Mededeling

Collapse
No announcement yet.

Irritante reclames

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Irritante reclames

    Hallo,

    Sinds kort ervaar ik overbodige reclames. Kunnen jullie mij hiermee helpen?
    Ik waardeer jullie hulp enorm!

    Bij voorbaat dank,

    Mvg



    Malwarebytes

    <?xml version="1.0" encoding="UTF-8" ?>
    <logs>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:40.206440+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="833f193a-cb97-49f2-a74f-e8d47ea3c548" result="Starting" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:40.219441+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="821f5464-667c-428a-a7bf-94e99388cae5" result="Started" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:40.239442+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="24e6d0a0-3de3-40b1-8082-b5b99dca0a9b" result="Starting" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:40.488844+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="b05734c0-62ab-4ad8-9e7b-0ef45d4f1db7" result="Started" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="1" datetime="2014-11-20T14:56:51.874249+01:00" source="Scheduler" type="Update" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" fromVersion="2014.11.19.7" last_modified_tag="212b4ff2-6130-43d9-87dc-8347aff0bebe" name="Malware Database" toVersion="2014.11.20.4"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:51.905449+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="a37c5fe6-f16d-4980-82fd-9d8484813d41" result="Starting" subtype="Refresh"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:51.921049+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="c3130d68-9bb5-4776-ab37-2ce348b2e1b3" result="Stopping" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:51.956249+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="e4fe7081-7520-481d-b0d0-46530483a1a4" result="Stopped" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:56.841619+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="00606a5e-b159-49e5-9a2d-81ab17d8db87" result="Success" subtype="Refresh"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:56.872819+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="c5397c56-bec4-47c0-a3e6-c2bc183d53f8" result="Starting" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T14:56:57.125630+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="7a71ac08-ee61-4e37-873b-6a04c752b1b6" result="Started" subtype="Malicious Website Protection"></record>
    <record severity="debug" scantype="threat" LoggingEventType="6" starttime="2014-11-20T15:30:45+01:00" datetime="2014-11-20T15:53:56.760330+01:00" source="Manual" type="Scan" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="0b4b3381-19cb-4380-8689-bc4be0bfe1f1" duration="1356" malwaredetections="0" nonmalwaredetections="2" scanresult="completed"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T15:56:05.606506+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="c2f0325b-337c-40fe-afc9-5faad3b2fedf" result="Starting" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T15:56:05.700106+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="7f076eff-7a24-47c4-a122-c3f0a39769b1" result="Started" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T15:56:05.746906+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="8ba54301-57d5-467f-ab33-49ebbc7a8273" result="Starting" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T15:56:06.043306+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="d1c37d5e-119c-4ddf-8162-49967ab18dfd" result="Started" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T16:50:18.956096+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="593c2624-5c3a-4eb5-8dad-94848ea31d39" result="Starting" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T16:50:19.065296+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="834e62a5-b902-49a2-986b-465262273b56" result="Started" subtype="Malware Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T16:50:19.143296+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="91a6032a-1a8e-4705-bbcc-52398d61db30" result="Starting" subtype="Malicious Website Protection"></record>
    <record severity="debug" LoggingEventType="2" datetime="2014-11-20T16:50:19.470897+01:00" source="Protection" type="Protection" username="SYSTEM" systemname="GEBRUIK-JHLKVFC" last_modified_tag="9309ef81-8a4f-4814-9861-8873c9372853" result="Started" subtype="Malicious Website Protection"></record>
    </logs>




    AdwCleaner

    # AdwCleaner v4.101 - Rapport aangemaakt 20/11/2014 op 16:48:23
    # Laatste Update 09/11/2014 door Xplode
    # Database : 2014-11-16.1 [Live]
    # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Gebruikersnaam : Gebruiker - GEBRUIK-JHLKVFC
    # Gestart vanuit : C:\Users\Gebruiker\Desktop\adwcleaner_4.101.exe
    # Optie : Verwijderen

    ***** [ Services ] *****

    [#] Service Verwijderd : globalUpdate
    [#] Service Verwijderd : globalUpdatem
    [#] Service Verwijderd : WindowsMangerProtect
    Service Verwijderd : b786bdb3c67d
    [#] Service Verwijderd : {572f484b-455f-44b0-9d6a-da3ad2071365}Gw64

    ***** [ Bestanden / Mappen ] *****

    Map Verwijderd : C:\ProgramData\NewSaVer
    Map Verwijderd : C:\ProgramData\Registry Helper
    Map Verwijderd : C:\ProgramData\Trusted Publisher
    Map Verwijderd : C:\ProgramData\Allmyapps
    Map Verwijderd : C:\ProgramData\deal2dealit
    Map Verwijderd : C:\ProgramData\SaveNewaAppz
    Map Verwijderd : C:\ProgramData\6ee18fc542f04382
    Map Verwijderd : C:\ProgramData\7989825291326342018
    Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
    Map Verwijderd : C:\Program Files (x86)\Common Files\337
    Map Verwijderd : C:\Users\Gast\AppData\LocalLow\ilividtoolbargaw
    Map Verwijderd : C:\Users\Gebruiker\AppData\Local\Bundled software uninstaller
    Map Verwijderd : C:\Users\Gebruiker\AppData\Local\genienext
    Map Verwijderd : C:\Users\Gebruiker\AppData\Local\globalUpdate
    Map Verwijderd : C:\Users\Gebruiker\AppData\Local\Mobogenie
    Map Verwijderd : C:\Users\Gebruiker\AppData\Local\torch
    Map Verwijderd : C:\Users\Gebruiker\AppData\Local\CrashRpt
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\Probit Software
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\Systweak
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\VOPackage
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\WinZipper
    Map Verwijderd : C:\Users\Gebruiker\Documents\Mobogenie
    Map Verwijderd : C:\Users\Gebruiker\Documents\Optimizer Pro
    Map Verwijderd : C:\Users\Gebruiker\Documents\PC Speed Maximizer
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0izdz5hd.default\Extensions\[email protected] org
    Map Verwijderd : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\0izdz5hd.default\Extensions\[email protected]
    Map Verwijderd : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihljjbjcacipefpakpcapgengnjkjjc
    Bestand Verwijderd : C:\Windows\Reimage.ini
    Bestand Verwijderd : C:\Windows\SysWOW64\RegistryHelperLM.ocx
    Bestand Verwijderd : C:\Users\Gast\Desktop\PepperZip.lnk
    Bestand Verwijderd : C:\Users\test\Desktop\PepperZip.lnk
    Bestand Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
    Bestand Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
    Bestand Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
    Bestand Verwijderd : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

    ***** [ Taken ] *****

    Taak Verwijderd : DealPlyUpdate
    Taak Verwijderd : Desk 365 RunAsStdUser
    Taak Verwijderd : LaunchSignup

    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****

    Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
    Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
    Waarde Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BRS]
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\speedupmypc
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
    Sleutel Verwijderd : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
    Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Salus]
    Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Salus CrashMon]
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\.
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\..10
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\..9
    Sleutel Verwijderd : HKCU\Software\928addbd34e512
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-792098896
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{D28C7E56-2CC6-415C-8727-D71334085926}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{2cb8e6d9-7d81-4c1d-80b8-e17fa9941238}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{37d92172-1890-4278-b166-9618d996b087}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6a57e345-b0a3-4aed-bd4f-a6554b3dda77}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7decadc3-70c8-4190-b9af-d94287a23ac6}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{80cf6971-1483-4dc9-ba70-9fe0d1e31379}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D28C7E56-2CC6-415C-8727-D71334085926}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37d92172-1890-4278-b166-9618d996b087}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6a57e345-b0a3-4aed-bd4f-a6554b3dda77}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7decadc3-70c8-4190-b9af-d94287a23ac6}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37d92172-1890-4278-b166-9618d996b087}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6a57e345-b0a3-4aed-bd4f-a6554b3dda77}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7decadc3-70c8-4190-b9af-d94287a23ac6}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2cb8e6d9-7d81-4c1d-80b8-e17fa9941238}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{37d92172-1890-4278-b166-9618d996b087}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6a57e345-b0a3-4aed-bd4f-a6554b3dda77}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7decadc3-70c8-4190-b9af-d94287a23ac6}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{80cf6971-1483-4dc9-ba70-9fe0d1e31379}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{2cb8e6d9-7d81-4c1d-80b8-e17fa9941238}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{37d92172-1890-4278-b166-9618d996b087}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{6a57e345-b0a3-4aed-bd4f-a6554b3dda77}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{80cf6971-1483-4dc9-ba70-9fe0d1e31379}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
    Sleutel Verwijderd : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Sleutel Verwijderd : HKCU\Software\BRS
    Sleutel Verwijderd : HKCU\Software\GlobalUpdate
    Sleutel Verwijderd : HKCU\Software\Optimizer Pro
    Sleutel Verwijderd : HKCU\Software\PepperZip
    Sleutel Verwijderd : HKCU\Software\systweak
    Sleutel Verwijderd : HKCU\Software\Tutorials
    Sleutel Verwijderd : HKCU\Software\V9
    Sleutel Verwijderd : HKCU\Software\Reimage
    Sleutel Verwijderd : HKCU\Software\Easy Speed Check
    Sleutel Verwijderd : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Sleutel Verwijderd : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Sleutel Verwijderd : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Sleutel Verwijderd : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Sleutel Verwijderd : HKLM\SOFTWARE\BetterSurf
    Sleutel Verwijderd : HKLM\SOFTWARE\GlobalUpdate
    Sleutel Verwijderd : HKLM\SOFTWARE\hdcode
    Sleutel Verwijderd : HKLM\SOFTWARE\InstallCore
    Sleutel Verwijderd : HKLM\SOFTWARE\systweak
    Sleutel Verwijderd : HKLM\SOFTWARE\Uniblue
    Sleutel Verwijderd : HKLM\SOFTWARE\winzipersvc
    Sleutel Verwijderd : HKLM\SOFTWARE\Salus
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Tarma Installer
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Reimage
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17420

    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
    Instelling Hersteld : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

    -\\ Mozilla Firefox v


    -\\ Google Chrome v39.0.2171.65


    *************************

    AdwCleaner[R0].txt - [26890 octets] - [20/11/2014 16:46:45]
    AdwCleaner[S0].txt - [23749 octets] - [20/11/2014 16:48:23]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23810 octets] ##########

  • #2
    DDS:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17420
    Run by Gebruiker at 16:57:18 on 2014-11-20
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.4078.2016 [GMT 1:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\sppsvc.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = www.google.com
    uSearch Page = hxxp://www.google.com
    uDefault_Page_URL = www.google.com
    uDefault_Search_URL = hxxp://www.google.com
    mStart Page = www.google.com
    mSearch Page = www.google.com
    mDefault_Page_URL = www.google.com
    mDefault_Search_URL = www.google.com
    mWinlogon: Userinit = userinit.exe,
    uRun: [Viber] "C:\Users\Gebruiker\AppData\Local\Viber\Viber.exe" StartMinimized
    uRun: [Tiny download manager] "C:\Users\Gebruiker\AppData\Local\DM\TinyDM.exe" /M
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    uPolicies-Explorer: NoResolveTrack = dword:1
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:0
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    TCP: NameServer = 212.54.44.54 212.54.40.25
    TCP: Interfaces\{0EEAC3BA-64E1-448D-B2B8-938BB5D06744} : DHCPNameServer = 212.54.44.54 212.54.40.25
    TCP: Interfaces\{0EEAC3BA-64E1-448D-B2B8-938BB5D06744}\3596475636F6D6 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{0EEAC3BA-64E1-448D-B2B8-938BB5D06744}\65746573531393933314337334 : DHCPNameServer = 192.168.2.254 195.121.1.34 195.121.1.66
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = www.google.com
    x64-mSearch Page = www.google.com
    x64-mDefault_Page_URL = www.google.com
    x64-mDefault_Search_URL = www.google.com
    x64-Run: [HostSecurePlugin] C:\Program Files (x86)\Host Secure\HostSecure.exe
    x64-Run: [HostSecurePlugin3] C:\Program Files (x86)\Host Secure\HostSecure.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MxEFUF;Matrox Extio Upper Function Filter;C:\Windows\System32\drivers\MxEFUF64.sys [2012-6-8 157696]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-18 1871160]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-18 968504]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-11-18 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-11-18 129752]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-11-18 63704]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-8 676968]
    R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2007-8-3 11392]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 fa6789c5;VideoCnv;C:\Windows\System32\rundll32.exe [2009-7-14 45568]
    S3 b06diag;Broadcom NetXtreme II Diag Driver;C:\Windows\System32\drivers\bxdiaga.sys [2012-6-8 88104]
    S3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2012-6-8 157288]
    S3 BFNVis64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\XenoVa64.sys [2012-6-8 157288]
    S3 bxfcoe;bxfcoe;C:\Windows\System32\drivers\bxfcoe.sys [2012-6-8 174632]
    S3 bxois;bxois;C:\Windows\System32\drivers\bxois.sys [2012-6-8 538664]
    S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
    S3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTVE.sys [2012-6-8 43416]
    S3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS;C:\Windows\System32\drivers\IAMTXPE.sys [2012-6-8 51096]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
    S3 IFCoEMP;IFCoEMP;C:\Windows\System32\drivers\ifM60x64.sys [2012-6-8 388368]
    S3 IFCoEVB;IFCoEVB;C:\Windows\System32\drivers\ifP60x64.sys [2012-6-8 78096]
    S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-6-8 158976]
    S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2012-6-8 40144]
    S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2012-6-8 42192]
    S3 MxEF;Matrox Extio Device;C:\Windows\System32\drivers\MxEF64.sys [2012-6-8 119296]
    S3 MxEFLF;Matrox Extio Lower Function Filter;C:\Windows\System32\drivers\MxEFLF64.sys [2012-6-8 116224]
    S3 MxEMgr;MxEMgr;C:\Windows\System32\drivers\MxEMgr64.sys [2012-6-8 125472]
    S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2012-6-8 398144]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
    S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2012-6-8 88960]
    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
    S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-1 1255736]
    .
    =============== Created Last 30 ================
    .
    2014-11-20 15:46:33 -------- d-----w- C:\AdwCleaner
    2014-11-20 13:46:09 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C8FDB58-C748-4329-B623-F423CE417253}\offreg.dll
    2014-11-19 10:43:21 729600 ----a-w- C:\Windows\System32\kerberos.dll
    2014-11-19 10:43:21 690688 ----a-w- C:\Windows\SysWow64\adtschema.dll
    2014-11-19 10:43:21 690688 ----a-w- C:\Windows\System32\adtschema.dll
    2014-11-19 10:43:19 241152 ----a-w- C:\Windows\System32\pku2u.dll
    2014-11-19 10:43:15 551424 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2014-11-19 10:43:15 463872 ----a-w- C:\Windows\System32\certcli.dll
    2014-11-19 10:43:15 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
    2014-11-19 10:43:15 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
    2014-11-18 21:45:06 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2014-11-18 21:44:54 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2014-11-18 21:44:54 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2014-11-18 21:44:54 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2014-11-18 21:44:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-11-18 13:04:41 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5C8FDB58-C748-4329-B623-F423CE417253}\mpengine.dll
    2014-11-16 23:39:14 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Mozilla
    2014-11-16 23:27:46 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Extensions
    2014-11-16 23:27:17 -------- d-----w- C:\Program Files (x86)\f552dd4c52e3
    2014-11-16 23:27:17 -------- d-----w- C:\Program Files (x86)\0ca45c95134d
    2014-11-13 19:15:08 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Popcorn Time
    2014-11-12 12:37:32 -------- d-sh--w- C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList
    2014-11-12 09:37:36 1881088 ----a-w- C:\Windows\System32\msxml3.dll
    2014-11-12 09:36:59 3201536 ----a-w- C:\Windows\System32\win32k.sys
    2014-11-12 09:36:58 3243008 ----a-w- C:\Windows\System32\msi.dll
    2014-11-12 09:36:57 2364416 ----a-w- C:\Windows\SysWow64\msi.dll
    2014-11-12 09:36:52 861696 ----a-w- C:\Windows\System32\oleaut32.dll
    2014-11-12 09:36:52 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
    2014-11-05 17:36:36 47408 ----a-w- C:\Windows\System32\drivers\b786bdb3c67d.sys
    2014-10-30 17:40:08 -------- d-----w- C:\Users\Gebruiker\AppData\Local\com
    .
    ==================== Find3M ====================
    .
    2014-11-12 10:35:21 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-11-12 10:35:21 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
    2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
    2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
    2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
    2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-11-04 13:30:58 275080 ------w- C:\Windows\System32\MpSigStub.exe
    2014-10-25 02:19:47 77824 ----a-w- C:\Windows\System32\packager.dll
    2014-10-25 02:08:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
    2014-10-23 12:22:44 122584 ----a-w- C:\Windows\System32\drivers\48230029.sys
    2014-10-14 02:20:39 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2014-10-14 02:16:40 686592 ----a-w- C:\Windows\System32\termsrv.dll
    2014-10-14 02:16:37 341504 ----a-w- C:\Windows\System32\schannel.dll
    2014-10-14 02:16:33 309760 ----a-w- C:\Windows\System32\ncrypt.dll
    2014-10-14 02:16:30 1463808 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-10-14 02:13:02 146432 ----a-w- C:\Windows\System32\msaudite.dll
    2014-10-14 01:50:01 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
    2014-10-14 01:50:01 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2014-10-14 01:49:58 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2014-10-14 01:48:55 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2014-10-14 01:46:48 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
    2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
    2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
    2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
    2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
    2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
    2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
    2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
    2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
    2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
    2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2014-09-18 21:32:44 112568 ----a-w- C:\Windows\System32\consent.exe
    2014-09-18 21:29:47 1942016 ----a-w- C:\Windows\System32\authui.dll
    2014-09-18 01:43:42 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
    2014-09-18 01:43:30 1806848 ----a-w- C:\Windows\SysWow64\authui.dll
    2014-09-11 03:47:59 249344 ----a-w- C:\Windows\System32\wksprt.exe
    2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
    2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2014-09-04 10:23:50 425472 ----a-w- C:\Windows\System32\rastls.dll
    2014-09-04 05:06:55 373248 ----a-w- C:\Windows\SysWow64\rastls.dll
    2014-08-23 02:10:19 404480 ----a-w- C:\Windows\System32\gdi32.dll
    2014-08-23 01:45:05 311296 ----a-w- C:\Windows\SysWow64\gdi32.dll
    .
    ============= FINISH: 16:58:00,51 ===============

    Comment


    • #3
      GMER:

      GMER 2.1.19357 - http://www.gmer.net
      Rootkit scan 2014-11-20 17:06:28
      Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BPVT-55HXZT3 rev.01.01A01 465,76GB
      Running: bwnzijh5.exe; Driver: C:\Users\GEBRUI~1\AppData\Local\Temp\kwtiikow.sys


      ---- User code sections - GMER 2.1 ----

      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000762e1401 2 bytes JMP 7696b24b C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000762e1419 2 bytes JMP 7696b376 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000762e1431 2 bytes JMP 769e8fe1 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000762e144a 2 bytes CALL 769448b5 C:\Windows\syswow64\kernel32.dll
      .text ... * 9
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000762e14dd 2 bytes JMP 769e88d4 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000762e14f5 2 bytes JMP 769e8ab0 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000762e150d 2 bytes JMP 769e87ca C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000762e1525 2 bytes JMP 769e8b9a C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000762e153d 2 bytes JMP 7695fcd8 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000762e1555 2 bytes JMP 7696691f C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000762e156d 2 bytes JMP 769e9099 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000762e1585 2 bytes JMP 769e8bfa C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000762e159d 2 bytes JMP 769e878e C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000762e15b5 2 bytes JMP 7695fd71 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000762e15cd 2 bytes JMP 7696b30c C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000762e16b2 2 bytes JMP 769e8f5c C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1836] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000762e16bd 2 bytes JMP 769e8723 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000762e1401 2 bytes JMP 7696b24b C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000762e1419 2 bytes JMP 7696b376 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000762e1431 2 bytes JMP 769e8fe1 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000762e144a 2 bytes CALL 769448b5 C:\Windows\syswow64\kernel32.dll
      .text ... * 9
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000762e14dd 2 bytes JMP 769e88d4 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000762e14f5 2 bytes JMP 769e8ab0 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000762e150d 2 bytes JMP 769e87ca C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000762e1525 2 bytes JMP 769e8b9a C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000762e153d 2 bytes JMP 7695fcd8 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000762e1555 2 bytes JMP 7696691f C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000762e156d 2 bytes JMP 769e9099 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000762e1585 2 bytes JMP 769e8bfa C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000762e159d 2 bytes JMP 769e878e C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000762e15b5 2 bytes JMP 7695fd71 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000762e15cd 2 bytes JMP 7696b30c C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000762e16b2 2 bytes JMP 769e8f5c C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1252] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000762e16bd 2 bytes JMP 769e8723 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000762e1401 2 bytes JMP 7696b24b C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000762e1419 2 bytes JMP 7696b376 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000762e1431 2 bytes JMP 769e8fe1 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000762e144a 2 bytes CALL 769448b5 C:\Windows\syswow64\kernel32.dll
      .text ... * 9
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000762e14dd 2 bytes JMP 769e88d4 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000762e14f5 2 bytes JMP 769e8ab0 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000762e150d 2 bytes JMP 769e87ca C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000762e1525 2 bytes JMP 769e8b9a C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000762e153d 2 bytes JMP 7695fcd8 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000762e1555 2 bytes JMP 7696691f C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000762e156d 2 bytes JMP 769e9099 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000762e1585 2 bytes JMP 769e8bfa C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000762e159d 2 bytes JMP 769e878e C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000762e15b5 2 bytes JMP 7695fd71 C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000762e15cd 2 bytes JMP 7696b30c C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000762e16b2 2 bytes JMP 769e8f5c C:\Windows\syswow64\kernel32.dll
      .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2296] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000762e16bd 2 bytes JMP 769e8723 C:\Windows\syswow64\kernel32.dll

      ---- Devices - GMER 2.1 ----

      Device \FileSystem\MBAMWebAccessControl \Device\StreamEitor fffff88005cac5ac
      Device \FileSystem\MBAMSwissArmy \Device\MBAMSwissArmy fffff88005ca0104

      ---- Threads - GMER 2.1 ----

      Thread C:\Windows\System32\svchost.exe [3728:2464] 000007fef0a49688
      Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3804:3892] 000007fefafd2c38
      Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3804:3916] 000007feef96cf60
      Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3804:3056] 000007fef9ce5124

      ---- Registry - GMER 2.1 ----

      Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0EEAC3BA-64E1-448D-B2B8-938BB5D06744}@LeaseObtainedTime 1416499355
      Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0EEAC3BA-64E1-448D-B2B8-938BB5D06744}@T1 1416501155
      Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0EEAC3BA-64E1-448D-B2B8-938BB5D06744}@T2 1416502505
      Reg HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0EEAC3BA-64E1-448D-B2B8-938BB5D06744}@LeaseTerminatesTime 1416502955

      ---- EOF - GMER 2.1 ----

      Comment


      • #4
        Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
        Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
        (hier en hier) kan je lezen hoe je dat doet.

        Download Zoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)
        • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
        • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
        • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
        • Kopieer nu onderstaande code en plak die in het grote invulvenster:
        • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
          Code:
          emptyclsid;
          emptyfolderscheck;
          firefoxlook; 
          Chromelook; 
          CHRdefaults;
          autoclean; 
          iedefaults; 
          filesrcm;  
          startupall;
          resetieproxy;
        • Klik nu op de knop "Run script".
        • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
        • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
        • Post het geopende logje in het volgende bericht als bijlage.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Ik heb het gedaan!




          zoek-results.txt

          Comment


          • #6
            Hoe gaat het nu ?

            Windows 10 opstarten in Veilige Modus

            Comment


            • #7
              Top! Ik heb met Malwarebytes mijn laptop gescand en hij heeft niks gevonden! Ook heb ik geen last meer van irritante reclames. Héél erg bedankt.

              Comment


              • #8
                Dat is mooi, dan mag je zoek.exe weer verwijderen.

                Windows 10 opstarten in Veilige Modus

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X