Mededeling

Collapse
No announcement yet.

Kan geen afbeeldingen uploaden

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Kan geen afbeeldingen uploaden

    Vervolg op Program C:\Windows\SysWOW64\DllHost.exe



    HELP, het probleem is weer terug! Steeds als ik een foto wil plaatsen bij Facebook of een forum is het er weer.
    Ook krijg ik soms geen toegang, zie afbeelding.
    Helaas, ook hier kan ik geen foto plaatsen, maar dit is de tekst: Toegang D:\Users\Greet\Pictures\hier het nr vd afbeelding.jpg is geweigerd

    Nou wordt het nog gekker, ik kan echt geen foto`s meer uploaden!
    Nu krijg ik de volgende tekst:

    U bent niet bevoegd dit bestand te openen.
    Neem contact op met de eigenaar van dit bestand of met de systeembeheerder om toestemming te vragen.
    Groetjes Grace

  • #2
    Hoi Grace101,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Log enkel in als beheerder met alle rechten.
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....


    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links: Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    KLIK HIER voor een vergroting! 
    Klik op de foto voor een vergroting...

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Opmerking:Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    Beveiligingssoftware uitschakelen.

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner en klik op Verwijderen

    • KLIK HIER voor een vergroting! 
    • Klik bij AdwCleaner – Information op OK
    • Klik bij AdwCleaner – Restart Required op OK

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    Krijg je ze niet in 1 post, dan verdeel je het over meerdere postings.

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Oké, de meeste heb ik al. Ik zal ze morgen allemaal laten draaien en dan kom ik erop terug.
      Groetjes Grace

      Comment


      • #4
        Prima
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Malwarebytes Anti-Malware 1.75.0.1300
          www.malwarebytes.org

          Databaseversie: v2013.06.26.05

          Windows 7 Service Pack 1 x64 NTFS
          Internet Explorer 10.0.9200.16618
          Greet :: LAPPIE2 [administrator]

          1-7-2013 6:50:39
          mbam-log-2013-07-01 (06-50-39).txt

          Scan type: Volledige scan (C:\|D:\|Q:\|)
          Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
          Uitgeschakelde scan opties: P2P
          Objecten gescand: 451421
          Verstreken tijd: 1 uur/uren, 25 minuut/minuten, 27 seconde(n)

          Geheugenprocessen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Geheugenmodulen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registersleutels gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerwaarden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Registerdata gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Mappen gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          Bestanden gedetecteerd: 0
          (Geen kwaadaardige objecten gedetecteerd)

          (einde)
          # AdwCleaner v2.303 - Verslag gemaakt op 01/07/2013 om 12:01:34
          # Geactualiseerd op 08/06/2013 door Xplode
          # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
          # Gebruiker : Greet - LAPPIE2
          # Opstarten Modus : Normale modus
          # Gelanceerd vanaf : D:\Users\Greet\Downloads\adwcleaner.exe
          # Optie [Verwijderen]


          ***** [Diensten] *****


          ***** [Files / Mappen] *****

          File Verwijderd : C:\Users\Greet\AppData\Roaming\BabMaint.exe
          Map Verwijderd : C:\ProgramData\Babylon
          Map Verwijderd : C:\ProgramData\InstallMate
          Map Verwijderd : C:\ProgramData\ParetoLogic
          Map Verwijderd : C:\ProgramData\Partner
          Map Verwijderd : C:\ProgramData\SoftSafe
          Map Verwijderd : C:\ProgramData\Tarma Installer
          Map Verwijderd : C:\Users\Greet\AppData\LocalLow\Delta
          Map Verwijderd : C:\Users\Greet\AppData\Roaming\BabSolution
          Map Verwijderd : C:\Users\Greet\AppData\Roaming\Babylon
          Map Verwijderd : C:\Users\Greet\AppData\Roaming\DriverCure
          Map Verwijderd : C:\Users\Greet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Downloader
          Map Verwijderd : C:\Users\Greet\AppData\Roaming\NCdownloader
          Map Verwijderd : C:\Users\Greet\AppData\Roaming\OpenCandy
          Map Verwijderd : C:\Users\Greet\AppData\Roaming\ParetoLogic

          ***** [Register] *****

          Sleutel Verwijderd : HKCU\Software\1ClickDownload
          Sleutel Verwijderd : HKCU\Software\APN PIP
          Sleutel Verwijderd : HKCU\Software\AppDataLow\SProtector
          Sleutel Verwijderd : HKCU\Software\BabylonToolbar
          Sleutel Verwijderd : HKCU\Software\BI
          Sleutel Verwijderd : HKCU\Software\DataMngr
          Sleutel Verwijderd : HKCU\Software\DataMngr_Toolbar
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
          Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
          Sleutel Verwijderd : HKCU\Software\OCS
          Sleutel Verwijderd : HKCU\Software\SmartBar
          Sleutel Verwijderd : HKCU\Software\Softonic
          Sleutel Verwijderd : HKCU\Software\5957d7dce06ee913
          Sleutel Verwijderd : HKCU\Software\5d08bd1e53bed41
          Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
          Sleutel Verwijderd : HKLM\Software\Babylon
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap
          Sleutel Verwijderd : HKLM\Software\Conduit
          Sleutel Verwijderd : HKLM\Software\DataMngr
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
          Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
          Sleutel Verwijderd : HKLM\Software\PIP
          Sleutel Verwijderd : HKLM\Software\SP Global
          Sleutel Verwijderd : HKLM\Software\SProtector
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\5957d7dce06ee913
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\5d08bd1e53bed41
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
          Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
          Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
          Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer
          Waarde Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
          Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

          ***** [Browsers] *****

          -\\ Internet Explorer v10.0.9200.16618

          [OK] Het register bevat geen enkele ongeoorloofde invoer.

          -\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

          File : C:\Users\Greet\AppData\Local\Google\Chrome\User Data\Default\Preferences

          [OK] De file bevat geen enkele ongeoorloofde invoer.

          *************************

          AdwCleaner[S1].txt - [5128 octets] - [01/07/2013 12:01:34]

          ########## EOF - C:\AdwCleaner[S1].txt - [5188 octets] ##########
          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 10.0.9200.16618 BrowserJavaVersion: 10.21.2
          Run by Greet at 12:09:21 on 2013-07-01
          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4008.1777 [GMT 2:00]
          .
          AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
          SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
          .
          ============== Running Processes ===============
          .
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\nvvsvc.exe
          C:\Windows\system32\svchost.exe -k RPCSS
          c:\Program Files\Microsoft Security Client\MsMpEng.exe
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\svchost.exe -k GPSvcGroup
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
          C:\Windows\system32\nvvsvc.exe
          C:\Windows\system32\FBAgent.exe
          C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
          C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
          C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\taskeng.exe
          C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
          C:\Windows\system32\taskhost.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\system32\Dwm.exe
          C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
          C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
          C:\Windows\Explorer.EXE
          C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
          C:\Program Files\Bonjour\mDNSResponder.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
          C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
          C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
          C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
          C:\Program Files\Microsoft Security Client\msseces.exe
          D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
          D:\Gmail Notifier\gnotify.exe
          C:\Program Files (x86)\iTunes\iTunesHelper.exe
          C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
          C:\Windows\AsScrPro.exe
          C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
          C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
          C:\Windows\system32\SearchIndexer.exe
          C:\Windows\System32\alg.exe
          C:\Program Files\iPod\bin\iPodService.exe
          c:\Program Files\Microsoft Security Client\NisSrv.exe
          C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
          C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
          C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
          C:\Windows\servicing\TrustedInstaller.exe
          C:\Windows\system32\SearchProtocolHost.exe
          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
          C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          C:\Windows\splwow64.exe
          C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
          C:\Windows\system32\sppsvc.exe
          C:\Windows\system32\wuauclt.exe
          C:\Windows\system32\SearchFilterHost.exe
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = hxxps://www.google.nl/
          uSearch Bar = Preserve
          uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
          uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
          mWinlogon: Userinit = userinit.exe,
          BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
          BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
          TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
          TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
          EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
          uRun: [PC Suite Tray] "D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
          mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] D:\Gmail Notifier\gnotify.exe
          mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
          mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
          mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
          mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
          mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
          dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableUIADesktopToggle = dword:0
          IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
          IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
          IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
          DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
          DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
          DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://klaassendoesburg.axiscam.net/activex/AMC.cab
          TCP: NameServer = 192.168.1.1
          TCP: Interfaces\{34D7C7E9-A758-4267-BFE7-95FC4DD78907} : DHCPNameServer = 192.168.1.1
          TCP: Interfaces\{34D7C7E9-A758-4267-BFE7-95FC4DD78907}\649485 : DHCPNameServer = 62.165.127.222 80.65.96.50 192.168.1.1
          Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
          AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
          SSODL: WebCheck - <orphaned>
          x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
          x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
          x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
          x64-Notify: igfxcui - igfxdev.dll
          x64-SSODL: WebCheck - <orphaned>
          .
          ============= SERVICES / DRIVERS ===============
          .
          R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
          R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-4-8 30496]
          R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
          R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
          R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
          R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-8 143088]
          R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-3-24 379520]
          R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
          R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
          R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]
          R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
          R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-12-13 138024]
          R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]
          R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
          R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-24 333928]
          R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
          R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
          R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
          R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
          R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
          S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe --> C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [?]
          S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-3-24 48488]
          S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
          S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-3-19 19032]
          S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-3-19 9584]
          S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-12 19456]
          S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-3-24 290920]
          S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-12 57856]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-19 1255736]
          S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
          .
          =============== Created Last 30 ================
          .
          2013-07-01 04:44:26 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9E3046D2-A356-4B3B-A98E-A67C7F759B42}\mpengine.dll
          2013-06-30 19:52:39 73728 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
          2013-06-30 19:52:39 73728 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
          2013-06-30 19:52:39 53248 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
          2013-06-30 19:52:39 49152 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
          2013-06-30 19:52:39 49152 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
          2013-06-30 19:52:35 -------- d-----w- C:\Users\Greet\AppData\Local\Nokia
          2013-06-30 19:52:34 -------- d-----w- C:\Program Files (x86)\Nokia
          2013-06-29 19:45:48 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
          2013-06-21 18:44:25 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68F774B2-DFAE-4794-995D-0C24661F0184}\gapaengine.dll
          2013-06-15 19:38:39 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
          2013-06-15 19:38:38 -------- d-----w- C:\Windows\System32\wbem\en-US
          2013-06-12 13:05:56 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
          2013-06-09 22:35:57 0 ----a-w- C:\Windows\SysWow64\sho4535.tmp
          2013-06-07 20:22:37 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
          2013-06-07 20:22:01 -------- d-----w- C:\Program Files\iPod
          2013-06-07 20:22:00 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
          2013-06-07 20:22:00 -------- d-----w- C:\Program Files\iTunes
          2013-06-07 20:22:00 -------- d-----w- C:\Program Files (x86)\iTunes
          2013-06-07 20:21:34 -------- d-----w- C:\Program Files\Bonjour
          2013-06-07 20:21:34 -------- d-----w- C:\Program Files (x86)\Bonjour
          2013-06-07 19:15:53 -------- d-----w- C:\Desktop
          2013-06-07 06:30:50 -------- d-----w- C:\Users\Greet\AppData\Roaming\PC Tools Performance Toolkit
          2013-06-07 06:23:49 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll
          2013-06-07 06:23:47 108832 ----a-w- C:\Windows\SysWow64\drivers\PCTDMDefrag.sys
          2013-06-07 06:23:19 -------- d-----w- C:\Program Files (x86)\PC Tools
          2013-06-07 06:23:02 -------- d-----w- C:\ProgramData\PC Tools
          2013-06-07 06:23:01 -------- d-----w- C:\Users\Greet\AppData\Roaming\Product_PT
          2013-06-03 10:10:17 -------- d-----w- C:\Program Files (x86)\Axis Communications
          2013-06-01 12:45:20 -------- d-----w- C:\Windows\rescache
          .
          ==================== Find3M ====================
          .
          2013-06-12 12:58:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2013-06-12 12:58:02 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
          2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
          2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
          2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
          2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
          2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
          2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
          2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
          2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
          2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
          2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
          2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
          2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
          2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
          2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
          2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
          2013-04-20 05:19:13 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
          2013-04-20 05:19:10 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
          2013-04-20 05:19:10 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
          2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
          2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
          2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
          2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
          2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
          2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
          2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
          2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
          2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
          2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
          2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
          2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
          2013-04-08 15:56:01 1169609 ----a-w- C:\Windows\unins000.exe
          2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
          2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
          .
          ============= FINISH: 12:10:55,52 ===============
          Results of screen317's Security Check version 0.99.68
          Windows 7 Service Pack 1 x64 (UAC is enabled)
          Internet Explorer 10
          ``````````````Antivirus/Firewall Check:``````````````
          Microsoft Security Essentials
          Antivirus up to date!
          `````````Anti-malware/Other Utilities Check:`````````
          Java 7 Update 21
          Java version out of Date!
          Adobe Flash Player 10 Flash Player out of Date!
          Adobe Reader XI
          Mozilla Thunderbird (17.0.6)
          ````````Process Check: objlist.exe by Laurent````````
          Microsoft Security Essentials MSMpEng.exe
          Microsoft Security Essentials msseces.exe
          `````````````````System Health check`````````````````
          Total Fragmentation on Drive C: 0%
          ````````````````````End of Log``````````````````````
          Groetjes Grace

          Comment


          • #6
            Java en flashplayer inmiddels geupdated, vreemd normaal ging dat automatisch.
            Groetjes Grace

            Comment


            • #7
              Download of Update Ccleaner

              Start CCleaner op.
              • Run Ccleaner en klik in de linkse kolom op Opties
              • Selecteer het tabblad Geavanceerd
              • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
              • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
              • Selecteer het tabblad Instellingen
              • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
              • Klik in de linkse kolom op Cleaner.
              • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
              • Klik vervolgens in de linkse kolom op Register
              • Klik op Scan naar problemen.
              • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK




              Download SystemLook.exe x64 en plaats het bestand op het Bureaublad.
              Dubbelklik SystemLook.exe om het programma te starten.
              In het venster dat opent kopieer je onderstaande code:

              Code:
              :filefind
              *DllHost*
              :folderfind
              *DllHost*
              :regfind
              *DllHost*
              Klik op de knop "Look" om de scan te activeren.

              Als de scan klaar is opent een tekstbestand (SystemLook.txt).
              Post de inhoud van dit bestand.
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment


              • #8
                SystemLook 30.07.11 by jpshortstuff
                Log created at 14:52 on 01/07/2013 by Greet
                Administrator - Elevation successful

                ========== filefind ==========

                Searching for "*DllHost*"
                C:\Windows\Prefetch\DLLHOST.EXE-03FAC23C.pf --a---- 23782 bytes [09:56 01/07/2013] [09:56 01/07/2013] A7C21A31292CC97CA5614007572980E7
                C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf --a---- 29568 bytes [05:55 25/05/2013] [11:21 01/07/2013] 24C0C0E974CAF9ECD28F430BA79B5C46
                C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf --a---- 97020 bytes [20:43 30/06/2013] [20:54 30/06/2013] CFFCD1D21099CFC736C8BAFFB2DEDBC5
                C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf --a---- 88096 bytes [08:15 30/06/2013] [12:51 01/07/2013] BD6624E379638B60D45EAF5268AD8BB0
                C:\Windows\Prefetch\DLLHOST.EXE-67751737.pf --a---- 189928 bytes [20:24 30/06/2013] [20:24 30/06/2013] 5E44377ABD829DE7B43A9352C3155558
                C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf --a---- 19580 bytes [19:35 30/06/2013] [12:51 01/07/2013] 7BE149E8829C31D9706B5EEE6DA7266B
                C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf --a---- 92560 bytes [08:16 30/06/2013] [10:20 01/07/2013] 14EB8FEB9AEF68CAD455CE95270FEF43
                C:\Windows\Prefetch\DLLHOST.EXE-A8DE6D5B.pf --a---- 29496 bytes [16:39 19/06/2013] [12:51 01/07/2013] 37BC458BDE4E50F6E9D767D79C0C0E34
                C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf --a---- 53046 bytes [10:11 01/07/2013] [10:11 01/07/2013] ADFAFCEB323B1EEC15F9A34D2119970A
                C:\Windows\Prefetch\DLLHOST.EXE-E7777CC4.pf --a---- 28076 bytes [06:09 25/05/2013] [11:33 01/07/2013] D8E0D3FE3B750ABD0026AF0A2F26437F
                C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf --a---- 24442 bytes [09:53 01/07/2013] [11:24 01/07/2013] 3ECDD472C6D2A8024212AA2389610AB6
                C:\Windows\Prefetch\DLLHOST.EXE-EEE13F6D.pf --a---- 24964 bytes [08:23 30/06/2013] [12:21 01/07/2013] 3B9764DC0645E20A7176E6D20A5DE8AB
                C:\Windows\Prefetch\DLLHOST.EXE-F2DCEF0D.pf --a---- 20658 bytes [09:54 01/07/2013] [10:39 01/07/2013] 1C3D27F2766100D03AE68BD57869B640
                C:\Windows\System32\dllhost.exe --a---- 9728 bytes [23:59 13/07/2009] [01:39 14/07/2009] A8EDB86FC2A4D6D1285E4C70384AC35A
                C:\Windows\SysWOW64\dllhost.exe --a---- 7168 bytes [23:43 13/07/2009] [01:14 14/07/2009] A63DC5C2EA944E6657203E0C8EDEAF61
                C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe --a---- 9728 bytes [23:59 13/07/2009] [01:39 14/07/2009] A8EDB86FC2A4D6D1285E4C70384AC35A
                C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe --a---- 7168 bytes [23:43 13/07/2009] [01:14 14/07/2009] A63DC5C2EA944E6657203E0C8EDEAF61

                ========== folderfind ==========

                Searching for "*DllHost*"
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_01831d6f d----c- [08:20 16/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_019ba5c3 d----c- [17:25 24/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_03f53998 d----c- [19:05 18/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_04536b4f d----c- [20:36 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_05e35f7d d----c- [20:36 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_06d71007 d----c- [18:48 26/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0b565a45 d----c- [18:50 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0d0b404a d----c- [20:36 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0db3866f d----c- [18:14 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0db57a1f d----c- [19:01 13/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0dd3051f d----c- [08:20 16/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0e23b6d1 d----c- [18:14 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0e5eb220 d----c- [19:05 26/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0ec6ecc3 d----c- [18:50 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_0f7346b0 d----c- [20:36 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_100e9ef2 d----c- [18:50 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_105d8f25 d----c- [19:01 13/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_10b767d7 d----c- [06:03 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_10ef7934 d----c- [20:36 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_11ab907e d----c- [17:25 24/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1486d671 d----c- [19:11 13/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_14e99eae d----c- [08:19 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1512ef00 d----c- [06:02 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_15b1450e d----c- [13:59 20/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1633ab7a d----c- [20:36 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_165fd365 d----c- [17:26 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_16c872b1 d----c- [19:00 18/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_16eaecbf d----c- [19:11 13/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_173dc3bb d----c- [08:19 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1776fb13 d----c- [13:44 20/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_17b7abc9 d----c- [17:26 07/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_184230d5 d----c- [18:50 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_18a3e581 d----c- [13:45 20/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1a6beb0c d----c- [17:25 24/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1a8f8e80 d----c- [20:53 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1b248ef8 d----c- [19:00 18/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1b808eed d----c- [20:41 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1b951872 d----c- [19:05 18/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1bbd21f5 d----c- [13:59 20/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1c800cd1 d----c- [18:52 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1cc92cf0 d----c- [20:25 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_1dec99b6 d----c- [20:24 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_213be71b d----c- [20:41 30/06/2013]
                C:\Users\Greet\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_DllHost.exe_565d93e05de3e0 1a9bb87113b99eae8f9316d123_22ff6c41 d----c- [20:53 30/06/2013]

                ========== regfind ==========

                Searching for "*DllHost*"
                No data found.

                -= EOF =-
                Groetjes Grace

                Comment


                • #9
                  Download TFC en sla deze op je Bureaublad op.
                  • Dubbelklik op TFC.exe om het programma te openen.
                  • Het programma zal alle andere programma's sluiten, zorg er dus voor dat je al je werk hebt opgeslagen voordat je verder gaat.
                  • Klik op de knop Start om het programma te starten.
                  • Als het programma klaar is, dan zal het je computer opnieuw opstarten.
                    Als dit niet gebeurt, start dan je computer handmatig opnieuw op.


                  _____________________________________________________________

                  Download Combofix en plaats het op je bureaublad.

                  KLIK HIER voor een vergroting! 

                  Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                  Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


                  Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


                  Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                  Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                  Als Combofix vraagt om een update, dan staat je dit toe.

                  Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                  Deze kan je vinden als C:\combofix.txt.

                  Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                  Emphyrio
                  Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                  E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                  Comment


                  • #10
                    ComboFix 13-06-30.01 - Greet 02-07-2013 11:59:16.1.4 - x64
                    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4008.2470 [GMT 2:00]
                    Gestart vanuit: d:\users\Greet\Downloads\ComboFix.exe
                    AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
                    SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
                    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                    .
                    .
                    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    c:\programdata\FullRemove.exe
                    c:\users\Greet\AppData\Roaming\Microsoft\Windows\Recent\0900 nummers.url
                    c:\windows\msvcr71.dll
                    .
                    .
                    (((((((((((((((((((( Bestanden Gemaakt van 2013-06-02 to 2013-07-02 ))))))))))))))))))))))))))))))
                    .
                    .
                    2013-07-02 10:05 . 2013-07-02 10:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
                    2013-07-02 10:05 . 2013-07-02 10:05 -------- d-----w- c:\users\Default\AppData\Local\temp
                    2013-07-02 08:38 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CDCE0707-6209-449A-A2FC-CEA13897C968}\mpengine.dll
                    2013-07-01 10:42 . 2013-07-01 10:42 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                    2013-07-01 10:42 . 2013-07-01 10:42 -------- d-----w- c:\program files (x86)\Java
                    2013-07-01 04:44 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                    2013-06-30 19:52 . 2013-06-30 19:52 73728 ----a-r- c:\users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
                    2013-06-30 19:52 . 2013-06-30 19:52 73728 ----a-r- c:\users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
                    2013-06-30 19:52 . 2013-06-30 19:52 53248 ----a-r- c:\users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
                    2013-06-30 19:52 . 2013-06-30 19:52 49152 ----a-r- c:\users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
                    2013-06-30 19:52 . 2013-06-30 19:52 49152 ----a-r- c:\users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
                    2013-06-30 19:52 . 2013-06-30 19:52 -------- d-----w- c:\users\Greet\AppData\Local\Nokia
                    2013-06-30 19:52 . 2013-06-30 19:52 -------- d-----w- c:\program files (x86)\Nokia
                    2013-06-21 18:44 . 2013-06-21 18:44 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{68F774B2-DFAE-4794-995D-0C24661F0184}\gapaengine.dll
                    2013-06-15 19:38 . 2013-06-15 19:38 -------- d-----w- c:\windows\SysWow64\wbem\en-US
                    2013-06-15 19:38 . 2013-06-15 19:38 -------- d-----w- c:\windows\system32\wbem\en-US
                    2013-06-12 13:05 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
                    2013-06-07 20:22 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
                    2013-06-07 20:22 . 2013-06-07 20:22 -------- d-----w- c:\program files\iPod
                    2013-06-07 20:22 . 2013-06-07 20:22 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
                    2013-06-03 10:10 . 2013-06-03 10:10 -------- d-----w- c:\program files (x86)\Axis Communications
                    .
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    2013-07-01 10:47 . 2013-03-19 08:18 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                    2013-07-01 10:47 . 2013-03-19 08:18 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                    2013-07-01 10:42 . 2013-04-19 21:10 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
                    2013-07-01 10:42 . 2013-04-19 21:10 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
                    2013-06-12 15:05 . 2013-03-18 22:10 75825640 ----a-w- c:\windows\system32\MRT.exe
                    2013-05-21 14:16 . 2013-03-21 19:46 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
                    2013-05-02 16:54 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
                    2013-05-02 15:29 . 2013-03-18 18:33 278800 ------w- c:\windows\system32\MpSigStub.exe
                    2013-05-02 13:26 . 2013-05-02 13:26 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
                    2013-05-02 13:25 . 2013-05-02 13:25 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
                    2013-04-13 05:49 . 2013-05-16 07:07 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
                    2013-04-13 05:49 . 2013-05-16 07:07 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
                    2013-04-13 05:49 . 2013-05-16 07:07 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
                    2013-04-13 05:49 . 2013-05-16 07:07 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
                    2013-04-13 04:45 . 2013-05-16 07:07 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
                    2013-04-13 04:45 . 2013-05-16 07:07 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
                    2013-04-12 14:45 . 2013-04-23 21:18 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
                    2013-04-12 06:15 . 2013-04-12 06:15 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
                    2013-04-12 06:14 . 2013-04-12 06:14 856712 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
                    2013-04-10 06:01 . 2013-05-16 07:07 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
                    2013-04-10 06:01 . 2013-05-16 07:07 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
                    2013-04-10 03:30 . 2013-05-16 07:06 3153920 ----a-w- c:\windows\system32\win32k.sys
                    2013-04-08 15:56 . 2013-04-08 15:56 1169609 ----a-w- c:\windows\unins000.exe
                    2013-04-08 11:32 . 2013-04-08 11:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 201576 ----a-w- c:\windows\SysWow64\nvinit.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 7935352 ----a-w- c:\windows\SysWow64\nvcuda.dll
                    2013-04-08 11:32 . 2011-03-24 12:59 1107440 ----a-w- c:\windows\system32\nvumdshimx.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 30496 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
                    2013-04-08 11:32 . 2013-04-08 11:32 962216 ----a-w- c:\windows\SysWow64\nvumdshim.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 2722592 ----a-w- c:\windows\SysWow64\nvcuvid.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 1988384 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 18061328 ----a-w- c:\windows\system32\nvd3dumx.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 11077920 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
                    2013-04-08 11:32 . 2013-04-08 11:32 15054288 ----a-w- c:\windows\system32\nvwgf2umx.dll
                    2013-04-08 11:32 . 2011-03-24 12:59 2833232 ----a-w- c:\windows\system32\nvapi64.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 20458784 ----a-w- c:\windows\SysWow64\nvoglv32.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 26938656 ----a-w- c:\windows\system32\nvoglv64.dll
                    2013-04-08 11:32 . 2011-03-24 12:59 245872 ----a-w- c:\windows\system32\nvinitx.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 6264680 ----a-w- c:\windows\SysWow64\nvopencl.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 12642504 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 9393344 ----a-w- c:\windows\system32\nvcuda.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 15135104 ----a-w- c:\windows\SysWow64\nvd3dum.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 7567136 ----a-w- c:\windows\system32\nvopencl.dll
                    2013-04-08 11:32 . 2012-10-08 10:42 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 2512336 ----a-w- c:\windows\SysWow64\nvapi.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
                    2013-04-08 11:32 . 2012-10-08 10:42 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 2906912 ----a-w- c:\windows\system32\nvcuvid.dll
                    2013-04-08 11:32 . 2013-04-08 11:32 2347296 ----a-w- c:\windows\system32\nvcuvenc.dll
                    2013-04-04 12:50 . 2013-03-26 11:13 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
                    .
                    .
                    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                    REGEDIT4
                    .
                    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "PC Suite Tray"="d:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="d:\gmail notifier\gnotify.exe" [2005-07-15 479232]
                    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
                    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
                    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
                    "NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
                    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                    "ConsentPromptBehaviorAdmin"= 5 (0x5)
                    "ConsentPromptBehaviorUser"= 3 (0x3)
                    "EnableUIADesktopToggle"= 0 (0x0)
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
                    "LoadAppInit_DLLs"=1 (0x1)
                    "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
                    "aux"=wdmaud.drv
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
                    @=""
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
                    @="Service"
                    .
                    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
                    R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
                    R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
                    R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
                    R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
                    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
                    R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
                    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
                    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                    R3 uxddrv;Dynamically loaded UxdDrv;f:\wow64\uxddrv64.sys;f:\wow64\uxddrv64.sys [x]
                    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
                    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
                    S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
                    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
                    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
                    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
                    S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
                    S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
                    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
                    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
                    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
                    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
                    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
                    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh .sys [x]
                    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
                    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
                    .
                    .
                    Inhoud van de 'Gedeelde Taken' map
                    .
                    2013-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job
                    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 10:47]
                    .
                    .
                    --------- X64 Entries -----------
                    .
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_B]
                    @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
                    [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
                    2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
                    .
                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_O]
                    @="{64174815-8D98-4CE6-8646-4C039977D808}"
                    [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
                    2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
                    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
                    .
                    ------- Bijkomende Scan -------
                    .
                    uLocal Page = c:\windows\system32\blank.htm
                    uStart Page = https://www.google.nl/
                    mLocal Page = c:\windows\SysWOW64\blank.htm
                    uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
                    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
                    TCP: DhcpNameServer = 192.168.1.1
                    DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://klaassendoesburg.axiscam.net/activex/AMC.cab
                    .
                    - - - - ORPHANS VERWIJDERD - - - -
                    .
                    Toolbar-Locked - (no file)
                    Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
                    Toolbar-Locked - (no file)
                    AddRemove-{D7A9E36A-3813-8543-16C2-3F328A4E7A82} - c:\progra~3\INSTAL~2\{45505~1\Setup.exe
                    AddRemove-{DEE9B79D-24AB-4F26-949D-83A34E33AFD4} - c:\progra~3\INSTAL~2\{BFAA0~1\Setup.exe
                    .
                    .
                    .
                    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="FlashBroker"
                    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe ,-101"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                    "Enabled"=dword:00000001
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="IFlashBroker5"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                    @="{00020424-0000-0000-C000-000000000046}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    "Version"="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="FlashBroker"
                    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe ,-101"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                    "Enabled"=dword:00000001
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                    @Denied: (A 2) (Everyone)
                    @="Shockwave Flash Object"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                    "ThreadingModel"="Apartment"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                    @="0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                    @="ShockwaveFlash.ShockwaveFlash.11"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                    @="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                    @="ShockwaveFlash.ShockwaveFlash"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                    @Denied: (A 2) (Everyone)
                    @="Macromedia Flash Factory Object"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
                    "ThreadingModel"="Apartment"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                    @="FlashFactory.FlashFactory.1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                    @="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                    @="FlashFactory.FlashFactory"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                    @Denied: (A 2) (Everyone)
                    @="IFlashBroker5"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                    @="{00020424-0000-0000-C000-000000000046}"
                    .
                    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                    "Version"="1.0"
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
                    @Denied: (A) (Users)
                    @Denied: (A) (Everyone)
                    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
                    "BlindDial"=dword:00000000
                    .
                    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
                    @Denied: (Full) (Everyone)
                    .
                    Voltooingstijd: 2013-07-02 12:08:05
                    ComboFix-quarantined-files.txt 2013-07-02 10:08
                    .
                    Pre-Run: 30.848.888.832 bytes beschikbaar
                    Post-Run: 30.689.775.616 bytes beschikbaar
                    .
                    - - End Of File - - 5452845B8669B30A7E7AC358F6F406AA
                    D41D8CD98F00B204E9800998ECF8427E
                    Groetjes Grace

                    Comment


                    • #11
                      DDS (Ver_2012-11-20.01) - NTFS_AMD64
                      Internet Explorer: 10.0.9200.16618 BrowserJavaVersion: 10.21.2
                      Run by Greet at 12:09:21 on 2013-07-01
                      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4008.1777 [GMT 2:00]
                      .
                      AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
                      SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                      SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
                      .
                      ============== Running Processes ===============
                      .
                      C:\Windows\system32\lsm.exe
                      C:\Windows\system32\svchost.exe -k DcomLaunch
                      C:\Windows\system32\nvvsvc.exe
                      C:\Windows\system32\svchost.exe -k RPCSS
                      c:\Program Files\Microsoft Security Client\MsMpEng.exe
                      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                      C:\Windows\system32\svchost.exe -k LocalService
                      C:\Windows\system32\svchost.exe -k netsvcs
                      C:\Windows\system32\svchost.exe -k GPSvcGroup
                      C:\Windows\system32\svchost.exe -k NetworkService
                      C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                      C:\Windows\system32\nvvsvc.exe
                      C:\Windows\system32\FBAgent.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
                      C:\Windows\System32\spoolsv.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                      C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
                      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                      C:\Windows\system32\taskhost.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\system32\Dwm.exe
                      C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
                      C:\Windows\Explorer.EXE
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
                      C:\Program Files\Bonjour\mDNSResponder.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                      C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
                      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
                      C:\Windows\system32\svchost.exe -k imgsvc
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
                      C:\Program Files\Microsoft Security Client\msseces.exe
                      D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
                      D:\Gmail Notifier\gnotify.exe
                      C:\Program Files (x86)\iTunes\iTunesHelper.exe
                      C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                      C:\Windows\AsScrPro.exe
                      C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
                      C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
                      C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
                      C:\Windows\system32\SearchIndexer.exe
                      C:\Windows\System32\alg.exe
                      C:\Program Files\iPod\bin\iPodService.exe
                      c:\Program Files\Microsoft Security Client\NisSrv.exe
                      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                      C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
                      C:\Program Files\Windows Media Player\wmpnetwk.exe
                      C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
                      C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
                      C:\Windows\servicing\TrustedInstaller.exe
                      C:\Windows\system32\SearchProtocolHost.exe
                      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                      C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
                      C:\Program Files\Internet Explorer\iexplore.exe
                      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                      C:\Windows\splwow64.exe
                      C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
                      C:\Windows\system32\sppsvc.exe
                      C:\Windows\system32\wuauclt.exe
                      C:\Windows\system32\SearchFilterHost.exe
                      C:\Windows\system32\wbem\wmiprvse.exe
                      C:\Windows\System32\cscript.exe
                      .
                      ============== Pseudo HJT Report ===============
                      .
                      uStart Page = hxxps://www.google.nl/
                      uSearch Bar = Preserve
                      uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
                      uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
                      mWinlogon: Userinit = userinit.exe,
                      BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
                      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                      BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                      TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                      TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                      EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                      uRun: [PC Suite Tray] "D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
                      mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] D:\Gmail Notifier\gnotify.exe
                      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                      mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
                      mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
                      mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                      mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
                      dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
                      mPolicies-Explorer: NoActiveDesktop = dword:1
                      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
                      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                      mPolicies-System: ConsentPromptBehaviorUser = dword:3
                      mPolicies-System: EnableUIADesktopToggle = dword:0
                      IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
                      IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                      DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                      DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                      DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://klaassendoesburg.axiscam.net/activex/AMC.cab
                      TCP: NameServer = 192.168.1.1
                      TCP: Interfaces\{34D7C7E9-A758-4267-BFE7-95FC4DD78907} : DHCPNameServer = 192.168.1.1
                      TCP: Interfaces\{34D7C7E9-A758-4267-BFE7-95FC4DD78907}\649485 : DHCPNameServer = 62.165.127.222 80.65.96.50 192.168.1.1
                      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                      AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
                      SSODL: WebCheck - <orphaned>
                      x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
                      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
                      x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
                      x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                      x64-Notify: igfxcui - igfxdev.dll
                      x64-SSODL: WebCheck - <orphaned>
                      .
                      ============= SERVICES / DRIVERS ===============
                      .
                      R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
                      R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-4-8 30496]
                      R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
                      R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
                      R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
                      R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-8 143088]
                      R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-3-24 379520]
                      R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
                      R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
                      R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]
                      R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
                      R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-12-13 138024]
                      R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]
                      R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
                      R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-24 333928]
                      R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
                      R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
                      R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
                      R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
                      R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
                      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                      S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe --> C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [?]
                      S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-3-24 48488]
                      S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
                      S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-3-19 19032]
                      S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-3-19 9584]
                      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-12 19456]
                      S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-3-24 290920]
                      S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
                      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-12 57856]
                      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-19 1255736]
                      S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
                      .
                      =============== Created Last 30 ================
                      .
                      2013-07-01 04:44:26 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9E3046D2-A356-4B3B-A98E-A67C7F759B42}\mpengine.dll
                      2013-06-30 19:52:39 73728 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
                      2013-06-30 19:52:39 73728 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
                      2013-06-30 19:52:39 53248 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
                      2013-06-30 19:52:39 49152 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
                      2013-06-30 19:52:39 49152 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
                      2013-06-30 19:52:35 -------- d-----w- C:\Users\Greet\AppData\Local\Nokia
                      2013-06-30 19:52:34 -------- d-----w- C:\Program Files (x86)\Nokia
                      2013-06-29 19:45:48 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                      2013-06-21 18:44:25 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68F774B2-DFAE-4794-995D-0C24661F0184}\gapaengine.dll
                      2013-06-15 19:38:39 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
                      2013-06-15 19:38:38 -------- d-----w- C:\Windows\System32\wbem\en-US
                      2013-06-12 13:05:56 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
                      2013-06-09 22:35:57 0 ----a-w- C:\Windows\SysWow64\sho4535.tmp
                      2013-06-07 20:22:37 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
                      2013-06-07 20:22:01 -------- d-----w- C:\Program Files\iPod
                      2013-06-07 20:22:00 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
                      2013-06-07 20:22:00 -------- d-----w- C:\Program Files\iTunes
                      2013-06-07 20:22:00 -------- d-----w- C:\Program Files (x86)\iTunes
                      2013-06-07 20:21:34 -------- d-----w- C:\Program Files\Bonjour
                      2013-06-07 20:21:34 -------- d-----w- C:\Program Files (x86)\Bonjour
                      2013-06-07 19:15:53 -------- d-----w- C:\Desktop
                      2013-06-07 06:30:50 -------- d-----w- C:\Users\Greet\AppData\Roaming\PC Tools Performance Toolkit
                      2013-06-07 06:23:49 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll
                      2013-06-07 06:23:47 108832 ----a-w- C:\Windows\SysWow64\drivers\PCTDMDefrag.sys
                      2013-06-07 06:23:19 -------- d-----w- C:\Program Files (x86)\PC Tools
                      2013-06-07 06:23:02 -------- d-----w- C:\ProgramData\PC Tools
                      2013-06-07 06:23:01 -------- d-----w- C:\Users\Greet\AppData\Roaming\Product_PT
                      2013-06-03 10:10:17 -------- d-----w- C:\Program Files (x86)\Axis Communications
                      2013-06-01 12:45:20 -------- d-----w- C:\Windows\rescache
                      .
                      ==================== Find3M ====================
                      .
                      2013-06-12 12:58:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                      2013-06-12 12:58:02 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                      2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
                      2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
                      2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
                      2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
                      2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
                      2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
                      2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
                      2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
                      2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
                      2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
                      2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
                      2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
                      2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
                      2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
                      2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
                      2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
                      2013-04-20 05:19:13 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                      2013-04-20 05:19:10 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
                      2013-04-20 05:19:10 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
                      2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
                      2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
                      2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
                      2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
                      2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
                      2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
                      2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
                      2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
                      2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
                      2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
                      2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
                      2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
                      2013-04-08 15:56:01 1169609 ----a-w- C:\Windows\unins000.exe
                      2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
                      2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
                      .
                      ============= FINISH: 12:10:55,52 ===============
                      DDS (Ver_2012-11-20.01) - NTFS_AMD64
                      Internet Explorer: 10.0.9200.16618 BrowserJavaVersion: 10.21.2
                      Run by Greet at 12:09:21 on 2013-07-01
                      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4008.1777 [GMT 2:00]
                      .
                      AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
                      SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                      SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
                      .
                      ============== Running Processes ===============
                      .
                      C:\Windows\system32\lsm.exe
                      C:\Windows\system32\svchost.exe -k DcomLaunch
                      C:\Windows\system32\nvvsvc.exe
                      C:\Windows\system32\svchost.exe -k RPCSS
                      c:\Program Files\Microsoft Security Client\MsMpEng.exe
                      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                      C:\Windows\system32\svchost.exe -k LocalService
                      C:\Windows\system32\svchost.exe -k netsvcs
                      C:\Windows\system32\svchost.exe -k GPSvcGroup
                      C:\Windows\system32\svchost.exe -k NetworkService
                      C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                      C:\Windows\system32\nvvsvc.exe
                      C:\Windows\system32\FBAgent.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
                      C:\Windows\System32\spoolsv.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                      C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
                      C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                      C:\Windows\system32\taskhost.exe
                      C:\Windows\system32\taskeng.exe
                      C:\Windows\system32\Dwm.exe
                      C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
                      C:\Windows\Explorer.EXE
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
                      C:\Program Files\Bonjour\mDNSResponder.exe
                      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                      C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
                      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
                      C:\Windows\system32\svchost.exe -k imgsvc
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                      C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
                      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
                      C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
                      C:\Program Files\Microsoft Security Client\msseces.exe
                      D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
                      D:\Gmail Notifier\gnotify.exe
                      C:\Program Files (x86)\iTunes\iTunesHelper.exe
                      C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                      C:\Windows\AsScrPro.exe
                      C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
                      C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
                      C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
                      C:\Windows\system32\SearchIndexer.exe
                      C:\Windows\System32\alg.exe
                      C:\Program Files\iPod\bin\iPodService.exe
                      c:\Program Files\Microsoft Security Client\NisSrv.exe
                      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                      C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
                      C:\Program Files\Windows Media Player\wmpnetwk.exe
                      C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
                      C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
                      C:\Windows\servicing\TrustedInstaller.exe
                      C:\Windows\system32\SearchProtocolHost.exe
                      C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                      C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
                      C:\Program Files\Internet Explorer\iexplore.exe
                      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                      C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                      C:\Windows\splwow64.exe
                      C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
                      C:\Windows\system32\sppsvc.exe
                      C:\Windows\system32\wuauclt.exe
                      C:\Windows\system32\SearchFilterHost.exe
                      C:\Windows\system32\wbem\wmiprvse.exe
                      C:\Windows\System32\cscript.exe
                      .
                      ============== Pseudo HJT Report ===============
                      .
                      uStart Page = hxxps://www.google.nl/
                      uSearch Bar = Preserve
                      uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
                      uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
                      mWinlogon: Userinit = userinit.exe,
                      BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
                      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                      BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                      TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                      TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                      EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                      uRun: [PC Suite Tray] "D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
                      mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] D:\Gmail Notifier\gnotify.exe
                      mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                      mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
                      mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
                      mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                      mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
                      dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
                      mPolicies-Explorer: NoActiveDesktop = dword:1
                      mPolicies-Explorer: NoActiveDesktopChanges = dword:1
                      mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                      mPolicies-System: ConsentPromptBehaviorUser = dword:3
                      mPolicies-System: EnableUIADesktopToggle = dword:0
                      IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
                      IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                      IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                      DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                      DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                      DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://klaassendoesburg.axiscam.net/activex/AMC.cab
                      TCP: NameServer = 192.168.1.1
                      TCP: Interfaces\{34D7C7E9-A758-4267-BFE7-95FC4DD78907} : DHCPNameServer = 192.168.1.1
                      TCP: Interfaces\{34D7C7E9-A758-4267-BFE7-95FC4DD78907}\649485 : DHCPNameServer = 62.165.127.222 80.65.96.50 192.168.1.1
                      Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                      AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
                      SSODL: WebCheck - <orphaned>
                      x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
                      x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
                      x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
                      x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                      x64-Notify: igfxcui - igfxdev.dll
                      x64-SSODL: WebCheck - <orphaned>
                      .
                      ============= SERVICES / DRIVERS ===============
                      .
                      R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
                      R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-4-8 30496]
                      R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
                      R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
                      R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
                      R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-8 143088]
                      R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-3-24 379520]
                      R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
                      R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
                      R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]
                      R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
                      R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-12-13 138024]
                      R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]
                      R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
                      R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-24 333928]
                      R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
                      R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
                      R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
                      R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
                      R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
                      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                      S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe --> C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [?]
                      S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-3-24 48488]
                      S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
                      S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-3-19 19032]
                      S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-3-19 9584]
                      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-12 19456]
                      S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-3-24 290920]
                      S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
                      S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-12 57856]
                      S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-19 1255736]
                      S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
                      .
                      =============== Created Last 30 =============
                      Groetjes Grace

                      Comment


                      • #12
                        =============== Created Last 30 ================
                        .
                        2013-07-01 04:44:26 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9E3046D2-A356-4B3B-A98E-A67C7F759B42}\mpengine.dll
                        2013-06-30 19:52:39 73728 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
                        2013-06-30 19:52:39 73728 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
                        2013-06-30 19:52:39 53248 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
                        2013-06-30 19:52:39 49152 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
                        2013-06-30 19:52:39 49152 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
                        2013-06-30 19:52:35 -------- d-----w- C:\Users\Greet\AppData\Local\Nokia
                        2013-06-30 19:52:34 -------- d-----w- C:\Program Files (x86)\Nokia
                        2013-06-29 19:45:48 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                        2013-06-21 18:44:25 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68F774B2-DFAE-4794-995D-0C24661F0184}\gapaengine.dll
                        2013-06-15 19:38:39 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
                        2013-06-15 19:38:38 -------- d-----w- C:\Windows\System32\wbem\en-US
                        2013-06-12 13:05:56 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
                        2013-06-09 22:35:57 0 ----a-w- C:\Windows\SysWow64\sho4535.tmp
                        2013-06-07 20:22:37 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
                        2013-06-07 20:22:01 -------- d-----w- C:\Program Files\iPod
                        2013-06-07 20:22:00 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
                        2013-06-07 20:22:00 -------- d-----w- C:\Program Files\iTunes
                        2013-06-07 20:22:00 -------- d-----w- C:\Program Files (x86)\iTunes
                        2013-06-07 20:21:34 -------- d-----w- C:\Program Files\Bonjour
                        2013-06-07 20:21:34 -------- d-----w- C:\Program Files (x86)\Bonjour
                        2013-06-07 19:15:53 -------- d-----w- C:\Desktop
                        2013-06-07 06:30:50 -------- d-----w- C:\Users\Greet\AppData\Roaming\PC Tools Performance Toolkit
                        2013-06-07 06:23:49 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll
                        2013-06-07 06:23:47 108832 ----a-w- C:\Windows\SysWow64\drivers\PCTDMDefrag.sys
                        2013-06-07 06:23:19 -------- d-----w- C:\Program Files (x86)\PC Tools
                        2013-06-07 06:23:02 -------- d-----w- C:\ProgramData\PC Tools
                        2013-06-07 06:23:01 -------- d-----w- C:\Users\Greet\AppData\Roaming\Product_PT
                        2013-06-03 10:10:17 -------- d-----w- C:\Program Files (x86)\Axis Communications
                        2013-06-01 12:45:20 -------- d-----w- C:\Windows\rescache
                        .
                        ==================== Find3M ====================
                        .
                        2013-06-12 12:58:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                        2013-06-12 12:58:02 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                        2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
                        2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
                        2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
                        2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
                        2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
                        2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
                        2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
                        2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
                        2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
                        2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
                        2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
                        2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
                        2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
                        2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
                        2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
                        2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
                        2013-04-20 05:19:13 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                        2013-04-20 05:19:10 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
                        2013-04-20 05:19:10 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
                        2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
                        2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
                        2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
                        2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
                        2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
                        2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
                        2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
                        2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
                        2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
                        2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
                        2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
                        2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
                        2013-04-08 15:56:01 1169609 ----a-w- C:\Windows\unins000.exe
                        2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
                        2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
                        .
                        ============= FINISH: 12:10:55,52 ===============
                        DDS (Ver_2012-11-20.01) - NTFS_AMD64
                        Internet Explorer: 10.0.9200.16618 BrowserJavaVersion: 10.21.2
                        Run by Greet at 12:09:21 on 2013-07-01
                        Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4008.1777 [GMT 2:00]
                        .
                        AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
                        SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                        SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
                        .
                        ============== Running Processes ===============
                        .
                        C:\Windows\system32\lsm.exe
                        C:\Windows\system32\svchost.exe -k DcomLaunch
                        C:\Windows\system32\nvvsvc.exe
                        C:\Windows\system32\svchost.exe -k RPCSS
                        c:\Program Files\Microsoft Security Client\MsMpEng.exe
                        C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                        C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                        C:\Windows\system32\svchost.exe -k LocalService
                        C:\Windows\system32\svchost.exe -k netsvcs
                        C:\Windows\system32\svchost.exe -k GPSvcGroup
                        C:\Windows\system32\svchost.exe -k NetworkService
                        C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
                        C:\Windows\system32\nvvsvc.exe
                        C:\Windows\system32\FBAgent.exe
                        C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
                        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
                        C:\Windows\System32\spoolsv.exe
                        C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
                        C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                        C:\Windows\system32\taskeng.exe
                        C:\Windows\system32\taskeng.exe
                        C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                        C:\Windows\system32\taskhost.exe
                        C:\Windows\system32\taskeng.exe
                        C:\Windows\system32\Dwm.exe
                        C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
                        C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
                        C:\Windows\Explorer.EXE
                        C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
                        C:\Program Files\Bonjour\mDNSResponder.exe
                        C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
                        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
                        C:\Windows\system32\svchost.exe -k imgsvc
                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                        C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                        C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
                        C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
                        C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
                        C:\Program Files\Microsoft Security Client\msseces.exe
                        D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
                        D:\Gmail Notifier\gnotify.exe
                        C:\Program Files (x86)\iTunes\iTunesHelper.exe
                        C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
                        C:\Windows\AsScrPro.exe
                        C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
                        C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
                        C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
                        C:\Windows\system32\SearchIndexer.exe
                        C:\Windows\System32\alg.exe
                        C:\Program Files\iPod\bin\iPodService.exe
                        c:\Program Files\Microsoft Security Client\NisSrv.exe
                        C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
                        C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
                        C:\Program Files\Windows Media Player\wmpnetwk.exe
                        C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
                        C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
                        C:\Windows\servicing\TrustedInstaller.exe
                        C:\Windows\system32\SearchProtocolHost.exe
                        C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                        C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
                        C:\Program Files\Internet Explorer\iexplore.exe
                        C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                        C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                        C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
                        C:\Windows\splwow64.exe
                        C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
                        C:\Windows\system32\sppsvc.exe
                        C:\Windows\system32\wuauclt.exe
                        C:\Windows\system32\SearchFilterHost.exe
                        C:\Windows\system32\wbem\wmiprvse.exe
                        C:\Windows\System32\cscript.exe
                        .
                        ============== Pseudo HJT Report ===============
                        .
                        uStart Page = hxxps://www.google.nl/
                        uSearch Bar = Preserve
                        uSearch Page = hxxp://www.bing.com/search?q={searchTerms}
                        uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
                        mWinlogon: Userinit = userinit.exe,
                        BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
                        BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
                        BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                        BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                        BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
                        TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                        TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                        EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
                        uRun: [PC Suite Tray] "D:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
                        mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] D:\Gmail Notifier\gnotify.exe
                        mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
                        mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
                        mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
                        mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
                        mRun: [NSU_agent] "C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
                        dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
                        mPolicies-Explorer: NoActiveDesktop = dword:1
                        mPolicies-Explorer: NoActiveDesktopChanges = dword:1
                        mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                        mPolicies-System: ConsentPromptBehaviorUser = dword:3
                        mPolicies-System: EnableUIADesktopToggle = dword:0
                        IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
                        IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
                        IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                        DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
                        DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                        DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://klaassendoesburg.axiscam.net/activex/AMC.cab
                        TCP: NameServer = 192.168.1.1
                        TCP: Interfaces\{34D7C7E9-A758-4267-BFE7-95FC4DD78907} : DHCPNameServer = 192.168.1.1
                        TCP: Interfaces\{34D7C7E9-A758-4267-BFE7-95FC4DD78907}\649485 : DHCPNameServer = 62.165.127.222 80.65.96.50 192.168.1.1
                        Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
                        AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll
                        SSODL: WebCheck - <orphaned>
                        x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
                        x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                        x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
                        x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
                        x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
                        x64-Notify: igfxcui - igfxdev.dll
                        x64-SSODL: WebCheck - <orphaned>
                        .
                        ============= SERVICES / DRIVERS ===============
                        .
                        R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
                        R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-4-8 30496]
                        R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]
                        R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
                        R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
                        R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-8 143088]
                        R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2011-3-24 379520]
                        R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
                        R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
                        R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008]
                        R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
                        R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-12-13 138024]
                        R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-14 317440]
                        R3 NisSrv;Microsoft Netwerkinspectie;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
                        R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-24 333928]
                        R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
                        R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
                        R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
                        R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
                        R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
                        S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
                        S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
                        S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe --> C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [?]
                        S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-3-24 48488]
                        S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
                        S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-3-19 19032]
                        S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-3-19 9584]
                        S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-12 19456]
                        S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2011-3-24 290920]
                        S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
                        S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-12 57856]
                        S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-19 1255736]
                        S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
                        .
                        =============== Created Last 30 ================
                        .
                        2013-07-01 04:44:26 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9E3046D2-A356-4B3B-A98E-A67C7F759B42}\mpengine.dll
                        2013-06-30 19:52:39 73728 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
                        2013-06-30 19:52:39 73728 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
                        2013-06-30 19:52:39 53248 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
                        2013-06-30 19:52:39 49152 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
                        2013-06-30 19:52:39 49152 ----a-r- C:\Users\Greet\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
                        2013-06-30 19:52:35 -------- d-----w- C:\Users\Greet\AppData\Local\Nokia
                        2013-06-30 19:52:34 -------- d-----w- C:\Program Files (x86)\Nokia
                        2013-06-29 19:45:48 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
                        2013-06-21 18:44:25 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{68F774B2-DFAE-4794-995D-0C24661F0184}\gapaengine.dll
                        2013-06-15 19:38:39 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
                        2013-06-15 19:38:38 -------- d-----w- C:\Windows\System32\wbem\en-US
                        2013-06-12 13:05:56 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
                        2013-06-09 22:35:57 0 ----a-w- C:\Windows\SysWow64\sho4535.tmp
                        2013-06-07 20:22:37 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
                        2013-06-07 20:22:01 -------- d-----w- C:\Program Files\iPod
                        2013-06-07 20:22:00 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
                        2013-06-07 20:22:00 -------- d-----w- C:\Program Files\iTunes
                        2013-06-07 20:22:00 -------- d-----w- C:\Program Files (x86)\iTunes
                        2013-06-07 20:21:34 -------- d-----w- C:\Program Files\Bonjour
                        2013-06-07 20:21:34 -------- d-----w- C:\Program Files (x86)\Bonjour
                        2013-06-07 19:15:53 -------- d-----w- C:\Desktop
                        2013-06-07 06:30:50 -------- d-----w- C:\Users\Greet\AppData\Roaming\PC Tools Performance Toolkit
                        2013-06-07 06:23:49 44544 ----a-w- C:\Windows\SysWow64\msxml4a.dll
                        2013-06-07 06:23:47 108832 ----a-w- C:\Windows\SysWow64\drivers\PCTDMDefrag.sys
                        2013-06-07 06:23:19 -------- d-----w- C:\Program Files (x86)\PC Tools
                        2013-06-07 06:23:02 -------- d-----w- C:\ProgramData\PC Tools
                        2013-06-07 06:23:01 -------- d-----w- C:\Users\Greet\AppData\Roaming\Product_PT
                        2013-06-03 10:10:17 -------- d-----w- C:\Program Files (x86)\Axis Communications
                        2013-06-01 12:45:20 -------- d-----w- C:\Windows\rescache
                        .
                        ==================== Find3M ====================
                        .
                        2013-06-12 12:58:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                        2013-06-12 12:58:02 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                        2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
                        2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
                        2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
                        2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
                        2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
                        2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
                        2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
                        2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
                        2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
                        2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
                        2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
                        2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
                        2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
                        2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll
                        2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
                        2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
                        2013-04-20 05:19:13 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                        2013-04-20 05:19:10 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
                        2013-04-20 05:19:10 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
                        2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
                        2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
                        2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
                        2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
                        2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
                        2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
                        2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
                        2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
                        2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
                        2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
                        2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
                        2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
                        2013-04-08 15:56:01 1169609 ----a-w- C:\Windows\unins000.exe
                        2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
                        2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
                        .
                        ============= FINISH: 12:10:55,52 ===============
                        Groetjes Grace

                        Comment


                        • #13
                          Hoe is het nu?
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            Helaas nog steeds dezelfde waarschuwing..... Runtime Error enz enz
                            Groetjes Grace

                            Comment


                            • #15
                              Kan je hier eens een screenshot van posten aub?
                              Hier vind je een handleiding om screenshots te maken en toe te voegen >>KLIK<<
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X