Ga naar inhoud

Logbestand combi fix.. Kan iemand mij hierbij helpen? Alvast bedankt.

Jowa2004
 Delen

Aanbevolen berichten

Jowa2004 Nieuweling

Jowa2004

Geplaatst:
Geplaatst:

ComboFix 14-07-21.01 - john 21-07-2014 21:50:25.1.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.16335.13929 [GMT 2:00]

Gestart vanuit: c:\users\john\Desktop\ComboFix_14_4_30_1.exe

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\SearchProtect

c:\program files (x86)\SearchProtect\EULA.txt

c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe

c:\program files (x86)\SearchProtect\Main\bin\SPTool.dll

c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe

c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat

c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe

c:\program files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe

c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll

c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll

c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

c:\program files (x86)\SearchProtect\UI\bin\cltmngui.exe

c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css

c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html

c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js

c:\program files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js

c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png

c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png

c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js

c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js

c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js

c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js

c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js

c:\program files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js

c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js

c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css

c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html

c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js

c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js

c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css

c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html

c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js

c:\program files (x86)\SearchProtect\UI\dialogs\settings.html

c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js

c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css

c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html

c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js

c:\program files (x86)\SearchProtect\UI\dialogs\style.css

c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js

c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css

c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html

c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_imonhoeiopfgoncjdldhhfjgocghkbbl_0

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_imonhoeiopfgoncjdldhhfjgocghkbbl_0\2

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\background.html

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\chromeCoreFilesIndex.txt

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\crossriderManifest.json

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\manifest.xml

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins.json

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\1.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\102.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\103.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\104.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\13.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\14.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\17.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\177.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\182.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\183.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\184.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\19.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\191.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\207.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\21.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\22.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\223.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\242.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\244.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\246.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\28.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\4.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\47.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\64.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\72.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\78.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\80.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\91.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\93.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\plugins\97.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\userCode\background.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\extensionData\userCode\extension.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\icons\actions\1.png

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\icons\icon128.png

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\icons\icon16.png

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\icons\icon48.png

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\api\chrome.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\api\cookie.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\api\message.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\api\monitor.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\api\pageAction.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\api\pageActionBG.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\background.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\app_api.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\bg_app_api.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\consts.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\cookie_store.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\crossriderAPI.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\delegate.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\events.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\extensionDataStore.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\installer.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\logFile.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\logging.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\onBGDocumentLoad.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\popupResource\newPopup.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\popupResource\popup.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\reports.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\storageWrapper.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\updateManager.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\util.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\lib\xhr.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\main.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\js\platformVersion.js

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\manifest.json

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Extensions\imonhoeiopfgoncjdldhhfjgocghkbbl\1.26.18_0\popup.html

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000054.ldb

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000068.ldb

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000080.ldb

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000101.ldb

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\000105.log

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\CURRENT

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\LOCK

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\LOG

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\LOG.old

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imonhoeiopfgoncjdldhhfjgocghkbbl\MANIFEST-000103

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_imonhoeiopfgoncjdldhhfjgocghkbbl_0.localstorage-journal

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_imonhoeiopfgoncjdldhhfjgocghkbbl_0.localstorage

c:\users\john\AppData\Local\Google\Chrome\User Data\Default\Preferences

c:\users\john\AppData\Local\nsl1224.tmp

c:\users\john\AppData\Local\nslF667.tmp

c:\users\john\AppData\Local\pxihqrac.exe

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_ProtectMonitor

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2014-06-21 to 2014-07-21 ))))))))))))))))))))))))))))))

.

.

2014-07-21 19:47 . 2014-07-21 19:47 -------- d-----w- c:\users\john\AppData\Roaming\FirefoxToolbar

2014-07-21 19:47 . 2014-07-21 19:47 -------- d-----w- c:\program files (x86)\Settings Manager

2014-07-21 19:47 . 2014-07-21 19:47 -------- d-----w- c:\programdata\systemk

2014-07-21 19:05 . 2014-07-21 19:05 -------- d-----w- c:\users\john\AppData\Local\Mozilla Firefox

2014-07-21 18:41 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6217FED4-2929-471C-B6D3-BFCF20870F60}\mpengine.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-07-21 19:10 . 2014-04-24 21:39 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2014-07-21 19:10 . 2012-03-13 06:55 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-06-09 10:07 . 2014-06-14 11:51 61120 ----a-w- c:\windows\system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64.sys

2014-06-08 09:13 . 2014-06-14 11:57 506368 ----a-w- c:\windows\system32\aepdu.dll

2014-06-08 09:08 . 2014-06-14 11:57 424448 ----a-w- c:\windows\system32\aeinv.dll

2014-06-05 10:54 . 2012-03-12 20:25 10779000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-06-03 16:49 . 2014-06-03 16:49 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2014-06-03 16:49 . 2014-06-03 16:49 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2014-05-30 10:21 . 2014-06-14 11:57 23414784 ----a-w- c:\windows\system32\mshtml.dll

2014-05-30 10:02 . 2014-06-14 11:57 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2014-05-30 10:02 . 2014-06-14 11:57 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll

2014-05-30 09:45 . 2014-06-14 11:57 2768384 ----a-w- c:\windows\system32\iertutil.dll

2014-05-30 09:39 . 2014-06-14 11:57 548352 ----a-w- c:\windows\system32\vbscript.dll

2014-05-30 09:39 . 2014-06-14 11:57 66048 ----a-w- c:\windows\system32\iesetup.dll

2014-05-30 09:38 . 2014-06-14 11:57 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll

2014-05-30 09:28 . 2014-06-14 11:57 51200 ----a-w- c:\windows\system32\jsproxy.dll

2014-05-30 09:27 . 2014-06-14 11:57 33792 ----a-w- c:\windows\system32\iernonce.dll

2014-05-30 09:24 . 2014-06-14 11:57 574976 ----a-w- c:\windows\system32\ieui.dll

2014-05-30 09:21 . 2014-06-14 11:57 139264 ----a-w- c:\windows\system32\ieUnatt.exe

2014-05-30 09:21 . 2014-06-14 11:57 111616 ----a-w- c:\windows\system32\ieetwcollector.exe

2014-05-30 09:20 . 2014-06-14 11:57 752640 ----a-w- c:\windows\system32\jscript9diag.dll

2014-05-30 09:11 . 2014-06-14 11:57 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2014-05-30 09:08 . 2014-06-14 11:57 5782528 ----a-w- c:\windows\system32\jscript9.dll

2014-05-30 09:06 . 2014-06-14 11:57 452096 ----a-w- c:\windows\system32\dxtmsft.dll

2014-05-30 09:02 . 2014-06-14 11:57 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb

2014-05-30 08:55 . 2014-06-14 11:57 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll

2014-05-30 08:49 . 2014-06-14 11:57 195584 ----a-w- c:\windows\system32\msrating.dll

2014-05-30 08:46 . 2014-06-14 11:57 85504 ----a-w- c:\windows\system32\mshtmled.dll

2014-05-30 08:44 . 2014-06-14 11:57 455168 ----a-w- c:\windows\SysWow64\vbscript.dll

2014-05-30 08:44 . 2014-06-14 11:57 295424 ----a-w- c:\windows\system32\dxtrans.dll

2014-05-30 08:43 . 2014-06-14 11:57 61952 ----a-w- c:\windows\SysWow64\iesetup.dll

2014-05-30 08:42 . 2014-06-14 11:57 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll

2014-05-30 08:35 . 2014-06-14 11:57 608768 ----a-w- c:\windows\system32\ie4uinit.exe

2014-05-30 08:29 . 2014-06-14 11:57 631808 ----a-w- c:\windows\system32\msfeeds.dll

2014-05-30 08:28 . 2014-06-14 11:57 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2014-05-30 08:27 . 2014-06-14 11:57 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll

2014-05-30 08:24 . 2014-06-14 11:57 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll

2014-05-30 08:23 . 2014-06-14 11:57 2040832 ----a-w- c:\windows\system32\inetcpl.cpl

2014-05-30 08:10 . 2014-06-14 11:57 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2014-05-30 07:56 . 2014-06-14 11:57 2266112 ----a-w- c:\windows\system32\wininet.dll

2014-05-30 07:56 . 2014-06-14 11:57 4244992 ----a-w- c:\windows\SysWow64\jscript9.dll

2014-05-30 07:50 . 2014-06-14 11:57 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2014-05-30 07:49 . 2014-06-14 11:57 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2014-05-30 07:43 . 2014-06-14 11:57 13522944 ----a-w- c:\windows\system32\ieframe.dll

2014-05-30 07:30 . 2014-06-14 11:57 1398272 ----a-w- c:\windows\system32\urlmon.dll

2014-05-30 07:21 . 2014-06-14 11:57 1790976 ----a-w- c:\windows\SysWow64\wininet.dll

2014-05-30 07:13 . 2014-06-14 11:57 846336 ----a-w- c:\windows\system32\ieapfltr.dll

2014-05-25 10:25 . 2014-05-25 10:25 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-05-22 16:18 . 2014-05-29 20:27 61120 ----a-w- c:\windows\system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys

2014-05-14 05:02 . 2014-05-14 05:02 62592 ----a-w- c:\windows\system32\drivers\a38usb.sys

2014-05-14 05:02 . 2014-05-14 05:02 137216 ----a-w- c:\windows\system32\usbr38.dll

2014-05-08 14:51 . 2014-04-24 21:49 1727856 ----a-w- c:\users\john\AppData\Local\AnyProtectScannerSetup.exe

2014-05-08 09:32 . 2014-06-14 11:57 1112064 ----a-w- c:\windows\system32\rdpcorets.dll

2014-04-27 00:20 . 2014-04-27 00:20 194048 ----a-w- c:\windows\SysWow64\elshyph.dll

2014-04-27 00:20 . 2014-04-27 00:20 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2014-04-27 00:20 . 2014-04-27 00:20 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll

2014-04-27 00:20 . 2014-04-27 00:20 62464 ----a-w- c:\windows\SysWow64\tdc.ocx

2014-04-27 00:20 . 2014-04-27 00:20 337408 ----a-w- c:\windows\SysWow64\html.iec

2014-04-27 00:20 . 2014-04-27 00:20 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll

2014-04-27 00:20 . 2014-04-27 00:20 235008 ----a-w- c:\windows\system32\elshyph.dll

2014-04-27 00:20 . 2014-04-27 00:20 182272 ----a-w- c:\windows\SysWow64\msls31.dll

2014-04-27 00:20 . 2014-04-27 00:20 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll

2014-04-27 00:20 . 2014-04-27 00:20 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2014-04-27 00:20 . 2014-04-27 00:20 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll

2014-04-27 00:20 . 2014-04-27 00:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2014-04-27 00:20 . 2014-04-27 00:20 36352 ----a-w- c:\windows\SysWow64\imgutil.dll

2014-04-27 00:20 . 2014-04-27 00:20 151552 ----a-w- c:\windows\SysWow64\iexpress.exe

2014-04-27 00:20 . 2014-04-27 00:20 139264 ----a-w- c:\windows\SysWow64\wextract.exe

2014-04-27 00:20 . 2014-04-27 00:20 13312 ----a-w- c:\windows\SysWow64\mshta.exe

2014-04-27 00:20 . 2014-04-27 00:20 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2014-04-27 00:20 . 2014-04-27 00:20 942592 ----a-w- c:\windows\system32\jsIntl.dll

2014-04-27 00:20 . 2014-04-27 00:20 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2014-04-27 00:20 . 2014-04-27 00:20 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2014-04-27 00:20 . 2014-04-27 00:20 81408 ----a-w- c:\windows\system32\icardie.dll

2014-04-27 00:20 . 2014-04-27 00:20 77312 ----a-w- c:\windows\system32\tdc.ocx

2014-04-27 00:20 . 2014-04-27 00:20 616104 ----a-w- c:\windows\system32\ieapfltr.dat

2014-04-27 00:20 . 2014-04-27 00:20 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2014-04-27 00:20 . 2014-04-27 00:20 48640 ----a-w- c:\windows\system32\mshtmler.dll

2014-04-27 00:20 . 2014-04-27 00:20 413696 ----a-w- c:\windows\system32\html.iec

2014-04-27 00:20 . 2014-04-27 00:20 30208 ----a-w- c:\windows\system32\licmgr10.dll

2014-04-27 00:20 . 2014-04-27 00:20 263376 ----a-w- c:\windows\system32\iedkcs32.dll

2014-04-27 00:20 . 2014-04-27 00:20 247808 ----a-w- c:\windows\system32\msls31.dll

2014-04-27 00:20 . 2014-04-27 00:20 243200 ----a-w- c:\windows\system32\webcheck.dll

2014-04-27 00:20 . 2014-04-27 00:20 235520 ----a-w- c:\windows\system32\url.dll

2014-04-27 00:20 . 2014-04-27 00:20 167424 ----a-w- c:\windows\system32\iexpress.exe

2014-04-27 00:20 . 2014-04-27 00:20 143872 ----a-w- c:\windows\system32\wextract.exe

2014-04-27 00:20 . 2014-04-27 00:20 13312 ----a-w- c:\windows\system32\msfeedssync.exe

2014-04-27 00:20 . 2014-04-27 00:20 131072 ----a-w- c:\windows\system32\IEAdvpack.dll

2014-04-27 00:20 . 2014-04-27 00:20 105984 ----a-w- c:\windows\system32\iesysprep.dll

2014-04-27 00:20 . 2014-04-27 00:20 101376 ----a-w- c:\windows\system32\inseng.dll

2014-04-27 00:20 . 2014-04-27 00:20 147968 ----a-w- c:\windows\system32\occache.dll

2014-04-27 00:20 . 2014-04-27 00:20 83968 ----a-w- c:\windows\system32\MshtmlDac.dll

2014-04-27 00:20 . 2014-04-27 00:20 774144 ----a-w- c:\windows\system32\jscript.dll

2014-04-27 00:20 . 2014-04-27 00:20 62464 ----a-w- c:\windows\system32\pngfilt.dll

2014-04-27 00:20 . 2014-04-27 00:20 48128 ----a-w- c:\windows\system32\imgutil.dll

2014-04-27 00:20 . 2014-04-27 00:20 13824 ----a-w- c:\windows\system32\mshta.exe

2014-04-27 00:20 . 2014-04-27 00:20 135680 ----a-w- c:\windows\system32\iepeers.dll

2014-04-27 00:17 . 2014-04-27 00:17 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-04-27 00:17 . 2014-04-27 00:17 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2014-04-27 00:17 . 2014-04-27 00:17 648192 ----a-w- c:\windows\system32\d3d10level9.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110511421148}]

2014-04-24 21:38 499560 ----a-w- c:\program files (x86)\Freeven pro\Freeven pro-bho.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]

"uTorrent"="c:\users\john\AppData\Roaming\uTorrent\uTorrent.exe" [2014-07-21 1322832]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792]

"PivotSoftware"="c:\program files (x86)\Portrait Displays\Pivot Software\wpctrl.exe" [2007-02-09 694008]

"DT ACR"="c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" [2012-04-13 121648]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 CltMngSvc;Search Protect Service;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe [x]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys;c:\windows\SYSNATIVE\DRIVERS\a38usb.sys [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys;c:\windows\SYSNATIVE\DRIVERS\MpNWMon.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 SPPD;SPPD;c:\windows\system32\drivers\SPPD.sys;c:\windows\SYSNATIVE\drivers\SPPD.sys [x]

R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]

R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S1 {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64;{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64;c:\windows\system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys;c:\windows\SYSNATIVE\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}Gw64.sys [x]

S1 {2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64;{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64;c:\windows\system32\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64.sys;c:\windows\SYSNATIVE\drivers\{2c976a7f-dbdc-4756-870f-f6d183fe7a7e}w64.sys [x]

S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]

S2 Re-markit;Re-markit;c:\program files (x86)\Re-markit-soft\Re-markitfQL161.exe;c:\program files (x86)\Re-markit-soft\Re-markitfQL161.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 Update WiseEnhance;Update WiseEnhance;c:\program files (x86)\WiseEnhance\updateWiseEnhance.exe;c:\program files (x86)\WiseEnhance\updateWiseEnhance.exe [x]

S2 Util WiseEnhance;Util WiseEnhance;c:\program files (x86)\WiseEnhance\bin\utilWiseEnhance.exe;c:\program files (x86)\WiseEnhance\bin\utilWiseEnhance.exe [x]

S2 vosr;Service Component of VO;c:\users\john\AppData\Roaming\VOPackage\VOsrv.exe;c:\users\john\AppData\Roaming\VOPackage\VOsrv.exe [x]

S3 ISCT;Intel® Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]

S3 iusb3hub;Intel® USB 3.0 hub-stuurprogramma;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]

S3 iusb3xhc;Intel® USB 3.0 uitbreidbare hostcontroller-stuurprogramma;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]

S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

Inhoud van de 'Gedeelde Taken' map

.

2014-07-21 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-1.job

- c:\program files (x86)\Freeven pro\Freeven pro-codedownloader.exe [2014-04-24 21:38]

.

2014-07-21 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-2.job

- c:\program files (x86)\Freeven pro\4f687e4b-4bce-416b-af60-c0699d75fa82-2.exe [2014-04-24 21:38]

.

2014-07-21 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-3.job

- c:\program files (x86)\Freeven pro\4f687e4b-4bce-416b-af60-c0699d75fa82-3.exe [2014-04-24 21:38]

.

2014-07-21 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-4.job

- c:\program files (x86)\Freeven pro\4f687e4b-4bce-416b-af60-c0699d75fa82-4.exe [2014-04-24 21:38]

.

2014-07-21 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-5.job

- c:\program files (x86)\Freeven pro\4f687e4b-4bce-416b-af60-c0699d75fa82-5.exe [2014-04-24 21:38]

.

2014-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-24 19:10]

.

2014-07-21 c:\windows\Tasks\AutoKMS.job

- c:\windows\AutoKMS\AutoKMS.exe [2012-03-13 07:15]

.

2014-07-21 c:\windows\Tasks\Re-markit Update.job

- c:\program files (x86)\Re-markit-soft\Re-markitfQL.exe [2014-04-24 21:37]

.

2014-07-21 c:\windows\Tasks\Re-markit_wd.job

- c:\program files (x86)\Re-markit-soft\Re-markitfQLOWw.exe [2014-04-24 21:37]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]

"Rocketdock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.default-search.net?sid=476&aid=135&itype=n&ver=13396&tm=415&src=hmp

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyServer = http=127.0.0.1:14187

uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZYr-wTox5537oEM2J1k02FhdPhxKT8866VIfUFSAONn3cmlpmGEu_QfM9oGSbh8XYCI9AFlgA_0XIfQdCvTMJyEha6t2I9GVEudcrjj6fOkTSFiDGBQHzcnENvqXMG_7Kx_niZaTBE09g,,&q={searchTerms}

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.130.131 195.130.131.131

FF - ProfilePath - c:\users\john\AppData\Roaming\Mozilla\Firefox\Profiles\ni7fr3qo.default-1405969850678\

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKCU-Run-pxihqrac - c:\users\john\appdata\local\pxihqrac.exe

Wow6432Node-HKLM-Run-fst_be_33 - (no file)

Wow6432Node-HKLM-Run-beid - c:\program files (x86)\Belgium Identity Card\beid35gui.exe

c:\users\john\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pxihqrac.lnk - c:\users\john\AppData\Local\pxihqrac.exe /r

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe

AddRemove-pxihqrac - c:\users\john\appdata\local\pxihqrac.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.14"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\program files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe

c:\program files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\Acer Display\eDisplay Management\DTHtml.exe

c:\program files (x86)\Portrait Displays\Pivot Software\floater.exe

.

**************************************************************************

.

Voltooingstijd: 2014-07-21 21:59:47 - machine werd herstart

ComboFix-quarantined-files.txt 2014-07-21 19:59

.

Pre-Run: 32.800.129.024 bytes beschikbaar

Post-Run: 32.487.849.984 bytes beschikbaar

.

- - End Of File - - F9FDC83B42C81C978C5E42BF8EC8A070

8F558EB6672622401DA993E1E865C861

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  c:\program files (x86)\Settings Manager
 c:\programdata\systemk
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110511421148}];r64
 c:\program files (x86)\Freeven pro;fs
 Re-markit;s
 c:\program files (x86)\Re-markit-soft;fs
 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-1.job;f
 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-2.job;f
 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-3.job;f
 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-4.job;f
 c:\windows\Tasks\4f687e4b-4bce-416b-af60-c0699d75fa82-5.job;f
 c:\windows\Tasks\AutoKMS.job;f
 c:\windows\AutoKMS;fs
 c:\windows\Tasks\Re-markit Update.job;f
 c:\windows\Tasks\Re-markit_wd.job;f
 resetIEproxy;
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.