ComboFix 14-06-03.01 - peter 03/06/2014  11:21:58.1.1 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.32.1043.18.1014.298 [GMT 2:00]
Gestart vanuit: c:\users\peter\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2014-05-03 to 2014-06-03  ))))))))))))))))))))))))))))))
.
.
2014-06-03 09:31 . 2014-06-03 09:31	--------	d-----w-	c:\users\Kristelke\AppData\Local\temp
2014-06-03 09:31 . 2014-06-03 09:31	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-06-03 08:09 . 2014-06-03 08:09	62576	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4100AEBE-5566-4473-8E77-A497BA3A2AFB}\offreg.dll
2014-06-03 08:09 . 2014-06-03 08:09	39464	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4100AEBE-5566-4473-8E77-A497BA3A2AFB}\MpKslf1aba145.sys
2014-06-03 08:03 . 2014-04-30 23:37	8073384	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4100AEBE-5566-4473-8E77-A497BA3A2AFB}\mpengine.dll
2014-06-01 09:03 . 2014-04-30 23:37	8073384	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-31 15:50 . 2014-05-31 15:50	--------	d-----w-	c:\program files\iPod
2014-05-31 15:50 . 2014-05-31 15:52	--------	d-----w-	c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-31 15:50 . 2014-05-31 15:52	--------	d-----w-	c:\program files\iTunes
2014-05-24 10:46 . 2014-05-24 10:46	--------	d-----w-	c:\program files\Common Files\Java
2014-05-24 10:46 . 2014-05-24 10:46	94632	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2014-05-24 10:45 . 2014-05-24 10:45	--------	d-----w-	c:\program files\Java
2014-05-24 10:06 . 2014-05-03 08:51	765968	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D0957DED-5599-4A24-AFBE-CA4241AAC88F}\gapaengine.dll
2014-05-24 09:01 . 2014-05-24 09:01	--------	d-----w-	c:\users\peter\Doctor Web
2014-05-21 09:06 . 2014-05-21 09:06	--------	d-sh--w-	c:\users\peter\AppData\Local\EmieUserList
2014-05-21 09:06 . 2014-05-21 09:06	--------	d-sh--w-	c:\users\peter\AppData\Local\EmieSiteList
2014-05-21 09:04 . 2014-05-21 09:07	--------	d-----w-	c:\program files\GorbTrack
2014-05-18 15:01 . 2014-05-18 15:01	--------	d-----w-	c:\program files\ESET
2014-05-18 08:14 . 2014-05-21 08:40	--------	d-----w-	c:\program files\Emsisoft Anti-Malware
2014-05-17 15:13 . 2014-05-21 09:01	107736	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-17 15:13 . 2014-05-17 15:13	--------	d-----w-	c:\programdata\Malwarebytes
2014-05-16 08:56 . 2014-05-24 10:47	--------	d-----w-	c:\programdata\Oracle
2014-05-16 08:29 . 2010-08-30 06:34	536576	----a-w-	c:\windows\system32\sqlite3.dll
2014-05-16 08:28 . 2014-05-16 09:44	--------	d-----w-	C:\AdwCleaner
2014-05-15 10:34 . 2014-05-15 10:17	24064	----a-w-	c:\windows\zoek-delete.exe
2014-05-15 10:34 . 2014-06-03 09:31	--------	d-----w-	c:\users\peter\AppData\Local\Temp
2014-05-15 08:04 . 2014-05-15 08:12	--------	d-----w-	C:\rsit
2014-05-14 21:20 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-08 16:22 . 2014-05-08 16:22	--------	d-----w-	c:\program files\Microsoft Silverlight
2014-05-08 13:48 . 2014-05-08 13:48	227704	----a-w-	c:\program files\Internet Explorer\Plugins\nppdf32.dll
2014-05-06 20:25 . 2014-05-15 07:34	--------	d-s---w-	c:\windows\system32\CompatTel
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-03 08:51 . 2014-02-19 09:58	765968	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-03-31 20:46 . 2014-03-31 20:46	130712	----a-w-	c:\windows\system32\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46	1070232	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2014-03-11 07:52 . 2013-09-27 08:53	104264	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-06 08:31 . 2014-04-23 12:13	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:02 . 2014-04-23 12:13	61952	----a-w-	c:\windows\system32\iesetup.dll
2014-03-06 08:02 . 2014-04-23 12:13	455168	----a-w-	c:\windows\system32\vbscript.dll
2014-03-06 08:01 . 2014-04-23 12:13	51200	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-03-06 07:46 . 2014-04-23 12:13	4254720	----a-w-	c:\windows\system32\jscript9.dll
2014-03-06 07:38 . 2014-04-23 12:13	112128	----a-w-	c:\windows\system32\ieUnatt.exe
2014-03-06 07:38 . 2014-04-23 12:13	108032	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-03-06 07:36 . 2014-04-23 12:13	592896	----a-w-	c:\windows\system32\jscript9diag.dll
2014-03-06 07:28 . 2014-04-23 12:13	646144	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 07:13 . 2014-04-23 12:13	32256	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 06:40 . 2014-04-23 12:13	1967104	----a-w-	c:\windows\system32\inetcpl.cpl
2014-03-06 05:41 . 2014-04-23 12:13	1789440	----a-w-	c:\windows\system32\wininet.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2014-01-17 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-05-26 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-02-09 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R3 cleanhlp;cleanhlp;c:\program files\Emsisoft Anti-Malware\cleanhlp32.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-05-21 107736]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MPKSLF1ABA145
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 12:58	1091912	----a-w-	c:\program files\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2014-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-11 10:28]
.
2014-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-11 10:28]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.com
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.237.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2014-06-03  11:34:55
ComboFix-quarantined-files.txt  2014-06-03 09:34
.
Pre-Run: 66.840.252.416 bytes beschikbaar
Post-Run: 66.645.905.408 bytes beschikbaar
.
- - End Of File - - 896535D29E8C125EFDC9B5BF0B868C68
A36C5E4F47E84449FF07ED3517B43A31