa05c9a6a3e7d561d1106a5a0af9c53b]
PUP.Optional.Conduit.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0BBFBAB0-F38C-4371-97D4-1A48BCC7EB18}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantaine, [837c9cd3b7d38aacd011faca1fe4f010]
PUP.Optional.Conduit.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0BBFBAB0-F38C-4371-97D4-1A48BCC7EB18}|FaviconURL, http://search.conduit.com/favicon.ico, In Quarantaine, [20dfdb944e3c2d09c021804455aec63a]
PUP.Optional.Wajam.A, HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}, C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi, In Quarantaine, [05fa6a05701a44f2ee1b7b7f3bc825db]

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 37
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10, In Quarantaine, [e718d49b2f5b1521efd5a5b064a1c739],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo, In Quarantaine, [e718d49b2f5b1521efd5a5b064a1c739],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0, In Quarantaine, [24db155afe8c072f6b5978dd08fd02fe],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad, In Quarantaine, [24db155afe8c072f6b5978dd08fd02fe],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3, In Quarantaine, [22dd7af50a80e551646066ef60a5d729],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj, In Quarantaine, [22dd7af50a80e551646066ef60a5d729],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1, In Quarantaine, [e51ad49b543676c04c784510e322b44c],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa, In Quarantaine, [e51ad49b543676c04c784510e322b44c],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3, In Quarantaine, [8b7427489ceecb6b8143da7ba461a060],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd, In Quarantaine, [8b7427489ceecb6b8143da7ba461a060],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200, In Quarantaine, [8f70600f2961f343c10359fc5baaff01],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah, In Quarantaine, [8f70600f2961f343c10359fc5baaff01],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10, In Quarantaine, [738cc8a72664d36309bb5ef7d33225db],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo, In Quarantaine, [738cc8a72664d36309bb5ef7d33225db],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0, In Quarantaine, [4eb175fadeac280e2b99aaabc73eac54],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad, In Quarantaine, [4eb175fadeac280e2b99aaabc73eac54],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3, In Quarantaine, [4fb06e016a2031059d27fb5af3126d93],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj, In Quarantaine, [4fb06e016a2031059d27fb5af3126d93],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1, In Quarantaine, [9d62aac52169ab8be8dc4b0a0ef737c9],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa, In Quarantaine, [9d62aac52169ab8be8dc4b0a0ef737c9],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3, In Quarantaine, [bf4074fb4e3c38fe695b0c4921e455ab],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd, In Quarantaine, [bf4074fb4e3c38fe695b0c4921e455ab],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200, In Quarantaine, [9a659ad5a3e7b383b60e5cf9ac59c63a],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah, In Quarantaine, [9a659ad5a3e7b383b60e5cf9ac59c63a],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0, In Quarantaine, [c639d699256562d4388c3f1625e09e62],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad, In Quarantaine, [c639d699256562d4388c3f1625e09e62],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1, In Quarantaine, [2dd27bf4f09ac0761ea6a4b159ac619f],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa, In Quarantaine, [2dd27bf4f09ac0761ea6a4b159ac619f],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200, In Quarantaine, [06f9b9b6d2b825113193dd785da80bf5],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah, In Quarantaine, [06f9b9b6d2b825113193dd785da80bf5],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdebobecjhhgdddkemaohjlijkgbkdgk\6.3, In Quarantaine, [5ba484ebc6c4d363a3211342df265da3],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdebobecjhhgdddkemaohjlijkgbkdgk, In Quarantaine, [5ba484ebc6c4d363a3211342df265da3],
PUP.Optional.SurfAndKeep.A, C:\Program Files (x86)\surf anodd akeep, In Quarantaine, [a25d87e87e0cf83ec7d61b3b81841be5],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, In Quarantaine, [c9367bf43456ae8826c92868946faf51],
PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, In Quarantaine, [67985e11fe8c78bee8249df76b98ed13],
PUP.Optional.Enabler.A, C:\ProgramData\QuickSet\GS.Enabler, In Quarantaine, [15ea87e8cebcd5619ff0b2f7788b34cc],
PUP.Optional.Enabler.A, C:\ProgramData\QuickSet\GS.Enabler\4560858878, In Quarantaine, [15ea87e8cebcd5619ff0b2f7788b34cc],

Bestanden: 74
PUP.Optional.Somoto.A, C:\Users\PC van Denies\AppData\Local\Bundled software uninstaller\bi_client.exe, In Quarantaine, [3ac54a25cdbdab8b9a7a88c1d928fa06],
RiskWare.Tool.CK, C:\Windows\KMService.exe, In Quarantaine, [9c635e11b1d935015b9babf543bfdd23],
PUP.Optional.Conduit, C:\Windows\System32\Tasks\BackgroundContainer Startup Task, In Quarantaine, [d12e76f99befd95d4fea37faeb1a7e82],
PUP.Optional.SmartCoupon.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eonffnnfmbfnmjpaiigdclmfelolemah_0.localstorage, In Quarantaine, [d02fe48b38523df98d5392b1b74e8e72],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10\lsdb.js, In Quarantaine, [e718d49b2f5b1521efd5a5b064a1c739],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10\background.html, In Quarantaine, [e718d49b2f5b1521efd5a5b064a1c739],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10\content.js, In Quarantaine, [e718d49b2f5b1521efd5a5b064a1c739],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10\manifest.json, In Quarantaine, [e718d49b2f5b1521efd5a5b064a1c739],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\lsdb.js, In Quarantaine, [24db155afe8c072f6b5978dd08fd02fe],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\background.html, In Quarantaine, [24db155afe8c072f6b5978dd08fd02fe],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\content.js, In Quarantaine, [24db155afe8c072f6b5978dd08fd02fe],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\manifest.json, In Quarantaine, [24db155afe8c072f6b5978dd08fd02fe],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3\lsdb.js, In Quarantaine, [22dd7af50a80e551646066ef60a5d729],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3\background.html, In Quarantaine, [22dd7af50a80e551646066ef60a5d729],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3\content.js, In Quarantaine, [22dd7af50a80e551646066ef60a5d729],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3\manifest.json, In Quarantaine, [22dd7af50a80e551646066ef60a5d729],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\lsdb.js, In Quarantaine, [e51ad49b543676c04c784510e322b44c],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\background.html, In Quarantaine, [e51ad49b543676c04c784510e322b44c],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\content.js, In Quarantaine, [e51ad49b543676c04c784510e322b44c],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\icon48.png, In Quarantaine, [e51ad49b543676c04c784510e322b44c],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\manifest.json, In Quarantaine, [e51ad49b543676c04c784510e322b44c],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3\lsdb.js, In Quarantaine, [8b7427489ceecb6b8143da7ba461a060],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3\background.html, In Quarantaine, [8b7427489ceecb6b8143da7ba461a060],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3\content.js, In Quarantaine, [8b7427489ceecb6b8143da7ba461a060],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3\manifest.json, In Quarantaine, [8b7427489ceecb6b8143da7ba461a060],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\lsdb.js, In Quarantaine, [8f70600f2961f343c10359fc5baaff01],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\background.html, In Quarantaine, [8f70600f2961f343c10359fc5baaff01],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\content.js, In Quarantaine, [8f70600f2961f343c10359fc5baaff01],
PUP.Optional.MultiPlug.A, C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\manifest.json, In Quarantaine, [8f70600f2961f343c10359fc5baaff01],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10\lsdb.js, In Quarantaine, [738cc8a72664d36309bb5ef7d33225db],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10\background.html, In Quarantaine, [738cc8a72664d36309bb5ef7d33225db],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10\content.js, In Quarantaine, [738cc8a72664d36309bb5ef7d33225db],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\amihkoighafdkjmcfblafljfnffojleo\1.10\manifest.json, In Quarantaine, [738cc8a72664d36309bb5ef7d33225db],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\lsdb.js, In Quarantaine, [4eb175fadeac280e2b99aaabc73eac54],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\background.html, In Quarantaine, [4eb175fadeac280e2b99aaabc73eac54],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\content.js, In Quarantaine, [4eb175fadeac280e2b99aaabc73eac54],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\manifest.json, In Quarantaine, [4eb175fadeac280e2b99aaabc73eac54],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3\lsdb.js, In Quarantaine, [4fb06e016a2031059d27fb5af3126d93],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3\background.html, In Quarantaine, [4fb06e016a2031059d27fb5af3126d93],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3\content.js, In Quarantaine, [4fb06e016a2031059d27fb5af3126d93],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjmjjklmjpckcckmdlilbijfbkbfakj\2.3\manifest.json, In Quarantaine, [4fb06e016a2031059d27fb5af3126d93],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\lsdb.js, In Quarantaine, [9d62aac52169ab8be8dc4b0a0ef737c9],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\background.html, In Quarantaine, [9d62aac52169ab8be8dc4b0a0ef737c9],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\content.js, In Quarantaine, [9d62aac52169ab8be8dc4b0a0ef737c9],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\icon48.png, In Quarantaine, [9d62aac52169ab8be8dc4b0a0ef737c9],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\manifest.json, In Quarantaine, [9d62aac52169ab8be8dc4b0a0ef737c9],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3\lsdb.js, In Quarantaine, [bf4074fb4e3c38fe695b0c4921e455ab],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3\background.html, In Quarantaine, [bf4074fb4e3c38fe695b0c4921e455ab],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3\content.js, In Quarantaine, [bf4074fb4e3c38fe695b0c4921e455ab],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifeicdadaeofcfgcegkmcncdeacppjd\2.3\manifest.json, In Quarantaine, [bf4074fb4e3c38fe695b0c4921e455ab],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\lsdb.js, In Quarantaine, [9a659ad5a3e7b383b60e5cf9ac59c63a],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\background.html, In Quarantaine, [9a659ad5a3e7b383b60e5cf9ac59c63a],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\content.js, In Quarantaine, [9a659ad5a3e7b383b60e5cf9ac59c63a],
PUP.Optional.MultiPlug.A, C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\manifest.json, In Quarantaine, [9a659ad5a3e7b383b60e5cf9ac59c63a],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\lsdb.js, In Quarantaine, [c639d699256562d4388c3f1625e09e62],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\background.html, In Quarantaine, [c639d699256562d4388c3f1625e09e62],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\content.js, In Quarantaine, [c639d699256562d4388c3f1625e09e62],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccngjmligffcgedhdbaohnajeiminad\1.0\manifest.json, In Quarantaine, [c639d699256562d4388c3f1625e09e62],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\lsdb.js, In Quarantaine, [2dd27bf4f09ac0761ea6a4b159ac619f],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\background.html, In Quarantaine, [2dd27bf4f09ac0761ea6a4b159ac619f],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\content.js, In Quarantaine, [2dd27bf4f09ac0761ea6a4b159ac619f],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\icon48.png, In Quarantaine, [2dd27bf4f09ac0761ea6a4b159ac619f],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa\1.1\manifest.json, In Quarantaine, [2dd27bf4f09ac0761ea6a4b159ac619f],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\lsdb.js, In Quarantaine, [06f9b9b6d2b825113193dd785da80bf5],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\background.html, In Quarantaine, [06f9b9b6d2b825113193dd785da80bf5],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\content.js, In Quarantaine, [06f9b9b6d2b825113193dd785da80bf5],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonffnnfmbfnmjpaiigdclmfelolemah\200\manifest.json, In Quarantaine, [06f9b9b6d2b825113193dd785da80bf5],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdebobecjhhgdddkemaohjlijkgbkdgk\6.3\lsdb.js, In Quarantaine, [5ba484ebc6c4d363a3211342df265da3],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdebobecjhhgdddkemaohjlijkgbkdgk\6.3\background.html, In Quarantaine, [5ba484ebc6c4d363a3211342df265da3],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdebobecjhhgdddkemaohjlijkgbkdgk\6.3\content.js, In Quarantaine, [5ba484ebc6c4d363a3211342df265da3],
PUP.Optional.MultiPlug.A, C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdebobecjhhgdddkemaohjlijkgbkdgk\6.3\manifest.json, In Quarantaine, [5ba484ebc6c4d363a3211342df265da3],
PUP.Optional.SurfAndKeep.A, C:\Program Files (x86)\surf anodd akeep\Fkl_Ir.tlb, In Quarantaine, [a25d87e87e0cf83ec7d61b3b81841be5],
PUP.Optional.SurfAndKeep.A, C:\Program Files (x86)\surf anodd akeep\Fkl_Ir.dat, In Quarantaine, [a25d87e87e0cf83ec7d61b3b81841be5],
PUP.Optional.Enabler.A, C:\ProgramData\QuickSet\GS.Enabler\4560858878.ini, In Quarantaine, [15ea87e8cebcd5619ff0b2f7788b34cc],

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)


(end)




Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #4 on: April 23, 2015, 04:30:13 AM »
Then the FRDST 64 scan.

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2015 01
Ran by PC van Denies (administrator) on DENIES on 23-04-2015 12:11:22
Running from C:\Users\PC van Denies\Desktop
Loaded Profiles: PC van Denies (Available profiles: PC van Denies)
Platform: Windows 8.1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\PC van Denies\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Autodesk Inc.) C:\Users\PC van Denies\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6334096 2012-10-17] (Realtek semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2840352 2010-04-07] (ESET)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2013-09-25] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2013-09-25] (Synaptics)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [3816960 2013-12-27] (Connectify)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files (x86)\Connectify\DispatchUI.exe [1656608 2013-11-05] (Connectify)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => D:\Software\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1627032 2014-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [488328 2014-09-04] (Autodesk Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [Akamai NetSession Interface] => C:\Users\PC van Denies\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [KiesPreload] => D:\Software\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [] => D:\Software\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-05-01] (Autodesk, Inc.)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [Spotify Web Helper] => C:\Users\PC van Denies\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-03] (Spotify Ltd)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Run: [Spotify] => C:\Users\PC van Denies\AppData\Roaming\Spotify\Spotify.exe [7112248 2015-04-03] (Spotify Ltd)
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\MountPoints2: {142155b0-1d7a-11e4-be98-6817290620bf} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\MountPoints2: {cac63762-933a-11e3-be87-6817290620bf} - "H:\SBLauncher.exe"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1193352 2014-05-01] (Autodesk, Inc.)
Startup: C:\Users\PC van Denies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-08-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\PC van Denies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk [2015-02-20]
ShortcutTarget: OneNote 2010 Schermopname en Snel starten.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://iavans.nl/
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.nl.msn.com/
SearchScopes: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001 -> {0BBFBAB0-F38C-4371-97D4-1A48BCC7EB18} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
Toolbar: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 145.48.24.45 145.48.16.46 145.48.192.46

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-07-27] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-12-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-04] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-07-27] (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-12-16]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-08-31]

Chrome:
=======
CHR Profile: C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-30]
CHR Extension: (Google Drive) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-30]
CHR Extension: (YouTube) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-30]
CHR Extension: (Google Search) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-30]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-01-21]
CHR Extension: (Google Wallet) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-30]
CHR Profile: C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Drive) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-31]
CHR Extension: (YouTube) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-30]
CHR Extension: (Adblock Plus) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-18]
CHR Extension: (Google Search) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-30]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-05-08]
CHR Extension: (AdBlock) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-18]
CHR Extension: (https://dub114.mail.live.com/default.aspx?id=) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomlmgeimkcmodjfkmolnojbicejeoh [2013-08-30]
CHR Extension: (AdBlock Plus) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfcfceejhleedfbabanmaamfiagjhncj [2014-11-18]
CHR Extension: (Chrome In-App Payments service) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (TV British and American Free) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nonjjcnhdfjhfmkpilggjhhkgafmflld [2015-01-01]
CHR Extension: (http://www.skoften.net/) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pmamdjlpcdknnlamgnblfpeldabogfkj [2013-08-30]
CHR Profile: C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-04]
CHR Extension: (Google Drive) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-04]
CHR Extension: (YoutubeAdblocker) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cccngjmligffcgedhdbaohnajeiminad [2013-12-26]
CHR Extension: (YTBookMArKK) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\chnpgmeeilffbcbcbcffgnbdkmbdbmaa [2013-12-26]
CHR Extension: (Google Search) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-04]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-12-17]
CHR Extension: (SSAvoeLootts) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdebobecjhhgdddkemaohjlijkgbkdgk [2014-02-27]
CHR Extension: (Google Wallet) - C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\PCVAND~1\AppData\Local\Google\Drive\APDFLL~1.CRX [2013-08-31]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [597896 2014-09-04] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2013-11-05] (Connectify) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42336 2010-04-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810120 2010-04-07] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-16] (Intel Corporation) [File not signed]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S2 SkypeUpdate; D:\Software\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [35352 2014-10-21] (Connectify)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-08-30] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [164912 2010-04-07] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [139704 2010-04-07] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [124760 2010-04-07] (ESET)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-31] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8230160 2012-10-17] (Realtek Semiconductor Corp.)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2014-01-04] (Scarlet.Crush Productions)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2013-09-25] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 12:11 - 2015-04-23 12:11 - 00029979 _____ () C:\Users\PC van Denies\Desktop\FRST.txt
2015-04-23 11:53 - 2015-04-23 12:11 - 00000000 ____D () C:\FRST
2015-04-23 11:53 - 2015-04-23 11:53 - 02099712 _____ (Farbar) C:\Users\PC van Denies\Desktop\FRST64.exe
2015-04-23 11:50 - 2015-04-23 12:08 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-23 11:50 - 2015-04-23 11:50 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-23 11:50 - 2015-04-23 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-23 11:50 - 2015-04-23 11:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-23 11:50 - 2015-04-23 11:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-23 11:50 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-04-23 11:50 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-23 11:50 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-23 11:47 - 2015-04-23 11:47 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\PC van Denies\Desktop\mbam-setup-2.1.6.1022 (1).exe
2015-04-23 11:46 - 2015-04-23 11:46 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\PC van Denies\Desktop\mbam-setup-2.1.6.1022.exe
2015-04-22 10:56 - 2015-04-23 12:07 - 00041876 _____ () C:\WINDOWS\PFRO.log
2015-04-21 20:11 - 2015-04-23 12:08 - 00001475 _____ () C:\WINDOWS\setupact.log
2015-04-21 20:11 - 2015-04-21 20:11 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-04-21 13:44 - 2015-04-21 13:44 - 00149306 _____ () C:\Users\PC van Denies\Desktop\scan.txt
2015-04-21 13:37 - 2015-04-23 12:07 - 00231693 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-21 13:16 - 2015-04-21 13:16 - 00688779 _____ (Swearware) C:\Users\PC van Denies\Downloads\dds.pif
2015-04-21 13:14 - 2015-04-21 13:15 - 14176408 _____ (Microsoft Corporation) C:\Users\PC van Denies\Downloads\mseinstall (2).exe
2015-04-21 13:14 - 2015-04-21 13:14 - 14176408 _____ (Microsoft Corporation) C:\Users\PC van Denies\Downloads\mseinstall (1).exe
2015-04-21 13:10 - 2015-04-21 13:15 - 00002152 _____ () C:\WINDOWS\epplauncher.mif
2015-04-21 13:10 - 2015-04-21 13:10 - 14176408 _____ (Microsoft Corporation) C:\Users\PC van Denies\Downloads\mseinstall.exe
2015-04-20 18:20 - 2015-04-20 18:20 - 45142720 _____ (Microsoft Corporation) C:\Users\PC van Denies\Downloads\Windows-KB890830-x64-V5.23.exe
2015-04-20 18:12 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-04-20 18:12 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-04-20 18:12 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-04-20 18:12 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-04-20 18:12 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-04-20 18:12 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-04-20 18:12 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-04-20 18:12 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-04-20 18:12 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-04-20 18:12 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-04-20 18:12 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-04-20 18:12 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-04-20 18:12 - 2014-11-14 08:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-04-20 18:12 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-04-20 18:12 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-04-20 18:12 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-04-20 18:12 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-04-20 18:12 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-04-20 18:12 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-04-20 18:12 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-04-20 18:12 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-04-20 18:12 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-04-20 18:12 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-04-20 18:12 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-04-20 18:12 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-04-20 18:12 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-04-20 18:12 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-04-20 18:12 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-04-20 18:12 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-04-20 18:12 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-04-20 18:12 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-04-20 18:12 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-04-20 18:12 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-04-20 18:12 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-04-20 18:12 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-04-20 18:12 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-04-20 18:12 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-04-20 18:12 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-04-20 18:12 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-04-20 18:12 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-04-20 18:12 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-04-20 18:12 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-04-20 18:12 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-04-20 18:12 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-04-20 18:12 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-04-20 18:12 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-04-20 18:12 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-04-20 18:12 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-04-20 18:12 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-04-20 18:12 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-04-20 18:12 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-04-20 18:12 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-04-20 18:12 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-04-20 18:12 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-04-20 18:12 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-04-20 18:12 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-04-20 18:12 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-04-20 18:12 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-04-20 18:12 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-04-20 18:12 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-04-20 18:12 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-04-20 18:12 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-04-20 18:12 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-04-20 18:12 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-04-20 18:12 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-04-20 18:12 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-04-20 18:12 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-04-20 18:12 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-04-20 18:12 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-04-20 18:12 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-04-20 18:12 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-04-20 18:12 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-04-20 18:12 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-04-20 18:12 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-04-20 18:12 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-04-20 18:12 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-04-20 18:12 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-04-20 18:12 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-04-20 18:12 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-04-20 18:12 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-04-20 18:12 - 2014-10-17 06:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-04-20 18:12 - 2014-10-17 06:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-04-20 18:12 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-04-20 18:12 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-04-16 07:53 - 2015-04-16 07:53 - 00000000 ____D () C:\Program Files (x86)\Skype
2015-04-16 07:15 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-04-16 07:15 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-04-16 07:15 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-04-16 07:15 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-04-16 07:15 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-04-16 07:15 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-04-16 07:15 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-04-16 07:14 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-04-16 07:14 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-04-16 07:14 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-04-16 07:14 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-04-16 07:14 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-04-16 07:14 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-04-16 07:14 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-04-16 07:14 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-04-16 07:14 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-04-16 07:14 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-04-16 07:14 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-04-16 07:14 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-04-16 07:14 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-04-16 07:14 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-04-16 07:14 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-04-16 07:14 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-04-16 07:14 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-04-16 07:14 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-04-16 07:14 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-04-16 07:14 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-04-16 07:14 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-04-16 07:14 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-04-16 07:14 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-04-16 07:14 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-04-16 07:14 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-04-16 07:14 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-04-16 07:14 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-04-16 07:14 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-04-16 07:14 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-04-16 07:14 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-04-16 07:14 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-04-16 07:14 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-04-16 07:14 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-04-16 07:13 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-04-16 07:13 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-04-16 07:13 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-04-16 07:13 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-04-16 07:13 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-04-16 07:13 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-04-16 07:13 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-04-16 07:13 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-04-16 07:13 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-04-16 07:13 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-04-16 07:13 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-04-16 07:13 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-04-14 21:36 - 2015-04-14 21:36 - 00031861 _____ () C:\Users\PC van Denies\Downloads\download.htm
2015-04-14 20:55 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-04-14 20:55 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-04-14 20:55 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-04-14 20:55 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-04-14 20:55 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-04-14 20:55 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-04-14 20:55 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-04-14 20:55 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-04-14 20:55 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-04-14 20:55 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-04-14 20:55 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-04-14 20:55 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-04-14 20:55 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-04-14 20:55 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-04-14 20:55 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-04-14 20:55 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-04-14 20:55 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-04-14 20:55 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-04-09 16:01 - 2015-04-12 12:39 - 00000000 ____D () C:\WINDOWS\Minidump
2015-04-06 12:27 - 2015-04-06 12:27 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-04-06 12:27 - 2015-04-06 12:27 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-03-27 14:32 - 2015-03-27 14:32 - 00000000 ____D () C:\Users\PC van Denies\Desktop\Nieuwe map (2)

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 12:11 - 2013-10-09 09:35 - 00000000 ____D () C:\Users\PC van Denies\AppData\Roaming\ClassicShell
2015-04-23 12:10 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-04-23 12:09 - 2014-11-18 17:54 - 00000000 ____D () C:\Users\PC van Denies\AppData\Local\Spotify
2015-04-23 12:09 - 2014-11-18 17:53 - 00000000 ____D () C:\Users\PC van Denies\AppData\Roaming\Spotify
2015-04-23 12:09 - 2013-08-30 21:38 - 00000000 ___RD () C:\Users\PC van Denies\Dropbox
2015-04-23 12:09 - 2013-08-30 21:24 - 00000000 ____D () C:\Users\PC van Denies\AppData\Roaming\Dropbox
2015-04-23 12:08 - 2014-01-09 19:01 - 00000000 __RDO () C:\Users\PC van Denies\SkyDrive
2015-04-23 12:08 - 2014-01-09 18:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-23 12:08 - 2013-08-30 18:05 - 00001080 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-23 12:08 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-23 12:07 - 2014-01-23 21:38 - 00000000 ____D () C:\ProgramData\Conduit
2015-04-23 12:07 - 2013-12-26 20:15 - 00000000 ____D () C:\ProgramData\QuickSet
2015-04-23 12:07 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-04-23 11:56 - 2013-08-27 18:38 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1556840761-1313434400-2009749808-1001
2015-04-23 11:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-04-23 11:39 - 2013-11-14 14:39 - 01826596 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-23 11:39 - 2013-11-14 14:23 - 00807742 _____ () C:\WINDOWS\system32\perfh013.dat
2015-04-23 11:39 - 2013-11-14 14:23 - 00162706 _____ () C:\WINDOWS\system32\perfc013.dat
2015-04-23 11:36 - 2014-01-11 18:08 - 00003982 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{55BFC15E-D81F-43ED-8A00-C1C47FB8A0FF}
2015-04-22 10:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-04-22 10:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-04-21 21:20 - 2013-08-30 19:15 - 00000000 ____D () C:\Users\PC van Denies\AppData\Local\Microsoft Help
2015-04-21 21:20 - 2013-08-30 18:05 - 00001084 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-21 13:04 - 2014-04-23 16:31 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2015-04-20 19:51 - 2014-04-23 16:32 - 00000000 ____D () C:\Users\PC van Denies\AppData\Roaming\NCH Software
2015-04-20 19:50 - 2014-04-23 16:31 - 00000000 ____D () C:\ProgramData\NCH Software
2015-04-20 19:49 - 2013-10-25 11:54 - 00000000 ____D () C:\Users\PC van Denies\AppData\Roaming\uTorrent
2015-04-20 18:13 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-04-20 18:13 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-04-20 15:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-04-19 21:01 - 2014-12-11 18:15 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-19 21:01 - 2014-07-11 14:39 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-19 21:00 - 2014-01-09 18:42 - 00000000 ____D () C:\Users\PC van Denies
2015-04-16 10:13 - 2013-08-30 19:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 10:12 - 2013-08-27 19:12 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-16 07:53 - 2013-10-21 12:43 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 07:51 - 2012-07-26 07:26 - 00000167 _____ () C:\WINDOWS\win.ini
2015-04-14 20:54 - 2014-11-13 11:21 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-04-14 01:24 - 2014-04-29 16:35 - 00792056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-04-29 16:35 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 14:03 - 2013-08-30 23:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-04-12 12:39 - 2014-10-21 16:57 - 00000000 ____D () C:\Program Files (x86)\Connectify
2015-04-12 12:39 - 2013-08-30 19:08 - 00000000 ____D () C:\Users\PC van Denies\AppData\Roaming\DAEMON Tools Lite
2015-04-10 20:39 - 2013-08-30 21:38 - 00001053 _____ () C:\Users\PC van Denies\Desktop\Dropbox.lnk
2015-04-10 20:39 - 2013-08-30 21:25 - 00000000 ____D () C:\Users\PC van Denies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-08 13:22 - 2013-10-21 12:43 - 00000000 ____D () C:\Users\PC van Denies\AppData\Roaming\Skype
2015-04-03 10:39 - 2014-11-18 17:54 - 00001853 _____ () C:\Users\PC van Denies\Desktop\Spotify.lnk
2015-04-03 10:39 - 2014-11-18 17:54 - 00001839 _____ () C:\Users\PC van Denies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-04-01 15:47 - 2014-11-15 16:05 - 00000025 _____ () C:\Users\PC van Denies\Desktop\films.txt
2015-04-01 12:05 - 2014-04-25 18:54 - 00000000 ____D () C:\Users\PC van Denies\Graphisoft
2015-04-01 11:16 - 2013-08-27 19:12 - 128913832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-03-27 14:27 - 2014-03-16 19:00 - 00001118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-03-27 14:27 - 2014-03-16 19:00 - 00001106 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk

==================== Files in the root of some directories =======

2014-01-11 19:08 - 2015-01-14 21:10 - 0000132 _____ () C:\Users\PC van Denies\AppData\Roaming\Adobe PNG Format CS6 Prefs
2013-12-09 17:43 - 2014-09-11 22:38 - 0007605 _____ () C:\Users\PC van Denies\AppData\Local\Resmon.ResmonCfg
2013-09-04 18:26 - 2013-09-04 18:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-08-31 12:43 - 2013-08-31 12:43 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\PC van Denies\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgybsev.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-20 13:22

==================== End Of Log ============================



Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #5 on: April 23, 2015, 04:31:42 AM »
Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2015 01
Ran by PC van Denies at 2015-04-23 12:12:22
Running from C:\Users\PC van Denies\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CB0F8167-5331-BA19-698E-64816B6801A5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {706E6083-750B-B597-533E-5FF310EF4B18}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

14.1.3 (HKLM-x32\...\{285EF7FC-DF3E-4F8E-955E-BF1FC71EBAC5}_is1) (Version: 14.1.3 - Sports Interactive)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Akamai NetSession Interface (HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
ArchiCAD 17 NED (HKLM\...\001FFF2FFF17FF00FF1201F01F02F000-R1) (Version: 17.0 - GRAPHISOFT)
ArchiCAD 18 NED (HKLM\...\001FFF2FFF18FF00FF1401F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
Artlantis 5 Exporter for SketchUp Pro 2014 (HKLM-x32\...\Abvent_SkpPro2014toATL5) (Version:  - )
Artlantis Studio 5.1.2.4 (64 bit) (HKLM\...\Artlantis Studio 5 (64 bit)) (Version: 5.1.2.4 - Abvent R&D)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
AutoCAD 2015 - English (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.1.2.1000 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 3.0.159.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk BIM 360 Revit 2015 Add-in 64 bit (HKLM\...\{37E1C3A1-7DBF-4250-9314-46167B68383D}) (Version: 3.32.3357 - Autodesk)
Autodesk CAD Manager Tools (HKLM\...\{5783F2D7-0111-0409-0110-0060B0CE6BBA}) (Version: 16.0.0.65 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{C897D9EC-13C6-4A22-ABF7-33F2126A7DB6}) (Version: 3.0.8.0 - Autodesk, Inc.)
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2015 (HKLM-x32\...\{4FBC9635-AC56-4378-8FDE-C4D3ED072681}) (Version: 5.2.8.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.8.100 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk Revit 2015 (HKLM\...\Autodesk Revit 2015) (Version: 15.0.207.0 - Autodesk)
Autodesk Revit Content Libraries 2015 (HKLM\...\Autodesk Revit Content Libraries 2015) (Version: 15.0.207.0 - Autodesk)
Autodesk SketchBook Pro 2015 (HKLM\...\Autodesk SketchBook Pro 2015) (Version: 7.0.0.12 - Autodesk)
Autodesk SketchBook Pro 2015 (Version: 7.0.0.12 - Autodesk) Hidden
Autodesk Workflows 2015 (HKLM\...\{A90DD6F8-60D2-4803-AFF6-796400E73E1B}) (Version: 5.2.14.100 - Autodesk, Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
Connectify (HKLM\...\Connectify) (Version: 7.1.0.29279 - Connectify)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Dropbox (HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
EPG en Kosten V1.0 (HKLM-x32\...\EPG en Kosten V1.0) (Version:  - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{505638F7-EF44-4274-BBA7-6FDB1ECA54F5}) (Version: 4.2.42.3 - ESET, spol s r. o.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Euro Truck Simulator 2 v1.11.1s (14 DLC) (HKLM-x32\...\Euro Truck Simulator 2 v1.11.1s (14 DLC)1.11.1s) (Version: 1.11.1s - Friends in War)
F1 2013 (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Drive (HKLM-x32\...\{56D4499E-AC3E-4B8D-91C9-C700C148C44B}) (Version: 1.13.5782.599 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{D2FFE8A1-980E-4CF9-A48F-453D767BA661}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10192 - Realtek Semiconductor Corp.)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware versie 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - English (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM-x32\...\{90150000-001F-0413-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
NVIDIA 3D Vision stuurprogramma 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX systeemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Revit 2013 Language Pack - English (Version: 12.02.21203 - Autodesk) Hidden
Revit 2015 (Version: 15.0.207.0 - Autodesk) Hidden
Revit 2015 Language Pack - English (Version: 15.0.207.0 - Autodesk) Hidden
Revit Content Libraries 2015 (Version: 15.0.207.0 - Autodesk) Hidden
Revit Extensions for Autodesk Revit 2015 (HKLM\...\{0C1BE521-F705-4109-B930-67AC1C837343}) (Version: 1.0.0.0 - Autodesk)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
SketchUp Pro 8 (HKLM-x32\...\{045D5A51-F07E-4350-8642-B85772A2876B}) (Version: 3.0.16846 - Trimble Navigation Limited)
SkypeÖ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Spintires_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Spotify (HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{E362724E-9320-4946-AF34-874E7B6B2927}) (Version: 6.0.7.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.38846 - TeamViewer)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1556840761-1313434400-2009749808-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-04-2015 15:52:28 Gepland controlepunt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08E9D559-58AB-43CA-B374-D4C5ED5D0F07} - System32\Tasks\{7CC59333-F1A6-428A-B540-553976AFD7E2} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe" -c --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}"
Task: {4BDDA45D-CBD5-49F7-8728-A3FD2E807318} - System32\Tasks\{25AF9EE8-2BAC-446A-A9E3-891BED4E79A2} => pcalua.exe -a "C:\drivers\18. Camera Driver (Bison, Chicony, Liteon)\Setup.exe" -d "C:\drivers\18. Camera Driver (Bison, Chicony, Liteon)"
Task: {4D224E6B-5C22-4F48-9778-37BAA7156526} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-30] (Google Inc.)
Task: {5CAAAB85-B481-4D63-8D83-2A67AF471615} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {673BF5D5-C716-43A6-AF0A-C660EFCF5AC2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-01] (Microsoft Corporation)
Task: {67FD71F7-E74C-4C9A-8255-2851246E329B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {737CAC23-B300-42E8-A2D2-964F389D52F5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {B5D1BBB1-AA96-4AA7-8EC3-2BF9C04268D3} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {BD95DBCE-179A-472E-9F03-C907DC3B6410} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {C72FE2B7-48A9-4AB8-BA5B-825403E619C0} - System32\Tasks\{7313963B-5FC7-4126-8002-26BCC8D427EE} => pcalua.exe -a "D:\Software\Euro Truck Simulator 2\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe" -d "D:\Software\Euro Truck Simulator 2\Euro Truck Simulator 2\bin\win_x86"
Task: {D4376249-AAB7-4F53-B4C6-045986C8321D} - System32\Tasks\HP AR Program Upload - 41d6a5ea70cd4621882a0b85731e698e5093a7d3659f4638a168db841e888ac8 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {F050D243-18E5-44E5-B9E3-E3208CA768BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-30] (Google Inc.)
Task: {F564988F-1AEF-40CE-B2FA-A8F79B8F3683} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {F930EDD6-B933-443A-BD2F-68B0888703ED} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-01-09 18:37 - 2014-12-13 10:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-25 14:00 - 2014-11-25 14:00 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-09-02 21:51 - 2014-09-04 05:41 - 00047496 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-09-02 21:51 - 2014-09-04 05:41 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-10-21 16:57 - 2013-11-05 22:07 - 00376608 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2014-10-21 16:57 - 2013-11-05 22:07 - 03156256 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2014-10-21 16:57 - 2013-11-05 22:07 - 00714016 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2014-10-21 16:57 - 2013-11-05 22:07 - 00353056 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-23 12:08 - 2015-04-23 12:08 - 00043008 _____ () c:\Users\PC van Denies\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgybsev.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\PC van Denies\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-04-23 12:08 - 2015-04-23 12:08 - 00098816 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32api.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00110080 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\pywintypes27.dll
2015-04-23 12:08 - 2015-04-23 12:08 - 00364544 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\pythoncom27.dll
2015-04-23 12:08 - 2015-04-23 12:08 - 00044032 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\_socket.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 01153024 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\_ssl.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00320512 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32com.shell.shell.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00711680 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\_hashlib.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 01175040 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\wx._core_.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00805888 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\wx._gdi_.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00811008 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\wx._windows_.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 01062400 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\wx._controls_.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00735232 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\wx._misc_.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00128512 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\_elementtree.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00127488 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\pyexpat.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00557056 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\pysqlite2._sqlite.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00087040 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\_ctypes.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00119808 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32file.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00108544 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32security.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00018432 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32event.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00038912 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32inet.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00122368 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\wx._wizard.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00026624 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\_multiprocessing.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00070656 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\wx._html2.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00010240 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\select.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00686080 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\unicodedata.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00025600 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32pdh.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00521680 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\windows._lib_cacheinvalidation.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00011264 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32crypt.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00024064 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32pipe.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00035840 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32process.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00017408 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32profile.pyd
2015-04-23 12:08 - 2015-04-23 12:08 - 00022528 _____ () C:\Users\PC van Denies\AppData\Local\Temp\_MEI70122\win32ts.pyd
2015-04-23 12:08 - 2014-09-04 05:41 - 00104328 _____ () C:\Users\PC van Denies\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
2014-01-29 11:21 - 2014-01-23 07:56 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-29 11:21 - 2014-01-23 07:56 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-29 11:21 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-29 11:21 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-29 11:21 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
2015-01-19 11:15 - 2015-01-19 11:15 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\7eeed5648d9cab35768d97ba0a6dbd7f\PSIClient.ni.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\PC van Denies\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC van Denies\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 145.48.24.45 - 145.48.16.46

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "Connectify Dispatch"
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
HKLM\...\StartupApproved\Run: => "RtsFT"
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "ADSK DLMSession"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "KiesAirMessage"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => ""
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_1CE3BD622A0CA1FE25ADADCCC07D1BE7"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "HP Photosmart 5520 series (NET)"
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\StartupApproved\Run: => "StartIsGone"

==================== Accounts: =============================

Administrator (S-1-5-21-1556840761-1313434400-2009749808-500 - Administrator - Disabled)
Gast (S-1-5-21-1556840761-1313434400-2009749808-501 - Limited - Disabled)
PC van Denies (S-1-5-21-1556840761-1313434400-2009749808-1001 - Administrator - Enabled) => C:\Users\PC van Denies

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/21/2015 09:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: explorer.exe, versie: 6.3.9600.17667, tijdstempel: 0x54c6f7c2
Naam van module met fout: mfmp4srcsnk.dll, versie: 12.0.9600.17415, tijdstempel: 0x54503c43
Uitzonderingscode: 0xc0000094
Foutmarge: 0x00000000000aae7f
Id van proces met fout: 0x170c
Starttijd van toepassing met fout: 0xexplorer.exe0
Pad naar toepassing met fout: explorer.exe1
Pad naar module met fout: explorer.exe2
Rapport-id: explorer.exe3
Volledige pakketnaam met fout: explorer.exe4
Relatieve toepassings-id van pakket met fout: explorer.exe5

Error: (04/21/2015 08:45:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: Explorer.EXE, versie: 6.3.9600.17667, tijdstempel: 0x54c6f7c2
Naam van module met fout: mfmp4srcsnk.dll, versie: 12.0.9600.17415, tijdstempel: 0x54503c43
Uitzonderingscode: 0xc0000094
Foutmarge: 0x00000000000aae7f
Id van proces met fout: 0x1c7c
Starttijd van toepassing met fout: 0xExplorer.EXE0
Pad naar toepassing met fout: Explorer.EXE1
Pad naar module met fout: Explorer.EXE2
Rapport-id: Explorer.EXE3
Volledige pakketnaam met fout: Explorer.EXE4
Relatieve toepassings-id van pakket met fout: Explorer.EXE5

Error: (04/21/2015 01:40:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (04/21/2015 01:15:10 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DENIES)
Description: HRESULT:0x8004FF71
Description:Microsoft Security Essentials cannot be installed on your operating system. Windows Program Compatibility mode is not supported by this program.  <a>For information about supported operating systems, see the online Help</a>. Error code:0x8004FF71.

Error: (04/21/2015 01:15:07 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DENIES)
Description: HRESULT:0x8004FF71
Description:Microsoft Security Essentials cannot be installed on your operating system. Windows Program Compatibility mode is not supported by this program.  <a>For information about supported operating systems, see the online Help</a>. Error code:0x8004FF71.

Error: (04/21/2015 01:10:57 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DENIES)
Description: HRESULT:0x8004FF71
Description:Microsoft Security Essentials cannot be installed on your operating system. Windows Program Compatibility mode is not supported by this program.  <a>For information about supported operating systems, see the online Help</a>. Error code:0x8004FF71.

Error: (04/21/2015 01:08:29 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Product: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 - Update 'KB2565063' kan niet worden ge´nstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\WINDOWS\TEMP\Microsoft Visual Studio Tools for Office Runtime 2010 Setup_20150421_130826592-MSI_vc_red.msi.txt.

Error: (04/20/2015 06:13:00 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Product: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 - Update 'KB2565063' kan niet worden ge´nstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\WINDOWS\TEMP\Microsoft Visual Studio Tools for Office Runtime 2010 Setup_20150420_181257925-MSI_vc_red.msi.txt.

Error: (04/20/2015 06:10:42 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Product: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 - Update 'KB2565063' kan niet worden ge´nstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\WINDOWS\TEMP\Microsoft Visual Studio Tools for Office Runtime 2010 Setup_20150420_181040548-MSI_vc_red.msi.txt.

Error: (04/20/2015 03:19:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: egui.exe, versie: 4.2.42.3, tijdstempel: 0x4bbcd43f
Naam van module met fout: ntdll.dll, versie: 6.3.9600.17736, tijdstempel: 0x550f4336
Uitzonderingscode: 0xc0000005
Foutmarge: 0x000000000003569f
Id van proces met fout: 0x1350
Starttijd van toepassing met fout: 0xegui.exe0
Pad naar toepassing met fout: egui.exe1
Pad naar module met fout: egui.exe2
Rapport-id: egui.exe3
Volledige pakketnaam met fout: egui.exe4
Relatieve toepassings-id van pakket met fout: egui.exe5


System errors:
=============
Error: (04/23/2015 11:35:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden ge´nstalleerd, foutcode 0x80070490: Hewlett-Packard  - Imaging - Null Print - HP Photosmart 5520 series.

Error: (04/22/2015 10:56:17 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 20:50:22 op ‎21-‎4-‎2015 is onverwacht gebeurd.

Error: (04/21/2015 08:34:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden ge´nstalleerd, foutcode 0x80070490: Hewlett-Packard  - Imaging - Null Print - HP Photosmart 5520 series.

Error: (04/21/2015 01:45:34 PM) (Source: DCOM) (EventID: 10010) (User: DENIES)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/21/2015 01:08:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden ge´nstalleerd, foutcode 0x80070490: Hewlett-Packard  - Imaging - Null Print - HP Photosmart 5520 series.

Error: (04/21/2015 01:08:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden ge´nstalleerd, foutcode 0x80070643: Update voor Microsoft Visual Studio 2010 Tools for Office Runtime (KB3001652).

Error: (04/20/2015 10:53:18 PM) (Source: DCOM) (EventID: 10010) (User: DENIES)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/20/2015 06:13:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden ge´nstalleerd, foutcode 0x80070490: Hewlett-Packard  - Imaging - Null Print - HP Photosmart 5520 series.

Error: (04/20/2015 06:13:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden ge´nstalleerd, foutcode 0x80070643: Update voor Microsoft Visual Studio 2010 Tools for Office Runtime (KB3001652).

Error: (04/20/2015 06:10:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden ge´nstalleerd, foutcode 0x80070490: Hewlett-Packard  - Imaging - Null Print - HP Photosmart 5520 series.


Microsoft Office Sessions:
=========================
Error: (04/21/2015 09:19:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.3.9600.1766754c6f7c2mfmp4srcsnk.dll12.0.9600.1741554503c43c000009400000000000aae7f170c01d07c634911c16cC:\WINDOWS\explorer.exeC:\WINDOWS\System32\mfmp4srcsnk.dll5117ec88-e85b-11e4-bece-6817290620bf

Error: (04/21/2015 08:45:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2mfmp4srcsnk.dll12.0.9600.1741554503c43c000009400000000000aae7f1c7c01d07c5e8418317fC:\WINDOWS\Explorer.EXEC:\WINDOWS\System32\mfmp4srcsnk.dll8676c5d3-e856-11e4-bece-6817290620bf

Error: (04/21/2015 01:40:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (04/21/2015 01:15:10 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DENIES)
Description: HRESULT:0x8004FF71
Description:Microsoft Security Essentials cannot be installed on your operating system. Windows Program Compatibility mode is not supported by this program.  <a>For information about supported operating systems, see the online Help</a>. Error code:0x8004FF71.

Error: (04/21/2015 01:15:07 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DENIES)
Description: HRESULT:0x8004FF71
Description:Microsoft Security Essentials cannot be installed on your operating system. Windows Program Compatibility mode is not supported by this program.  <a>For information about supported operating systems, see the online Help</a>. Error code:0x8004FF71.

Error: (04/21/2015 01:10:57 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: DENIES)
Description: HRESULT:0x8004FF71
Description:Microsoft Security Essentials cannot be installed on your operating system. Windows Program Compatibility mode is not supported by this program.  <a>For information about supported operating systems, see the online Help</a>. Error code:0x8004FF71.

Error: (04/21/2015 01:08:29 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219KB25650631625C:\WINDOWS\TEMP\Microsoft Visual Studio Tools for Office Runtime 2010 Setup_20150421_130826592-MSI_vc_red.msi.txt(NULL)(NULL)

Error: (04/20/2015 06:13:00 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219KB25650631625C:\WINDOWS\TEMP\Microsoft Visual Studio Tools for Office Runtime 2010 Setup_20150420_181257925-MSI_vc_red.msi.txt(NULL)(NULL)

Error: (04/20/2015 06:10:42 PM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219KB25650631625C:\WINDOWS\TEMP\Microsoft Visual Studio Tools for Office Runtime 2010 Setup_20150420_181040548-MSI_vc_red.msi.txt(NULL)(NULL)

Error: (04/20/2015 03:19:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: egui.exe4.2.42.34bbcd43fntdll.dll6.3.9600.17736550f4336c0000005000000000003569f135001d07b585994c060C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\WINDOWS\SYSTEM32\ntdll.dlld19ac583-e75f-11e4-bece-6817290620bf


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8142.36 MB
Available physical RAM: 5805.14 MB
Total Pagefile: 16334.36 MB
Available Pagefile: 13698.41 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:13.06 GB) NTFS
Drive d: () (Fixed) (Total:884.18 GB) (Free:691.2 GB) NTFS
Drive e: (LENOVO) (Fixed) (Total:25 GB) (Free:22.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: D00CB656)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 38CFF8C2)

Partition: GPT Partition Type.

==================== End Of Log ============================

I hope you can help me.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Windows update error 569 > virus
« Reply #6 on: April 23, 2015, 07:10:39 AM »
Thanks for those logs, continue as follows:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download AdwCleaner by Xplode onto your Desktop.
  • Double click on Adwcleaner.exe to run the tool.
  • Click on Scan
  • Once the scan is done, click on the Clean button. <<<--- Ensure this option is completed
  • You will get a prompt asking to close all programs. Click OK.
  • Click OK again to reboot your computer.
  • A text file will open after the restart. Please post the content of that logfile in your reply.
  • You can also find the logfile at C:\AdwCleaner[Sn].txt. Where n in the scan reference number
Next,

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop
Ensure to get the correct version for your system....
32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select ôRun as Administratorö the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and  Click Finish when the scan is done.
Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

Post those logs, also give an update on any remaining issues or concerns...

Thank you,

Kevin...
« Last Edit: April 23, 2015, 07:21:30 AM by kevinf80 »

Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #7 on: April 23, 2015, 09:52:27 AM »
Fist log:

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-04-2015 01
Ran by PC van Denies at 2015-04-23 17:17:51 Run:1
Running from C:\Users\PC van Denies\Desktop
Loaded Profiles: PC van Denies (Available profiles: PC van Denies)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\MountPoints2: {142155b0-1d7a-11e4-be98-6817290620bf} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\...\MountPoints2: {cac63762-933a-11e3-be87-6817290620bf} - "H:\SBLauncher.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\PC van Denies\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgybsev.dll
Task: {F564988F-1AEF-40CE-B2FA-A8F79B8F3683} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
EmptyTemp:
end



*****************

HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
"HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{142155b0-1d7a-11e4-be98-6817290620bf}" => Key deleted successfully.
HKCR\CLSID\{142155b0-1d7a-11e4-be98-6817290620bf} => Key not found.
"HKU\S-1-5-21-1556840761-1313434400-2009749808-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cac63762-933a-11e3-be87-6817290620bf}" => Key deleted successfully.
HKCR\CLSID\{cac63762-933a-11e3-be87-6817290620bf} => Key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"C:\Users\PC van Denies\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgybsev.dll" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F564988F-1AEF-40CE-B2FA-A8F79B8F3683}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F564988F-1AEF-40CE-B2FA-A8F79B8F3683}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => Key deleted successfully.
EmptyTemp: => Removed 1.4 GB temporary data.


The system needed a reboot.

==== End of Fixlog 17:18:34 ====


Secondlog
adw cleaner

# AdwCleaner v4.201 - Logbestand aangemaakt 23/04/2015 op 17:26:39
# Laatste update 08/04/2015 door Xplode
# Database : 2015-04-08.1 [Lokaal]
# Besturingssysteem : Windows 8.1  (x64)
# Gebruikersnaam : PC van Denies - DENIES
# Gestart vanuit : C:\Users\PC van Denies\Desktop\adwcleaner_4.201.exe
# Optie : Verwijderen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\ProgramData\apn
Map Verwijderd : C:\ProgramData\Conduit
Map Verwijderd : C:\ProgramData\House Of Soft
Map Verwijderd : C:\ProgramData\QuickSet
Map Verwijderd : C:\ProgramData\surrf and keep
Map Verwijderd : C:\ProgramData\WEeukappp
Map Verwijderd : C:\ProgramData\80930a77dff2b6e4
Map Verwijderd : C:\Program Files (x86)\Conduit
Map Verwijderd : C:\Program Files (x86)\surrf and keep
Map Verwijderd : C:\Program Files (x86)\WEeukappp
Map Verwijderd : C:\Program Files (x86)\YoutubeAdblocker
Map Verwijderd : C:\Users\Administrator\AppData\Local\torch
Map Verwijderd : C:\Users\Gast\AppData\Local\torch
Map Verwijderd : C:\Users\PC van Denies\AppData\Local\Bundled software uninstaller
Map Verwijderd : C:\Users\PC van Denies\AppData\Local\Conduit
Map Verwijderd : C:\Users\PC van Denies\AppData\Local\torch
Map Verwijderd : C:\Users\PC van Denies\AppData\LocalLow\Conduit
Map Verwijderd : C:\Users\PC van Denies\AppData\Roaming\Solvusoft
Bestand Verwijderd : C:\END
Bestand Verwijderd : C:\WINDOWS\System32\roboot64.exe

***** [ Geplande taken ] *****


***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Verwijderd : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Sleutel Verwijderd : HKCU\Software\BI
Sleutel Verwijderd : HKCU\Software\Conduit
Sleutel Verwijderd : HKCU\Software\Myfree Codec
Sleutel Verwijderd : HKCU\Software\RegisteredApplicationsEx
Sleutel Verwijderd : HKCU\Software\Softonic
Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Sleutel Verwijderd : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Sleutel Verwijderd : HKLM\SOFTWARE\Conduit
Sleutel Verwijderd : HKLM\SOFTWARE\Myfree Codec
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Gegevens Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v32.0.1700.102

[C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Verwijderd [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPC26C274A-021D-435C-84F3-4FC4A4414A76&q={searchTerms}
[C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Verwijderd [Extension] : aaaaacalgebmfelllfiaoknifldpngjh
[C:\Users\PC van Denies\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Verwijderd [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp

-\\ Chromium v


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [5481 bytes] - [23/04/2015 17:25:13]
AdwCleaner[S0].txt - [5065 bytes] - [23/04/2015 17:26:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5124  bytes] ##########

Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #8 on: April 23, 2015, 09:55:27 AM »
Third log:

JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.1 (04.23.2015:1)
OS: Windows 8.1 x64
Ran by PC van Denies on do 23-04-2015 at 17:30:49,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1556840761-1313434400-2009749808-1001
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1556840761-1313434400-2009749808-1003



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0BBFBAB0-F38C-4371-97D4-1A48BCC7EB18}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\SSAvoeLootts
Successfully deleted: [Folder] C:\ProgramData\surf anodd akeep





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on do 23-04-2015 at 17:34:26,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Last log:

MRT log:


---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.23, April 2015 (build 5.23.11300.0)
Started On Thu Apr 23 17:36:03 2015

Engine: 1.1.11502.0
Signatures: 1.195.1215.0

Results Summary:
----------------
No infection found.
Failed to submit clean hearbeat MAPS report: 0x80072EE7
Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 23 17:42:32 2015


Return code: 0 (0x0)

My question is, did i have a virus or some kind on my laptop or is this something you can't see/tell.

I will now try to update my system > check if that problem is solved.

I tried to instal two important updates:
Hewlett-packard - image - null print update of 6.7 MB
Update for microsoft visual studio 2010 tools for... of 38.3 MB

But i get the same error codes
Code 659 and code 80070490
« Last Edit: April 23, 2015, 09:59:07 AM by shaan »

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Windows update error 569 > virus
« Reply #9 on: April 23, 2015, 02:41:23 PM »
Select Windows key and X key together, from the list select command prompt (admin) at the command prompt type or copy and paste sfc /scannow > then tap enter. When finished type exit Tap enter, re-boot your PC.

***Note the space between sfc and /scannow

To get report, at command promt (admin) type or copy and paste:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt

The log will save to the Desktop, post to your reply. When that scan finishes re-boot and see if the updates now work...

Next,

If the updates fail again run the following:

Download Services Repair tool, available here - http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe and Save it to your Desktop. Right click on it and select Run As Administrator, follow the prompts. It should reboot when it finishes. If not reboot it yourself.

Check the updates again, any improvement?

Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #10 on: April 24, 2015, 01:49:08 AM »
The first step didnt find anything but i can't find the log.
I copied the line in command prompt but it didn't find it.

" FINDSTR: cannot open van
  FINDSTR: Cannot open Denies\Desktop\sfcdetails.txt

I triend to install updates.
I had 3 important updates
  2 of them didn't work the same:
Hewlett-packard - image - null print update of 6.7 MB
Update for microsoft visual studio 2010 tools for... of 38.3 MB

Error Code 659 and code 80070490

22 optional updates where 1 didn't work:
windows 8.1 voor x64 system

Error Code 800F0922

after the second scan the same problems keep apairing.

some updates do install but some don't.

I hope you can help me

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Windows update error 569 > virus
« Reply #11 on: April 24, 2015, 01:52:52 AM »
Download Portable Windows Repair (all in one) from one of the following:

http://www.tweaking.com/content/page/windows_repair_all_in_one.html
http://www.majorgeeks.com/Tweaking.com_-_Windows_Repair_Portable_d7222.html
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/

Unzip the contents into a newly created folder on your desktop.

Open the folder, run the tool by right click on Repair_Windows (icon with red briefcase) select "Run as Administrator"




From the main GUI do the following:


Select Tab 3 and allow it to run Disk check




Select Tab 4 and allow it to run SFC




Select Tab 5 and Create System Restore Point




Select Repairs tab => Click the Open repairs tab




The repairs window will open, Check the boxes as indicated, also the "Restart" option, then select Start...




DON'T use the computer while each scan is in progress.

Post the log, to access select "settings" tab > "open log folder" tab, log will be named _Windows_Repair_Log





Let me see that log,

Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #12 on: April 24, 2015, 08:56:51 AM »
During the scan it restart my system than it says: scanning and repairing drive .
First E drive, than the D drive.
At the D drive it stays on 10% for over 4 hours right now.

I keep my laptop on but i don't no if its still running or just hanging.


Offline shaan

  • Bronze Member
  • Posts: 15
Re: [Inactive - K] Windows update error 569 > virus
« Reply #13 on: April 24, 2015, 12:02:54 PM »
After 5 hours it done,

This is the log file:

Tweaking.com - Windows Repair v3.0.0
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 8.1
OS Architecture: 64-bit
OS Version: 6.3.9600
OS Service Pack:
Computer Name: DENIES
Windows Drive: C:\
Windows Path: C:\WINDOWS
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\PC van Denies
Current Profile SID: S-1-5-21-1556840761-1313434400-2009749808-1001
Current Profile Classes: S-1-5-21-1556840761-1313434400-2009749808-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Users\PC van Denies\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 01:30:11

Process Count: 92
Commit Total: 3,16 GB
Commit Limit: 15,95 GB
Commit Peak: 3,69 GB
Handle Count: 33550
Kernel Total: 696,87 MB
Kernel Paged: 495,91 MB
Kernel Non Paged: 200,96 MB
System Cache: 5,09 GB
Thread Count: 1183
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7,95 GB
Memory Used: 3,00 GB(37,7209%)
Memory Avail.: 4,95 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7,95 GB
Memory Used: 2,55 GB(32,0699%)
Memory Avail.: 5,40 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (24-4-2015 11:09:30)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 172
 
01 - Reset Registry Permissions
   Restore Windows 8 Default Registry Permissions
   Start (24-4-2015 11:09:31)


Decompressing & Updating Windows Permission File hkud.txt
Done,  0,19 seconds.


Decompressing & Updating Windows Permission File hkcu.txt
Done,  0,28 seconds.


Decompressing & Updating Windows Permission File hkcr.txt
Done,  1,25 seconds.


Decompressing & Updating Windows Permission File hklm.txt
Done,  2,44 seconds.

   Running Repair Under System Account
   Running Repair Under Current User Account
   Done (24-4-2015 11:17:07)

02 - Reset File Permissions: C:
   C: & Sub Folders
   Start (24-4-2015 11:17:07)

   Trying To Run Repair As Trusted Installer.
   This Repair Is Hidden By Windows Itself.
   You Can See The Repair Working In The Task Manager.
   Running Repair As Trusted Installer
   Done (24-4-2015 11:31:26)

02 - Reset File Permissions
   Restore Windows 8 Default File Permissions
   Start (24-4-2015 11:31:26)


Decompressing & Updating Windows Permission File default.txt
Done,  0,18 seconds.


Decompressing & Updating Windows Permission File profile.txt
Done,  0,21 seconds.


Decompressing & Updating Windows Permission File program_files.txt
Done,  0,36 seconds.


Decompressing & Updating Windows Permission File program_files_x86.txt
Done,  0,19 seconds.


Decompressing & Updating Windows Permission File programdata.txt
Done,  0,18 seconds.


Decompressing & Updating Windows Permission File windows.txt
Done,  2,14 seconds.

   Running Repair Under System Account
   Done (24-4-2015 11:42:25)

02 - Reset File Permissions: D:
   D: & Sub Folders
   Start (24-4-2015 11:42:25)

   Trying To Run Repair As Trusted Installer.
   This Repair Is Hidden By Windows Itself.
   You Can See The Repair Working In The Task Manager.
   Running Repair As Trusted Installer
   Done (24-4-2015 11:44:12)

02 - Reset File Permissions: E:
   E: & Sub Folders
   Start (24-4-2015 11:44:12)

   Trying To Run Repair As Trusted Installer.
   This Repair Is Hidden By Windows Itself.
   You Can See The Repair Working In The Task Manager.
   Running Repair As Trusted Installer
   Done (24-4-2015 11:44:30)

02 - Reset File Permissions: Cleanup
   Repairing Restricted Folders Permissions To Avoid Infinite Loops
   Start (24-4-2015 11:44:30)

   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:44:33)

03 - Reset Service Permissions
   Start (24-4-2015 11:44:33)

   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:44:45)

04 - Register System Files
   Start (24-4-2015 11:44:45)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:45:25)

05 - Repair WMI
   Start (24-4-2015 11:45:25)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   ESET NOD32 Antivirus 4.2 Exported.
   Windows Defender Exported.

   Exporting AntiSpyware Info...
   ESET NOD32 Antivirus 4.2 Exported.
   Windows Defender Exported.

   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.

   Running Repair Under Current User Account
   Done (24-4-2015 11:47:54)

06 - Repair Windows Firewall
   Start (24-4-2015 11:47:54)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:48:40)

07 - Repair Internet Explorer
   Start (24-4-2015 11:48:41)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:49:09)

08 - Repair MDAC/MS Jet
   Start (24-4-2015 11:49:09)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:49:21)

09 - Repair Hosts File
   Start (24-4-2015 11:49:21)
   Running Repair Under System Account
   Done (24-4-2015 11:49:22)

10 - Remove Policies Set By Infections
   Start (24-4-2015 11:49:23)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:49:28)

11 - Repair Start Menu Icons Removed By Infections
   Start (24-4-2015 11:49:28)
   Running Repair Under System Account
   Done (24-4-2015 11:49:29)

12 - Repair Icons
   Start (24-4-2015 11:49:29)
   Running Repair Under Current User Account
   Done (24-4-2015 11:49:32)

13 - Repair Winsock & DNS Cache
   Start (24-4-2015 11:49:32)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:49:46)

14 - Remove Temp Files
   Start (24-4-2015 11:49:47)
   Running Repair Under System Account
   Done (24-4-2015 11:49:49)

15 - Repair Proxy Settings
   Start (24-4-2015 11:49:49)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:49:52)

16 - Unhide Non System Files
   Start (24-4-2015 11:49:52)
   C:\ - Total Files Unhidden: 2497 - Check Unhidden_Files.txt for list of files unhidden
   D:\ - Total Files Unhidden: 966 - Check Unhidden_Files.txt for list of files unhidden
   E:\ - Total Files Unhidden: 0 - Check Unhidden_Files.txt for list of files unhidden
   Done (24-4-2015 11:50:06)

17 - Repair Windows Updates
   Start (24-4-2015 11:50:06)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (24-4-2015 11:50:35)

18 - Repair CD/DVD Missing/Not Working
   Start (24-4-2015 11:50:35)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (24-4-2015 11:50:35)

19 - Repair Volume Shadow Copy Service
   Start (24-4-2015 11:50:35)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:02)

20 - Repair Windows Sidebar/Gadgets
   Start (24-4-2015 11:51:02)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:06)

21 - Repair MSI (Windows Installer)
   Start (24-4-2015 11:51:06)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:20)

22 - Repair Windows Snipping Tool
   Start (24-4-2015 11:51:21)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:23)

23.01 - Repair bat Association
   Start (24-4-2015 11:51:23)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:25)

23.02 - Repair cmd Association
   Start (24-4-2015 11:51:25)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:27)

23.03 - Repair com Association
   Start (24-4-2015 11:51:27)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:30)

23.04 - Repair Directory Association
   Start (24-4-2015 11:51:30)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:32)

23.05 - Repair Drive Association
   Start (24-4-2015 11:51:32)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:34)

23.06 - Repair exe Association
   Start (24-4-2015 11:51:34)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:37)

23.07 - Repair Folder Association
   Start (24-4-2015 11:51:37)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:39)

23.08 - Repair inf Association
   Start (24-4-2015 11:51:39)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:41)

23.09 - Repair lnk (Shortcuts) Association
   Start (24-4-2015 11:51:41)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:43)

23.10 - Repair msc Association
   Start (24-4-2015 11:51:43)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:46)

23.11 - Repair reg Association
   Start (24-4-2015 11:51:46)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:48)

23.12 - Repair scr Association
   Start (24-4-2015 11:51:48)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:50)

24 - Repair Windows Safe Mode
   Start (24-4-2015 11:51:50)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:51:53)

25 - Repair Print Spooler
   Start (24-4-2015 11:51:53)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:52:09)

26 - Restore Important Windows Services
   Start (24-4-2015 11:52:09)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:52:21)

27 - Set Windows Services To Default Startup
   Start (24-4-2015 11:52:21)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 11:52:27)

28.01 - Repair Windows 8 App Store
   Start (24-4-2015 11:52:27)

Decompressing & Updating Windows Permission File hkcu.txt
Done,  0,33 seconds.

   Running Repair Under Current User Account
   Done (24-4-2015 11:52:50)

29 - Repair Windows 8 Component Store
   Start (24-4-2015 11:52:50)
   Running Repair Under Current User Account
   Done (24-4-2015 12:27:12)

30 - Restore Windows 8 COM+ Unmarshalers
   Start (24-4-2015 12:27:12)
   Running Repair Under System Account
Processing ACL of: <classes_root\Unmarshalers>

SetACL finished with error(s):
SetACL error message: The call to SetNamedSecurityInfo () failed
Operating system error message: Toegang geweigerd.

   Done (24-4-2015 12:27:13)

31 - Repair Windows 'New' Submenu
   Start (24-4-2015 12:27:13)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 12:27:16)

32 - Restore UAC (User Account Control) Settings
   Start (24-4-2015 12:27:16)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (24-4-2015 12:27:18)

33 - Repair Performance Counters
   Start (24-4-2015 12:27:18)
   Running Repair Under Current User Account
   Done (24-4-2015 12:27:24)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (24-4-2015 12:27:24)
   Total Repair Time: 01:17:57


...YOU MUST RESTART YOUR SYSTEM...


I want to thank you sincerely for your help so fare.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Windows update error 569 > virus
« Reply #14 on: April 24, 2015, 03:27:35 PM »
What is the current status of your system, are there any remaining issues or concerns?