Ga naar inhoud

Edward Glyver

Lid
  • Items

    15
  • Registratiedatum

  • Laatst bezocht

Over Edward Glyver

  • Verjaardag 20-11-1989

Edward Glyver's prestaties

  1. Het is toch nog gelukt. Was vergeten om in het netwerkcentrum op zoek te gaan naar het ip adres van de router. Modus is standaard 802.11n 2,4 GHz, frequentie 20 MHz en kanaal 1. Allemaal standaard dus. En het probleem is dat ik ze niet kan veranderen. Het enige wat in de buurt komt en wat ik kan veranderen is de Transmission rate (zie screenshot). Ons internet hoort in de buurt van 50 Mbps te zitten, dus ik weet niet of ik de bij rate bijv. 5 of 11 moet kiezen of dat het gewoon op Auto moet blijven staan.
  2. Dat zal niet gaan, helaas. We hebben geen router meer, We hebben een nieuwe UPC box (voor internet en telefonie) die nu ook tevens als router dient. Ik kan er dus niet in. Maar ik zal eens contact opnemen met UPC, kijken wat zij te zeggen hebben.
  3. Malwarebytes heb ik geinstalleerd op uw aanraden, dus het probleem bestond eerder. Voor zover ik weet staat Windows Defender uit omdat Kaspersky aan staat en het verwijderen van Kaspersky heeft ook niets nuttigs opgeleverd. Op het moment ondervind ik het probleem weer. De snelheid is erg wisselvallig, het ene moment bedraagt het 39 Mbps, een halve minuut later 0,71 Mbps. Het duurde 1 minuut 50 seconden om chess.com te laden. En dat terwijl de test net 30+ Mbps had aangegeven. Pingtest.net heeft alleen positieve dingen te melden over mijn verbinding.. Ik moet wel zeggen dat ik vaak een ander probleem ondervind met het netwerk, dan laat ik Windows het probleem oplossen en geeft ie aan dat de standard gateway niet beschikbaar was. Ik weet niet of het er iets mee te maken heeft, maar dacht ik meld het even.
  4. Het is gelukt. ComboFix verwijderd, alles werkt weer. Met alles bedoel ik dan alle software. Over internet kan ik niets zeggen, nu heb ik er geen last van, maar het blijft onvoorspelbaar, misschien werkt ie morgen niet meer. Hebben de logs van ComboFix iets nuttigs opgeleverd eigenlijk?
  5. Ik heb het gedaan, maar nu doet mijn computer heel erg raar. Geen enkel programma, maar dan ook geen een kan geopend worden. Ik krijg de foutmelding: 'Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.' Dit zit ik dan ook op een andere laptop te typen. Enig idee waarom dat gebeurd is? Het logbestand heb ik via usb overgezet op deze laptop, het gaat als volgt: ComboFix 12-07-08.01 - Fuad Yusibov 09-07-2012 12:35:23.3.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3990.2430 [GMT 2:00] Gestart vanuit: c:\users\Fuad Yusibov\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Fuad Yusibov\Desktop\CFScript.txt AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF} SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\system32\srvany.exe" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_KMService . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-09 to 2012-07-09 )))))))))))))))))))))))))))))) . . 2012-07-09 10:44 . 2012-07-09 10:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-07-07 21:35 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-07-07 21:35 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-07-07 19:30 . 2012-07-07 19:35 -------- d-----w- c:\programdata\PCPitstop 2012-07-07 19:30 . 2012-07-07 19:30 -------- d-----w- c:\program files (x86)\PCPitstop 2012-07-07 15:50 . 2012-07-07 15:50 -------- d-----w- c:\program files (x86)\Dell Digital Delivery 2012-07-06 08:08 . 2012-06-18 01:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8DACD813-DD1B-4E96-90B5-17A5F902C6F9}\mpengine.dll 2012-07-05 16:21 . 2012-07-05 16:26 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Norton Utilities 2012-06-29 15:49 . 2012-06-29 15:49 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Quantitative Micro Software 2012-06-29 15:48 . 2001-09-04 23:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll 2012-06-29 15:48 . 2001-09-04 23:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll 2012-06-29 15:48 . 2001-09-04 22:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll 2012-06-29 15:48 . 2001-09-04 23:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll 2012-06-29 15:47 . 2003-10-29 09:00 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe 2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Malwarebytes 2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\programdata\Malwarebytes 2012-06-26 10:26 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-25 22:38 . 2012-06-25 22:38 388096 ----a-r- c:\users\Fuad Yusibov\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-25 22:38 . 2012-06-25 22:38 -------- d-----w- c:\program files (x86)\Trend Micro 2012-06-25 21:19 . 2012-06-25 21:19 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-06-25 21:19 . 2012-06-25 21:19 -------- d-----w- c:\program files (x86)\Oracle 2012-06-25 21:16 . 2012-06-25 21:16 -------- d-----w- c:\program files (x86)\Java 2012-06-25 20:35 . 2012-07-06 08:24 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-06-25 20:00 . 2012-06-25 20:00 -------- d-----w- c:\program files (x86)\Kaspersky Lab 2012-06-25 17:27 . 2012-06-25 17:27 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Macrovision 2012-06-25 17:02 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-25 17:02 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-25 17:02 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-25 17:02 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-25 17:02 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-25 17:02 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-25 17:02 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-25 17:02 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-25 17:02 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-23 13:51 . 2012-06-23 13:51 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Leadertech 2012-06-23 13:49 . 2012-06-25 11:54 -------- d-----w- c:\programdata\Logishrd 2012-06-23 13:49 . 2012-06-23 13:51 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Logitech 2012-06-23 13:49 . 2012-06-23 13:49 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Logishrd 2012-06-21 19:23 . 2012-06-21 19:23 -------- d-----w- c:\programdata\Quantitative Micro Software 2012-06-21 19:23 . 2012-07-04 13:41 -------- d-----w- c:\program files (x86)\EViews7 2012-06-19 15:35 . 2012-06-19 15:35 4967624 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-15 20:31 . 2012-06-15 20:31 -------- d-----w- c:\program files\Recuva 2012-06-13 16:01 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-09 10:46 . 2011-09-30 22:01 17920 ----a-w- c:\windows\system32\rpcnetp.exe 2012-07-09 10:46 . 2011-09-29 12:47 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll 2012-07-07 15:35 . 2011-09-30 22:02 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll 2012-07-07 15:34 . 2011-09-30 22:01 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe 2012-06-25 20:37 . 2012-04-06 03:33 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-25 20:37 . 2011-09-23 03:54 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-25 20:37 . 2012-04-06 03:41 9815752 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-06-08 20:10 . 2012-06-08 20:10 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe 2012-06-08 20:10 . 2011-09-29 12:47 58288 ------w- c:\windows\SysWow64\rpcnet.exe 2012-06-04 17:42 . 2010-08-20 19:22 49592 ----a-w- c:\windows\SysWow64\pkgslv.exe 2012-06-04 17:42 . 2010-08-20 19:22 46008 ----a-w- c:\windows\SysWow64\pkgmgr.dll 2012-05-04 17:29 . 2012-05-19 21:37 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-05-04 17:29 . 2011-09-23 04:05 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-04-17 22:49 . 2012-04-17 22:49 4246016 ----a-w- c:\windows\system32\wlihvui.dll 2012-04-17 22:45 . 2012-04-17 22:45 2463744 ----a-w- c:\windows\system32\iwmssvc.dll 2012-04-17 14:11 . 2012-04-27 20:04 49152 ----a-w- c:\windows\system32\iolobtdfg.exe 2012-04-17 14:11 . 2012-04-27 20:04 17920 ----a-w- c:\windows\system32\smrgdf.exe 2012-04-17 13:37 . 2012-04-27 20:04 2154032 ----a-w- c:\windows\system32\Incinerator64.dll 2012-04-17 13:37 . 2012-04-27 20:04 2095816 ----a-w- c:\windows\SysWow64\Incinerator32.dll 2012-04-17 12:25 . 2012-04-27 20:03 69000 ----a-w- c:\windows\system32\offreg.dll 2012-04-17 12:25 . 2012-04-27 20:03 56200 ----a-w- c:\windows\SysWow64\offreg.dll 2012-04-17 12:25 . 2012-04-27 20:01 31432 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-07-07_21.51.06 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-07-07 20:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-07-09 09:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-07-07 20:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-07-09 09:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-07-07 20:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-09 09:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09 . 2012-07-09 09:19 56732 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-09 10:47 43760 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-09-29 13:23 . 2012-07-09 10:47 17058 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1941087755-3768846296-3944321467-1002_UserData.bin + 2009-07-14 04:46 . 2012-07-08 09:17 96928 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2011-09-22 21:48 . 2012-07-07 16:01 3076 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat + 2011-09-22 21:48 . 2012-07-09 10:44 3076 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat - 2012-07-07 16:26 . 2012-07-07 20:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-09 10:45 . 2012-07-09 10:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-09 10:45 . 2012-07-09 10:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-07-07 16:26 . 2012-07-07 20:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-07-07 16:01 574540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-09 10:44 574540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 04:45 . 2012-06-25 20:35 7294510 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2009-07-14 04:45 . 2012-07-07 22:17 7294510 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2011-09-29 13:19 . 2012-07-09 10:44 13797048 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1941087755-3768846296-3944321467-1002-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2011-05-10 85672] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 250056] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-03-01 195584] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 36328] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496] R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 EMUXMIDI;E-MU Xmidi Driver;c:\windows\system32\DRIVERS\EMUXMIDI.sys [2009-12-04 257624] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-05-17 34200] R3 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-04-17 1047336] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-07-22 175192] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-04-17 273168] R3 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 5352960] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-07 174184] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [2012-05-16 91848] R3 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640] R3 SW2SVC;SecureW2 Service;c:\program files (x86)\SecureW2\sw2_service.exe [2011-08-05 121224] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 SymDSMon;SymDSMon;c:\windows\system32\drivers\SymDSMon.sys [2010-11-30 191232] R3 SYMSpeedDisk;SYMSpeedDisk;c:\windows\system32\drivers\SymSpeedDisk.sys [2010-11-30 163384] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-30 1255736] R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672] R4 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2011-05-10 10920] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208] R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] R4 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648] R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472] R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136] R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-11-04 28992] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-04-17 31432] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488] S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2011-11-04 249152] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-01 659976] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-03-08 135952] S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056] S2 DiskDoctorService;Norton Disk Doctor Service;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2010-11-30 1029480] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-04 2253120] S2 rpcld;Remote Procedure Call (RPC) LD;c:\programdata\Rpcnet\Bin\rpcld.exe [x] S2 SpeedDiskService;Norton SpeedDisk Service;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2010-11-30 1037672] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-04-17 2671376] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-01 195584] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096] S3 cyhid;Cypress Input Device;c:\windows\system32\DRIVERS\cyhid.sys [2011-06-07 108032] S3 cykbfltrService;Cypress Keyboard Filter Driver;c:\windows\system32\DRIVERS\cykbfltr.sys [2011-05-26 11264] S3 cymfltrService;Cypress Trackpad Filter Driver;c:\windows\system32\DRIVERS\cymfltr.sys [2011-05-22 70656] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-05-17 25496] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544] S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\Netwsw00.sys [2012-03-12 11471872] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2011-05-17 42392] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 20:37] . 2012-07-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002Core.job - c:\users\Fuad Yusibov\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-01 11:34] . 2012-07-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002UA.job - c:\users\Fuad Yusibov\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-01 11:34] . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38] . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002Core.job - c:\users\Fuad Yusibov\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 18:27] . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002UA.job - c:\users\Fuad Yusibov\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 18:27] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CyCpIo"="c:\program files\Cypress\TrackPad\CyCpIo.exe" [2011-05-20 2352640] "CyHidWin"="c:\program files\Cypress\TrackPad\CyHidWin.exe" [2011-05-26 2356224] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-10-18 7509096] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-10-14 2278504] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-11-04 540992] "combofix"="c:\combofix\CF16989.3XE" [2010-11-21 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = local TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 FF - ProfilePath - c:\users\Fuad Yusibov\AppData\Roaming\Mozilla\Firefox\Profiles\b0b8d2kd.default\ . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe c:\windows\SysWOW64\rpcnet.exe c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe c:\program files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Voltooingstijd: 2012-07-09 13:02:10 - machine werd herstart ComboFix-quarantined-files.txt 2012-07-09 11:02 ComboFix2.txt 2012-07-08 09:57 ComboFix3.txt 2012-07-07 22:05 . Pre-Run: 288.409.006.080 bytes beschikbaar Post-Run: 287.738.232.832 bytes beschikbaar . - - End Of File - - 6E806A1B16842A473DE49B8982DF3D89
  6. Alstublieft. Ik moet trouwens wel zeggen dat kort nadat ik deze post had aangemaakt de problemen zomaar weg waren, ik weet niet wat en of ik iets had gedaan. Maar ze zijn al een paar dagen terug: ComboFix 12-07-07.04 - Fuad Yusibov 08-07-2012 11:33:16.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3990.2479 [GMT 2:00] Gestart vanuit: c:\users\Fuad Yusibov\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\Fuad Yusibov\Desktop\CFScript.txt AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF} SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\windows\Tasks\AutoKMSCustom.job" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\AutoKMS c:\windows\AutoKMS\AutoKMS.exe c:\windows\AutoKMS\AutoKMS.ini c:\windows\Tasks\AutoKMSCustom.job . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-08 to 2012-07-08 )))))))))))))))))))))))))))))) . . 2012-07-08 09:42 . 2012-07-08 09:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-07-08 09:42 . 2012-07-08 09:42 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-07 21:35 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-07-07 21:35 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-07-07 19:30 . 2012-07-07 19:35 -------- d-----w- c:\programdata\PCPitstop 2012-07-07 19:30 . 2012-07-07 19:30 -------- d-----w- c:\program files (x86)\PCPitstop 2012-07-07 15:50 . 2012-07-07 15:50 -------- d-----w- c:\program files (x86)\Dell Digital Delivery 2012-07-06 08:08 . 2012-06-18 01:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8DACD813-DD1B-4E96-90B5-17A5F902C6F9}\mpengine.dll 2012-07-05 16:21 . 2012-07-05 16:26 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Norton Utilities 2012-06-29 15:49 . 2012-06-29 15:49 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Quantitative Micro Software 2012-06-29 15:48 . 2001-09-04 23:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll 2012-06-29 15:48 . 2001-09-04 23:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll 2012-06-29 15:48 . 2001-09-04 22:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll 2012-06-29 15:48 . 2001-09-04 23:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll 2012-06-29 15:47 . 2003-10-29 09:00 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe 2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Malwarebytes 2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\programdata\Malwarebytes 2012-06-26 10:26 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-25 22:38 . 2012-06-25 22:38 388096 ----a-r- c:\users\Fuad Yusibov\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-25 22:38 . 2012-06-25 22:38 -------- d-----w- c:\program files (x86)\Trend Micro 2012-06-25 21:19 . 2012-06-25 21:19 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-06-25 21:19 . 2012-06-25 21:19 -------- d-----w- c:\program files (x86)\Oracle 2012-06-25 21:16 . 2012-06-25 21:16 -------- d-----w- c:\program files (x86)\Java 2012-06-25 20:35 . 2012-07-06 08:24 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2012-06-25 20:00 . 2012-06-25 20:00 -------- d-----w- c:\program files (x86)\Kaspersky Lab 2012-06-25 17:27 . 2012-06-25 17:27 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Macrovision 2012-06-25 17:02 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-25 17:02 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-25 17:02 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-25 17:02 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-25 17:02 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-25 17:02 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-25 17:02 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-25 17:02 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-25 17:02 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-23 13:51 . 2012-06-23 13:51 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Leadertech 2012-06-23 13:49 . 2012-06-25 11:54 -------- d-----w- c:\programdata\Logishrd 2012-06-23 13:49 . 2012-06-23 13:51 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Logitech 2012-06-23 13:49 . 2012-06-23 13:49 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Logishrd 2012-06-21 19:23 . 2012-06-21 19:23 -------- d-----w- c:\programdata\Quantitative Micro Software 2012-06-21 19:23 . 2012-07-04 13:41 -------- d-----w- c:\program files (x86)\EViews7 2012-06-19 15:35 . 2012-06-19 15:35 4967624 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-15 20:31 . 2012-06-15 20:31 -------- d-----w- c:\program files\Recuva 2012-06-13 16:01 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll 2012-06-09 09:46 . 2012-06-09 09:46 -------- d-----w- c:\users\Fuad Yusibov\AppData\Local\Macromedia 2012-06-08 20:10 . 2012-06-08 20:10 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-08 09:10 . 2011-09-30 22:01 17920 ----a-w- c:\windows\system32\rpcnetp.exe 2012-07-08 09:10 . 2011-09-29 12:47 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll 2012-07-07 15:35 . 2011-09-30 22:02 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll 2012-07-07 15:34 . 2011-09-30 22:01 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe 2012-06-25 20:37 . 2012-04-06 03:33 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-06-25 20:37 . 2011-09-23 03:54 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-25 20:37 . 2012-04-06 03:41 9815752 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-06-08 20:10 . 2011-09-29 12:47 58288 ------w- c:\windows\SysWow64\rpcnet.exe 2012-06-04 17:42 . 2010-08-20 19:22 49592 ----a-w- c:\windows\SysWow64\pkgslv.exe 2012-06-04 17:42 . 2010-08-20 19:22 46008 ----a-w- c:\windows\SysWow64\pkgmgr.dll 2012-05-04 17:29 . 2012-05-19 21:37 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-05-04 17:29 . 2011-09-23 04:05 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-04-17 22:49 . 2012-04-17 22:49 4246016 ----a-w- c:\windows\system32\wlihvui.dll 2012-04-17 22:45 . 2012-04-17 22:45 2463744 ----a-w- c:\windows\system32\iwmssvc.dll 2012-04-17 14:11 . 2012-04-27 20:04 49152 ----a-w- c:\windows\system32\iolobtdfg.exe 2012-04-17 14:11 . 2012-04-27 20:04 17920 ----a-w- c:\windows\system32\smrgdf.exe 2012-04-17 13:37 . 2012-04-27 20:04 2154032 ----a-w- c:\windows\system32\Incinerator64.dll 2012-04-17 13:37 . 2012-04-27 20:04 2095816 ----a-w- c:\windows\SysWow64\Incinerator32.dll 2012-04-17 12:25 . 2012-04-27 20:03 69000 ----a-w- c:\windows\system32\offreg.dll 2012-04-17 12:25 . 2012-04-27 20:03 56200 ----a-w- c:\windows\SysWow64\offreg.dll 2012-04-17 12:25 . 2012-04-27 20:01 31432 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys . . ((((((((((((((((((((((((((((( SnapShot@2012-07-07_21.51.06 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-07-07 20:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-07-08 09:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-07-07 20:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-07-08 09:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-07-07 20:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-08 09:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-11-21 03:09 . 2012-07-08 09:12 56500 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-08 09:12 43664 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2011-09-29 13:23 . 2012-07-07 20:54 16610 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1941087755-3768846296-3944321467-1002_UserData.bin + 2011-09-29 13:23 . 2012-07-08 09:12 16610 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1941087755-3768846296-3944321467-1002_UserData.bin + 2009-07-14 04:46 . 2012-07-08 09:17 96928 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat - 2011-09-22 21:48 . 2012-07-07 16:01 3076 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat + 2011-09-22 21:48 . 2012-07-07 22:43 3076 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat + 2012-07-08 09:09 . 2012-07-08 09:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-07 16:26 . 2012-07-07 20:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-08 09:09 . 2012-07-08 09:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-07-07 16:26 . 2012-07-07 20:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-07-07 16:01 574540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-07-07 22:43 574540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 04:45 . 2012-06-25 20:35 7294510 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2009-07-14 04:45 . 2012-07-07 22:17 7294510 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2011-09-29 13:19 . 2012-07-07 22:13 13774236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1941087755-3768846296-3944321467-1002-8192.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2011-05-10 85672] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 KMService;KMService;c:\windows\system32\srvany.exe [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 250056] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-03-01 195584] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 36328] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496] R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 EMUXMIDI;E-MU Xmidi Driver;c:\windows\system32\DRIVERS\EMUXMIDI.sys [2009-12-04 257624] R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-05-17 34200] R3 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-04-17 1047336] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-07-22 175192] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-04-17 273168] R3 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 5352960] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-07 174184] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [2012-05-16 91848] R3 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944] R3 SW2SVC;SecureW2 Service;c:\program files (x86)\SecureW2\sw2_service.exe [2011-08-05 121224] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 SymDSMon;SymDSMon;c:\windows\system32\drivers\SymDSMon.sys [2010-11-30 191232] R3 SYMSpeedDisk;SYMSpeedDisk;c:\windows\system32\drivers\SymSpeedDisk.sys [2010-11-30 163384] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-30 1255736] R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672] R4 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2011-05-10 10920] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208] R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800] R4 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648] R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472] R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136] R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-11-04 28992] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616] S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-04-17 31432] S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488] S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2011-11-04 249152] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-01 659976] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-03-08 135952] S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056] S2 DiskDoctorService;Norton Disk Doctor Service;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2010-11-30 1029480] S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-04 2253120] S2 SpeedDiskService;Norton SpeedDisk Service;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2010-11-30 1037672] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-04-17 2671376] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-01 195584] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096] S3 cyhid;Cypress Input Device;c:\windows\system32\DRIVERS\cyhid.sys [2011-06-07 108032] S3 cykbfltrService;Cypress Keyboard Filter Driver;c:\windows\system32\DRIVERS\cykbfltr.sys [2011-05-26 11264] S3 cymfltrService;Cypress Trackpad Filter Driver;c:\windows\system32\DRIVERS\cymfltr.sys [2011-05-22 70656] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-05-17 25496] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544] S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\Netwsw00.sys [2012-03-12 11471872] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2011-05-17 42392] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2012-07-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 20:37] . 2012-07-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002Core.job - c:\users\Fuad Yusibov\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-01 11:34] . 2012-07-07 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002UA.job - c:\users\Fuad Yusibov\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-01 11:34] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002Core.job - c:\users\Fuad Yusibov\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 18:27] . 2012-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002UA.job - c:\users\Fuad Yusibov\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 18:27] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CyCpIo"="c:\program files\Cypress\TrackPad\CyCpIo.exe" [2011-05-20 2352640] "CyHidWin"="c:\program files\Cypress\TrackPad\CyHidWin.exe" [2011-05-26 2356224] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-10-18 7509096] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-10-14 2278504] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-11-04 540992] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = local IE: Add to Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 FF - ProfilePath - c:\users\Fuad Yusibov\AppData\Roaming\Mozilla\Firefox\Profiles\b0b8d2kd.default\ . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2012-07-08 11:57:11 ComboFix-quarantined-files.txt 2012-07-08 09:57 ComboFix2.txt 2012-07-07 22:05 . Pre-Run: 295.675.228.160 bytes beschikbaar Post-Run: 295.611.363.328 bytes beschikbaar . - - End Of File - - B3CD27F1D9B1D80463099213326E6976
  7. Hierbij de inhoud van het logbestand: ComboFix 12-07-07.04 - Fuad Yusibov 07-07-2012 23:42:07.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3990.2089 [GMT 2:00] Gestart vanuit: C:\Users\Fuad Yusibov\Desktop\ComboFix.exe AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF} SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files (x86)\StartSearch plugin C:\Program Files (x86)\StartSearch plugin\IEhelperActiveX.dll C:\Program Files (x86)\StartSearch plugin\StartBar.dll C:\Program Files (x86)\StartSearch plugin\uninst.exe C:\Program Files (x86)\StartSearch plugin\vshareplg.crx C:\ProgramData\Roaming C:\Users\Fuad Yusibov\AppData\Local\TempDIR C:\Windows\SysWow64\muzapp.exe C:\Windows\SysWOW64mfc45.dll (((((((((((((((((((( Bestanden Gemaakt van 2012-06-07 to 2012-07-07 )))))))))))))))))))))))))))))) 2012-07-07 21:50:44 . 2012-07-07 21:50:44 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp 2012-07-07 21:50:44 . 2012-07-07 21:50:44 -------- d-----w- C:\Users\Default\AppData\Local\temp 2012-07-07 21:35:40 . 2012-05-04 11:00:43 366592 ----a-w- C:\Windows\system32\qdvd.dll 2012-07-07 21:35:40 . 2012-05-04 09:59:54 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-07-07 19:30:53 . 2012-07-07 19:35:52 -------- d-----w- C:\ProgramData\PCPitstop 2012-07-07 19:30:52 . 2012-07-07 19:30:56 -------- d-----w- C:\Program Files (x86)\PCPitstop 2012-07-07 15:50:42 . 2012-07-07 15:50:42 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery 2012-07-06 08:08:37 . 2012-06-18 01:12:50 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8DACD813-DD1B-4E96-90B5-17A5F902C6F9}\mpengine.dll 2012-07-05 16:21:38 . 2012-07-05 16:26:29 -------- d-----w- C:\Users\Fuad Yusibov\AppData\Roaming\Norton Utilities 2012-06-29 15:49:11 . 2012-06-29 15:49:11 -------- d-----w- C:\Users\Fuad Yusibov\AppData\Roaming\Quantitative Micro Software 2012-06-29 15:48:26 . 2001-09-04 23:14:42 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll 2012-06-29 15:48:26 . 2001-09-04 23:13:42 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll 2012-06-29 15:48:26 . 2001-09-04 22:18:34 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\IScript.dll 2012-06-29 15:48:25 . 2001-09-04 23:18:52 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll 2012-06-29 15:47:50 . 2003-10-29 09:00:14 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe 2012-06-26 10:26:36 . 2012-06-26 10:26:36 -------- d-----w- C:\Users\Fuad Yusibov\AppData\Roaming\Malwarebytes 2012-06-26 10:26:14 . 2012-06-26 10:26:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-26 10:26:14 . 2012-06-26 10:26:14 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-26 10:26:14 . 2012-04-04 13:56:40 24904 ----a-w- C:\Windows\system32\drivers\mbam.sys 2012-06-25 22:38:28 . 2012-06-25 22:38:28 388096 ----a-r- C:\Users\Fuad Yusibov\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-06-25 22:38:28 . 2012-06-25 22:38:28 -------- d-----w- C:\Program Files (x86)\Trend Micro 2012-06-25 21:19:27 . 2012-06-25 21:19:27 -------- d-----w- C:\Program Files (x86)\Common Files\Java 2012-06-25 21:19:00 . 2012-06-25 21:19:00 -------- d-----w- C:\Program Files (x86)\Oracle 2012-06-25 21:16:51 . 2012-06-25 21:16:51 -------- d-----w- C:\Program Files (x86)\Java 2012-06-25 20:35:37 . 2012-07-06 08:24:34 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2012-06-25 20:00:51 . 2012-06-25 20:00:51 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab 2012-06-25 17:27:28 . 2012-06-25 17:27:28 -------- d-----w- C:\Users\Fuad Yusibov\AppData\Roaming\Macrovision 2012-06-25 17:02:57 . 2012-06-02 22:19:43 2428952 ----a-w- C:\Windows\system32\wuaueng.dll 2012-06-25 17:02:57 . 2012-06-02 22:19:42 57880 ----a-w- C:\Windows\system32\wuauclt.exe 2012-06-25 17:02:57 . 2012-06-02 22:19:42 44056 ----a-w- C:\Windows\system32\wups2.dll 2012-06-25 17:02:57 . 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\system32\wucltux.dll 2012-06-25 17:02:42 . 2012-06-02 22:19:46 38424 ----a-w- C:\Windows\system32\wups.dll 2012-06-25 17:02:42 . 2012-06-02 22:19:23 701976 ----a-w- C:\Windows\system32\wuapi.dll 2012-06-25 17:02:42 . 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\system32\wudriver.dll 2012-06-25 17:02:30 . 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\system32\wuwebv.dll 2012-06-25 17:02:30 . 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\system32\wuapp.exe 2012-06-23 13:51:12 . 2012-06-23 13:51:12 -------- d-----w- C:\Users\Fuad Yusibov\AppData\Roaming\Leadertech 2012-06-23 13:49:46 . 2012-06-25 11:54:27 -------- d-----w- C:\ProgramData\Logishrd 2012-06-23 13:49:14 . 2012-06-23 13:51:16 -------- d-----w- C:\Users\Fuad Yusibov\AppData\Roaming\Logitech 2012-06-23 13:49:14 . 2012-06-23 13:49:23 -------- d-----w- C:\Users\Fuad Yusibov\AppData\Roaming\Logishrd 2012-06-21 19:23:12 . 2012-06-21 19:23:12 -------- d-----w- C:\ProgramData\Quantitative Micro Software 2012-06-21 19:23:02 . 2012-07-04 13:41:17 -------- d-----w- C:\Program Files (x86)\EViews7 2012-06-19 15:35:14 . 2012-06-19 15:35:14 4967624 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-15 20:31:11 . 2012-06-15 20:31:12 -------- d-----w- C:\Program Files\Recuva 2012-06-13 16:01:20 . 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\system32\rdpwsx.dll 2012-06-09 09:46:22 . 2012-06-09 09:46:22 -------- d-----w- C:\Users\Fuad Yusibov\AppData\Local\Macromedia 2012-06-08 20:10:15 . 2012-06-08 20:10:21 13160 ----a-w- C:\Windows\SysWow64\Upgrd.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-07-07 20:53:09 . 2011-09-30 22:01:03 17920 ----a-w- C:\Windows\system32\rpcnetp.exe 2012-07-07 20:53:07 . 2011-09-29 12:47:48 58288 ----a-w- C:\Windows\SysWow64\rpcnet.dll 2012-07-07 15:35:51 . 2011-09-30 22:02:15 17920 ----a-w- C:\Windows\SysWow64\rpcnetp.dll 2012-07-07 15:34:37 . 2011-09-30 22:01:03 17920 ----a-w- C:\Windows\SysWow64\rpcnetp.exe 2012-06-25 20:37:19 . 2012-04-06 03:33:18 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-25 20:37:19 . 2011-09-23 03:54:17 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-25 20:37:03 . 2012-04-06 03:41:16 9815752 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-06-08 20:10:14 . 2011-09-29 12:47:30 58288 ------w- C:\Windows\SysWow64\rpcnet.exe 2012-06-04 17:42:57 . 2010-08-20 19:22:27 49592 ----a-w- C:\Windows\SysWow64\pkgslv.exe 2012-06-04 17:42:56 . 2010-08-20 19:22:27 46008 ----a-w- C:\Windows\SysWow64\pkgmgr.dll 2012-05-04 17:29:22 . 2012-05-19 21:37:56 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-05-04 17:29:16 . 2011-09-23 04:05:19 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-04-17 22:49:26 . 2012-04-17 22:49:26 4246016 ----a-w- C:\Windows\system32\wlihvui.dll 2012-04-17 22:45:22 . 2012-04-17 22:45:22 2463744 ----a-w- C:\Windows\system32\iwmssvc.dll 2012-04-17 14:11:54 . 2012-04-27 20:04:00 49152 ----a-w- C:\Windows\system32\iolobtdfg.exe 2012-04-17 14:11:38 . 2012-04-27 20:04:00 17920 ----a-w- C:\Windows\system32\smrgdf.exe 2012-04-17 13:37:06 . 2012-04-27 20:04:01 2154032 ----a-w- C:\Windows\system32\Incinerator64.dll 2012-04-17 13:37:02 . 2012-04-27 20:04:00 2095816 ----a-w- C:\Windows\SysWow64\Incinerator32.dll 2012-04-17 12:25:12 . 2012-04-27 20:03:59 69000 ----a-w- C:\Windows\system32\offreg.dll 2012-04-17 12:25:12 . 2012-04-27 20:03:59 56200 ----a-w- C:\Windows\SysWow64\offreg.dll 2012-04-17 12:25:02 . 2012-04-27 20:01:03 31432 ----a-w- C:\Windows\system32\drivers\ElRawDsk.sys ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Absolute Notifier"="C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2011-05-10 11:37:30 85672] "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 21:15:02 202296] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\Windows\SysWOW64\nvinit.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 20:34:06 991296] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 13:27:14 138576] R2 KMService;KMService;C:\Windows\system32\srvany.exe [x] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-04-17 23:20:50 2671376] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 20:37:20 250056] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys [2012-03-01 14:55:26 195584] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys [2011-12-08 04:22:28 36328] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 20:34:04 1298496] R3 btmaudio;Intel Bluetooth Audio Service;C:\Windows\system32\drivers\btmaud.sys [x] R3 cpuz135;cpuz135;C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 EMUXMIDI;E-MU Xmidi Driver;C:\Windows\system32\DRIVERS\EMUXMIDI.sys [2009-12-04 07:56:12 257624] R3 gupdatem;Google Update-service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38:10 116648] R3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys [2010-02-27 15:32:14 158976] R3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys [2011-05-17 14:27:50 34200] R3 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-04-17 13:30:36 1047336] R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys [2011-07-22 10:28:38 175192] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 16:51:12 30963576] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-04-17 23:20:42 273168] R3 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 15:37:16 5352960] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys [2011-07-07 23:21:28 174184] R3 PCPitstop Scheduling;PCPitstop Scheduling;C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [2012-05-16 14:28:54 91848] R3 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 10:34:18 219632] R3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 17:12:14 160944] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys [2011-12-08 04:22:28 157672] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 04:22:28 16872] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 04:22:28 177640] R3 SW2SVC;SecureW2 Service;C:\Program Files (x86)\SecureW2\sw2_service.exe [2011-08-05 10:51:18 121224] R3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 12:37:14 517096] R3 SymDSMon;SymDSMon;C:\Windows\system32\drivers\SymDSMon.sys [2010-11-30 00:24:02 191232] R3 SYMSpeedDisk;SYMSpeedDisk;C:\Windows\system32\drivers\SymSpeedDisk.sys [2010-11-30 00:24:02 163384] R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 03:24:33 59392] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 03:23:47 31232] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 20:00:56 149504] R3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-30 13:34:19 1255736] R4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 23:38:04 140672] R4 AbsoluteNotifier;Absolute Notifier;C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2011-05-10 11:37:32 10920] R4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 13:10:42 63928] R4 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 17:14:26 98208] R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 16:10:02 3276800] R4 gupdate;Google Update-service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38:10 116648] R4 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 22:17:46 113120] R4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-07-22 12:26:40 690472] R4 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 10:33:18 1116656] R4 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 15:32:30 3048136] R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 11:24:06 381248] R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 23:10:10 57184] S0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-11-04 03:19:00 28992] S0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 08:00:00 55856] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 09:05:12 21616] S1 ElRawDisk;ElRawDisk;C:\Windows\system32\drivers\ElRawDsk.sys [2012-04-17 12:25:02 31432] S1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys [2011-03-04 11:23:28 11864] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2011-03-10 16:36:24 29488] S1 nvkflt;nvkflt;C:\Windows\system32\DRIVERS\nvkflt.sys [2011-11-04 03:19:00 249152] S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 16:26:56 14928] S1 SAS***IL;SAS***IL;C:\Program Files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 21:55:18 12368] S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 00:07:22 59904] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-01 15:35:24 659976] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 20:33:30 901184] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-03-08 16:19:40 135952] S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 12:33:06 173056] S2 DiskDoctorService;Norton Disk Doctor Service;C:\Program Files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2010-11-30 00:23:44 1029480] S2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 22:09:10 1253376] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 14:12:52 13592] S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-04 03:19:00 2253120] S2 SpeedDiskService;Norton SpeedDisk Service;C:\Program Files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2010-11-30 00:23:56 1037672] S2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 20:00:04 16120] S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 23:24:38 2656280] S3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 17:34:14 27760] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-01 14:55:26 195584] S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys [2011-01-24 07:24:52 58128] S3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys [2011-11-15 05:13:00 327168] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 16:20:46 176096] S3 cyhid;Cypress Input Device;C:\Windows\system32\DRIVERS\cyhid.sys [2011-06-07 15:16:56 108032] S3 cykbfltrService;Cypress Keyboard Filter Driver;C:\Windows\system32\DRIVERS\cykbfltr.sys [2011-05-26 01:44:48 11264] S3 cymfltrService;Cypress Trackpad Filter Driver;C:\Windows\system32\DRIVERS\cymfltr.sys [2011-05-22 21:05:02 70656] S3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 23:45:00 60416] S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 00:28:18 317440] S3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys [2011-05-17 14:27:52 25496] S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 18:27:10 22544] S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 22:49:18 104048] S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 07:46:00 27136] S3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 00:34:26 56344] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-03-12 18:06:46 11471872] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 08:57:38 96768] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 08:57:38 213504] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 19:34:24 4925184] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 00:07:28 17920] S3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys [2011-05-17 14:27:54 42392] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Inhoud van de 'Gedeelde Taken' map 2012-07-07 C:\Windows\Tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 03:33:18 . 2012-06-25 20:37:20] 2011-11-27 C:\Windows\Tasks\AutoKMSCustom.job - C:\Windows\AutoKMS\AutoKMS.exe [2011-11-27 19:19:55 . 2011-11-27 19:21:26] 2012-07-06 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002Core.job - C:\Users\Fuad Yusibov\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-01 11:34:21 . 2012-01-01 11:34:18] 2012-07-07 C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002UA.job - C:\Users\Fuad Yusibov\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-01 11:34:21 . 2012-01-01 11:34:18] 2012-07-07 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38:13 . 2012-04-24 18:38:10] 2012-07-07 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38:13 . 2012-04-24 18:38:10] 2012-07-06 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002Core.job - C:\Users\Fuad Yusibov\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 18:27:55 . 2011-09-29 18:27:54] 2012-07-07 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002UA.job - C:\Users\Fuad Yusibov\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 18:27:55 . 2011-09-29 18:27:54] --------- X64 Entries ----------- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-06-20 17:02:32 755224 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-06-20 17:02:32 755224 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-06-20 17:02:32 755224 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-06-20 17:02:32 755224 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CyCpIo"="C:\Program Files\Cypress\TrackPad\CyCpIo.exe" [2011-05-20 22:01:08 2352640] "CyHidWin"="C:\Program Files\Cypress\TrackPad\CyHidWin.exe" [2011-05-26 03:00:48 2356224] "FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 15:25:22 686704] "QuickSet"="c:\Program Files\Dell\QuickSet\QuickSet.exe" [2011-07-13 00:57:36 4146848] "IntelTBRunOnce"="wscript.exe" [2009-07-14 01:39:57 168960] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-10-18 13:17:52 7509096] "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [2011-10-14 13:47:50 2278504] "NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2011-11-04 03:19:00 540992] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=C:\Windows\System32\nvinitx.dll ------- Bijkomende Scan ------- uInternet Settings,ProxyOverride = local IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm TCP: DhcpNameServer = 213.46.228.196 62.179.104.196 FF - ProfilePath - C:\Users\Fuad Yusibov\AppData\Roaming\Mozilla\Firefox\Profiles\b0b8d2kd.default\ FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1 ------- Bestandsassociaties ------- JSEFile=NOTEPAD.EXE %1 - - - - ORPHANS VERWIJDERD - - - - Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-TaskTray - (no file) Toolbar-Locked - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) AddRemove-LiveVDO plugin - C:\Program Files (x86)\StartSearch plugin\uninst.exe
  8. Mijn excuses, door mijn scriptie heb ik geen tijd gehad om combofix uit te voeren. Ik zal dit zo snel mogelijk doen en hierop posten. Nogmaals bedankt dat u meedenkt.
  9. Nee, ik had Office ook aangeschaft, op onze andere laptop. We hadden betaald voor zo'n voorgeinstalleerde versie, maar na een herinstallatie hadden we geen code meer om te activeren (bellen met de leverancier hielp ook niet). Ik had geen zin om twee keer te betalen voor hetzelfde product. Als we de sleutel nog hadden, had ik office ook op deze laptop legaal geinstalleerd (zo'n sleutel werkt toch voor meerdere pc's?). Het is weliswaar niet legaal, maar ik vind het ook niet oneerlijk wat ik heb gedaan. Maar goed, dat ding stond hier al een half jaar op, kan het zo zijn dat ie nu besluit om kwaadaardig te zijn?
  10. Allereerst bedankt, kape. Blijkbaar kunnen SuperAntiSpyware en Kaspersky ook niet alles vinden, MBAM vond er ook een paar: Malwarebytes Anti-Malware 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Databaseversie: v2012.06.26.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Fuad Yusibov :: ABSTERGO [administrator] 26-6-2012 12:27:33 mbam-log-2012-06-26 (12-27-33).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 234379 Verstreken tijd: 3 minuut/minuten, 30 seconde(n) Geheugenprocessen gedetecteerd: 1 C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 2584 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 14 HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 2 HKCR\scrfile\shell\open\command| (Broken.OpenCommand) -> Slecht: (NOTEPAD.EXE %1) Goed: ("%1" /S) -> Succesvol in quarantaine geplaatst en gerepareerd. HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Slecht: (NOTEPAD.EXE %1) Goed: (regedit.exe "%1") -> Succesvol in quarantaine geplaatst en gerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll (PUP.VShareRedir) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:44:36, on 26-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1941087755-3768846296-3944321467-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1941087755-3768846296-3944321467-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: SecureW2 Service (SW2SVC) - SecureW2 B.V. - C:\Program Files (x86)\SecureW2\sw2_service.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 14116 bytes
  11. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:42:13, on 26-6-2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Fuad Yusibov\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = wuulo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = wuulo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [Absolute Notifier] "C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1941087755-3768846296-3944321467-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1941087755-3768846296-3944321467-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: SecureW2 Service (SW2SVC) - SecureW2 B.V. - C:\Program Files (x86)\SecureW2\sw2_service.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 14692 bytes
  12. Bedankt voor je reactie, Sascha. Ik heb op beide modi twee browsers geprobeerd, Firefox en Chrome. ---------- Post toegevoegd om 23:12 ---------- Vorige post was om 23:12 ---------- Ik ga het gelijk proberen! Bedankt voor de moeite, in ieder geval!
  13. Beste mensen, ik hoop dat jullie me hierbij kunnen helpen. Ik heb nog even rondgekeken op deze website maar heb hierover niets kunnen vinden (of ben ik zo blind?). Het probleem bij mij is dat het internet een paar dagen geleden besloot om supertraag te zijn. Fysiek is er niets veranderd, noch aan de laptop, noch aan de router. Er is geen probleem met de drivers, de netwerkkaart bleek goed te werken toen de snelheid getest werd op veilige modus. Maar om de een of andere reden als ik windows normaal opstart is er van die snelheid weinig te merken. Ik heb geprobeerd zoveel mogelijk opstartprocessen en services uit te vinken (om een beetje safe mode na te bootsen), heb wat programma's verwijderd, laptop gescand op virussen en malware, alles geupdatet, maar niets helpt. Antivirus uit, firewall uit, niet geholpen. En als dat niet genoeg was werkt systeemherstel voor geen meter (ook niet op safe mode of vanuit een hersteldvd). Ik wil een herinstallatie van mijn Windows 7 vermijden, dus wie o wie kan me hierbij helpen? Het betreft een dell xps 15z laptop, nog geen half jaar oud. Aan hun techsupport heb ik ook niet veel gehad. Bij voorbaat dank! P.S. Om nog preciezer te zijn: uploaden doet ie al bijna helemaal niet, en downloaden gaat met pieken en dalen (varieert tussen 50 en 12 mpbs)
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.