Frascaline

Microsoft komt met een foutmelding als ik mijn product key invoer. Ik kan hier dus niets downloaden. Wellicht dus toch een niet legitieme versie van Windows... Ondertussen ben ik aan het kijken voor een nieuwe PC en wanneer deze up and running is ga ik deze laptop even helemaal schoonmaken. Weg met die puinhoop. Goed om te horen dat de hardware in ieder geval nog goed is en dan kan ik deze laptop als backup blijven gebruiken. Bedankt voor jullie snelle en deskundige hulp. Wordt erg gewaardeerd!

Thanks! Ik heb deze laptop een aantal jaar geleden custom laten maken bij BTO. Het moederbord is een aantal maanden al vervangen, wat ik eigenlijk wel snel vond. Jouw conclusie is waar ik al bang voor was. Ik zit er toch al aan te denken te investeren in een goede pc die ik wil samenstellen met mensen die er verstand van hebben. Is het nog de moeite waard om veel te gaan klooien met deze laptop? Tijd eraan besteden vind ik niet erg; geld hierin investeren lijkt mij wel zonde. Mijn Windows komt van een vriend van mij. Gezien ik geen serial bij mij zie staan en wel in jouw voorbeeld, neig ik te denken dat mijn versie van Windows niet helemaal legaal is dan? Is dit te checken? Ik heb namelijk voor zover ik weet nergens een serial, maar heb hiermee nooit problemen met Windows zelf gehad. Hier een screenshot van de test:

Top. Ik heb het programma laten lopen. Dit is wat eruit kwam: http://speccy.piriform.com/results/B7M7rKoaZbIGfziWddyIatE

Hier nog een CBS-log bijgevoegd. CBS.log

Heee! Na wat dagen aan het aanklooien geweest te zijn met mijn PC kom ik er maar niet uit en heb ik besloten hier een account aan te maken. Hopelijk kunnen jullie mij uit de brand helpen! Sinds ruim een week doet mijn pc 'raar'. Enkele programma's starten niet meer (normaal) op, Windows updates lopen vast, ik had last van BSODs (verholpen na het verwijderen van Malwarebytes), random foutmeldingen dat een installatie/programma het niet doet... Veel (danwel niet alles) van deze fouten verwijzen naar het register of corrupte .dll bestanden. Ik vermoed zelf dat het misschien komt omdat ik wel eens programma's heb gebruikt die je register 'schoonmaken' zoals CCleaner en TuneUp. De afgelopen dagen heb ik verschillende scans laten lopen door Malwarebytes, Kaspersky en HitmanPro. Er werden bepaalde dingen gevonden en verwijderd/gerepareerd, maar mijn laptop is nog steeds in zo goed als dezelfde staat. Wellicht dus corrupte/missende .dll bestanden of rotzooi in mijn register? Gezien ik niet alles 'kwijt' wil zijn, leek mij een Repair Install een goede optie. Ik heb eens geprobeerd om vanaf een Windows 7 Ultimate .iso deze repair install te doen. Deze .iso is dezelfde als waar ik mijn laptop 2-3 jaar terug mee heb geïnstalleerd (64-bit). Hij geeft echter twee foutmeldingen: You can’t upgrade 64-bit Windows to a 32-bit version of Windows. To upgrade, obtain a 64-bit version of the installation disc, or go online to see how to install Windows 7 and keep your files and settings. 32-bit Windows cannot be upgraded to a 64-bit version of Windows. To upgrade, obtain a 32-bit version of the Windows installation disc. Die repair install vanaf USB/.iso werkt dus ook niet helaas. Wat voorbeelden van problemen die maar langs blijven komen: - Verschillende error codes als ik bepaalde Windows updates wil doen (80070490, 80070103). Sommige updates doen het wel. - Mijn NVIDIA service staat uit voor opstarten, anders blijft mijn cursos maar doen alsof hij aan het laden is. Updaten van NVIDIA werkt ook niet, omdat hij zegt dat ik verschillende componenten niet heb (waaronder Microsoft .NET Framework 4.0 (deze wilde niet installeren, 4.5 wel), een Graphics Driver, een HD Audio Driver, etc..) - Microsoft FixIt 50528 stopt halverwege en fixt dus niets. - Het terugkeren naar een systeemherstelpunt was niet mogelijk. De errorcode weet ik niet meer. - Soms duurt het ineens erg lang om bepaalde websites te laden. Hier had ik normaal geen last van en de internetverbinding is stabiel/snel. - Ik had tijdelijk even een andere user account aangemaakt (volgens instructies betreffende een foutmelding), maar krijg deze niet meer verwijderd. Op zich werkt de laptop wel weer, loopt hij niet vast en heb ik geen BSODs. Alle foutmeldingen zijn gewoon erg irritant en ik weet niet wat er allemaal op de achtergrond mis is of wat dit voor problemen in de toekomst zal geven. Daarnaast wil ik natuurlijk zonder problemen updates en nieuwe programma's installeren of verwijderen. Graag hoor ik van jullie of er nog dingen zijn die ik kan doen. Ik heb alvast - omdat ik dat in een andere thread had gelezen - een log van HijackThis en Combofix bijgevoegd. Thanks alvast! Sven HIJACKTHIS Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 12:30:46, on 22-5-2015 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16476) FIREFOX: 7.0.1 (nl) Boot mode: Normal Running processes: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe D:\Program Files\Evaer\videochannel.exe C:\Users\Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe D:\Users\Sven\Downloads\HijackThis.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - (no file) O2 - BHO: ContentBlockerBrowserHelperObject - {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll O2 - BHO: WsSVRIEHelper - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - D:\Program Files\Video Converter Ultimate\SVRIEPlugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: VirtualKeyboardBrowserHelperObject - {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O2 - BHO: Safe Money Plugin - {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file) O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6376B5EE50201B8D362125E4D5560106] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [avichannel] "D:\Program Files\Evaer\videochannel.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "D:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-1064782982-1118823552-3666715274-1000\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (User '?') O4 - HKUS\S-1-5-21-1064782982-1118823552-3666715274-1000\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?') O4 - HKUS\S-1-5-18\..\Run: [bitdefender Wallet Agent] "D:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User '?') O4 - HKUS\.DEFAULT\..\Run: [bitdefender Wallet Agent] "D:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'Default user') O4 - S-1-5-21-1064782982-1118823552-3666715274-1000 Startup: Dropbox.lnk = Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?') O4 - Startup: Dropbox.lnk = Sven\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: Virtual Keyboard - {09A10376-994C-4BBF-9121-F50CF7BA237E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - (no file) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2FABD380-C437-4D99-B898-CF04C7DCE249}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Kaspersky Anti-Virus Service 15.0.1 (AVP15.0.1) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Kaspersky Security Scan Service (kss) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 13966 bytes COMBOFIX ComboFix 15-05-19.01 - Sven 22-05-2015 13:03:16.1.8 - x64 Running from: d:\users\Sven\Desktop\ComboFix.exe * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\1411736474.bdinstall.bin c:\programdata\1431935797.bdinstall.bin c:\programdata\ntuser.pol c:\programdata\Roaming . . ((((((((((((((((((((((((( Files Created from 2015-04-22 to 2015-05-22 ))))))))))))))))))))))))))))))) . . 2015-05-22 11:14 . 2015-05-22 11:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-05-22 10:42 . 2015-05-22 10:42 -------- d-----w- C:\e1a3fe9f727a01363ce6 2015-05-22 10:18 . 2015-05-22 10:18 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{669DBE04-9B56-4E33-9A4C-36FA222CA880}\offreg.3320.dll 2015-05-22 10:18 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{669DBE04-9B56-4E33-9A4C-36FA222CA880}\mpengine.dll 2015-05-22 09:51 . 2015-05-22 09:51 -------- d-----w- c:\windows\system32\EventProviders 2015-05-22 09:25 . 2015-05-22 09:25 -------- d-----w- c:\users\Sven\AppData\Local\Microsoft Corporation 2015-05-22 09:25 . 2015-05-22 09:25 -------- d-----w- c:\program files (x86)\Microsoft Windows 7 Upgrade Advisor 2015-05-21 14:27 . 2012-07-06 19:58 552448 ----a-w- c:\windows\system32\drivers\bthport.sys 2015-05-21 14:18 . 2015-05-22 10:00 -------- d-----w- c:\windows\system32\catroot2 2015-05-21 14:04 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2015-05-21 14:04 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2015-05-21 14:04 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys 2015-05-21 14:04 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys 2015-05-21 14:04 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2015-05-21 14:04 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2015-05-21 14:04 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys 2015-05-21 14:04 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2015-05-21 14:04 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2015-05-21 13:58 . 2015-05-21 13:58 -------- d-----w- c:\program files\Microsoft Silverlight 2015-05-21 13:58 . 2015-05-21 13:58 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2015-05-21 13:56 . 2015-05-21 13:56 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET 2015-05-19 12:40 . 2015-05-19 12:40 -------- d-----w- c:\windows\Migration 2015-05-19 11:45 . 2015-05-19 11:45 -------- d-----w- c:\program files (x86)\Common Files\Java 2015-05-19 11:44 . 2015-05-19 11:49 -------- d-----w- C:\MATS 2015-05-19 11:15 . 2015-05-13 15:11 922704 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2015-05-19 11:15 . 2015-05-13 15:10 128592 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2015-05-18 21:34 . 2015-05-18 21:34 12872 ----a-w- c:\windows\system32\bootdelete.exe 2015-05-18 20:07 . 2009-10-24 07:41 224840 ----a-w- c:\windows\system32\drivers\msiscsi.sys 2015-05-18 14:10 . 2015-05-18 14:10 -------- d-----w- c:\programdata\Intel.sav 2015-05-18 14:09 . 2015-05-18 14:09 -------- d-----w- c:\programdata\IntelDLM 2015-05-18 14:08 . 2015-05-18 14:08 -------- d-----w- c:\users\Sven\AppData\Local\Intel 2015-05-18 14:07 . 2015-05-18 14:07 -------- d-----w- c:\program files (x86)\Intel Driver Update Utility 2015-05-18 13:55 . 2015-05-18 13:55 -------- d-----w- C:\Spacekace 2015-05-18 08:02 . 2013-05-06 07:13 110176 ----a-w- c:\windows\system32\klfphc.dll 2015-05-18 08:02 . 2015-05-18 08:02 -------- d-----w- c:\windows\ELAMBKUP 2015-05-18 08:01 . 2014-08-12 16:33 246456 ----a-w- c:\windows\system32\drivers\klhk.sys 2015-05-18 07:21 . 2015-05-18 08:03 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files 2015-05-18 07:10 . 2015-05-18 20:19 -------- d-----w- c:\program files (x86)\Kaspersky Lab 2015-05-16 22:24 . 2015-05-16 22:24 -------- d-----w- c:\programdata\bdch 2015-05-16 12:53 . 2015-05-16 12:53 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2015-05-16 12:15 . 2015-05-16 12:15 -------- d-----w- c:\programdata\TweakBit 2015-05-16 12:15 . 2015-05-18 20:21 -------- d-----w- c:\program files (x86)\TweakBit 2015-05-16 11:12 . 2015-05-16 11:12 -------- d-----w- c:\program files\Western Digital 2015-05-16 11:08 . 2015-05-16 11:08 -------- d-----w- c:\program files\DIFX 2015-05-16 11:08 . 2015-05-16 11:08 -------- d-----w- c:\program files\WDCSAM 2015-05-16 10:28 . 2015-05-22 10:18 -------- d-----w- c:\users\Sven\AppData\Local\ElevatedDiagnostics 2015-05-16 09:40 . 2015-05-16 09:40 -------- d-----w- c:\windows\CheckSur 2015-05-15 19:47 . 2015-05-15 19:47 -------- d-----w- c:\windows\system32\appmgmt 2015-05-13 15:10 . 2015-05-13 15:10 141440 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2015-05-13 15:10 . 2015-05-13 15:10 204264 ------w- c:\windows\system32\VBoxNetFltNobj.dll 2015-05-13 11:54 . 2015-05-16 12:48 -------- d-----w- c:\users\Sven\AppData\Roaming\Updater 2015-05-07 18:52 . 2015-05-07 18:52 -------- d-----w- c:\program files\Microsoft Office . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-05-19 11:51 . 2014-02-28 23:49 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2015-05-18 08:16 . 2014-08-20 16:04 819896 ----a-w- c:\windows\system32\drivers\klif.sys 2015-05-18 08:16 . 2014-08-13 17:34 77512 ----a-w- c:\windows\system32\drivers\klwtp.sys 2015-05-18 08:16 . 2014-08-18 12:43 150536 ----a-w- c:\windows\system32\drivers\klflt.sys 2015-05-16 10:33 . 2012-07-09 19:18 3860992 ----a-w- c:\windows\system32\UIRibbon.dll 2015-05-15 19:18 . 2012-04-05 14:31 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-05-15 19:18 . 2011-11-02 23:16 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-05-13 11:07 . 2011-11-02 23:25 140425016 ----a-w- c:\windows\system32\MRT.exe 2015-03-29 12:33 . 2011-11-10 18:11 348672 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2015-03-29 12:33 . 2011-11-10 18:02 348672 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2015-03-29 12:33 . 2011-11-10 18:02 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2015-03-28 03:44 . 2014-07-01 11:47 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2015-03-28 03:44 . 2013-12-06 17:10 1316000 ----a-w- c:\windows\SysWow64\nvspcap.dll 2015-03-28 03:43 . 2014-07-01 11:47 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll 2015-03-28 03:43 . 2013-12-06 17:10 1570672 ----a-w- c:\windows\system32\nvspcap64.dll 2015-03-13 19:41 . 2015-03-22 15:47 970384 ----a-w- c:\windows\system32\NvIFR64.dll 2015-03-13 19:41 . 2015-03-22 15:47 944784 ----a-w- c:\windows\system32\NvFBC64.dll 2015-03-13 19:41 . 2015-03-22 15:47 930448 ----a-w- c:\windows\SysWow64\NvIFR.dll 2015-03-13 19:41 . 2015-03-22 15:47 909512 ----a-w- c:\windows\SysWow64\NvFBC.dll 2015-03-13 19:41 . 2015-03-22 15:47 3611792 ----a-w- c:\windows\system32\nvcuvid.dll 2015-03-13 19:41 . 2015-03-22 15:47 354112 ----a-w- c:\windows\system32\nvoglshim64.dll 2015-03-13 19:41 . 2015-03-22 15:47 3249352 ----a-w- c:\windows\SysWow64\nvcuvid.dll 2015-03-13 19:41 . 2015-03-22 15:47 32456 ----a-w- c:\windows\system32\drivers\nvpciflt.sys 2015-03-13 19:41 . 2015-03-22 15:47 32114888 ----a-w- c:\windows\system32\nvoglv64.dll 2015-03-13 19:41 . 2015-03-22 15:47 306208 ----a-w- c:\windows\SysWow64\nvoglshim32.dll 2015-03-13 19:41 . 2015-03-22 15:47 2906928 ----a-w- c:\windows\SysWow64\nvapi.dll 2015-03-13 19:41 . 2015-03-22 15:47 25460880 ----a-w- c:\windows\system32\nvcompiler.dll 2015-03-13 19:41 . 2015-03-22 15:47 24775368 ----a-w- c:\windows\SysWow64\nvoglv32.dll 2015-03-13 19:41 . 2015-03-22 15:47 20466376 ----a-w- c:\windows\SysWow64\nvcompiler.dll 2015-03-13 19:41 . 2015-03-22 15:47 1896136 ----a-w- c:\windows\system32\nvdispco6434788.dll 2015-03-13 19:41 . 2015-03-22 15:47 18580512 ----a-w- c:\windows\system32\nvwgf2umx.dll 2015-03-13 19:41 . 2015-03-22 15:47 17258024 ----a-w- c:\windows\system32\nvd3dumx.dll 2015-03-13 19:41 . 2015-03-22 15:47 16022016 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2015-03-13 19:41 . 2015-03-22 15:47 1557648 ----a-w- c:\windows\system32\nvdispgenco6434788.dll 2015-03-13 19:41 . 2015-03-22 15:47 13297144 ----a-w- c:\windows\system32\nvopencl.dll 2015-03-13 19:41 . 2015-03-22 15:47 13210080 ----a-w- c:\windows\system32\nvcuda.dll 2015-03-13 19:41 . 2015-03-22 15:47 10775080 ----a-w- c:\windows\SysWow64\nvopencl.dll 2015-03-13 19:41 . 2015-03-22 15:47 10715864 ----a-w- c:\windows\SysWow64\nvcuda.dll 2015-03-13 19:41 . 2015-03-22 15:47 10262160 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2015-03-13 19:41 . 2015-01-17 14:32 14121624 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2015-03-13 19:41 . 2013-10-08 16:11 878328 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2015-03-13 19:41 . 2012-12-05 09:14 997856 ----a-w- c:\windows\system32\nvumdshimx.dll 2015-03-13 19:41 . 2012-12-05 09:14 3303448 ----a-w- c:\windows\system32\nvapi64.dll 2015-03-13 19:41 . 2012-12-05 09:14 178512 ----a-w- c:\windows\system32\nvinitx.dll 2015-03-13 19:41 . 2012-12-05 09:14 164568 ----a-w- c:\windows\SysWow64\nvinit.dll 2015-03-13 16:16 . 2012-12-05 09:18 6861968 ----a-w- c:\windows\system32\nvcpl.dll 2015-03-13 16:16 . 2012-12-05 09:18 3526856 ----a-w- c:\windows\system32\nvsvc64.dll 2015-03-13 16:16 . 2012-12-05 09:18 935056 ----a-w- c:\windows\system32\nvvsvc.exe 2015-03-13 16:16 . 2012-12-05 09:18 75976 ----a-w- c:\windows\system32\nv3dappshextr.dll 2015-03-13 16:16 . 2012-12-05 09:18 62608 ----a-w- c:\windows\system32\nvshext.dll 2015-03-13 16:16 . 2012-12-05 09:18 386248 ----a-w- c:\windows\system32\nvmctray.dll 2015-03-13 16:16 . 2012-12-05 09:18 2559808 ----a-w- c:\windows\system32\nvsvcr.dll 2015-03-13 16:16 . 2012-12-05 09:18 1099408 ----a-w- c:\windows\system32\nv3dappshext.dll 2015-03-11 13:10 . 2012-12-05 09:18 4246327 ----a-w- c:\windows\system32\nvcoproc.bin 2015-02-24 02:17 . 2011-11-02 22:30 295552 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2015-04-26 43816] "GoogleChromeAutoLaunch_6376B5EE50201B8D362125E4D5560106"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-05-05 812872] "CCleaner Monitoring"="d:\program files\CCleaner\CCleaner64.exe" [2015-02-19 7416088] "KSS"="c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" [2015-04-06 918824] "DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2013-08-14 5537136] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r "UpdReg"=c:\windows\UpdReg.EXE "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin "HP Software Update"=d:\program files\HP\HP Software Update\HPWuSchd2.exe "hpqSRMon"=d:\program files\HP\Digital Imaging\bin\hpqSRMon.exe "BrowserPlugInHelper"=d:\program files\Video Converter Ultimate\BrowserPlugInHelper.exe "QuickTime Task"="d:\program files\QuickTime\QTTask.exe" -atboottime "PMBVolumeWatcher"=d:\program files\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun "SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 kss;Kaspersky Security Scan Service;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe -r;c:\program files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe -r [x] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x] R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x] R3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x] R3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;d:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x] R4 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x] R4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x] R4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x] R4 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] R4 Origin Client Service;Origin Client Service;d:\program files\Origin\OriginClientService.exe;d:\program files\Origin\OriginClientService.exe [x] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;d:\program files\PlayMemories Home\PMBDeviceInfoProvider.exe;d:\program files\PlayMemories Home\PMBDeviceInfoProvider.exe [x] R4 PowerBiosServer;PowerBiosServer;c:\program files (x86)\Hotkey\PowerBiosServer.exe;c:\program files (x86)\Hotkey\PowerBiosServer.exe [x] R4 PS3 Media Server;PS3 Media Server;d:\program files\PS3 Media Server\win32\service\wrapper.exe;d:\program files\PS3 Media Server\win32\service\wrapper.exe [x] R4 SOHDms;Sony Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x] R4 SOHDs;Sony Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x] R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;d:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x] R4 TunngleService;TunngleService;d:\program files\Tunngle\TnglCtrl.exe;d:\program files\Tunngle\TnglCtrl.exe [x] R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x] S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x] S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x] S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x] S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x] S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x] S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x] S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x] S2 AVP15.0.1;Kaspersky Anti-Virus Service 15.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [x] S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x] S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys;c:\windows\SYSNATIVE\DRIVERS\JME.sys [x] S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x] S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-05-14 07:54 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2015-05-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 19:18] . 2015-03-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1064782982-1118823552-3666715274-1000Core.job - c:\users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-31 10:36] . 2015-03-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1064782982-1118823552-3666715274-1000UA.job - c:\users\Sven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-31 10:36] . 2015-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 11:56] . 2015-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 11:56] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "THXCfg64"="c:\windows\system32\THXCfg64.dll" [2010-09-14 25600] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2014-01-08 4876016] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832] "Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <-loopback> IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - d:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105 IE: {{09A10376-994C-4BBF-9121-F50CF7BA237E} - {F2A56BFE-7911-451A-BC74-A9C3C2E95126} - c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll LSP: %windir%\system32\vsocklib.dll TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{2FABD380-C437-4D99-B898-CF04C7DCE249}: NameServer = 8.8.8.8,8.8.4.4 FF - ProfilePath - c:\users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\ivm3pfc1.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF - ExtSQL: !HIDDEN! 2012-06-11 14:32; smartwebprinting@hp.com; d:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: content.notify.interval - 600000 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.switch.threshold - 600000 FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - ba35e5fb000000000000bc77371c95b3 FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15912 FF - user.js: extensions.delta.vrsn - 1.8.22.0 FF - user.js: extensions.delta.vrsni - 1.8.22.0 FF - user.js: extensions.delta.vrsnTs - 1.8.22.07:12 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - nl FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=123884&tsp=4955 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . . ------- File Associations ------- . inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1 txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1 . - - - - ORPHANS REMOVED - - - - . ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) Wow6432Node-HKU-Default-Run-Bitdefender Wallet Agent - d:\program files\Bitdefender\Bitdefender\pmbxag.exe Wow6432Node-HKU-Default-Run-Bitdefender Wallet - d:\program files\Bitdefender\Bitdefender\pwdmanui.exe Wow6432Node-HKU-Default-Run-Bitdefender Wallet Application Agent - d:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe AddRemove-{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2729449 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2736428 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2737019 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2742595 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe AddRemove-{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2789642 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.17" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2015-05-22 13:15:44 ComboFix-quarantined-files.txt 2015-05-22 11:15 . Pre-Run: 24.471.363.584 bytes free Post-Run: 25.838.661.632 bytes free . - - End Of File - - A581CC9EAD71733207BF73CD034B1ABA