Mededeling

Collapse
No announcement yet.

Vastlopen Chrome/IE (internet)

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Vastlopen Chrome/IE (internet)

    Beste,
    Sinds ongeveer 2weken loopt mijn Chrome / IE steeds een periode vast.

    Ik heb onderstaande gedaan:
    * harde schijf opgeruimd d.m.v bestanden weggooien of verplaatsen naar harddisk.
    * harde schijf gedefragmenteerd.
    * harde schijf foutcontrole
    * ccleaner gedraaid.
    * spybot gedraaid.
    * Defogger gedraaid
    * Malwarebytes gedraaid. (zie log)
    * dds.com gedraaid (zie log)
    * Gmer gedraaid zie log

    Systeem: Windows 7 Home premium service pack 1, 3gb, 64bit, intel i3.

    Ik hoop dat een van jullie mij kan helpen, alvast bedankt.



    - - - -- - -
    Malwarebytes
    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Databaseversie: v2014.06.21.04

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.17126
    Steven :: STEVENSKOUL [administrator]

    21-6-2014 15:09:14
    mbam-log-2014-06-21 (15-09-14).txt

    Scan type: Volledige scan (C:\|)
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 544608
    Verstreken tijd: 2 uur/uren, 50 minuut/minuten, 59 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

    ------

    DDS.com

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.60.2
    Run by Steven at 18:02:47 on 2014-06-21
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2934.1095 [GMT 2:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe
    C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Prey\platform\windows\cronsvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe
    C:\Windows\SysWOW64\ezSharedSvcHost.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    uRun: [Google Update] "C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    uRun: [49B832DDCDCC94C19C7A7A63840A890B93329575._service_run] "C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: EnableShellExecuteHooks = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: HideFastUserSwitching = dword:0
    mPolicies-System: EnableSecureUIAPath = dword:1
    IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxps://picasaweb.google.com/s/v/71.32/uploader2.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\14256573531393139353933344 : DHCPNameServer = 192.168.2.254
    TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\145647865627 : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\24A4353523 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\4556C65623D2D6F64656D6 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\8456C4F6 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{82611029-3F0B-4A76-8031-E6501D15980C} : DHCPNameServer = 84.241.226.9 84.241.226.140
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    AppInit_DLLs= C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
    x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
    x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-Notify: klogon - C:\Windows\System32\klogon.dll
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2007-4-4 27736]
    R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-30 98208]
    R2 avp;Kaspersky Anti-Virus-service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r [?]
    R2 BFBackupUtilityService;Backup Utility Service;C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute --> C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute [?]
    R2 BFBackupUtilityVSSService;Backup Utility VSS Service;C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute --> C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute [?]
    R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2013-5-8 23552]
    R2 DokanCEDriver;DokanCEDriver;C:\Program Files (x86)\PogoplugBackup\dokance.sys [2014-5-19 72480]
    R2 DokanCEMounter;DokanCEMounter;C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [2014-5-19 116000]
    R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
    R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-4 92216]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-7-2 27192]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-30 13336]
    R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-2-19 386344]
    R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-17 315392]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-9-30 2320920]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 bautpw64;BUFFALO eco manager for HD Filter;C:\Windows\System32\drivers\bautpw64.sys [2013-9-29 16000]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-29 17152]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-5-20 19032]
    S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-5-20 9584]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-28 19456]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-30 225280]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-24 56832]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-21 1255736]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
    .
    =============== File Associations ===============
    .
    FileExt: .js: JSFile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
    .
    =============== Created Last 30 ================
    .
    2014-06-21 09:24:06 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-06-21 07:52:53 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2014-06-21 06:00:14 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\offreg.dll
    2014-06-21 05:53:55 -------- d-----w- C:\Program Files\Enigma Software Group
    2014-06-21 05:52:35 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
    2014-06-21 05:52:30 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2014-06-21 05:44:29 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\mpengine.dll
    2014-06-20 09:46:01 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
    2014-06-18 09:06:02 -------- d-----w- C:\Program Files\CCleaner
    2014-06-11 06:33:50 506368 ----a-w- C:\Windows\System32\aepdu.dll
    2014-06-11 06:33:50 424448 ----a-w- C:\Windows\System32\aeinv.dll
    2014-06-10 11:07:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-06-05 21:10:01 -------- d-----w- C:\Users\Steven\AppData\Local\Sonos,_Inc
    2014-06-05 18:10:49 -------- d-----w- C:\Program Files (x86)\Sonos
    2014-06-05 18:09:14 -------- d-----w- C:\ProgramData\Sonos,_Inc
    2014-05-25 06:24:06 6574592 ----a-w- C:\Windows\System32\mstscax.dll
    2014-05-25 06:24:06 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
    2014-05-24 20:39:54 -------- d-----w- C:\Windows\System32\drivers\en-US
    2014-05-24 17:11:25 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
    2014-05-24 17:11:25 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
    .
    ==================== Find3M ====================
    .
    2014-06-21 15:56:06 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
    2014-06-20 05:38:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-06-20 05:38:23 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
    2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
    2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
    2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
    2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
    2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
    2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
    2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
    2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
    2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
    2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
    2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
    2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
    2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
    2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
    2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
    2014-03-31 20:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
    2014-03-31 20:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
    2014-03-31 07:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
    2014-03-26 14:44:48 2002432 ----a-w- C:\Windows\System32\msxml6.dll
    2014-03-26 14:44:48 1882112 ----a-w- C:\Windows\System32\msxml3.dll
    2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll
    2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
    2014-03-26 14:27:50 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
    2014-03-26 14:27:50 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
    2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
    2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
    .
    ============= FINISH: 18:05:02,60 ===============
    attach
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 19-1-2011 16:34:56
    System Uptime: 21-6-2014 11:28:24 (7 hours ago)
    .
    Motherboard: Hewlett-Packard | | 1439
    Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz | CPU | 929/1066mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 217 GiB total, 94,982 GiB free.
    D: is FIXED (NTFS) - 16 GiB total, 2,274 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Description: SBRE
    Device ID: ROOT\LEGACY_SBRE\0000
    Manufacturer:
    Name: SBRE
    PNP Device ID: ROOT\LEGACY_SBRE\0000
    Service: SBRE
    .
    ==== System Restore Points ===================
    .
    RP497: 14-6-2014 16:08:20 - Gepland controlepunt
    RP498: 18-6-2014 6:49:48 - Windows Update
    RP499: 21-6-2014 7:41:55 - Windows Update
    RP500: 21-6-2014 7:52:51 - Installed SpyHunter
    RP501: 21-6-2014 9:53:51 - Removed SpyHunter
    RP502: 21-6-2014 11:22:16 - Installed Java 7 Update 60
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Aangifte inkomstenbelasting 2010
    Aangifte inkomstenbelasting 2011
    Aangifte inkomstenbelasting 2012
    Aangifte inkomstenbelasting 2013
    Acrobat.com
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 13 Plugin
    Adobe Flash Player 14 ActiveX
    Adobe Reader XI - Nederlands
    Adobe Shockwave Player 11.5
    Agatha Christie - Death on the Nile
    Albelli Fotoboeken
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bejeweled 2 Deluxe
    Blackhawk Striker 2
    Bonjour
    Broadcom 802.11 Wireless LAN Adapter
    BUFFALO Backup Utility
    Buffalo eco Manager
    BUFFALO INC. DISK FORMATTER
    CCleaner
    Chuzzle Deluxe
    Cool Edit Pro 2.0
    CyberLink DVD Suite
    CyberLink PowerDirector
    CyberLink PowerDVD 9
    CyberLink YouCam
    DivX Setup
    Dora's Carnival Adventure
    Dropbox
    Energy Star Digital Logo
    Escape Rosecliff Island
    ESU for Microsoft Windows 7
    Facebook Video Calling 2.0.0.447
    FATE
    Final Drive Nitro
    Google Chrome
    HP Customer Experience Enhancements
    HP Game Console
    HP Games
    HP Power Manager
    HP Quick Launch
    HP Setup
    HP Software Framework
    HP Support Assistant
    HP Wireless Assistant
    HPAsset component for HP Active Support Library
    iCloud
    ImgBurn
    Intel(R) Control Center
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) Management Engine Components
    Intel(R) Rapid Storage Technology
    iTunes
    Java 7 Update 21 (64-bit)
    Java 7 Update 60
    Java Auto Updater
    Java(TM) 6 Update 20 (64-bit)
    Jewel Quest - Heritage
    Junk Mail filter update
    Kaspersky Anti-Virus 2011
    Kaspersky Internet Security 2011
    Kinderopvangtoeslag 2011
    LightScribe System Software
    Malwarebytes Anti-Malware versie 1.75.0.1300
    Microsoft .NET Framework 4.5.1
    Microsoft .NET Framework 4.5.1 (Nederlands)
    Microsoft .NET Framework 4.5.1 (NLD)
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (Dutch) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (Dutch) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Groove MUI (Dutch) 2007
    Microsoft Office InfoPath MUI (Dutch) 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office OneNote MUI (Dutch) 2007
    Microsoft Office Outlook MUI (Dutch) 2007
    Microsoft Office PowerPoint MUI (Dutch) 2007
    Microsoft Office Proof (Dutch) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (German) 2007
    Microsoft Office Proofing (Dutch) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (Dutch) 2007
    Microsoft Office Shared 64-bit MUI (Dutch) 2007
    Microsoft Office Shared MUI (Dutch) 2007
    Microsoft Office Word MUI (Dutch) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_MFC_x86
    Microsoft_VC90_MFCLOC_x86
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    myiHome v5.2.0
    Outlook Connector
    Penguins!
    PhotoNow!
    Plants vs. Zombies
    Pogoplug Backup
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Power2Go
    Realtek Ethernet Controller Driver For Windows 7
    Realtek High Definition Audio Driver
    Realtek USB 2.0 Card Reader
    Recovery Manager
    RtVOsd
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
    Skype™ 6.16
    Sonos Controller
    Spybot - Search & Destroy
    Synaptics Pointing Device Driver
    Ubiquiti UniFi (remove only)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
    Update voor Microsoft Office Excel 2007 Help (KB963678)
    Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
    Update voor Microsoft Office Word 2007 Help (KB963665)
    VC80CRTRedist - 8.0.50727.6195
    Verzoek of wijziging voorlopige aanslag 2010
    Verzoek of wijziging voorlopige aanslag 2012
    Virtual Villagers - The Secret City
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    VLC media player 2.1.3
    Vuze
    Winamp
    Winamp Applicatie Detect
    Windows Live - Hulpprogramma voor uploaden
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Writer
    Windows Media Player Firefox Plugin
    Windows Mobile Apparaatcentrum
    WinRAR
    Zoner Photo Studio 13
    Zuma Deluxe
    .
    ==== End Of File ===========================

    Gmer
    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-06-21 18:32:31
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PC2O 232,89GB
    Running: kjflsu3m.exe; Driver: C:\Users\Steven\AppData\Local\Temp\uxtdiaob.sys


    ---- Kernel code sections - GMER 2.1 ----

    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800033a9000 63 bytes [00, 00, 21, 02, 43, 63, 53, ...]
    INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 592 fffff800033a9040 6 bytes [10, 04, 00, 00, 00, 00]

    ---- Threads - GMER 2.1 ----

    Thread C:\Windows\System32\spoolsv.exe [1488:1428] 000007fef8ce10c8
    Thread C:\Windows\System32\spoolsv.exe [1488:1424] 000007fef8ca6144
    Thread C:\Windows\System32\spoolsv.exe [1488:1456] 000007fef8495fd0
    Thread C:\Windows\System32\spoolsv.exe [1488:1640] 000007fef8443438
    Thread C:\Windows\System32\spoolsv.exe [1488:1748] 000007fef84963ec
    Thread C:\Windows\System32\spoolsv.exe [1488:1808] 000007fef9c85e5c
    Thread C:\Windows\system32\taskhost.exe [1972:2008] 000007fef9be2740
    Thread C:\Windows\system32\taskhost.exe [1972:2028] 000007fef9bd1f38
    Thread C:\Windows\system32\taskhost.exe [1972:2032] 000007fef9b83d18
    Thread C:\Windows\system32\taskhost.exe [1972:2036] 000007fefdd99274
    Thread C:\Windows\system32\taskhost.exe [1972:1104] 000007fefb7f1010
    Thread C:\Windows\system32\taskhost.exe [1972:4372] 000007fef9915170
    Thread C:\Windows\system32\svchost.exe [4184:4772] 000000006bca2234

    ---- Registry - GMER 2.1 ----

    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{C5636E78-229D-431B-AC96-0A9CD0186F13}\[email protected] isatap.{4B4DDC09-59C4-4CD8-A737-55176F1F97B6}
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\[email protected] \Device\{2A65F853-7882-4107-9B97-FBF67AAED720}?\Device\{C5636E78-229D-431B-AC96-0A9CD0186F13}?\Device\{4C709B10-37FE-48CE-8BEC-F0231BB99732}?
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\[email protected] "{2A65F853-7882-4107-9B97-FBF67AAED720}"?"{C5636E78-229D-431B-AC96-0A9CD0186F13}"?"{4C709B10-37FE-48CE-8BEC-F0231BB99732}"?
    Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\[email protected] \Device\TCPIP6TUNNEL_{2A65F853-7882-4107-9B97-FBF67AAED720}?\Device\TCPIP6TUNNEL_{C5636E78-229D-431B-AC96-0A9CD0186F13}?\Device\TCPIP6TUNNEL_{4C709B10-37FE-48CE-8BEC-F0231BB99732}?
    Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{C5636E78-229D-431B-AC96-0A9CD0186F13}@InterfaceName isatap.{4B4DDC09-59C4-4CD8-A737-55176F1F97B6}
    Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{C5636E78-229D-431B-AC96-0A9CD0186F13}@ReusableType 0

    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- EOF - GMER 2.1 ----

  • #2
    Adware

    # AdwCleaner v3.212 - Rapport aangemaakt 21/06/2014 op 19:01:18
    # Laatste Update 05/06/2014 door Xplode
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruikersnaam : Steven - STEVENSKOUL
    # Gestart vanuit : C:\Users\Steven\Desktop\adwcleaner_3.212.exe
    # Optie : Scannen

    ***** [ Services ] *****


    ***** [ Bestanden / Mappen ] *****

    Map Gevonden : C:\Program Files (x86)\Vuze

    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17126


    -\\ Google Chrome v

    [ Bestand : C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [702 octets] - [21/06/2014 19:01:18]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [761 octets] ##########

    Comment


    • #3
      Hoi chicko en welkom op Nucia Security Forum,

      Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
      .
      • Log enkel in als beheerder met alle rechten.
      • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
      • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
      • Volg aandachtig de instructies die door mij worden gegeven.
      • Volg enkel het door mij gegeven advies op
      • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
      • Als je iets niet weet of verstaat, vraag het dan even aub.
      • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
      • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
      • Zet je emoticons (Smileys) uit als je logs plaatst aub . ( INFO )
      • De logs niet als bijlage, noch tussen codetags zetten aub.

      .
      Opmerking: Alle tools steeds uitvoeren als admin.
      De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

      Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....



      Stap 1:

      Download of Update Ccleaner

      Start CCleaner op.
      • Run Ccleaner en klik in de linkse kolom op Opties
      • Selecteer het tabblad Geavanceerd
      • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
      • Selecteer het tabblad Instellingen
      • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
      • Klik in de linkse kolom op Cleaner.
      • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
      • Klik vervolgens in de linkse kolom op Register
      • Klik op Scan naar problemen.
      • Op de vraag of je een backup wil maken van het register, klik je "Ja".
      • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

      .
      ___________________________________________________________

      Stap 2:

      Download TDSSKiller en plaats het op je bureaublad.
      Pak de bestanden in tdsskiller.zip uit.
      Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

      Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit (Load update).

      Klik op de knop "Start Scan" en volg de instructies.

      Zet de items dat het vind in quarantaine

      Als er een Reboot (herstart) wordt gevraagt, dan klik je op Reboot Now.
      Anders klik je op Report.
      Kopie en plak de logfile die tevoorschijn komt.

      Opmerking:

      Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

      ___________________________________________________________

      Stap 3:

      Download Security Check op je bureaublad via hier of hier

      Start Security Check
      Volg de Instructies in het scherm
      Aan het eind verschijnt een log ( checkup.txt )
      Plaats de inhoud ervan in je volgende antwoord.


      In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
      .
      • TDSSKiller
      • DDS
      • checkup.txt

      .
      Deze logs NIET als bijlage of tussen codetags posten aub.
      (Desnoods in meerdere postingen.)

      Emphyrio
      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

      Comment


      • #4
        hoi, bedankt voor de snelle reactie, ik heb alle stappen gedaan, hieronder de logs.

        TDSSKiller
        No threats found.

        DDS: werd niet gevraagd? alsnog draaien?

        checkup.txt
        Results of screen317's Security Check version 0.99.85
        Windows 7 Service Pack 1 x64 (UAC is enabled)
        Internet Explorer 11
        ``````````````Antivirus/Firewall Check:``````````````
        WMI entry may not exist for antivirus; attempting automatic update.
        `````````Anti-malware/Other Utilities Check:`````````
        MVPS Hosts File
        Spybot - Search & Destroy
        Java 7 Update 60
        Adobe Flash Player 13.0.0.214 Flash Player out of Date!
        Adobe Reader XI
        Google Chrome 35.0.1916.114
        Google Chrome 35.0.1916.153
        ````````Process Check: objlist.exe by Laurent````````
        Kaspersky Lab Kaspersky Anti-Virus 2011 avp.exe
        `````````````````System Health check`````````````````
        Total Fragmentation on Drive C: 0%
        ````````````````````End of Log``````````````````````

        Comment


        • #5
          DDS toch nog even gedraaid.
          DDS (Ver_2012-11-20.01) - NTFS_AMD64
          Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.60.2
          Run by Steven at 20:16:44 on 2014-06-21
          Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2934.1190 [GMT 2:00]
          .
          SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
          .
          ============== Running Processes ===============
          .
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe -k DcomLaunch
          C:\Windows\system32\svchost.exe -k RPCSS
          C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
          C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
          C:\Windows\system32\svchost.exe -k LocalService
          C:\Windows\system32\svchost.exe -k netsvcs
          C:\Windows\system32\svchost.exe -k GPSvcGroup
          C:\Windows\system32\svchost.exe -k NetworkService
          C:\Windows\system32\WLANExt.exe
          C:\Windows\System32\spoolsv.exe
          C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
          C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
          C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
          C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
          C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
          C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe
          C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe
          C:\Windows\system32\taskhost.exe
          C:\Program Files\Bonjour\mDNSResponder.exe
          C:\Prey\platform\windows\cronsvc.exe
          C:\Windows\system32\Dwm.exe
          C:\Windows\Explorer.EXE
          C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
          C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
          C:\Windows\System32\igfxtray.exe
          C:\Windows\System32\hkcmd.exe
          C:\Windows\System32\igfxpers.exe
          C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
          C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
          C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
          C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe
          C:\Windows\SysWOW64\ezSharedSvcHost.exe
          C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
          C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
          C:\Program Files\CyberLink\Shared files\RichVideo64.exe
          C:\Windows\system32\svchost.exe -k imgsvc
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
          C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
          C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
          C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
          C:\Program Files\Windows Media Player\wmpnetwk.exe
          C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
          C:\Windows\System32\svchost.exe -k LocalServicePeerNet
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
          C:\Windows\system32\svchost.exe -k SDRSVC
          C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
          C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
          C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
          C:\Windows\system32\svchost.exe -k WindowsMobile
          C:\Windows\system32\wbem\wmiprvse.exe
          C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
          C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
          C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
          C:\Windows\System32\svchost.exe -k secsvcs
          C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
          C:\Windows\system32\taskhost.exe
          C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
          C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
          C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
          C:\Windows\system32\taskeng.exe
          C:\Windows\System32\cscript.exe
          .
          ============== Pseudo HJT Report ===============
          .
          uStart Page = hxxp://www.google.com
          BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
          BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
          BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
          BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
          BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
          BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
          uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
          uRun: [Google Update] "C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe" /c
          uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
          uRun: [49B832DDCDCC94C19C7A7A63840A890B93329575._service_run] "C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
          mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
          mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
          mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
          mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
          mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
          mPolicies-Explorer: NoActiveDesktop = dword:1
          mPolicies-Explorer: NoActiveDesktopChanges = dword:1
          mPolicies-Explorer: EnableShellExecuteHooks = dword:1
          mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
          mPolicies-System: ConsentPromptBehaviorUser = dword:3
          mPolicies-System: EnableUIADesktopToggle = dword:0
          mPolicies-System: HideFastUserSwitching = dword:0
          mPolicies-System: EnableSecureUIAPath = dword:1
          IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
          IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
          IE: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm
          IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
          IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
          IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
          IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
          IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
          IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
          IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
          .
          INFO: HKCU has more than 50 listed domains.
          If you wish to scan all of them, select the 'Force scan all domains' option.
          .
          .
          INFO: HKLM has more than 50 listed domains.
          If you wish to scan all of them, select the 'Force scan all domains' option.
          .
          DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxps://picasaweb.google.com/s/v/71.32/uploader2.cab
          DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
          DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
          TCP: NameServer = 192.168.1.1
          TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758} : DHCPNameServer = 192.168.1.1
          TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\14256573531393139353933344 : DHCPNameServer = 192.168.2.254
          TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\145647865627 : DHCPNameServer = 192.168.0.1
          TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\24A4353523 : DHCPNameServer = 192.168.1.1
          TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\4556C65623D2D6F64656D6 : DHCPNameServer = 192.168.1.1
          TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\8456C4F6 : DHCPNameServer = 192.168.1.1
          TCP: Interfaces\{82611029-3F0B-4A76-8031-E6501D15980C} : DHCPNameServer = 84.241.226.9 84.241.226.140
          Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
          Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
          AppInit_DLLs= C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
          SSODL: WebCheck - <orphaned>
          SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
          mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
          x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\ievkbd.dll
          x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
          x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
          x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
          x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
          x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
          x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
          x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
          x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
          x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
          x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
          x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
          .
          INFO: x64-HKLM has more than 50 listed domains.
          If you wish to scan all of them, select the 'Force scan all domains' option.
          .
          x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
          x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
          x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
          x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
          x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
          x64-Notify: igfxcui - igfxdev.dll
          x64-Notify: klogon - C:\Windows\System32\klogon.dll
          x64-SSODL: WebCheck - <orphaned>
          Hosts: 127.0.0.1 www.spywareinfo.com
          .
          ============= SERVICES / DRIVERS ===============
          .
          R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864]
          R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2007-4-4 27736]
          R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-30 98208]
          R2 avp;Kaspersky Anti-Virus-service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r [?]
          R2 BFBackupUtilityService;Backup Utility Service;C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute --> C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute [?]
          R2 BFBackupUtilityVSSService;Backup Utility VSS Service;C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute --> C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute [?]
          R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2013-5-8 23552]
          R2 DokanCEDriver;DokanCEDriver;C:\Program Files (x86)\PogoplugBackup\dokance.sys [2014-5-19 72480]
          R2 DokanCEMounter;DokanCEMounter;C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [2014-5-19 116000]
          R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
          R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
          R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-4 92216]
          R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-7-2 27192]
          R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-30 13336]
          R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-2-19 386344]
          R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-17 315392]
          R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-9-30 2320920]
          R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
          R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
          R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
          S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
          S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
          S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
          S3 bautpw64;BUFFALO eco manager for HD Filter;C:\Windows\System32\drivers\bautpw64.sys [2013-9-29 16000]
          S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
          S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-29 17152]
          S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
          S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
          S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-5-20 19032]
          S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-5-20 9584]
          S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-28 19456]
          S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-30 225280]
          S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
          S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
          S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
          S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
          S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-24 56832]
          S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
          S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-21 1255736]
          S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
          .
          =============== File Associations ===============
          .
          FileExt: .js: JSFile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
          .
          =============== Created Last 30 ================
          .
          2014-06-21 17:01:11 -------- d-----w- C:\AdwCleaner
          2014-06-21 09:24:06 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
          2014-06-21 07:52:53 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
          2014-06-21 06:00:14 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\offreg.dll
          2014-06-21 05:53:55 -------- d-----w- C:\Program Files\Enigma Software Group
          2014-06-21 05:52:35 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
          2014-06-21 05:52:30 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
          2014-06-21 05:44:29 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\mpengine.dll
          2014-06-20 09:46:01 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
          2014-06-18 09:06:02 -------- d-----w- C:\Program Files\CCleaner
          2014-06-11 06:33:50 506368 ----a-w- C:\Windows\System32\aepdu.dll
          2014-06-11 06:33:50 424448 ----a-w- C:\Windows\System32\aeinv.dll
          2014-06-10 11:07:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
          2014-06-05 21:10:01 -------- d-----w- C:\Users\Steven\AppData\Local\Sonos,_Inc
          2014-06-05 18:10:49 -------- d-----w- C:\Program Files (x86)\Sonos
          2014-06-05 18:09:14 -------- d-----w- C:\ProgramData\Sonos,_Inc
          2014-05-25 06:24:06 6574592 ----a-w- C:\Windows\System32\mstscax.dll
          2014-05-25 06:24:06 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
          2014-05-24 20:39:54 -------- d-----w- C:\Windows\System32\drivers\en-US
          2014-05-24 17:11:25 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
          2014-05-24 17:11:25 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
          .
          ==================== Find3M ====================
          .
          2014-06-21 17:55:48 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
          2014-06-20 05:38:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
          2014-06-20 05:38:23 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
          2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
          2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
          2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
          2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
          2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
          2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
          2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
          2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
          2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
          2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
          2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
          2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
          2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
          2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
          2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
          2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
          2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
          2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
          2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
          2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
          2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
          2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
          2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
          2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
          2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
          2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
          2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
          2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
          2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
          2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
          2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
          2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
          2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
          2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
          2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
          2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
          2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
          2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
          2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
          2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
          2014-03-31 20:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
          2014-03-31 20:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
          2014-03-31 07:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
          2014-03-26 14:44:48 2002432 ----a-w- C:\Windows\System32\msxml6.dll
          2014-03-26 14:44:48 1882112 ----a-w- C:\Windows\System32\msxml3.dll
          2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll
          2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
          2014-03-26 14:27:50 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
          2014-03-26 14:27:50 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
          2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
          2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
          .
          ============= FINISH: 20:17:17,73 ===============
          Last edited by Emphyrio; 21-06-14, 20:16. Reden: Attached.txt niet gevraagd.

          Comment


          • #6
            Installeer een actieve anti virus tool.


            Doe eens deze stappen met RIES om je IE settings te herstellen.


            Reset je Chrome volgens deze handleiding.


            Download of Update Ccleaner

            Start CCleaner op.
            • Run Ccleaner en klik in de linkse kolom op Opties
            • Selecteer het tabblad Geavanceerd
            • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
            • Selecteer het tabblad Instellingen
            • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
            • Klik in de linkse kolom op Cleaner.
            • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
            • Klik vervolgens in de linkse kolom op Register
            • Klik op Scan naar problemen.
            • Op de vraag of je een backup wil maken van het register, klik je "Ja".
            • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

            .
            Zijn er nog problemen?

            Emphyrio
            Last edited by Emphyrio; 21-06-14, 20:17.
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              tot nu toe wel. ik laat het morgen weten of alles nog goed loopt.

              alvast bedankt.

              Comment


              • #8
                Post ter controle een verse DDS log aub.
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment


                • #9
                  DDS (Ver_2012-11-20.01) - NTFS_AMD64
                  Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.60.2
                  Run by Steven at 8:08:50 on 2014-06-22
                  Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2934.1261 [GMT 2:00]
                  .
                  SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                  .
                  ============== Running Processes ===============
                  .
                  C:\Windows\system32\lsm.exe
                  C:\Windows\system32\svchost.exe -k DcomLaunch
                  C:\Windows\system32\svchost.exe -k RPCSS
                  C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                  C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                  C:\Windows\system32\svchost.exe -k LocalService
                  C:\Windows\system32\svchost.exe -k netsvcs
                  C:\Windows\system32\svchost.exe -k GPSvcGroup
                  C:\Windows\system32\svchost.exe -k NetworkService
                  C:\Windows\system32\WLANExt.exe
                  C:\Windows\System32\spoolsv.exe
                  C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                  C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
                  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
                  C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe
                  C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe
                  C:\Program Files\Bonjour\mDNSResponder.exe
                  C:\Prey\platform\windows\cronsvc.exe
                  C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe
                  C:\Windows\SysWOW64\ezSharedSvcHost.exe
                  C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
                  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                  C:\Program Files\CyberLink\Shared files\RichVideo64.exe
                  C:\Windows\system32\svchost.exe -k imgsvc
                  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                  C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                  C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
                  C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
                  C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                  C:\Windows\system32\svchost.exe -k WindowsMobile
                  C:\Windows\system32\wbem\wmiprvse.exe
                  C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
                  C:\Windows\system32\wbem\wmiprvse.exe
                  C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
                  C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
                  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                  C:\Windows\System32\svchost.exe -k secsvcs
                  C:\Program Files\Windows Media Player\wmpnetwk.exe
                  C:\Windows\system32\taskhost.exe
                  C:\Windows\system32\Dwm.exe
                  C:\Windows\Explorer.EXE
                  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
                  C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
                  C:\Windows\System32\igfxtray.exe
                  C:\Windows\System32\hkcmd.exe
                  C:\Windows\System32\igfxpers.exe
                  C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
                  C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
                  C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
                  C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
                  C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                  C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
                  C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
                  C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
                  C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
                  C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
                  C:\Windows\system32\svchost.exe -k SDRSVC
                  C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
                  C:\Windows\system32\taskeng.exe
                  C:\Windows\system32\RunDll32.exe
                  C:\Windows\System32\cscript.exe
                  .
                  ============== Pseudo HJT Report ===============
                  .
                  uSearch Bar = Preserve
                  uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
                  uRun: [Google Update] "C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe" /c
                  uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
                  uRun: [49B832DDCDCC94C19C7A7A63840A890B93329575._service_run] "C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
                  mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                  mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
                  mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
                  mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
                  mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                  mPolicies-Explorer: NoActiveDesktop = dword:1
                  mPolicies-Explorer: NoActiveDesktopChanges = dword:1
                  mPolicies-Explorer: EnableShellExecuteHooks = dword:1
                  mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                  mPolicies-System: ConsentPromptBehaviorUser = dword:3
                  mPolicies-System: EnableUIADesktopToggle = dword:0
                  mPolicies-System: HideFastUserSwitching = dword:0
                  mPolicies-System: EnableSecureUIAPath = dword:1
                  IE: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ie_banner_deny.htm
                  IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                  IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
                  IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                  IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                  IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
                  IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                  IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
                  .
                  INFO: HKCU has more than 50 listed domains.
                  If you wish to scan all of them, select the 'Force scan all domains' option.
                  .
                  .
                  INFO: HKLM has more than 50 listed domains.
                  If you wish to scan all of them, select the 'Force scan all domains' option.
                  .
                  DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxps://picasaweb.google.com/s/v/71.32/uploader2.cab
                  DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                  DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
                  TCP: NameServer = 192.168.1.1
                  TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758} : DHCPNameServer = 192.168.1.1
                  TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\14256573531393139353933344 : DHCPNameServer = 192.168.2.254
                  TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\145647865627 : DHCPNameServer = 192.168.0.1
                  TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\24A4353523 : DHCPNameServer = 192.168.1.1
                  TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\4556C65623D2D6F64656D6 : DHCPNameServer = 192.168.1.1
                  TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\8456C4F6 : DHCPNameServer = 192.168.1.1
                  TCP: Interfaces\{82611029-3F0B-4A76-8031-E6501D15980C} : DHCPNameServer = 84.241.226.9 84.241.226.140
                  Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
                  Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
                  AppInit_DLLs= C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
                  SSODL: WebCheck - <orphaned>
                  SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
                  mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
                  x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
                  x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
                  x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
                  x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
                  x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
                  x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
                  x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
                  x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
                  .
                  INFO: x64-HKLM has more than 50 listed domains.
                  If you wish to scan all of them, select the 'Force scan all domains' option.
                  .
                  x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
                  x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
                  x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
                  x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
                  x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
                  x64-Notify: igfxcui - igfxdev.dll
                  x64-Notify: klogon - C:\Windows\System32\klogon.dll
                  x64-SSODL: WebCheck - <orphaned>
                  Hosts: 127.0.0.1 www.spywareinfo.com
                  .
                  ============= SERVICES / DRIVERS ===============
                  .
                  R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864]
                  R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2007-4-4 27736]
                  R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-30 98208]
                  R2 avp;Kaspersky Anti-Virus-service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r [?]
                  R2 BFBackupUtilityService;Backup Utility Service;C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute --> C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute [?]
                  R2 BFBackupUtilityVSSService;Backup Utility VSS Service;C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute --> C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute [?]
                  R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2013-5-8 23552]
                  R2 DokanCEDriver;DokanCEDriver;C:\Program Files (x86)\PogoplugBackup\dokance.sys [2014-5-19 72480]
                  R2 DokanCEMounter;DokanCEMounter;C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [2014-5-19 116000]
                  R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
                  R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
                  R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-4 92216]
                  R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-7-2 27192]
                  R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-30 13336]
                  R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-2-19 386344]
                  R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-17 315392]
                  R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-9-30 2320920]
                  R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
                  R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
                  R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
                  S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
                  S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
                  S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
                  S3 bautpw64;BUFFALO eco manager for HD Filter;C:\Windows\System32\drivers\bautpw64.sys [2013-9-29 16000]
                  S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
                  S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-29 17152]
                  S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
                  S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
                  S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-5-20 19032]
                  S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-5-20 9584]
                  S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-28 19456]
                  S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-30 225280]
                  S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
                  S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
                  S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
                  S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
                  S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-24 56832]
                  S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
                  S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-21 1255736]
                  S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
                  .
                  =============== File Associations ===============
                  .
                  FileExt: .js: JSFile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
                  .
                  =============== Created Last 30 ================
                  .
                  2014-06-21 17:01:11 -------- d-----w- C:\AdwCleaner
                  2014-06-21 09:24:06 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                  2014-06-21 07:52:53 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
                  2014-06-21 06:00:14 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\offreg.dll
                  2014-06-21 05:53:55 -------- d-----w- C:\Program Files\Enigma Software Group
                  2014-06-21 05:52:35 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
                  2014-06-21 05:52:30 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
                  2014-06-21 05:44:29 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\mpengine.dll
                  2014-06-20 09:46:01 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
                  2014-06-18 09:06:02 -------- d-----w- C:\Program Files\CCleaner
                  2014-06-11 06:33:50 506368 ----a-w- C:\Windows\System32\aepdu.dll
                  2014-06-11 06:33:50 424448 ----a-w- C:\Windows\System32\aeinv.dll
                  2014-06-10 11:07:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
                  2014-06-05 21:10:01 -------- d-----w- C:\Users\Steven\AppData\Local\Sonos,_Inc
                  2014-06-05 18:10:49 -------- d-----w- C:\Program Files (x86)\Sonos
                  2014-06-05 18:09:14 -------- d-----w- C:\ProgramData\Sonos,_Inc
                  2014-05-25 06:24:06 6574592 ----a-w- C:\Windows\System32\mstscax.dll
                  2014-05-25 06:24:06 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
                  2014-05-24 20:39:54 -------- d-----w- C:\Windows\System32\drivers\en-US
                  2014-05-24 17:11:25 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
                  2014-05-24 17:11:25 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
                  .
                  ==================== Find3M ====================
                  .
                  2014-06-22 05:51:45 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
                  2014-06-20 05:38:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                  2014-06-20 05:38:23 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                  2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
                  2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
                  2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
                  2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
                  2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
                  2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
                  2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
                  2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
                  2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
                  2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
                  2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                  2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
                  2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
                  2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
                  2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
                  2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
                  2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
                  2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
                  2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
                  2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
                  2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
                  2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
                  2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
                  2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                  2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
                  2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
                  2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
                  2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
                  2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
                  2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
                  2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
                  2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
                  2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
                  2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
                  2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
                  2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
                  2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
                  2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
                  2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
                  2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
                  2014-03-31 20:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
                  2014-03-31 20:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
                  2014-03-31 07:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
                  2014-03-26 14:44:48 2002432 ----a-w- C:\Windows\System32\msxml6.dll
                  2014-03-26 14:44:48 1882112 ----a-w- C:\Windows\System32\msxml3.dll
                  2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll
                  2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
                  2014-03-26 14:27:50 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
                  2014-03-26 14:27:50 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
                  2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
                  2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
                  .
                  ============= FINISH: 8:12:16,63 ===============





                  .
                  UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
                  IF REQUESTED, ZIP IT UP & ATTACH IT
                  .
                  DDS (Ver_2012-11-20.01)
                  .
                  Microsoft Windows 7 Home Premium
                  Boot Device: \Device\HarddiskVolume1
                  Install Date: 19-1-2011 16:34:56
                  System Uptime: 22-6-2014 7:50:11 (1 hours ago)
                  .
                  Motherboard: Hewlett-Packard | | 1439
                  Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz | CPU | 2266/1066mhz
                  .
                  ==== Disk Partitions =========================
                  .
                  C: is FIXED (NTFS) - 217 GiB total, 94,262 GiB free.
                  D: is FIXED (NTFS) - 16 GiB total, 2,274 GiB free.
                  E: is CDROM ()
                  .
                  ==== Disabled Device Manager Items =============
                  .
                  Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
                  Description: SBRE
                  Device ID: ROOT\LEGACY_SBRE\0000
                  Manufacturer:
                  Name: SBRE
                  PNP Device ID: ROOT\LEGACY_SBRE\0000
                  Service: SBRE
                  .
                  ==== System Restore Points ===================
                  .
                  RP497: 14-6-2014 16:08:20 - Gepland controlepunt
                  RP498: 18-6-2014 6:49:48 - Windows Update
                  RP499: 21-6-2014 7:41:55 - Windows Update
                  RP500: 21-6-2014 7:52:51 - Installed SpyHunter
                  RP501: 21-6-2014 9:53:51 - Removed SpyHunter
                  RP502: 21-6-2014 11:22:16 - Installed Java 7 Update 60
                  RP503: 21-6-2014 21:16:26 - Installed Microsoft Fix it 50195
                  .
                  ==== Installed Programs ======================
                  .
                  Update for Microsoft Office 2007 (KB2508958)
                  Aangifte inkomstenbelasting 2010
                  Aangifte inkomstenbelasting 2011
                  Aangifte inkomstenbelasting 2012
                  Aangifte inkomstenbelasting 2013
                  Acrobat.com
                  ActiveCheck component for HP Active Support Library
                  Adobe AIR
                  Adobe Flash Player 13 Plugin
                  Adobe Flash Player 14 ActiveX
                  Adobe Reader XI - Nederlands
                  Adobe Shockwave Player 11.5
                  Agatha Christie - Death on the Nile
                  Albelli Fotoboeken
                  Apple Application Support
                  Apple Mobile Device Support
                  Apple Software Update
                  Bejeweled 2 Deluxe
                  Blackhawk Striker 2
                  Bonjour
                  Broadcom 802.11 Wireless LAN Adapter
                  BUFFALO Backup Utility
                  Buffalo eco Manager
                  BUFFALO INC. DISK FORMATTER
                  CCleaner
                  Chuzzle Deluxe
                  Cool Edit Pro 2.0
                  CyberLink DVD Suite
                  CyberLink PowerDirector
                  CyberLink PowerDVD 9
                  CyberLink YouCam
                  DivX Setup
                  Dora's Carnival Adventure
                  Dropbox
                  Energy Star Digital Logo
                  Escape Rosecliff Island
                  ESU for Microsoft Windows 7
                  Facebook Video Calling 2.0.0.447
                  FATE
                  Final Drive Nitro
                  Google Chrome
                  HP Customer Experience Enhancements
                  HP Game Console
                  HP Games
                  HP Power Manager
                  HP Quick Launch
                  HP Setup
                  HP Software Framework
                  HP Support Assistant
                  HP Wireless Assistant
                  HPAsset component for HP Active Support Library
                  iCloud
                  ImgBurn
                  Intel(R) Control Center
                  Intel(R) Graphics Media Accelerator Driver
                  Intel(R) Management Engine Components
                  Intel(R) Rapid Storage Technology
                  iTunes
                  Java 7 Update 21 (64-bit)
                  Java 7 Update 60
                  Java Auto Updater
                  Java(TM) 6 Update 20 (64-bit)
                  Jewel Quest - Heritage
                  Junk Mail filter update
                  Kaspersky Anti-Virus 2011
                  Kaspersky Internet Security 2011
                  Kinderopvangtoeslag 2011
                  LightScribe System Software
                  Malwarebytes Anti-Malware versie 1.75.0.1300
                  Microsoft .NET Framework 4.5.1
                  Microsoft .NET Framework 4.5.1 (Nederlands)
                  Microsoft .NET Framework 4.5.1 (NLD)
                  Microsoft Application Error Reporting
                  Microsoft Choice Guard
                  Microsoft Office 2007 Service Pack 3 (SP3)
                  Microsoft Office Access MUI (Dutch) 2007
                  Microsoft Office Enterprise 2007
                  Microsoft Office Excel MUI (Dutch) 2007
                  Microsoft Office File Validation Add-In
                  Microsoft Office Groove MUI (Dutch) 2007
                  Microsoft Office InfoPath MUI (Dutch) 2007
                  Microsoft Office Office 64-bit Components 2007
                  Microsoft Office OneNote MUI (Dutch) 2007
                  Microsoft Office Outlook MUI (Dutch) 2007
                  Microsoft Office PowerPoint MUI (Dutch) 2007
                  Microsoft Office Proof (Dutch) 2007
                  Microsoft Office Proof (English) 2007
                  Microsoft Office Proof (French) 2007
                  Microsoft Office Proof (German) 2007
                  Microsoft Office Proofing (Dutch) 2007
                  Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
                  Microsoft Office Publisher MUI (Dutch) 2007
                  Microsoft Office Shared 64-bit MUI (Dutch) 2007
                  Microsoft Office Shared MUI (Dutch) 2007
                  Microsoft Office Word MUI (Dutch) 2007
                  Microsoft Silverlight
                  Microsoft SQL Server 2005 Compact Edition [ENU]
                  Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
                  Microsoft Visual C++ 2005 Redistributable
                  Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
                  Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
                  Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
                  Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
                  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
                  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
                  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
                  Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
                  Microsoft_VC80_CRT_x86
                  Microsoft_VC80_MFC_x86
                  Microsoft_VC80_MFCLOC_x86
                  Microsoft_VC90_ATL_x86
                  Microsoft_VC90_CRT_x86
                  Microsoft_VC90_MFC_x86
                  Microsoft_VC90_MFCLOC_x86
                  MSVCRT
                  MSXML 4.0 SP2 (KB954430)
                  MSXML 4.0 SP2 (KB973688)
                  myiHome v5.2.0
                  Outlook Connector
                  Penguins!
                  PhotoNow!
                  Plants vs. Zombies
                  Pogoplug Backup
                  Poker Superstars III
                  Polar Bowler
                  Polar Golfer
                  Power2Go
                  Realtek Ethernet Controller Driver For Windows 7
                  Realtek High Definition Audio Driver
                  Realtek USB 2.0 Card Reader
                  Recovery Manager
                  RtVOsd
                  Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
                  Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
                  Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
                  Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
                  Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
                  Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
                  Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
                  Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
                  Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
                  Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
                  Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
                  Skype™ 6.16
                  Sonos Controller
                  Spybot - Search & Destroy
                  Synaptics Pointing Device Driver
                  Ubiquiti UniFi (remove only)
                  Update for 2007 Microsoft Office System (KB967642)
                  Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
                  Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
                  Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
                  Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
                  Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
                  Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition
                  Update voor Microsoft Office Excel 2007 Help (KB963678)
                  Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
                  Update voor Microsoft Office Word 2007 Help (KB963665)
                  VC80CRTRedist - 8.0.50727.6195
                  Verzoek of wijziging voorlopige aanslag 2010
                  Verzoek of wijziging voorlopige aanslag 2012
                  Virtual Villagers - The Secret City
                  Visual C++ 2008 x86 Runtime - (v9.0.30729)
                  Visual C++ 2008 x86 Runtime - v9.0.30729.01
                  VLC media player 2.1.3
                  Vuze
                  Winamp
                  Winamp Applicatie Detect
                  Windows Live - Hulpprogramma voor uploaden
                  Windows Live Call
                  Windows Live Communications Platform
                  Windows Live Essentials
                  Windows Live ID Sign-in Assistant
                  Windows Live Mail
                  Windows Live Messenger
                  Windows Live Movie Maker
                  Windows Live Photo Gallery
                  Windows Live Sync
                  Windows Live Writer
                  Windows Media Player Firefox Plugin
                  Windows Mobile Apparaatcentrum
                  WinRAR
                  Zoner Photo Studio 13
                  Zuma Deluxe
                  .
                  ==== End Of File ===========================

                  Comment


                  • #10
                    hoi,

                    ik had net nog wel even een keer dat mijn fan begon te blazen en ik even vastliep in chrome.
                    wat mij opviel was dat ik toen maar 15mb geheugen overhad. Ik heb de printscreen bijgevoegd.Click image for larger version

Name:	broncontrole.jpg
Views:	1
Size:	243,9 KB
ID:	1067751

                    Comment


                    • #11
                      Oorspronkelijk geplaatst door Emphyrio Bekijk Berichten
                      Installeer een actieve anti virus tool.
                      Dit is echt een noodzaak.
                      Als je de actieve antivirustool hebt geinstalleerd, plaats dan een verse DDS log en post deze (NIET de attached.txt).

                      Zonder een AV tool is het dweilen met de kraan open.
                      Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                      E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                      Comment


                      • #12
                        ik heb nu kav

                        DDS (Ver_2012-11-20.01) - NTFS_AMD64
                        Internet Explorer: 11.0.9600.17126 BrowserJavaVersion: 10.60.2
                        Run by Steven at 14:04:24 on 2014-06-22
                        Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2934.1184 [GMT 2:00]
                        .
                        AV: Kaspersky Anti-Virus *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
                        SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                        SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
                        FW: Kaspersky Anti-Virus *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
                        .
                        ============== Running Processes ===============
                        .
                        C:\Windows\system32\lsm.exe
                        C:\Windows\system32\svchost.exe -k DcomLaunch
                        C:\Windows\system32\svchost.exe -k RPCSS
                        C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
                        C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
                        C:\Windows\system32\svchost.exe -k LocalService
                        C:\Windows\system32\svchost.exe -k netsvcs
                        C:\Windows\system32\svchost.exe -k GPSvcGroup
                        C:\Windows\system32\svchost.exe -k NetworkService
                        C:\Windows\system32\WLANExt.exe
                        C:\Windows\System32\spoolsv.exe
                        C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
                        C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
                        C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
                        C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
                        C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
                        C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe
                        C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe
                        C:\Program Files\Bonjour\mDNSResponder.exe
                        C:\Prey\platform\windows\cronsvc.exe
                        C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe
                        C:\Windows\SysWOW64\ezSharedSvcHost.exe
                        C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
                        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
                        C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
                        C:\Program Files\CyberLink\Shared files\RichVideo64.exe
                        C:\Windows\system32\svchost.exe -k imgsvc
                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
                        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
                        C:\Windows\system32\taskhost.exe
                        C:\Windows\system32\Dwm.exe
                        C:\Windows\Explorer.EXE
                        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
                        C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
                        C:\Windows\System32\igfxtray.exe
                        C:\Windows\System32\hkcmd.exe
                        C:\Windows\System32\igfxpers.exe
                        C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
                        C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
                        C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
                        C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                        C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
                        C:\Windows\servicing\TrustedInstaller.exe
                        C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
                        C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
                        C:\Program Files\Windows Media Player\wmpnetwk.exe
                        C:\Windows\System32\svchost.exe -k LocalServicePeerNet
                        C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
                        C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
                        C:\Windows\system32\wbem\wmiprvse.exe
                        C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
                        C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
                        C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
                        C:\Windows\system32\svchost.exe -k WindowsMobile
                        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
                        C:\Windows\system32\wbem\wmiprvse.exe
                        C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
                        C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
                        C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
                        C:\Windows\System32\svchost.exe -k secsvcs
                        C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
                        C:\Prey\platform\windows\bin\bash.exe
                        C:\Windows\system32\svchost.exe -k SDRSVC
                        C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
                        C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
                        C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe
                        C:\Prey\platform\windows\bin\bash.exe
                        C:\Windows\System32\cscript.exe
                        .
                        ============== Pseudo HJT Report ===============
                        .
                        uSearch Bar = Preserve
                        uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
                        uRun: [Google Update] "C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe" /c
                        uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
                        uRun: [49B832DDCDCC94C19C7A7A63840A890B93329575._service_run] "C:\Users\Steven\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
                        mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
                        mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
                        mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
                        mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
                        mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
                        mPolicies-Explorer: NoActiveDesktop = dword:1
                        mPolicies-Explorer: NoActiveDesktopChanges = dword:1
                        mPolicies-Explorer: EnableShellExecuteHooks = dword:1
                        mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
                        mPolicies-System: ConsentPromptBehaviorUser = dword:3
                        mPolicies-System: EnableUIADesktopToggle = dword:0
                        mPolicies-System: HideFastUserSwitching = dword:0
                        mPolicies-System: EnableSecureUIAPath = dword:1
                        IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
                        IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
                        IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                        IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
                        IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
                        IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
                        IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
                        .
                        INFO: HKCU has more than 50 listed domains.
                        If you wish to scan all of them, select the 'Force scan all domains' option.
                        .
                        .
                        INFO: HKLM has more than 50 listed domains.
                        If you wish to scan all of them, select the 'Force scan all domains' option.
                        .
                        DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxps://picasaweb.google.com/s/v/71.32/uploader2.cab
                        DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                        DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} - hxxp://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab
                        TCP: NameServer = 192.168.1.1
                        TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758} : DHCPNameServer = 192.168.1.1
                        TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\14256573531393139353933344 : DHCPNameServer = 192.168.2.254
                        TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\145647865627 : DHCPNameServer = 192.168.0.1
                        TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\24A4353523 : DHCPNameServer = 192.168.1.1
                        TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\4556C65623D2D6F64656D6 : DHCPNameServer = 192.168.1.1
                        TCP: Interfaces\{142F44E3-7EBF-4A42-B32E-4A2235EC6758}\8456C4F6 : DHCPNameServer = 192.168.1.1
                        TCP: Interfaces\{82611029-3F0B-4A76-8031-E6501D15980C} : DHCPNameServer = 84.241.226.9 84.241.226.140
                        Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
                        Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
                        SSODL: WebCheck - <orphaned>
                        SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
                        mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
                        x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
                        x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
                        x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
                        x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
                        x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
                        x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
                        x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
                        x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtbbho.dll
                        .
                        INFO: x64-HKLM has more than 50 listed domains.
                        If you wish to scan all of them, select the 'Force scan all domains' option.
                        .
                        x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
                        x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
                        x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
                        x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
                        x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
                        x64-Notify: igfxcui - igfxdev.dll
                        x64-Notify: klogon - C:\Windows\System32\klogon.dll
                        x64-SSODL: WebCheck - <orphaned>
                        Hosts: 127.0.0.1 www.spywareinfo.com
                        .
                        ============= SERVICES / DRIVERS ===============
                        .
                        R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2010-6-9 11864]
                        R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2007-4-4 27736]
                        R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-9-30 98208]
                        R2 avp;Kaspersky Anti-Virus-service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r --> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -r [?]
                        R2 BFBackupUtilityService;Backup Utility Service;C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute --> C:\Program Files (x86)\BUFFALO\Backup_Utility\BUService.exe -Service_Execute [?]
                        R2 BFBackupUtilityVSSService;Backup Utility VSS Service;C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute --> C:\Program Files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe -Service_Execute [?]
                        R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2013-5-8 23552]
                        R2 DokanCEDriver;DokanCEDriver;C:\Program Files (x86)\PogoplugBackup\dokance.sys [2014-5-19 72480]
                        R2 DokanCEMounter;DokanCEMounter;C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [2014-5-19 116000]
                        R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
                        R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-18 103992]
                        R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-4 92216]
                        R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-7-2 27192]
                        R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-30 13336]
                        R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-2-19 386344]
                        R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-17 315392]
                        R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-9-30 2320920]
                        R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
                        R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-2-3 271872]
                        R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
                        S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
                        S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
                        S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
                        S3 bautpw64;BUFFALO eco manager for HD Filter;C:\Windows\System32\drivers\bautpw64.sys [2013-9-29 16000]
                        S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-6-11 111616]
                        S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-29 17152]
                        S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
                        S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
                        S3 pwdrvio;pwdrvio;C:\Windows\System32\pwdrvio.sys [2013-5-20 19032]
                        S3 pwdspio;pwdspio;C:\Windows\System32\pwdspio.sys [2013-5-20 9584]
                        S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-28 19456]
                        S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-30 225280]
                        S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
                        S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
                        S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
                        S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
                        S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-5-24 56832]
                        S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
                        S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-21 1255736]
                        S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
                        .
                        =============== File Associations ===============
                        .
                        FileExt: .js: JSFile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
                        .
                        =============== Created Last 30 ================
                        .
                        2014-06-22 09:57:51 -------- d-----w- C:\Users\Steven\AppData\Local\Adobe
                        2014-06-21 17:01:11 -------- d-----w- C:\AdwCleaner
                        2014-06-21 09:24:06 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
                        2014-06-21 07:52:53 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
                        2014-06-21 06:00:14 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\offreg.dll
                        2014-06-21 05:53:55 -------- d-----w- C:\Program Files\Enigma Software Group
                        2014-06-21 05:52:35 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
                        2014-06-21 05:52:30 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
                        2014-06-21 05:44:29 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\mpengine.dll
                        2014-06-20 09:46:01 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
                        2014-06-18 09:06:02 -------- d-----w- C:\Program Files\CCleaner
                        2014-06-11 06:33:50 506368 ----a-w- C:\Windows\System32\aepdu.dll
                        2014-06-11 06:33:50 424448 ----a-w- C:\Windows\System32\aeinv.dll
                        2014-06-10 11:07:18 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
                        2014-06-05 21:10:01 -------- d-----w- C:\Users\Steven\AppData\Local\Sonos,_Inc
                        2014-06-05 18:10:49 -------- d-----w- C:\Program Files (x86)\Sonos
                        2014-06-05 18:09:14 -------- d-----w- C:\ProgramData\Sonos,_Inc
                        2014-05-25 06:24:06 6574592 ----a-w- C:\Windows\System32\mstscax.dll
                        2014-05-25 06:24:06 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll
                        2014-05-24 20:39:54 -------- d-----w- C:\Windows\System32\drivers\en-US
                        2014-05-24 17:11:25 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
                        2014-05-24 17:11:25 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll
                        .
                        ==================== Find3M ====================
                        .
                        2014-06-22 12:05:20 29 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat
                        2014-06-20 05:38:23 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
                        2014-06-20 05:38:23 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
                        2014-05-30 10:02:37 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
                        2014-05-30 10:02:09 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
                        2014-05-30 09:39:43 548352 ----a-w- C:\Windows\System32\vbscript.dll
                        2014-05-30 09:39:23 66048 ----a-w- C:\Windows\System32\iesetup.dll
                        2014-05-30 09:38:29 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
                        2014-05-30 09:21:23 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
                        2014-05-30 09:21:05 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
                        2014-05-30 09:20:36 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
                        2014-05-30 09:11:24 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
                        2014-05-30 09:08:22 5782528 ----a-w- C:\Windows\System32\jscript9.dll
                        2014-05-30 09:02:39 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
                        2014-05-30 08:55:36 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
                        2014-05-30 08:44:28 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
                        2014-05-30 08:43:06 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
                        2014-05-30 08:42:16 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
                        2014-05-30 08:28:33 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
                        2014-05-30 08:27:56 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
                        2014-05-30 08:24:19 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
                        2014-05-30 08:23:22 2040832 ----a-w- C:\Windows\System32\inetcpl.cpl
                        2014-05-30 08:10:46 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
                        2014-05-30 07:56:56 2266112 ----a-w- C:\Windows\System32\wininet.dll
                        2014-05-30 07:56:50 4244992 ----a-w- C:\Windows\SysWow64\jscript9.dll
                        2014-05-30 07:50:09 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
                        2014-05-30 07:49:38 1964544 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
                        2014-05-30 07:21:10 1790976 ----a-w- C:\Windows\SysWow64\wininet.dll
                        2014-05-08 09:32:11 3178496 ----a-w- C:\Windows\System32\rdpcorets.dll
                        2014-05-08 09:32:11 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
                        2014-04-25 02:34:59 801280 ----a-w- C:\Windows\System32\usp10.dll
                        2014-04-25 02:06:17 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
                        2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
                        2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
                        2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
                        2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
                        2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
                        2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
                        2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
                        2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
                        2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
                        2014-04-05 02:47:20 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
                        2014-04-05 02:47:09 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
                        2014-03-31 20:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
                        2014-03-31 20:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
                        2014-03-31 07:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
                        2014-03-26 14:44:48 2002432 ----a-w- C:\Windows\System32\msxml6.dll
                        2014-03-26 14:44:48 1882112 ----a-w- C:\Windows\System32\msxml3.dll
                        2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml6r.dll
                        2014-03-26 14:41:39 2048 ----a-w- C:\Windows\System32\msxml3r.dll
                        2014-03-26 14:27:50 1389056 ----a-w- C:\Windows\SysWow64\msxml6.dll
                        2014-03-26 14:27:50 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
                        2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
                        2014-03-26 14:25:14 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
                        .
                        ============= FINISH: 14:09:16,43 ===============

                        Comment


                        • #13
                          Download of Update Ccleaner

                          Start CCleaner op.
                          • Run Ccleaner en klik in de linkse kolom op Opties
                          • Selecteer het tabblad Geavanceerd
                          • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
                          • Selecteer het tabblad Instellingen
                          • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
                          • Klik in de linkse kolom op Cleaner.
                          • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
                          • Klik vervolgens in de linkse kolom op Register
                          • Klik op Scan naar problemen.
                          • Op de vraag of je een backup wil maken van het register, klik je "Ja".
                          • Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK



                          Download Combofix naar je bureaublad.
                          (Dus niet naar een download map of temp map)

                          Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
                          Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.

                          Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.

                          Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
                          Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

                          Als Combofix vraagt om een update, dan staat je dit toe.

                          Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
                          Deze kan je vinden als C:\combofix.txt.

                          Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

                          * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
                          • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
                          • Illegal operation attempted on a registry key that has been marked for deletion.
                          Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                          E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                          Comment


                          • #14
                            ComboFix 14-06-21.02 - Steven 22-06-2014 17:56:58.1.4 - x64
                            Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.2934.1333 [GMT 2:00]
                            Gestart vanuit: c:\users\Steven\Desktop\ComboFix.exe
                            AV: Kaspersky Anti-Virus *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
                            FW: Kaspersky Anti-Virus *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
                            SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
                            SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
                            .
                            .
                            (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            C:\Install.exe
                            c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
                            c:\windows\wininit.ini
                            .
                            .
                            (((((((((((((((((((( Bestanden Gemaakt van 2014-05-22 to 2014-06-22 ))))))))))))))))))))))))))))))
                            .
                            .
                            2014-06-22 16:09 . 2014-06-22 16:09 -------- d-----w- c:\users\Default\AppData\Local\temp
                            2014-06-22 09:57 . 2014-06-22 09:57 -------- d-----w- c:\users\Steven\AppData\Local\Adobe
                            2014-06-21 17:01 . 2014-06-21 17:02 -------- d-----w- C:\AdwCleaner
                            2014-06-21 09:24 . 2014-06-21 09:24 -------- d-----w- c:\program files (x86)\Common Files\Java
                            2014-06-21 09:24 . 2014-05-07 13:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
                            2014-06-21 07:52 . 2014-06-21 07:55 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
                            2014-06-21 06:00 . 2014-06-22 16:03 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\offreg.dll
                            2014-06-21 05:53 . 2014-06-21 05:53 -------- d-----w- c:\program files\Enigma Software Group
                            2014-06-21 05:52 . 2014-06-21 07:55 -------- d-----w- c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
                            2014-06-21 05:52 . 2014-06-21 05:52 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
                            2014-06-21 05:44 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5EE97B59-5691-4CE8-A908-8B06C619122C}\mpengine.dll
                            2014-06-20 09:46 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
                            2014-06-18 09:06 . 2014-06-18 09:06 -------- d-----w- c:\program files\CCleaner
                            2014-06-11 06:33 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
                            2014-06-11 06:33 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
                            2014-06-10 11:07 . 2014-06-21 08:47 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
                            2014-06-05 21:10 . 2014-06-05 21:10 -------- d-----w- c:\users\Steven\AppData\Local\Sonos,_Inc
                            2014-06-05 18:10 . 2014-06-05 18:10 -------- d-----w- c:\program files (x86)\Sonos
                            2014-06-05 18:09 . 2014-06-14 15:02 -------- d-----w- c:\programdata\Sonos,_Inc
                            2014-05-28 19:21 . 2014-05-28 19:21 -------- d-----w- c:\program files (x86)\Common Files\Skype
                            2014-05-25 06:24 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
                            2014-05-25 06:24 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
                            2014-05-24 20:39 . 2014-05-24 20:39 -------- d-----w- c:\windows\system32\drivers\en-US
                            2014-05-24 17:11 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
                            2014-05-24 17:11 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
                            .
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            2014-06-22 15:56 . 2013-10-14 18:16 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
                            2014-06-20 05:38 . 2012-04-01 06:25 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
                            2014-06-20 05:38 . 2011-06-07 05:22 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
                            2014-06-11 19:48 . 2011-01-22 21:36 95414520 ----a-w- c:\windows\system32\MRT.exe
                            2014-04-12 02:22 . 2014-05-15 06:11 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
                            2014-04-12 02:22 . 2014-05-15 06:11 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
                            2014-04-12 02:19 . 2014-05-15 06:11 29184 ----a-w- c:\windows\system32\sspisrv.dll
                            2014-04-12 02:19 . 2014-05-15 06:11 136192 ----a-w- c:\windows\system32\sspicli.dll
                            2014-04-12 02:19 . 2014-05-15 06:11 28160 ----a-w- c:\windows\system32\secur32.dll
                            2014-04-12 02:19 . 2014-05-15 06:11 1460736 ----a-w- c:\windows\system32\lsasrv.dll
                            2014-04-12 02:19 . 2014-05-15 06:11 31232 ----a-w- c:\windows\system32\lsass.exe
                            2014-04-12 02:12 . 2014-05-15 06:11 22016 ----a-w- c:\windows\SysWow64\secur32.dll
                            2014-04-12 02:10 . 2014-05-15 06:11 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
                            2014-03-31 20:46 . 2014-03-31 20:46 130712 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
                            2014-03-31 20:46 . 2014-03-31 20:46 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
                            2014-03-31 07:35 . 2011-03-21 20:41 270496 ------w- c:\windows\system32\MpSigStub.exe
                            2014-03-25 02:43 . 2014-05-15 06:11 14175744 ----a-w- c:\windows\system32\shell32.dll
                            .
                            .
                            ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                            .
                            .
                            *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
                            REGEDIT4
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt1]
                            @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-09-10 23:54 131248 ----a-w- c:\users\Steven\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt2]
                            @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-09-10 23:54 131248 ----a-w- c:\users\Steven\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayid entifiers\DropboxExt3]
                            @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-09-10 23:54 131248 ----a-w- c:\users\Steven\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
                            .
                            [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-11-20 59720]
                            "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
                            "49B832DDCDCC94C19C7A7A63840A890B93329575._service_run"="c:\users\Steven\AppData\Local\Google\Chrome \Application\chrome.exe" [2014-06-05 860488]
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
                            "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
                            "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-11-02 365336]
                            "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
                            "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
                            "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
                            "ConsentPromptBehaviorAdmin"= 5 (0x5)
                            "ConsentPromptBehaviorUser"= 3 (0x3)
                            "EnableUIADesktopToggle"= 0 (0x0)
                            "HideFastUserSwitching"= 0 (0x0)
                            "EnableSecureUIAPath"= 1 (0x1)
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
                            "EnableShellExecuteHooks"= 1 (0x1)
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
                            "aux"=wdmaud.drv
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
                            "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
                            "DisableMonitoring"=dword:00000001
                            .
                            R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x]
                            R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
                            R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
                            R3 bautpw64;BUFFALO eco manager for HD Filter;c:\windows\system32\drivers\bautpw64.sys;c:\windows\SYSNATIVE\drivers\bautpw64.sys [x]
                            R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
                            R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
                            R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [x]
                            R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
                            R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
                            R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
                            R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
                            R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
                            R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
                            R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
                            R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
                            R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
                            R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNX T6.SYS [x]
                            R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
                            R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
                            R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
                            R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
                            S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]
                            S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
                            S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
                            S2 BFBackupUtilityService;Backup Utility Service;c:\program files (x86)\BUFFALO\Backup_Utility\BUService.exe;c:\program files (x86)\BUFFALO\Backup_Utility\BUService.exe [x]
                            S2 BFBackupUtilityVSSService;Backup Utility VSS Service;c:\program files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe;c:\program files (x86)\BUFFALO\Backup_Utility\BUVSSService64.exe [x]
                            S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
                            S2 DokanCEDriver;DokanCEDriver;c:\program files (x86)\PogoplugBackup\dokance.sys;c:\program files (x86)\PogoplugBackup\dokance.sys [x]
                            S2 DokanCEMounter;DokanCEMounter;c:\program files (x86)\PogoplugBackup\dokanmnt.exe;c:\program files (x86)\PogoplugBackup\dokanmnt.exe [x]
                            S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
                            S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
                            S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
                            S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
                            S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
                            S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
                            S2 RtVOsdService;RtVOsdService Installer;c:\program files\Realtek\RtVOsd\RtVOsdService.exe;c:\program files\Realtek\RtVOsd\RtVOsdService.exe [x]
                            S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
                            S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
                            S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
                            S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
                            .
                            .
                            [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
                            2010-05-19 08:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
                            .
                            Inhoud van de 'Gedeelde Taken' map
                            .
                            2014-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job
                            - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 05:38]
                            .
                            2014-06-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3298954765-633483694-3216028712-1000Core.job
                            - c:\users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-23 19:53]
                            .
                            2014-06-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3298954765-633483694-3216028712-1000UA.job
                            - c:\users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-23 19:53]
                            .
                            2014-06-07 c:\windows\Tasks\HPCeeScheduleForSteven.job
                            - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
                            .
                            .
                            --------- X64 Entries -----------
                            .
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt1]
                            @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-09-10 23:54 164016 ----a-w- c:\users\Steven\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt2]
                            @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-09-10 23:54 164016 ----a-w- c:\users\Steven\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt3]
                            @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-09-10 23:54 164016 ----a-w- c:\users\Steven\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                            .
                            [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Dr opboxExt4]
                            @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
                            [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
                            2013-09-10 23:54 164016 ----a-w- c:\users\Steven\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
                            .
                            [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                            "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-03-13 6234144]
                            "HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
                            "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 161304]
                            "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 386584]
                            "Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 415256]
                            .
                            ------- Bijkomende Scan -------
                            .
                            uLocal Page = c:\windows\system32\blank.htm
                            mLocal Page = c:\windows\SysWOW64\blank.htm
                            uInternet Settings,ProxyOverride = *.local
                            Trusted Zone: minbzk.nl\ptw1
                            TCP: DhcpNameServer = 192.168.1.1
                            .
                            - - - - ORPHANS VERWIJDERD - - - -
                            .
                            HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
                            HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
                            AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
                            .
                            .
                            "ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
                            [\]^_¬\00\00¬\00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~¬\00\00¬\00\00\00\00v\00\00\00 \00\00\00\00\00‘’“"
                            .
                            .
                            --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="FlashBroker"
                            "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe,-101"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                            "Enabled"=dword:00000001
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                            @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_125_ActiveX.exe"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="IFlashBroker5"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                            @="{00020424-0000-0000-C000-000000000046}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            "Version"="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="FlashBroker"
                            "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe,-101"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
                            "Enabled"=dword:00000001
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_125_ActiveX.exe"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
                            @Denied: (A 2) (Everyone)
                            @="Shockwave Flash Object"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
                            "ThreadingModel"="Apartment"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
                            @="0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
                            @="ShockwaveFlash.ShockwaveFlash.14"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
                            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
                            @="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                            @="ShockwaveFlash.ShockwaveFlash"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
                            @Denied: (A 2) (Everyone)
                            @="Macromedia Flash Factory Object"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx"
                            "ThreadingModel"="Apartment"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
                            @="FlashFactory.FlashFactory.1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
                            @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_125.ocx, 1"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
                            @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
                            @="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
                            @="FlashFactory.FlashFactory"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
                            @Denied: (A 2) (Everyone)
                            @="IFlashBroker5"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
                            @="{00020424-0000-0000-C000-000000000046}"
                            .
                            [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
                            @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
                            "Version"="1.0"
                            .
                            [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
                            @Denied: (Full) (Everyone)
                            .
                            Voltooingstijd: 2014-06-22 18:14:14
                            ComboFix-quarantined-files.txt 2014-06-22 16:14
                            .
                            Pre-Run: 101.088.489.472 bytes beschikbaar
                            Post-Run: 100.659.560.448 bytes beschikbaar
                            .
                            - - End Of File - - 595F17E13446204780E07288105982E1

                            Comment


                            • #15
                              Magik een verse DDS log zoals gevraagd?
                              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X