SSL-certificaat van Xolphin Powered by Cloud VPS - High Availability Cloud Servers Steun Nucia, doneer!
Resultaten 1 tot 13 van de 13
  1. #1
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82

    geinfecteerd !search protect ,my search en meer van dat .

    Hallo graag zou ik willen vragen of jullie mij kunnen helpen .
    Ik heb uit eigen beweging een scan gedaan met ADWcleaner 5.0 met een nogal zorgelijke uitkomt.
    Vervolgens heb ik de door jullie voorgestelde scan's en logjes zoals door jullie gevraagd.
    Echter ik heb dus een ADWcleaner log dat veel meer info bevat als de scan die ik later heb gemaakt.
    ik zal eerst de logjes plaatsen zoals jullie ze hebben willen ,is het van belang om de eerdere log van ADWc ook willen hebben dan hoor ik dat vast wel .

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 22-9-2015
    Scantijd: 20:47
    Logboekbestand: Mbam log.txt
    Beheerder: Ja

    Versie: 2.1.8.1057
    Malware-database: v2015.09.22.06
    Rootkit-database: v2015.09.22.01
    Licentie: Proef
    Malware-bescherming: Ingeschakeld
    Bescherming tegen kwaadaardige websites: Ingeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows 7 Service Pack 1
    Processor: x64
    Bestandssysteem: NTFS
    Gebruiker: Hees

    Scantype: Aangepaste scan
    Resultaat: Voltooid
    Objecten gescand: 591927
    Verstreken tijd: 4 u., 16 min, 11 sec

    Geheugen: Ingeschakeld
    Opstarten: Ingeschakeld
    Bestandssysteem: Ingeschakeld
    Archieven: Ingeschakeld
    Rootkits: Ingeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (Geen kwaadaardige items gedetecteerd)

    Modules: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutels: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerwaarden: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)

    Mappen: 0
    (Geen kwaadaardige items gedetecteerd)

    Bestanden: 18
    Malware.Gen, D:\Mijn documenten Backup\Progamma's\Adobe CS5\keygen.exe, Geen actie door gebruiker, [e10daf83602b8bab1595066a59a7a35d],
    PUP.Optional.APNToolBar, D:\Mijn documenten Backup\Progamma's\AS Rock drivers\4in1_XP_2K_ME_98(4.55s2).zip, In quarantaine, [549a3af8107b3cfadc0e1a9fb64bc23e],
    PUP.Optional.APNToolBar, D:\Mijn documenten Backup\Progamma's\AS Rock drivers\Floppy_IVD11c.zip, In quarantaine, [0fdf6dc50e7d51e54e9c3e7b0bf62ad6],
    PUP.Optional.APNToolBar, D:\Mijn documenten Backup\Progamma's\AS Rock drivers\SATA_XP64_XP_2K_ME_98(430g).zip, In quarantaine, [cf1ff14145461620c525ebce2ed3a55b],
    PUP.Optional.APNToolBar, D:\Mijn documenten Backup\Progamma's\SopCast-3.9.3\Setup-SopCast-3.9.3-2014-9-22.exe, In quarantaine, [5a94023044476acc10da00b909f8cd33],
    PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV21.09\1a787d8f-90c2-465e-9906-c1315aaa4fe8-1-6.exe.vir, In quarantaine, [07e74ce64d3ee94db9374d5a70951ce4],
    PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV21.09\1a787d8f-90c2-465e-9906-c1315aaa4fe8-10.exe.vir, In quarantaine, [db13240e7f0ced499c541097669f6799],
    PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV21.09\1a787d8f-90c2-465e-9906-c1315aaa4fe8-11.exe.vir, In quarantaine, [ac42c0728209b2845b95584f09fc2cd4],
    PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV21.09\1a787d8f-90c2-465e-9906-c1315aaa4fe8-4.exe.vir, In quarantaine, [04eaaa88117a2d09bc34fcab23e29e62],
    PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV21.09\1a787d8f-90c2-465e-9906-c1315aaa4fe8-5.exe.vir, In quarantaine, [7d7101311b70360057990a9d976e7f81],
    PUP.Optional.Downloader, C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV21.09\Uninstall.exe.vir, In quarantaine, [727cb181f497d066345a813aa859ac54],
    PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV21.09\UninstallBrw.exe.vir, In quarantaine, [42ac85ad63283df918d86e397f868779],
    PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV21.09\utils.exe.vir, In quarantaine, [5b932f0389027db907e990177491f010],
    PUP.Optional.ABengine, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FastSearch\acengine.exe.vir, In quarantaine, [8965f1419eed0f27bcfbbc203fc2bd43],
    PUP.Optional.Winsock.HijackBoot, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FastSearch\acenginecert.dll.vir, In quarantaine, [648a131f91fafd39411208c769987b85],
    PUP.Optional.WProtectManager, C:\AdwCleaner\Quarantine\C\ProgramData\BWdsManProB\WdsManPro.exe.vir, In quarantaine, [e707f33f0d7e3afca47a5c50de27857b],
    PUP.Optional.Winsock.HijackBoot, C:\AdwCleaner\Quarantine\C\Windows\Sysnative\acengine64.dll.vir, In quarantaine, [5b934ce68efd45f1f262cb04a75a5aa6],
    PUP.Optional.ABengine, C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\acengine.dll.vir, In quarantaine, [7777939fe3a894a275424993629f5ea2],

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)


    # AdwCleaner v5.008 - Logbestand aangemaakt 23/09/2015 op 01:30:34
    # Laatste update 18/09/2015 door Xplode
    # Database : 2015-09-22.3 [Server]
    # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (x64)
    # Gebruikersnaam : Hees - HEES-PC
    # Gestart vanuit : C:\Users\Hees\Downloads\adwcleaner_5.008.exe
    # Optie : Verwijderen
    # Ondersteuning : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Mappen ] *****


    ***** [ Bestanden ] *****

    [-] Bestand Verwijderd : C:\Users\Hees\AppData\Roaming\Mozilla\Firefox\Profiles\luyrazst.default-1442865225337\user.js

    ***** [ Snelkoppelingen ] *****


    ***** [ geplande taken ] *****


    ***** [ Register ] *****


    ***** [ Internetbrowsers ] *****


    *************************

    :: Winsock instellingen gereset

    ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [790 bytes] ##########


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.18015
    Run by Hees at 1:37:23 on 2015-09-23
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.4095.2467 [GMT 2:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\ATKFUSService.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\System32\svchost.exe -k utcsvc
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\ASUS\GamerOSD\ATKFastUserSwitching.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
    C:\Windows\system32\GWX\GWX.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
    C:\Windows\splwow64.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files\CCleaner\CCleaner64.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\SearchIndexer.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Bar = Preserve
    mWinlogon: Userinit = userinit.exe,
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: Aanmeldhulp voor Microsoft-account: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    uRun: [Gadwin PrintScreen] "C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
    uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    mRun: [ASUSGamerOSD] C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe
    dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: NameServer = 192.168.2.254 195.241.77.55 195.241.77.58
    TCP: Interfaces\{610D9018-3308-4E0A-BB0E-E82567E28504} : DHCPNameServer = 192.168.2.254 195.241.77.55 195.241.77.58
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    IFEO: gamerosd.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    IFEO: nvstlink.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    IFEO: nvstview.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    IFEO: realconverter.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    IFEO: realplay.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-IFEO: gamerosd.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    x64-IFEO: nvstlink.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    x64-IFEO: nvstview.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    x64-IFEO: realconverter.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    x64-IFEO: realplay.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
    .
    Note: multiple IFEO entries found. Please refer to Attach.txt
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Hees\AppData\Roaming\Mozilla\Firefox\Profiles\luyrazst.default-1442865225337\
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.nl/
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
    R1 EIO64;EIO Driver;C:\Windows\System32\drivers\EIO64.sys [2015-8-21 16384]
    R1 RapportCerberus_1507065;RapportCerberus_1507065;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCe rberus\baseline\RapportCerberus64_1507065.sys [2015-8-25 958744]
    R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-8-4 500184]
    R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
    R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-8-25 1155192]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-9-22 1871160]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-9-22 1133880]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2015-3-4 124568]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-8-25 1872504]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-8-25 5544568]
    R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-8-4 2255128]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-8-12 39056]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-8-9 1738168]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-8-9 2088408]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2015-8-9 171928]
    R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2015-6-25 2145080]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-4-1 341856]
    R3 LVUVC64;Logitech B910 HD Webcam(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-4-1 4184672]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-9-22 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-9-22 113880]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-9-22 63704]
    R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
    R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-8-25 19576]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-8-25 50472]
    R3 RTL8167;Realtek 8167 NT-stuurprogramma;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [2015-6-4 31144]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
    S3 CompFilter64;UVCCompositeFilter;C:\Windows\System32\drivers\lvbflt64.sys [2012-9-21 24608]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-9-8 114688]
    S3 lvpopf64;Logitech POP Suppression Filter;C:\Windows\System32\drivers\lvpopf64.sys [2009-10-7 271640]
    S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\System32\drivers\ManyCam_x64.sys [2011-9-29 27136]
    S3 RapportHades64;RapportHades64;C:\Windows\System32\drivers\RapportHades64.sys [2015-8-20 139896]
    S3 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2015-8-20 394584]
    S3 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-8-4 489240]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-8-4 20992]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-9-21 56832]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-8-5 1255736]
    S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-6-25 327296]
    S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-8-25 409776]
    .
    =============== Created Last 30 ================
    .
    2015-09-22 23:31:38 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{025CF30E-9423-4F6F-AB73-FBE774764058}\offreg.528.dll
    2015-09-22 17:48:29 11062400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{025CF30E-9423-4F6F-AB73-FBE774764058}\mpengine.dll
    2015-09-22 04:32:52 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
    2015-09-22 04:32:14 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
    2015-09-22 04:32:14 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2015-09-22 04:32:14 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
    2015-09-22 04:32:13 -------- d-----w- C:\ProgramData\Malwarebytes
    2015-09-22 04:32:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-09-22 04:07:40 -------- d-----w- C:\AdwCleaner
    2015-09-21 22:12:49 -------- d-----w- C:\Users\Hees\AppData\Local\Apps
    2015-09-21 19:08:58 -------- d-----w- C:\Users\Hees\AppData\Local\ManyCam
    2015-09-21 18:52:26 -------- d-----w- C:\Windows\System32\drivers\en-US
    2015-09-21 18:44:53 97112 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2015-09-21 18:41:48 984448 ----a-w- C:\Windows\System32\ucrtbase.dll
    2015-09-21 15:51:53 -------- d-----w- C:\Users\Hees\AppData\Roaming\Opera Software
    2015-09-21 15:51:53 -------- d-----w- C:\Users\Hees\AppData\Local\Opera Software
    2015-09-21 15:20:08 -------- d-----w- C:\Users\Hees\AppData\Roaming\Enigma Software Group
    2015-09-21 13:02:31 1190000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{050C66D1-3E25-4AB3-A7CC-19FBC47EAAC1}\gapaengine.dll
    2015-09-21 13:02:01 11062400 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2015-09-15 21:32:27 -------- d-----w- C:\ProgramData\Package Cache
    2015-09-15 21:32:06 -------- d-----w- C:\Program Files (x86)\Seagate
    2015-09-14 13:52:15 1070152 ----a-w- C:\Windows\SysWow64\mscomctl.OCX
    2015-09-14 13:52:15 -------- d-----w- C:\Users\Hees\AppData\Roaming\Convivea
    2015-09-14 13:52:15 -------- d-----w- C:\Program Files (x86)\Bit Che
    2015-09-08 21:31:56 41984 ----a-w- C:\Windows\System32\UtcResources.dll
    2015-09-08 21:30:56 147456 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
    2015-09-03 21:39:12 -------- d-----w- C:\Windows\nl
    2015-09-03 21:38:29 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2015-09-03 21:37:55 -------- d-----w- C:\Windows\PCHEALTH
    2015-09-03 21:37:00 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
    2015-09-03 21:37:00 74072 ----a-w- C:\Windows\SysWow64\XAPOFX1_5.dll
    2015-09-03 21:37:00 527192 ----a-w- C:\Windows\SysWow64\XAudio2_7.dll
    2015-09-03 21:37:00 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
    2015-09-03 21:36:59 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
    2015-09-03 21:36:59 2106216 ----a-w- C:\Windows\SysWow64\D3DCompiler_43.dll
    2015-09-03 21:36:29 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll
    2015-09-03 21:36:29 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll
    2015-09-03 21:35:57 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
    2015-09-03 21:35:57 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
    2015-09-03 21:34:23 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\49b18da81d0e69004\DXSETUP.exe
    2015-09-03 21:34:22 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\49b18da81d0e69004\DSETUP.dll
    2015-09-03 21:34:22 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\49b18da81d0e69004\dsetup32.dll
    2015-09-03 21:34:17 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\471702e61d0e69003\DXSETUP.exe
    2015-09-03 21:34:16 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\471702e61d0e69003\DSETUP.dll
    2015-09-03 21:34:16 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\471702e61d0e69003\dsetup32.dll
    2015-09-03 21:34:11 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4459d4711d0e69002\DXSETUP.exe
    2015-09-03 21:34:11 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4459d4711d0e69002\dsetup32.dll
    2015-09-03 21:34:10 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4459d4711d0e69002\DSETUP.dll
    2015-09-03 21:34:02 -------- d-----w- C:\Users\Hees\AppData\Local\Windows Live
    2015-09-03 21:33:11 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
    2015-09-03 17:41:39 -------- d-----w- C:\Users\Hees\AppData\Roaming\BitTorrent
    2015-09-03 17:41:23 -------- d-----w- C:\Program Files (x86)\DNA
    2015-09-03 17:41:22 -------- d-----w- C:\Program Files (x86)\BitTorrent
    2015-08-26 20:50:18 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
    2015-08-26 17:08:13 780488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2015-08-26 17:08:13 142536 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-08-26 06:39:14 -------- d-----w- C:\Users\Hees\AppData\Roaming\RealNetworks
    2015-08-26 06:38:38 -------- d-----w- C:\Program Files (x86)\RealNetworks
    2015-08-26 06:38:35 -------- d-----w- C:\ProgramData\RealNetworks
    2015-08-26 06:38:22 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
    2015-08-26 06:37:24 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2015-08-26 06:37:24 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2015-08-25 12:35:39 69416 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
    2015-08-25 12:35:39 50472 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
    2015-08-25 02:36:57 -------- d-----w- C:\Users\Hees\AppData\Local\NVIDIA Corporation
    2015-08-25 02:33:29 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
    2015-08-25 02:33:29 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
    2015-08-25 02:33:28 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll
    2015-08-25 02:33:28 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
    2015-08-25 02:33:15 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
    2015-08-25 02:33:15 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
    2015-08-25 02:32:34 1756424 ----a-w- C:\Windows\System32\nvspbridge64.dll
    2015-08-25 02:32:34 1710568 ----a-w- C:\Windows\System32\nvspcap64.dll
    2015-08-25 02:32:31 1423120 ----a-w- C:\Windows\SysWow64\nvspcap.dll
    2015-08-25 02:32:31 1316000 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
    2015-08-25 02:31:12 608048 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    .
    ==================== Find3M ====================
    .
    2015-09-02 03:04:49 41984 ----a-w- C:\Windows\System32\lpk.dll
    2015-09-02 03:04:46 100864 ----a-w- C:\Windows\System32\fontsub.dll
    2015-09-02 03:04:44 14336 ----a-w- C:\Windows\System32\dciman32.dll
    2015-09-02 03:04:42 46080 ----a-w- C:\Windows\System32\atmlib.dll
    2015-09-02 02:48:31 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
    2015-09-02 02:48:28 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
    2015-09-02 02:48:25 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2015-09-02 02:47:18 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
    2015-09-02 01:51:28 3209216 ----a-w- C:\Windows\System32\win32k.sys
    2015-09-02 01:47:08 372736 ----a-w- C:\Windows\System32\atmfd.dll
    2015-09-02 01:33:48 299520 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2015-08-27 18:18:27 2004480 ----a-w- C:\Windows\System32\msxml6.dll
    2015-08-27 18:18:27 1887232 ----a-w- C:\Windows\System32\msxml3.dll
    2015-08-27 18:13:03 2048 ----a-w- C:\Windows\System32\msxml6r.dll
    2015-08-27 18:13:03 2048 ----a-w- C:\Windows\System32\msxml3r.dll
    2015-08-27 17:58:14 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2015-08-27 17:58:14 1241088 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2015-08-27 17:51:26 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
    2015-08-27 17:51:26 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
    2015-08-26 18:07:11 98304 ----a-w- C:\Windows\System32\wudriver.dll
    2015-08-26 18:07:11 3165696 ----a-w- C:\Windows\System32\wucltux.dll
    2015-08-26 18:07:11 192000 ----a-w- C:\Windows\System32\wuwebv.dll
    2015-08-26 18:06:43 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
    2015-08-26 18:06:33 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
    2015-08-26 18:06:30 37376 ----a-w- C:\Windows\System32\wuapp.exe
    2015-08-26 17:56:25 93184 ----a-w- C:\Windows\SysWow64\wudriver.dll
    2015-08-26 17:56:25 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
    2015-08-26 17:55:37 34816 ----a-w- C:\Windows\SysWow64\wuapp.exe
    2015-08-21 21:18:17 16384 ----a-w- C:\Windows\System32\drivers\EIO64.sys
    2015-08-18 00:07:25 6783280 ----a-w- C:\Windows\System32\nvcpl.dll
    2015-08-18 00:07:24 3522168 ----a-w- C:\Windows\System32\nvsvc64.dll
    2015-08-18 00:07:22 933168 ----a-w- C:\Windows\System32\nvvsvc.exe
    2015-08-18 00:07:22 62768 ----a-w- C:\Windows\System32\nvshext.dll
    2015-08-18 00:07:22 385144 ----a-w- C:\Windows\System32\nvmctray.dll
    2015-08-18 00:07:22 2558768 ----a-w- C:\Windows\System32\nvsvcr.dll
    2015-08-18 00:06:25 5147024 ----a-w- C:\Windows\System32\nvcoproc.bin
    2015-08-15 06:34:10 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2015-08-15 06:33:56 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2015-08-15 06:18:47 66560 ----a-w- C:\Windows\System32\iesetup.dll
    2015-08-15 06:18:00 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2015-08-15 06:17:54 417792 ----a-w- C:\Windows\System32\html.iec
    2015-08-15 06:17:49 585216 ----a-w- C:\Windows\System32\vbscript.dll
    2015-08-15 06:17:25 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
    2015-08-15 06:04:47 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2015-08-15 06:04:46 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
    2015-08-15 06:04:25 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
    2015-08-15 06:00:44 5923328 ----a-w- C:\Windows\System32\jscript9.dll
    2015-08-15 05:57:20 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2015-08-15 05:53:22 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2015-08-15 05:46:15 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2015-08-15 05:40:29 504832 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2015-08-15 05:40:12 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2015-08-15 05:39:32 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2015-08-15 05:39:22 341504 ----a-w- C:\Windows\SysWow64\html.iec
    2015-08-15 05:38:34 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
    2015-08-15 05:29:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2015-08-15 05:29:12 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2015-08-15 05:22:47 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2015-08-15 05:22:03 2126336 ----a-w- C:\Windows\System32\inetcpl.cpl
    2015-08-15 05:16:37 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2015-08-15 05:10:32 4520448 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2015-08-15 05:07:28 2427392 ----a-w- C:\Windows\System32\wininet.dll
    2015-08-15 05:01:47 4680 ----a-w- C:\Windows\System32\cc_20150815_070144.reg
    2015-08-15 05:01:47 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2015-08-15 05:01:23 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2015-08-15 04:43:00 1951232 ----a-w- C:\Windows\SysWow64\wininet.dll
    2015-08-11 04:52:30 72504 ----a-w- C:\Windows\System32\nvaudcap64v.dll
    2015-08-05 18:02:15 157016 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2015-08-05 17:55:24 31232 ----a-w- C:\Windows\System32\lsass.exe
    2015-08-05 17:55:07 64000 ----a-w- C:\Windows\System32\auditpol.exe
    2015-08-05 17:50:36 60416 ----a-w- C:\Windows\System32\msobjs.dll
    2015-08-05 17:50:25 146432 ----a-w- C:\Windows\System32\msaudite.dll
    2015-08-05 17:46:22 686080 ----a-w- C:\Windows\System32\adtschema.dll
    2015-08-05 17:41:08 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
    2015-08-05 17:41:05 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
    2015-08-05 17:41:01 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2015-08-05 17:41:00 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
    2015-08-05 17:40:56 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
    2015-08-05 17:40:55 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
    2015-08-05 17:40:50 552960 ----a-w- C:\Windows\SysWow64\kerberos.dll
    2015-08-05 17:40:50 216064 ----a-w- C:\Windows\SysWow64\InkEd.dll
    2015-08-05 17:40:43 36864 ----a-w- C:\Windows\SysWow64\cryptbase.dll
    2015-08-05 17:40:43 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
    2015-08-05 17:39:50 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
    2015-08-05 17:39:36 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2015-08-05 17:39:36 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
    2015-08-05 17:34:50 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
    2015-08-05 17:34:27 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
    2015-08-05 17:30:33 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
    2015-08-05 17:06:37 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
    2015-08-05 16:38:01 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
    2015-08-05 16:37:17 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
    2015-08-05 16:37:11 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
    2015-08-05 04:16:15 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2015-08-04 19:45:56 394584 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
    2015-08-04 19:45:56 139896 ----a-w- C:\Windows\System32\drivers\RapportHades64.sys
    2015-08-04 18:03:10 692672 ----a-w- C:\Windows\System32\winload.efi
    2015-08-04 18:00:24 616360 ----a-w- C:\Windows\System32\winresume.efi
    2015-08-04 17:56:54 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
    2015-08-04 17:56:37 59392 ----a-w- C:\Windows\System32\appidapi.dll
    .
    ============= FINISH: 1:39:17,06 ===============

  2. #2
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82
    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2015-09-23 03:04:44
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 MAXTOR_STM3250820AS rev.3.AAE 232,89GB
    Running: l31w133w.exe; Driver: C:\Users\Hees\AppData\Local\Temp\kxldipoc.sys


    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\SysWOW64\ntdll.dll!KiUserApcDispatcher 00000000772a0028 5 bytes JMP 0000000100381460
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 499 0000000076e52ca4 4 bytes CALL 71ab0000
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\WS2_32.dll!getaddrinfo 0000000075204296 5 bytes JMP 0000000171a50022
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\WS2_32.dll!GetAddrInfoW 0000000075204889 5 bytes JMP 0000000171a10022
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\WS2_32.dll!GetAddrInfoExW 000000007520d1ea 5 bytes JMP 00000001719d0022
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\WS2_32.dll!gethostbyname 0000000075217673 5 bytes JMP 0000000171ae0022
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[440] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[2196] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe[2604] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2692] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[3068] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000076e52ab1 5 bytes JMP 00000001009bf4f2
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2684] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe[2136] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9

  3. #3
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[3144] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3820] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\SysWOW64\ntdll.dll!KiUserApcDispatcher 00000000772a0028 5 bytes JMP 000000010137cc10
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW + 499 0000000076e52ca4 4 bytes CALL 71ac0000
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\WS2_32.dll!getaddrinfo 0000000075204296 5 bytes JMP 0000000171a20022
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\WS2_32.dll!GetAddrInfoW 0000000075204889 5 bytes JMP 00000001719e0022
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\WS2_32.dll!GetAddrInfoExW 000000007520d1ea 5 bytes JMP 00000001719a0022
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\WS2_32.dll!gethostbyname 0000000075217673 5 bytes JMP 0000000171a60022
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe[4932] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000076171401 2 bytes JMP 7511b20b C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000076171419 2 bytes JMP 7511b336 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000076171431 2 bytes JMP 75198f39 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007617144a 2 bytes CALL 750f4885 C:\Windows\syswow64\kernel32.dll
    .text ... * 9
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000761714dd 2 bytes JMP 75198832 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000761714f5 2 bytes JMP 75198a08 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007617150d 2 bytes JMP 75198728 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000076171525 2 bytes JMP 75198af2 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007617153d 2 bytes JMP 7510fc98 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000076171555 2 bytes JMP 751168df C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007617156d 2 bytes JMP 75198ff1 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000076171585 2 bytes JMP 75198b52 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007617159d 2 bytes JMP 751986ec C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000761715b5 2 bytes JMP 7510fd31 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000761715cd 2 bytes JMP 7511b2cc C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000761716b2 2 bytes JMP 75198eb4 C:\Windows\syswow64\kernel32.dll
    .text C:\Users\Hees\Desktop\l31w133w.exe[3668] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000761716bd 2 bytes JMP 75198681 C:\Windows\syswow64\kernel32.dll

    ---- User IAT/EAT - GMER 2.1 ----

    IAT C:\Windows\system32\winlogon.exe[820] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress] [7fef94f2840] c:\windows\system32\uxtuneup.dll
    IAT C:\Windows\system32\winlogon.exe[820] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!ReadFile] [7fef94f2720] c:\windows\system32\uxtuneup.dll
    IAT C:\Windows\system32\winlogon.exe[820] @ C:\Windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress] [7fef94f2840] c:\windows\system32\uxtuneup.dll
    IAT C:\Windows\system32\winlogon.exe[820] @ C:\Windows\system32\themeservice.dll[KERNEL32.dll!ReadFile] [7fef94f2720] c:\windows\system32\uxtuneup.dll
    IAT C:\Windows\system32\svchost.exe[1112] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress] [7fef94f2840] c:\windows\system32\uxtuneup.dll
    IAT C:\Windows\system32\svchost.exe[1112] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!ReadFile] [7fef94f2720] c:\windows\system32\uxtuneup.dll
    IAT C:\Windows\system32\svchost.exe[1112] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress] [7fef94f2840] c:\windows\system32\uxtuneup.dll
    IAT C:\Windows\system32\svchost.exe[1112] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!ReadFile] [7fef94f2720] c:\windows\system32\uxtuneup.dll

    ---- Devices - GMER 2.1 ----

    Device \FileSystem\MBAMWebAccessControl \Device\StreamEitor fffff8800adec5ac
    Device \FileSystem\MBAMSwissArmy \Device\MBAMSwissArmy fffff8800addf138

    ---- Threads - GMER 2.1 ----

    Thread C:\Windows\system32\GWX\GWX.exe [2924:5480] 000007feefb11bb0

    ---- EOF - GMER 2.1 ----

  4. #4
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beďnvloeden.
    (hier en hier) kan je lezen hoe je dat doet.

    Download Zoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)

    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.

    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
      Code:
      emptyfolderscheck;delete
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      autoclean; 
      iedefaults;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

  5. #5
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82
    Juisterr hartelijk dank voor je reactie en medewerking.

    hier is het logje :


    Zoek.exe v5.0.0.0 Updated 23-09-2015
    Tool run by Hees on do 24-09-2015 at 17:58:57,52.
    Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
    Running in: Normal Mode Internet Access Detected
    Launched: C:\Users\Hees\Desktop\zoek.exe [Scan all users] [Script inserted]

    ==== System Restore Info ======================

    24-9-2015 18:01:32 Zoek.exe System Restore Point Created Successfully.

    ==== Empty Folders Check ======================

    C:\Users\Hees\AppData\Roaming\Enigma Software Group deleted successfully
    C:\Users\Hees\AppData\Roaming\Opera Software deleted successfully
    C:\Users\Hees\AppData\Roaming\WinRAR deleted successfully
    C:\Users\Hees\AppData\Local\Adobe deleted successfully
    C:\Users\Hees\AppData\Local\Downloaded Installations deleted successfully
    C:\Users\Hees\AppData\Local\Opera Software deleted successfully

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== Deleting Services ======================


    ==== Deleting Files \ Folders ======================

    C:\PROGRA~3\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat deleted
    C:\PROGRA~3\Package Cache deleted
    C:\Windows\SysNative\config\systemprofile\Searches deleted
    C:\Users\Hees\AppData\Roaming\Mozilla\Firefox\Profiles\luyrazst.default-1442865225337\jetpack deleted
    "C:\Users\Hees\AppData\Roaming\TNAH6ORSP6IW5JL6h" deleted
    "C:\Users\Hees\AppData\Roaming\WqFk4s4aYCKG4kDcF312lu" deleted

    ==== Firefox Start and Search pages ======================

    ProfilePath: C:\Users\Hees\AppData\Roaming\Mozilla\Firefox\Profiles\luyrazst.default-1442865225337
    user_pref("browser.startup.homepage", "https://www.google.nl/");

    ==== Firefox Extensions Registry ======================

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
    "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [26-08-2015 08:38]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\Hees\AppData\Roaming\Mozilla\Firefox\Profiles\luyrazst.default-1442865225337
    - CSHelper - %ProfilePath%\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
    - Facebook Disconnect - %ProfilePath%\extensions\facebook@disconnect.me.xpi
    - Google Disconnect - %ProfilePath%\extensions\google@disconnect.me.xpi
    - Facebook Disconnect - %ProfilePath%\extensions\jid0-dBgF7UkIiOsWqvBng4hYu@jetpack.xpi
    - Google Reverse Image Search - %ProfilePath%\extensions\{95322c08-05ff-4f3c-85fd-8ceb821988dd}.xpi
    - Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
    - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

    AppDir: C:\Program Files (x86)\Mozilla Firefox
    - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\Hees\AppData\Roaming\Mozilla\Firefox\Profiles\luyrazst.default-1442865225337
    8F3D2A9F07EBAB86DEFD13507CC1C8B2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
    104432156CA488B7761EB4C1B43C48E1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
    1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash


    ==== Chromium Look ======================


    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.google.nl/"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.google.nl/"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

    ==== Reset Google Chrome ======================

    Nothing found to reset

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gamerosd.exe deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstlink.exe deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvstview.exe deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\realconverter.exe deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\realplay.exe deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\realtrimmer.exe deleted successfully
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rnxproc.exe deleted successfully

    ==== Empty IE Cache ======================

    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Hees\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Users\Hees\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
    C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

    ==== Empty FireFox Cache ======================

    C:\Users\Hees\AppData\Local\Mozilla\Firefox\Profiles\luyrazst.default-1442865225337\cache2 emptied successfully

    ==== Empty Chrome Cache ======================

    No Chrome User Data found

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    No Java Cache Found

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=13 folders=12 6692466 bytes)

    ==== Empty Temp Folders ======================

    C:\Users\Default\AppData\Local\Temp emptied successfully
    C:\Users\Default User\AppData\Local\Temp emptied successfully
    C:\Users\Hees\AppData\Local\Temp will be emptied at reboot
    C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
    C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
    C:\Windows\Temp will be emptied at reboot

    ==== After Reboot ======================

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied
    C:\Users\Hees\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== EOF on do 24-09-2015 at 18:23:36,37 ======================

  6. #6
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82
    waarschijnlijk heb ik de log niet op de juiste manier gepost ,maar toevoegen als bijlage lukte mij niet ,ik kreeg een groen veld vaar ik niets mee doen kon

  7. #7
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Wordt aan gewerkt.

    Hoe gaat het nu ?

  8. #8
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82
    ja op zich gaat alles nu wel vlekkeloos ,met 1 klein puntje ,namelijk als ik in firefox meerdere tabs open heb en ik sluit er 1 van,dan geeft die nu en dan spontaan een nieuwe tab.
    De tab is er dan 1 die zo'n overzicht toont van de site's die je hebt bezocht.

    Ik heb gezien dat er register sleutels zijn verwijderd van gamerOSD en van Nvidia.
    Kan je mij daar iets over vertellen,het is namelijk software die ik zelf gedownload heb,als waren dat ze in een package zitten met drivers en software voor mijn Mainboard en grafic card.

    Tot zo ver al vast bedankt voor je hulp

  9. #9
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Mogelijk werden die aangezien voor malware ( dat kan als ze bv. corrupt zijn of op de verkeerde plaats geinstalleerd zijn)
    Als je die nodig hebt dien je die opnieuw te installeren.

  10. #10
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82
    Nou ja nodig heb ik ze niet echt ,dus ik laat het maar zo tot het moment dat ....
    Ik weet niet of er verder nog wat moet gebeuren,ik hoor het wel van je .

  11. #11
    Schermafbeelding van Juisterr



    Technische vaardigheid
    5. Expert
    Besturingssysteem
    Windows 7 Home Premium 64 bits
    Antivirus
    AV Defender
    Firewall
    router
    Berichten
    14.573
    Blog Berichten
    10
    Gebruikt tools kan je weer verwijderen.

    Bescherming tegen ongewenste software.

    Unchecky voorkomt installatie van ongewenste software

    Dubbelklik op het installatiebestand unchecky_setup.exe om de installatie te starten.
    In het scherm wat nu verschijnt kunt u voor meer opties kiezen, op deze manier kunt u zelf de locatie instellen waar Unchecky geďnstalleerd dien te worden.
    Klik vervolgens op de knop Install om Unchecky te installeren.
    Wanneer de installatie van Unchecky gereed is klikt u op Finish.
    Start na de installatie wel even de computer opnieuw op, dit om de wijzigingen in het hostsbestand van Windows door te voeren.



    Misschien ook beter om Hitmanproalert te installeren. Alert
    Uitleg hieronder.
    Uitleg

  12. #12
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82
    Juisterr bedankt voor je medewerking ik zal de tools weer verwijderen ,van defogger had ik begrepen dat ik daar eerst weer iets moet aan zetten .
    Unchecky neem ik mee als goeie tip en zal daar zeker gebruik van maken.

    bedankt

  13. #13
    Schermafbeelding van hesa
    Technische vaardigheid
    2. Redelijk ervaren
    Besturingssysteem
    Windows 7 Ultimate 64 bits
    Antivirus
    Windows Livecare
    Firewall
    Windows Firewall
    Berichten
    82
    oh ik weet niet maar bij deze zet ik het probleem op opgelost

Forum Rechten

  • Je mag geen nieuwe onderwerpen plaatsen
  • Je mag geen reacties plaatsen
  • Je mag geen bijlagen toevoegen
  • Je mag jouw berichten niet wijzigen
  •