start
CreateRestorePoint:
HKU\S-1-5-21-1243184377-1695436347-1374857548-1000\...\Run: [Chromium] => "c:\users\gebruiker\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session --restore-last-session
HKU\S-1-5-21-1243184377-1695436347-1374857548-1003\...\MountPoints2: {2354e13f-a5dc-11e3-a6c1-806e6f6e6963} - F:\AUTORUN.EXE
AppInit_DLLs: C:\ProgramData\Quotenamron\Anbam.dll => Geen bestand
AppInit_DLLs-x32: C:\ProgramData\Quotenamron\Lamdaming.dll => Geen bestand
GroupPolicy: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
SearchScopes: HKU\S-1-5-21-1243184377-1695436347-1374857548-1000 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3324758&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP2AA1B44C-96EC-4F65-B61D-26E413FD75A2&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1243184377-1695436347-1374857548-1003 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3324758&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP2AA1B44C-96EC-4F65-B61D-26E413FD75A2&q={searchTerms}&SSPV=
CHR Extension: (Google Wallet) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-13] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== AANDACHT
S3 WsDrvInst; "C:\Program Files (x86)\Keepvid\KeepVid KeepVid Pro\DriverInstall.exe" [X]
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]
2017-11-09 17:49 - 2017-11-12 14:50 - 000000284 _____ C:\Windows\Tasks\{6CB858E7-716A-1B47-2EBA-0224A3EE0564}.job
2017-11-09 17:49 - 2017-11-09 17:49 - 000003240 _____ C:\Windows\System32\Tasks\{6CB858E7-716A-1B47-2EBA-0224A3EE0564}
2017-11-09 17:49 - 2017-11-09 17:49 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\6CB858E7-716A-1B47-2EBA-0224A3EE0564
2017-11-09 17:48 - 2017-11-12 17:14 - 000000998 _____ C:\Windows\Tasks\Chromium dirol.job
2017-11-09 17:48 - 2017-11-09 17:49 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\denerit
2017-11-09 17:48 - 2017-11-09 17:49 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\{952BA377-B183-CFCF-DC1B-EA27F87316BF}
2017-11-09 17:48 - 2017-11-09 17:48 - 000000000 ____D C:\ProgramData\{C43E015D-4E7C-8B9B-C8BA-15D952F89E17}
2017-11-09 17:47 - 2017-11-09 17:59 - 000000000 ____D C:\ProgramData\BOINC
2017-11-09 17:47 - 2017-11-09 17:47 - 000000000 ____D C:\Windows\Downloaded Installations
2017-11-09 13:58 - 2017-11-09 13:58 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\Keepvid
2017-11-09 13:58 - 2017-11-09 13:58 - 000000000 ____D C:\ProgramData\Aimersoft
2017-11-09 13:57 - 2017-11-09 13:57 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\Aimersoft
2017-11-09 13:56 - 2017-11-09 14:08 - 000000000 ____D C:\Program Files (x86)\Keepvid
2017-11-09 13:56 - 2017-11-09 13:57 - 000000000 ____D C:\Users\Public\Documents\Keepvid
2017-11-09 13:56 - 2017-11-09 13:56 - 000000000 ____D C:\ProgramData\KeepVid
2017-11-09 18:03 - 2016-09-02 10:30 - 000000000 ____D C:\Users\Gebruiker\AppData\Local\chromium
2017-11-09 17:49 - 2017-11-09 17:47 - 001055936 _____ (Adobe) C:\Users\Gebruiker\AppData\Local\Temp\flashplayer_setup.exe
2017-11-09 00:28 - 2017-11-09 00:28 - 034776472 _____ (Ellora Assets Corporation                                   ) C:\Users\Gebruiker\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Program Files (x86)\OLBPre
CustomCLSID: HKU\S-1-5-21-1243184377-1695436347-1374857548-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Geen bestand
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
Task: {05BDF7EE-C67B-4BEC-BCD2-C7D674A1DC82} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== AANDACHT
Task: {A5AB7408-D6E1-4ED2-8FA9-53CF2AC37149} - System32\Tasks\{6CB858E7-716A-1B47-2EBA-0224A3EE0564} => C:\Users\Gebruiker\AppData\Local\6CB858E7-716A-1B47-2EBA-0224A3EE0564\SynHelper.exe [2013-04-09] () <==== AANDACHT
Task: {BC6F2E62-0ACE-454C-B7C5-F2D836CC2571} - \Chromium dirol -> Geen bestand <==== AANDACHT
Task: C:\Windows\Tasks\Chromium dirol.job => Wscript.exe  C:\ProgramData\{C43E015D-4E7C-8B9B-C8BA-15D952F89E17}\lime.txt <==== AANDACHT
Task: C:\Windows\Tasks\{6CB858E7-716A-1B47-2EBA-0224A3EE0564}.job => C:\Users\GEBRUI~1\AppData\Local\6CB858~1\SYNHEL~1.EXE <==== AANDACHT
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [131]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
FirewallRules: [{9C68E74A-AEFC-49BC-9BAC-93FE18621FBF}] => (Allow) C:\Users\Gebruiker\AppData\Local\Chromium\Application\chrome.exe
EmptyTemp:
Reboot:
end