Mededeling

**Emphyrio** · 03-02-15, 15:02

Hoi Noel,

We gaan je erdoor heen loodsen

De stappen die voorgesteld worden, moeten één na één gedaan worden.

Versta je iets niet, dan vraag je het eerst, ok ?

Opmerking: Alle tools steeds uitvoeren als admin.
De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

Heb je deze richtlijnen gelezen en begrepen, mag je verder gaan.....

Stap 1:

Malware scannen en verwijderen....

Installeer MBAM 2.0 (info & download link)

Start MBAM.
Klik bovenin het scherm van Malwarebytes Anti-Malware op Scan.
Kies in het scherm voor de Aangepaste scan en vink de partities aan die van toepassing zijn (c:\ d\ enz..)
Klik vervolgens op de knop Scan nu.

Voor het scannen wordt er altijd eerst automatisch gecontroleerd of er updates van de virusdefinities beschikbaar zijn, indien er een update beschikbaar is, moet je deze eerst laten installeren.

Wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijg je hier een overzicht van.
Selecteer om allen in quarantaine te plaatsen.
Bij de melding dat uw computer opnieuw opgestart moet worden klik je op Ja.

Na herstart van de PC, indien Malwarebytes heeft gevraagd om de PC opnieuw op te starten, open Malwarebytes opnieuw.
Klik de Historie knop bovenaan in het menu.
Klik vervolgens op de optie programmalogboeken en selecteer het Scanlogboek wat u wilt exporteren. Dit is de laatste scan die je hebt gedaan (kan je zien aan de datum en tijd).
Selecteer deze om te bekijken.
In een nieuw venster dat zal openen zal je de resultaten van je scan zien.

Onderaan, selecteer ofwel om te exporteren als tekstbestand en geef het tekstbestand een naam, bijvoorbeeld mbamlog.
Ofwel kan je selecteren om te kopieren naar het klembord, zodat de inhoud van de log naar je klembord wordt gekopieerd en je die zo in je volgende post kan plakken.

**NOEL** · 03-02-15, 17:49

Malwarebytes Anti-Malware

Cyber Security Software & Anti-Malware | Malwarebytes

https://www.malwarebytes.org

Protect your home and business PCs, Macs, iOS and Android devices from the latest cyber threats and malware, including ransomware.

Scandatum: 3/02/2015
Scantijd: 18:26:14
Logbestand: noel scanlogboek.txt
Beheerder: Nee

Versie: 2.00.4.1028
Malwaredatabase: v2015.02.03.06
Rootkitdatabase: v2015.02.03.01
Licentie: Premium
Malwarebescherming: Ingeschakeld
Kwaadaardige Website Bescherming: Ingeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Noel

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten Gescand: 333276
Verstreken Tijd: 7 m, 51 s

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 1
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, 1772, Verwijder-bij-Herstart, [b75b0a107e0c3105ba67f81106fcf50b]

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)

Registerwaardes: 0
(Geen kwaadaardige items gedetecteerd)

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 0
(Geen kwaadaardige items gedetecteerd)

Bestanden: 1
PUP.Optional.XTab.A, C:\Program Files (x86)\XTab\ProtectService.exe, Verwijder-bij-Herstart, [b75b0a107e0c3105ba67f81106fcf50b],

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)

(end)

ik hoop dat dit goed was gedaan

**Emphyrio** · 03-02-15, 22:42

Dat is goed gedaan

We gaan verder.....

Controle op slechte toolbars...

Download AdwCleaner by Xplode naar je Bureaublad.

Sluit alle openstaande vensters
Start AdwCleaner
Klik op Scan
Klik op Clean

Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner\AdwCleaner[xx].txt post de inhoud hier op het Forum.

Enkel de log na de "clean/verwijderen" optie heb ik nodig.

Vergeet niet om je "smileys" uit te schakelen.( INFO )

Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

**NOEL** · 03-02-15, 22:48

ok is bezig

**NOEL** · 03-02-15, 22:51

vraagje clean zie ik niet staan is nederlanstalig

**Emphyrio** · 03-02-15, 22:53

Oorspronkelijk geplaatst door NOEL

vraagje clean zie ik niet staan is nederlanstalig

Clean => Verwijderen

**NOEL** · 03-02-15, 22:53

is dan verwijderen ok

**NOEL** · 03-02-15, 23:00

# AdwCleaner v4.109 - Rapport aangemaakt 03/02/2015 op 23:53:43
# Laatste Update 24/01/2015 door Xplode
# Database : 2015-02-03.1 [Live]
# Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Gebruikersnaam : Noel - NOEL-PC
# Gestart vanuit : C:\Users\Noel\Downloads\adwcleaner_4.109.exe
# Optie : Verwijderen

***** [ Services ] *****

[#] Service Verwijderd : sbmntr

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
Map Verwijderd : C:\Program Files (x86)\WinZip Malware Protector
Map Verwijderd : C:\Program Files (x86)\XTab
Map Verwijderd : C:\Users\Noel\AppData\Roaming\FirefoxToolbar
Map Verwijderd : C:\Users\Noel\AppData\Roaming\Elex-tech
Bestand Verwijderd : C:\Users\Public\Desktop\WinZip Malware Protector.lnk
Bestand Verwijderd : C:\Windows\System32\log\iSafeKrnlCall.log
Bestand Verwijderd : C:\Windows\System32\roboot64.exe
Bestand Verwijderd : C:\Windows\System32\wsusnative64.exe
Bestand Verwijderd : C:\Users\Noel\AppData\Roaming\Mozilla\Firefox\Profiles\jx71226v.default-1422261154420\invalidprefs.js
Bestand Verwijderd : C:\Users\Noel\AppData\Roaming\Mozilla\Firefox\Profiles\83cq8s3u.default\user.js
Bestand Verwijderd : C:\Users\Noel\AppData\Roaming\Mozilla\Firefox\Profiles\jx71226v.default-1422261154420\user.js

***** [ Taken ] *****

Taak Verwijderd : ShopperPro
Taak Verwijderd : ShopperProJSUpd
Taak Verwijderd : SMupdate1
Taak Verwijderd : SPDriver
Taak Verwijderd : Update Service SimpleFiles
Taak Verwijderd : YTDownloader
Taak Verwijderd : WinZip Malware Protector_startup
Taak Verwijderd : YTDownloaderUpd

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428A-92C9-0CFC28B9D1BF}
Sleutel Verwijderd : HKLM\SOFTWARE\SimpleFiles
Sleutel Verwijderd : HKLM\SOFTWARE\Solvusoft

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v35.0.1 (x86 nl)

[jx71226v.default-1422261154420\prefs.js] - Regel verwijderd : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[jx71226v.default-1422261154420\prefs.js] - Regel verwijderd : user_pref("browser.search.hiddenOneOffs", "default-search.net");
[jx71226v.default-1422261154420\prefs.js] - Regel verwijderd : user_pref("browser.search.searchengine.alias", "mystartsearch");
[jx71226v.default-1422261154420\prefs.js] - Regel verwijderd : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/web/favicon.ico");
[jx71226v.default-1422261154420\prefs.js] - Regel verwijderd : user_pref("browser.search.searchengine.name", "mystartsearch");
[jx71226v.default-1422261154420\prefs.js] - Regel verwijderd : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=dspp&ts=1422541898&from=amt&uid=ST31000524AS_6VPC8338XXXX6VPC8338&q={searchTerms}");
[jx71226v.default-1422261154420\prefs.js] - Regel verwijderd : user_pref("extensions.quick_start.enable_search1", false);
[jx71226v.default-1422261154420\prefs.js] - Regel verwijderd : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v40.0.2214.94

*************************

AdwCleaner[R1].txt - [3442 octets] - [03/02/2015 23:47:00]
AdwCleaner[S1].txt - [3382 octets] - [03/02/2015 23:53:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3442 octets] ##########

**Emphyrio** · 03-02-15, 23:05

Mooi zo

Download of Update Ccleaner

Start CCleaner op.

Run Ccleaner en klik in de linkse kolom op Opties
Selecteer het tabblad Geavanceerd
Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
Selecteer het tabblad Instellingen
Haal het vinkje weg bij "Computer automatisch schoonmaken...."
Klik in de linkse kolom op Cleaner.
Klik dan achtereenvolgens op Analyseer en Schoonmaken.
Klik vervolgens in de linkse kolom op Register
Klik op Scan naar problemen.
Op de vraag of je een backup wil maken van het register, klik je "Ja".
Als er fouten gevonden worden klik je op de middelste knop: Herstel alle geselecteerde fouten en OK

.

Meldt het even als je dit gedaan hebt.

**NOEL** · 03-02-15, 23:20

cleaning complet o bytes verwijderd

**Emphyrio** · 03-02-15, 23:27

Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:
.

.
DDS is een diagnosetool en maakt gebruik van scripts.
Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.

Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
Beide logfiles sla je op je bureaublad.

Post de inhoud van DDS.txt.

De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

**NOEL** · 03-02-15, 23:36

moet ik eerst start gaan gebruiken

**Emphyrio** · 03-02-15, 23:40

Oorspronkelijk geplaatst door NOEL

moet ik eerst start gaan gebruiken

Wat bedoel je ?

**NOEL** · 03-02-15, 23:43

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496 BrowserJavaVersion: 11.31.2
Run by Noel at 0:39:06 on 2015-02-04
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.4094.2535 [GMT 1:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: G DATA TOTAL PROTECTION *Enabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: G DATA TOTAL PROTECTION *Enabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall *Enabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe
C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Noel\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\System32\vds.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe
C:\Windows\System32\cscript.exe
C:\Windows\system32\WerFault.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
uRun: [googletalk] C:\Users\Noel\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [GDFirewallTray] C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFirewallTray.exe
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: EnableSmartScreen = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 195.130.130.131 195.130.131.131
TCP: Interfaces\{207DA8D4-1B86-4DEA-9003-79E57ECA378B} : DHCPNameServer = 195.130.130.131 195.130.131.131
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\G DATA\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe,
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
x64-Run: [Acronis Scheduler2Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Noel\AppData\Roaming\Mozilla\Firefox\Profiles\jx71226v.default-1422261154420\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\Noel\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll
FF - plugin: C:\Users\Noel\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll
.
============= SERVICES / DRIVERS ===============
.
R0 GDBehave;GDBehave;C:\Windows\System32\drivers\GDBehave.sys [2015-1-30 55808]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 tdrpman255;Acronis Try&Decide and Restore Points filter (build 255);C:\Windows\System32\drivers\tdrpm255.sys [2015-1-11 1477152]
R0 TS4NT;TS4nt driver;C:\Windows\System32\drivers\TS4nt.sys [2015-1-30 98760]
R1 GDKBFlt;G Data GDKBFlt Driver;C:\Windows\System32\drivers\GDKBFlt64.sys [2015-1-30 20992]
R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\drivers\MiniIcpt.sys [2015-1-30 142336]
R1 gdwfpcd;G Data WFP CD;C:\Windows\System32\drivers\gdwfpcd64.sys [2015-1-30 64512]
R1 GRD;G Data Rootkit Detector Driver;C:\Windows\System32\drivers\GRD.sys [2015-1-30 106272]
R1 HookCentre;HookCentre;C:\Windows\System32\drivers\HookCentre.sys [2015-1-30 61440]
R2 afcdpsrv;Acronis Nonstop Backup service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2015-1-11 2475952]
R2 AVKProxy;G DATA ANTIVIRUS Proxy;C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2014-10-14 2250360]
R2 AVKService;G DATA Scheduler;C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKService.exe [2013-12-19 914552]
R2 AVKWCtl;G DATA Bestandssysteembewaker;C:\Program Files (x86)\G DATA\TotalProtection\AVK\AVKWCtlx64.exe [2014-5-20 2683760]
R2 GDBackupSvc;G DATA Backup Service;C:\Program Files (x86)\G DATA\TotalProtection\AVKBackup\AVKBackupService.exe [2014-8-21 3844216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-2-3 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-2-3 969016]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-2-2 411936]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-1-15 5426448]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2015-1-11 250464]
R3 Blackberry Device Manager;Blackberry Device Manager;C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-1-18 577536]
R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\drivers\PktIcpt.sys [2015-1-30 64000]
R3 GDScan;G DATA Scanner;C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2014-5-20 700536]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-2-3 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-2-3 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-2-3 63704]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 GDFwSvc;G DATA Personal Firewall;C:\Program Files (x86)\G DATA\TotalProtection\Firewall\GDFwSvcx64.exe [2014-8-21 3228136]
S3 GDTunerSvc;G DATA Tuner Service;C:\Program Files (x86)\G DATA\TotalProtection\AVKTuner\AVKTunerService.exe [2014-5-28 1637496]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-1-16 114688]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2011-8-17 171008]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-1-26 19456]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2015-1-26 34848]
S3 TSNxGService;G DATA Datasafeservice;C:\Program Files (x86)\G DATA\TotalProtection\TSNxG\TSNxGService.exe [2014-7-1 255608]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-2-2 56832]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2015-1-26 23016]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-1-15 1255736]
S4 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2015-1-26 23048]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .ini: inifile="C:\Windows\System32\NOTEPAD.EXE" %1
FileExt: .inf: inffile="C:\Windows\System32\NOTEPAD.EXE" %1
.
=============== Created Last 30 ================
.
2015-02-03 22:46:33 -------- d-----w- C:\AdwCleaner
2015-02-03 17:45:30 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A17BEC3-5AF1-4C27-9E1D-F5B4D8A71F41}\mpengine.dll
2015-02-03 17:25:52 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-02-03 17:25:33 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-02-03 17:25:33 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-02-03 17:25:33 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-02-03 17:06:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-03 13:47:14 -------- d-----w- C:\Users\Noel\AppData\Roaming\K9AMW
2015-02-03 13:47:11 -------- d-----w- C:\Users\Noel\AppData\Roaming\K9Tools
2015-02-03 13:47:09 -------- d-----w- C:\ProgramData\K9Tools
2015-02-03 13:47:07 26176 ----a-w- C:\Windows\System32\k9native64.exe
2015-02-03 13:45:29 -------- d-----w- C:\Users\Noel\AppData\Roaming\K9-PCFixer
2015-02-03 12:58:51 -------- d-----w- C:\Users\Noel\AppData\Roaming\Nico Mak Computing
2015-02-03 12:58:46 -------- d-----w- C:\ProgramData\Nico Mak Computing
2015-02-02 21:37:42 -------- d-----w- C:\Users\Noel\AppData\Local\G DATA
2015-02-02 21:37:18 -------- d-----w- C:\Users\Noel\AppData\Roaming\G Data
2015-02-02 21:23:12 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2015-02-02 21:22:58 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2015-02-02 21:22:58 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2015-02-02 20:40:23 -------- d-----w- C:\Users\Noel\AppData\Local\NVIDIA
2015-02-02 20:37:26 -------- d-----w- C:\Windows\System32\drivers\en-US
2015-02-02 20:35:50 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2015-02-02 20:35:35 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2015-02-02 20:33:54 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
2015-02-02 20:33:54 62808 ----a-w- C:\Windows\System32\nvshext.dll
2015-02-02 20:33:54 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
2015-02-02 20:33:53 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2015-02-02 20:33:53 2559960 ----a-w- C:\Windows\System32\nvsvcr.dll
2015-02-02 20:33:47 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
2015-02-02 20:33:46 386520 ----a-w- C:\Windows\System32\nvmctray.dll
2015-02-02 20:32:49 75040 ----a-w- C:\Windows\System32\OpenCL.dll
2015-02-02 20:32:49 61912 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2015-02-02 20:32:17 -------- d-----w- C:\Program Files\NVIDIA Corporation
2015-02-02 18:18:26 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2015-02-02 18:18:09 -------- d-----w- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2015-02-02 16:37:09 -------- d-----w- C:\sh4ldr
2015-02-01 23:43:29 -------- d-----w- C:\inetpub
2015-02-01 21:19:22 -------- d-----w- C:\ProgramData\F-Secure
2015-02-01 14:08:41 -------- d-----w- C:\Users\Noel\AppData\Roaming\URSoft
2015-02-01 13:19:40 65463 ----a-w- C:\ProgramData\1422796770.bdinstall.bin
2015-02-01 13:17:51 271039 ----a-w- C:\ProgramData\1422796645.bdinstall.bin
2015-02-01 13:17:25 -------- d-----w- C:\Users\Noel\AppData\Roaming\QuickScan
2015-02-01 13:17:21 -------- d-----w- C:\Program Files\Common Files\Bitdefender
2015-02-01 12:20:47 -------- d-----w- C:\ProgramData\HitmanPro
2015-02-01 11:13:55 -------- d-----w- C:\ProgramData\{ba3c14ac-249f-a277-ba3c-c14ac24952b0}
2015-01-31 23:11:05 -------- d-----w- C:\Users\Noel\AppData\Local\qBittorrent
2015-01-31 11:05:53 11870360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-01-30 19:35:59 18160 ----a-w- C:\Windows\System32\drivers\GdPhyMem.sys
2015-01-30 19:35:55 106272 ----a-w- C:\Windows\System32\drivers\GRD.sys
2015-01-30 19:28:29 64000 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys
2015-01-30 19:27:26 98760 ----a-w- C:\Windows\System32\drivers\TS4nt.sys
2015-01-30 19:27:16 20992 ----a-w- C:\Windows\System32\drivers\GDKBFlt64.sys
2015-01-30 19:27:03 64512 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys
2015-01-30 19:26:53 61440 ----a-w- C:\Windows\System32\drivers\HookCentre.sys
2015-01-30 19:26:53 142336 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys
2015-01-30 19:26:52 55808 ----a-w- C:\Windows\System32\drivers\GDBehave.sys
2015-01-30 19:23:53 -------- d-----w- C:\Program Files (x86)\G DATA
2015-01-30 19:23:46 -------- d-----w- C:\Program Files (x86)\Common Files\G Data
2015-01-30 18:46:58 -------- d-----w- C:\Program Files\CCleaner
2015-01-30 09:41:35 -------- d-----w- C:\Users\Noel\AppData\Local\ElevatedDiagnostics
2015-01-30 09:02:14 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-30 08:53:22 -------- d-----w- C:\Windows\SysWow64\beidpp
2015-01-30 08:53:20 -------- d-----w- C:\Windows\SysWow64\siscardplugins
2015-01-30 08:53:17 -------- d-----w- C:\Program Files\log
2015-01-30 08:53:17 -------- d-----w- C:\Program Files (x86)\Belgium Identity Card
2015-01-30 08:52:58 -------- d-----w- C:\drivers
2015-01-29 23:01:28 -------- d-----w- C:\Windows\System32\log
2015-01-29 14:50:07 -------- d-----w- C:\Users\Noel\AppData\Local\5871
2015-01-29 10:22:48 11870360 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0F7F19D2-3FEF-4A67-95D5-55A2D65E84C8}\mpengine.dll
2015-01-29 07:14:20 95088 ----a-w- C:\Windows\System32\drivers\Tosrfhid.sys
2015-01-29 07:14:20 94008 ----a-w- C:\Windows\System32\drivers\tosrfusb.sys
2015-01-29 07:14:18 40832 ----a-w- C:\Windows\System32\TosBtCi.dll
2015-01-29 07:14:18 40832 ----a-w- C:\Windows\System32\drivers\TosBtCi.dll
2015-01-29 07:14:18 306320 ----a-w- C:\Windows\System32\drivers\tosrfbd.sys
2015-01-27 21:38:34 -------- d-----w- C:\Program Files (x86)\Research In Motion
2015-01-26 08:27:42 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-26 07:30:04 -------- d-----w- C:\ProgramData\gdplnekidepcnmhocjkadghmeaieofdf
2015-01-26 07:11:01 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2015-01-26 07:11:00 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-01-25 23:46:27 3584 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbflt.sys.mui
2015-01-25 23:46:27 243200 ----a-w- C:\Windows\System32\rdpudd.dll
2015-01-25 23:46:27 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2015-01-25 23:46:27 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2015-01-25 23:46:27 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2015-01-25 22:45:02 -------- d-----w- C:\Users\Noel\AppData\Roaming\ProductData
2015-01-25 22:42:28 -------- d-----w- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-01-25 22:42:03 -------- d-----w- C:\Program Files (x86)\IObit
2015-01-25 22:42:01 -------- d-----w- C:\Users\Noel\AppData\Roaming\IObit
2015-01-24 20:37:30 -------- d-----w- C:\Program Files (x86)\ea9dba97-391b-4512-ac4e-5cd83c9c31df
2015-01-24 20:17:40 180200 ----a-w- C:\Program Files (x86)\Common Files\e37ac487-1bc2-46f6-afa2-bc8a66eeda53.dll
2015-01-24 20:17:31 -------- d-----w- C:\Program Files (x86)\e37ac487-1bc2-46f6-afa2-bc8a66eeda53
2015-01-24 20:06:44 -------- d-----w- C:\Program Files (x86)\FreeFrameSDK
2015-01-24 19:08:12 -------- d-----w- C:\Users\Noel\AppData\Local\Installer
2015-01-24 18:58:05 -------- d-----w- C:\ProgramData\{8c799d82-5170-9018-8c79-99d825177609}
2015-01-22 15:11:28 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6447DA47-C0DC-491C-814E-E2DBA0C561B1}\gapaengine.dll
2015-01-21 07:19:25 -------- d-----w- C:\Users\Noel\AppData\Roaming\VASCO
2015-01-21 07:19:12 -------- d-----w- C:\Users\Noel\AppData\Local\Package Cache
2015-01-20 21:06:11 -------- d-----w- C:\Users\Noel\AppData\Roaming\Research In Motion
2015-01-20 17:24:15 -------- d-----w- C:\Users\Noel\AppData\Local\Research In Motion
2015-01-20 17:23:21 44544 ----a-w- C:\Windows\System32\drivers\RimSerial_AMD64.sys
2015-01-20 17:22:01 -------- d-----w- C:\Program Files (x86)\Common Files\XCPCSync.OEM
2015-01-20 17:22:01 -------- d-----w- C:\Program Files (x86)\Common Files\Research In Motion
2015-01-20 16:02:18 -------- d-----w- C:\Users\Noel\AppData\Local\Popcorn-Time
2015-01-20 16:01:29 -------- d-----w- C:\Users\Noel\AppData\Local\Popcorn Time
2015-01-18 12:04:14 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-01-18 12:04:13 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-01-17 17:31:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-01-16 23:03:06 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2015-01-16 23:03:06 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2015-01-16 21:00:40 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2015-01-16 21:00:40 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2015-01-16 21:00:39 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2015-01-16 21:00:39 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2015-01-16 21:00:38 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2015-01-16 21:00:38 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2015-01-16 18:03:18 -------- d-sh--w- C:\Users\Noel\AppData\Local\EmieUserList
2015-01-16 18:03:18 -------- d-sh--w- C:\Users\Noel\AppData\Local\EmieSiteList
2015-01-16 18:03:18 -------- d-sh--w- C:\Users\Noel\AppData\Local\EmieBrowserModeList
2015-01-16 11:59:38 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-16 11:59:38 701616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-01-16 02:37:12 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2015-01-16 02:37:11 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2015-01-16 02:27:48 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2015-01-16 02:27:42 -------- d-----w- C:\Windows\System32\wbem\en-US
2015-01-16 02:05:28 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-16 01:20:13 642944 ----a-w- C:\Windows\System32\winload.efi
2015-01-16 01:20:13 605552 ----a-w- C:\Windows\System32\winload.exe
2015-01-16 01:20:13 566208 ----a-w- C:\Windows\System32\winresume.efi
2015-01-16 01:20:13 518672 ----a-w- C:\Windows\System32\winresume.exe
2015-01-16 01:20:13 20352 ----a-w- C:\Windows\System32\kdusb.dll
2015-01-16 01:20:13 19328 ----a-w- C:\Windows\System32\kd1394.dll
2015-01-16 01:20:13 17792 ----a-w- C:\Windows\System32\kdcom.dll
2015-01-15 12:01:42 -------- d-----w- C:\Users\Noel\AppData\Roaming\TeamViewer
2015-01-15 12:01:36 -------- d-----w- C:\Program Files (x86)\TeamViewer
2015-01-15 06:33:01 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2015-01-15 06:33:01 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2015-01-15 06:33:00 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2015-01-15 06:33:00 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2015-01-15 06:31:36 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-01-15 06:30:56 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
2015-01-15 06:30:55 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2015-01-15 06:30:55 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
2015-01-15 06:30:55 2048 ----a-w- C:\Windows\System32\iologmsg.dll
2015-01-15 06:30:55 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
2015-01-15 06:30:50 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2015-01-15 06:30:49 67072 ----a-w- C:\Windows\splwow64.exe
2015-01-15 06:17:35 -------- d-----w- C:\Windows\SysWow64\Wat
2015-01-15 06:17:35 -------- d-----w- C:\Windows\System32\Wat
2015-01-14 22:03:14 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2015-01-14 22:03:14 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-01-14 22:03:13 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2015-01-14 22:03:12 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2015-01-14 21:17:33 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
2015-01-14 20:45:29 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2015-01-14 20:45:29 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2015-01-14 20:45:29 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2015-01-14 20:45:29 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2015-01-14 20:45:29 206848 ----a-w- C:\Windows\System32\mfps.dll
2015-01-14 20:45:29 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2015-01-14 20:45:29 2048 ----a-w- C:\Windows\System32\mferror.dll
2015-01-14 20:45:29 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2015-01-14 20:45:28 4121600 ----a-w- C:\Windows\System32\mf.dll
2015-01-14 20:45:28 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2015-01-14 20:39:43 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2015-01-14 20:39:42 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2015-01-14 20:39:42 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2015-01-14 20:39:42 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2015-01-14 20:39:41 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2015-01-14 20:39:41 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2015-01-14 20:39:41 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2015-01-14 20:29:38 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2015-01-14 20:29:37 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2015-01-14 20:29:37 5120 ----a-w- C:\Windows\System32\wmi.dll
2015-01-14 20:19:29 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2015-01-14 20:19:29 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2015-01-14 20:19:29 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2015-01-14 20:19:29 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2015-01-14 20:19:27 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2015-01-14 20:19:27 8856 ----a-w- C:\Windows\System32\icardres.dll
2015-01-14 20:18:57 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2015-01-14 20:18:57 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2015-01-14 08:24:54 224256 ----a-w- C:\Windows\System32\wintrust.dll
2015-01-14 08:23:54 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2015-01-14 08:22:44 515584 ----a-w- C:\Windows\System32\timedate.cpl
2015-01-14 08:21:52 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2015-01-14 08:20:58 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
2015-01-14 08:19:57 478208 ----a-w- C:\Windows\System32\dpnet.dll
2015-01-14 08:18:59 441856 ----a-w- C:\Windows\System32\Wpc.dll
2015-01-14 08:17:59 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2015-01-14 08:15:44 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-01-14 08:14:39 136704 ----a-w- C:\Windows\System32\browser.dll
2015-01-14 08:13:47 202752 ----a-w- C:\Windows\System32\scrrun.dll
2015-01-14 08:12:49 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2015-01-14 08:12:48 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2015-01-14 08:12:48 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2015-01-14 08:12:48 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2015-01-14 08:12:48 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2015-01-14 08:12:47 461312 ----a-w- C:\Windows\System32\scavengeui.dll
2015-01-14 08:12:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2015-01-14 08:12:44 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-01-14 07:46:22 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2015-01-14 07:46:21 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2015-01-14 07:46:21 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2015-01-13 20:56:59 -------- d-----w- C:\Windows\System32\SPReview
2015-01-13 16:21:46 -------- d-----w- C:\Program Files (x86)\Layout60
2015-01-13 09:34:41 -------- d-----w- C:\Program Files\KMSpico
2015-01-13 09:20:56 51200 ----a-w- C:\Windows\SysWow64\PushPrinterConnections.exe
2015-01-13 09:19:59 758784 ----a-w- C:\Windows\System32\samsrv.dll
2015-01-13 09:18:59 1852928 ----a-w- C:\Program Files\DVD Maker\Pipeline.dll
2015-01-13 09:17:59 416256 ----a-w- C:\Windows\System32\prnfldr.dll
2015-01-13 09:16:59 743424 ----a-w- C:\Windows\SysWow64\blackbox.dll
2015-01-13 09:15:59 68096 ----a-w- C:\Windows\System32\vfwwdm32.dll
2015-01-13 09:14:51 6656 ----a-w- C:\Windows\System32\drivers\nl-NL\rdvgkmd.sys.mui
2015-01-13 09:14:51 4608 ----a-w- C:\Windows\System32\drivers\nl-NL\tsusbhub.sys.mui
2015-01-13 09:14:50 2560 ----a-w- C:\Windows\System32\drivers\nl-NL\rdpwd.sys.mui
2015-01-13 09:14:41 3072 ----a-w- C:\Windows\System32\drivers\nl-NL\Dot4usb.sys.mui
2015-01-13 09:14:37 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2015-01-13 09:14:36 399872 ----a-w- C:\Windows\System32\dpx.dll
2015-01-13 09:13:01 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2015-01-13 09:13:01 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2015-01-13 09:12:00 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2015-01-13 09:12:00 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2015-01-13 09:11:37 -------- d-----w- C:\Users\Noel\AppData\Local\Microsoft Help
2015-01-13 09:07:01 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2015-01-13 06:59:20 -------- d-sh--w- C:\$RECYCLE.BIN
2015-01-13 01:13:32 -------- d-----w- C:\Users\Noel\AppData\Local\VS Revo Group
2015-01-13 01:13:27 -------- d-----w- C:\ProgramData\VS Revo Group
2015-01-12 23:54:39 -------- d-----w- C:\Users\Noel\AppData\Local\Macromedia
2015-01-12 23:37:49 -------- d-----w- C:\Users\Noel\AppData\Local\Adobe
2015-01-12 22:14:17 -------- d-----w- C:\Users\Noel\AppData\Local\Programs
2015-01-12 21:44:42 -------- d-sh--r- C:\acroldr
2015-01-12 17:56:47 -------- d-----w- C:\Windows\System32\EventProviders
2015-01-12 14:45:52 -------- d-----w- C:\Drive(C)
2015-01-12 13:46:32 -------- d-----w- C:\Users\Noel\AppData\Local\Google
2015-01-12 12:48:34 -------- d-----w- C:\Users\Noel\AppData\Local\Diagnostics
2015-01-11 21:20:14 250464 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2015-01-11 21:20:10 1477152 ----a-w- C:\Windows\System32\drivers\tdrpm255.sys
2015-01-11 21:20:08 929312 ----a-w- C:\Windows\System32\drivers\timntr.sys
2015-01-11 21:20:01 254496 ----a-w- C:\Windows\System32\drivers\snapman.sys
2015-01-11 19:32:18 -------- d-----w- C:\Program Files (x86)\VideoLAN
2015-01-11 19:28:14 -------- d-s---w- C:\Windows\System32\CompatTel
2015-01-11 19:28:14 -------- d-----w- C:\Windows\System32\appraiser
2015-01-11 19:23:37 -------- d-----w- C:\Users\Noel\AppData\Local\Mozilla
2015-01-11 19:22:45 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2015-01-11 19:22:40 -------- d-sh--w- C:\Windows\Installer
2015-01-11 19:22:36 -------- d-----w- C:\Program Files\Microsoft Security Client
2015-01-11 19:20:26 -------- d-----w- C:\Windows\System32\MRT
2015-01-11 19:20:02 298120 ------w- C:\Windows\System32\MpSigStub.exe
2015-01-11 19:19:28 1232040 ----a-w- C:\Windows\System32\aitstatic.exe
2015-01-11 19:19:24 142336 ----a-w- C:\Windows\System32\poqexec.exe
2015-01-11 19:19:24 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2015-01-11 19:05:36 -------- d-----w- C:\Program Files (x86)\qBittorrent
2015-01-11 19:05:24 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
2015-01-11 19:01:16 36864 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\sst3cpc.dll
2015-01-11 19:01:16 -------- d-----w- C:\ProgramData\Samsung
2015-01-11 18:43:56 -------- d-----w- C:\Windows\Panther
2015-01-10 13:26:04 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2015-01-16 02:05:28 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-01-13 21:05:08 175616 ----a-w- C:\Windows\System32\msclmd.dll
2015-01-13 21:05:08 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2014-12-19 03:06:55 210432 ----a-w- C:\Windows\System32\profsvc.dll
2014-12-19 01:46:45 141312 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2014-12-12 05:35:10 5553592 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-12-12 05:31:49 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-12-12 05:31:49 50176 ----a-w- C:\Windows\System32\srclient.dll
2014-12-12 05:31:22 296960 ----a-w- C:\Windows\System32\rstrui.exe
2014-12-12 05:11:44 3971512 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-12-12 05:11:43 3916728 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-12-12 05:07:44 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-12-06 04:17:27 303616 ----a-w- C:\Windows\System32\nlasvc.dll
2014-12-06 03:50:19 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2014-12-06 03:50:18 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2014-12-04 02:50:55 413184 ----a-w- C:\Windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\Windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\Windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\Windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\Windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\Windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\Windows\System32\aeinv.dll
2014-11-20 04:42:52 36512 ----a-w- C:\Windows\System32\FM20NLD.DLL
2014-11-18 19:47:50 1691816 ----a-w- C:\Windows\System32\FM20.DLL
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-11-06 09:52:56 118784 ----a-w- C:\Windows\System32\beidpkcs11.dll
2014-11-06 09:52:46 275456 ----a-w- C:\Windows\System32\beid35cardlayer.dll
2014-11-06 09:52:10 273408 ----a-w- C:\Windows\System32\beid35DlgsWin32.dll
2014-11-06 09:52:00 147456 ----a-w- C:\Windows\System32\beid35common.dll
2014-11-06 09:47:08 360448 ----a-w- C:\Windows\SysWow64\beid35applayer.dll
2014-11-06 09:46:50 102400 ----a-w- C:\Windows\SysWow64\Belgium Identity Card PKCS11.dll
2014-11-06 09:46:50 102400 ----a-w- C:\Windows\SysWow64\beidpkcs11.dll
2014-11-06 09:46:24 208896 ----a-w- C:\Windows\SysWow64\beid35cardlayer.dll
2014-11-06 09:45:54 266240 ----a-w- C:\Windows\SysWow64\beid35DlgsWin32.dll
2014-11-06 09:45:50 200704 ----a-w- C:\Windows\SysWow64\eidlib.dll
2014-11-06 09:45:50 200704 ----a-w- C:\Windows\SysWow64\beidlib.dll
2014-11-06 09:45:42 126976 ----a-w- C:\Windows\SysWow64\beid35common.dll
2014-11-06 09:45:06 522752 ----a-w- C:\Windows\System32\beid_ff_pkcs11.dll
2014-11-06 09:43:40 356352 ----a-w- C:\Windows\SysWow64\beid_ff_pkcs11.dll
.
============= FINISH: 0:40:41,97 ===============

Mededeling

malware of virus infectie ik weet het niet meer hulp gevraagd

malware of virus infectie ik weet het niet meer hulp gevraagd

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment