Edward Glyver

24 juli 2012

Het is toch nog gelukt. Was vergeten om in het netwerkcentrum op zoek te gaan naar het ip adres van de router. Modus is standaard 802.11n 2,4 GHz, frequentie 20 MHz en kanaal 1. Allemaal standaard dus. En het probleem is dat ik ze niet kan veranderen. Het enige wat in de buurt komt en wat ik kan veranderen is de Transmission rate (zie screenshot). Ons internet hoort in de buurt van 50 Mbps te zitten, dus ik weet niet of ik de bij rate bijv. 5 of 11 moet kiezen of dat het gewoon op Auto moet blijven staan.

24 juli 2012

Dat zal niet gaan, helaas. We hebben geen router meer, We hebben een nieuwe UPC box (voor internet en telefonie) die nu ook tevens als router dient. Ik kan er dus niet in. Maar ik zal eens contact opnemen met UPC, kijken wat zij te zeggen hebben.

23 juli 2012

Malwarebytes heb ik geinstalleerd op uw aanraden, dus het probleem bestond eerder. Voor zover ik weet staat Windows Defender uit omdat Kaspersky aan staat en het verwijderen van Kaspersky heeft ook niets nuttigs opgeleverd. Op het moment ondervind ik het probleem weer. De snelheid is erg wisselvallig, het ene moment bedraagt het 39 Mbps, een halve minuut later 0,71 Mbps. Het duurde 1 minuut 50 seconden om chess.com te laden. En dat terwijl de test net 30+ Mbps had aangegeven. Pingtest.net heeft alleen positieve dingen te melden over mijn verbinding.. Ik moet wel zeggen dat ik vaak een ander probleem ondervind met het netwerk, dan laat ik Windows het probleem oplossen en geeft ie aan dat de standard gateway niet beschikbaar was. Ik weet niet of het er iets mee te maken heeft, maar dacht ik meld het even.

11 juli 2012

Ja klopt. Websites bijv. worden heel traag geladen

10 juli 2012

Helaas is het probleem nog steeds niet opgelost =(

9 juli 2012

Het is gelukt. ComboFix verwijderd, alles werkt weer. Met alles bedoel ik dan alle software. Over internet kan ik niets zeggen, nu heb ik er geen last van, maar het blijft onvoorspelbaar, misschien werkt ie morgen niet meer. Hebben de logs van ComboFix iets nuttigs opgeleverd eigenlijk?

9 juli 2012

Ik heb het gedaan, maar nu doet mijn computer heel erg raar. Geen enkel programma, maar dan ook geen een kan geopend worden. Ik krijg de foutmelding: 'Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.' Dit zit ik dan ook op een andere laptop te typen. Enig idee waarom dat gebeurd is? Het logbestand heb ik via usb overgezet op deze laptop, het gaat als volgt:

ComboFix 12-07-08.01 - Fuad Yusibov 09-07-2012 12:35:23.3.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3990.2430 [GMT 2:00]

Gestart vanuit: c:\users\Fuad Yusibov\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Fuad Yusibov\Desktop\CFScript.txt

AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\system32\srvany.exe"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_KMService

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-09 to 2012-07-09 ))))))))))))))))))))))))))))))

.

2012-07-09 10:44 . 2012-07-09 10:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-07-07 21:35 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-07-07 21:35 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-07-07 19:30 . 2012-07-07 19:35 -------- d-----w- c:\programdata\PCPitstop

2012-07-07 19:30 . 2012-07-07 19:30 -------- d-----w- c:\program files (x86)\PCPitstop

2012-07-07 15:50 . 2012-07-07 15:50 -------- d-----w- c:\program files (x86)\Dell Digital Delivery

2012-07-06 08:08 . 2012-06-18 01:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8DACD813-DD1B-4E96-90B5-17A5F902C6F9}\mpengine.dll

2012-07-05 16:21 . 2012-07-05 16:26 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Norton Utilities

2012-06-29 15:49 . 2012-06-29 15:49 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Quantitative Micro Software

2012-06-29 15:48 . 2001-09-04 23:14 176128 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll

2012-06-29 15:48 . 2001-09-04 23:13 32768 ------w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll

2012-06-29 15:48 . 2001-09-04 22:18 225280 ------w- c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll

2012-06-29 15:48 . 2001-09-04 23:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll

2012-06-29 15:47 . 2003-10-29 09:00 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe

2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Malwarebytes

2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-06-26 10:26 . 2012-06-26 10:26 -------- d-----w- c:\programdata\Malwarebytes

2012-06-26 10:26 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-25 22:38 . 2012-06-25 22:38 388096 ----a-r- c:\users\Fuad Yusibov\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-06-25 22:38 . 2012-06-25 22:38 -------- d-----w- c:\program files (x86)\Trend Micro

2012-06-25 21:19 . 2012-06-25 21:19 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-06-25 21:19 . 2012-06-25 21:19 -------- d-----w- c:\program files (x86)\Oracle

2012-06-25 21:16 . 2012-06-25 21:16 -------- d-----w- c:\program files (x86)\Java

2012-06-25 20:35 . 2012-07-06 08:24 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service

2012-06-25 20:00 . 2012-06-25 20:00 -------- d-----w- c:\program files (x86)\Kaspersky Lab

2012-06-25 17:27 . 2012-06-25 17:27 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Macrovision

2012-06-25 17:02 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-25 17:02 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-25 17:02 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-25 17:02 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-25 17:02 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-25 17:02 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-25 17:02 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-25 17:02 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-25 17:02 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-23 13:51 . 2012-06-23 13:51 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Leadertech

2012-06-23 13:49 . 2012-06-25 11:54 -------- d-----w- c:\programdata\Logishrd

2012-06-23 13:49 . 2012-06-23 13:51 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Logitech

2012-06-23 13:49 . 2012-06-23 13:49 -------- d-----w- c:\users\Fuad Yusibov\AppData\Roaming\Logishrd

2012-06-21 19:23 . 2012-06-21 19:23 -------- d-----w- c:\programdata\Quantitative Micro Software

2012-06-21 19:23 . 2012-07-04 13:41 -------- d-----w- c:\program files (x86)\EViews7

2012-06-19 15:35 . 2012-06-19 15:35 4967624 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll

2012-06-15 20:31 . 2012-06-15 20:31 -------- d-----w- c:\program files\Recuva

2012-06-13 16:01 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-09 10:46 . 2011-09-30 22:01 17920 ----a-w- c:\windows\system32\rpcnetp.exe

2012-07-09 10:46 . 2011-09-29 12:47 58288 ----a-w- c:\windows\SysWow64\rpcnet.dll

2012-07-07 15:35 . 2011-09-30 22:02 17920 ----a-w- c:\windows\SysWow64\rpcnetp.dll

2012-07-07 15:34 . 2011-09-30 22:01 17920 ----a-w- c:\windows\SysWow64\rpcnetp.exe

2012-06-25 20:37 . 2012-04-06 03:33 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-06-25 20:37 . 2011-09-23 03:54 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-25 20:37 . 2012-04-06 03:41 9815752 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-06-08 20:10 . 2012-06-08 20:10 13160 ----a-w- c:\windows\SysWow64\Upgrd.exe

2012-06-08 20:10 . 2011-09-29 12:47 58288 ------w- c:\windows\SysWow64\rpcnet.exe

2012-06-04 17:42 . 2010-08-20 19:22 49592 ----a-w- c:\windows\SysWow64\pkgslv.exe

2012-06-04 17:42 . 2010-08-20 19:22 46008 ----a-w- c:\windows\SysWow64\pkgmgr.dll

2012-05-04 17:29 . 2012-05-19 21:37 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-05-04 17:29 . 2011-09-23 04:05 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-04-17 22:49 . 2012-04-17 22:49 4246016 ----a-w- c:\windows\system32\wlihvui.dll

2012-04-17 22:45 . 2012-04-17 22:45 2463744 ----a-w- c:\windows\system32\iwmssvc.dll

2012-04-17 14:11 . 2012-04-27 20:04 49152 ----a-w- c:\windows\system32\iolobtdfg.exe

2012-04-17 14:11 . 2012-04-27 20:04 17920 ----a-w- c:\windows\system32\smrgdf.exe

2012-04-17 13:37 . 2012-04-27 20:04 2154032 ----a-w- c:\windows\system32\Incinerator64.dll

2012-04-17 13:37 . 2012-04-27 20:04 2095816 ----a-w- c:\windows\SysWow64\Incinerator32.dll

2012-04-17 12:25 . 2012-04-27 20:03 69000 ----a-w- c:\windows\system32\offreg.dll

2012-04-17 12:25 . 2012-04-27 20:03 56200 ----a-w- c:\windows\SysWow64\offreg.dll

2012-04-17 12:25 . 2012-04-27 20:01 31432 ----a-w- c:\windows\system32\drivers\ElRawDsk.sys

.

((((((((((((((((((((((((((((( SnapShot@2012-07-07_21.51.06 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2012-07-07 20:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-07-09 09:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-07-07 20:55 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-07-09 09:05 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-07-07 20:55 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-07-09 09:05 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-11-21 03:09 . 2012-07-09 09:19 56732 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-07-09 10:47 43760 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-09-29 13:23 . 2012-07-09 10:47 17058 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1941087755-3768846296-3944321467-1002_UserData.bin

+ 2009-07-14 04:46 . 2012-07-08 09:17 96928 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

- 2011-09-22 21:48 . 2012-07-07 16:01 3076 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat

+ 2011-09-22 21:48 . 2012-07-09 10:44 3076 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat

- 2012-07-07 16:26 . 2012-07-07 20:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-07-09 10:45 . 2012-07-09 10:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-07-09 10:45 . 2012-07-09 10:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-07-07 16:26 . 2012-07-07 20:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 05:01 . 2012-07-07 16:01 574540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-07-09 10:44 574540 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 04:45 . 2012-06-25 20:35 7294510 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2009-07-14 04:45 . 2012-07-07 22:17 7294510 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2011-09-29 13:19 . 2012-07-09 10:44 13797048 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1941087755-3768846296-3944321467-1002-8192.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Absolute Notifier"="c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" [2011-05-10 85672]

"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 250056]

R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-03-01 195584]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 36328]

R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496]

R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [x]

R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]

R3 EMUXMIDI;E-MU Xmidi Driver;c:\windows\system32\DRIVERS\EMUXMIDI.sys [2009-12-04 257624]

R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-02-27 158976]

R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-05-17 34200]

R3 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-04-17 1047336]

R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-07-22 175192]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-04-17 273168]

R3 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-04-07 5352960]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-07 174184]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [2012-05-16 91848]

R3 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640]

R3 SW2SVC;SecureW2 Service;c:\program files (x86)\SecureW2\sw2_service.exe [2011-08-05 121224]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 SymDSMon;SymDSMon;c:\windows\system32\drivers\SymDSMon.sys [2010-11-30 191232]

R3 SYMSpeedDisk;SYMSpeedDisk;c:\windows\system32\drivers\SymSpeedDisk.sys [2010-11-30 163384]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-30 1255736]

R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

R4 AbsoluteNotifier;Absolute Notifier;c:\program files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [2011-05-10 10920]

R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]

R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R4 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]

R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]

R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-07-22 690472]

R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

R4 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136]

R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-11-03 381248]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-11-04 28992]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]

S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]

S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-04-17 31432]

S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11864]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 29488]

S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2011-11-04 249152]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL64.SYS [2011-07-12 12368]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-01 659976]

S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184]

S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296]

S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-03-08 135952]

S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-06-19 173056]

S2 DiskDoctorService;Norton Disk Doctor Service;c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe [2010-11-30 1029480]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-04 2253120]

S2 rpcld;Remote Procedure Call (RPC) LD;c:\programdata\Rpcnet\Bin\rpcld.exe [x]

S2 SpeedDiskService;Norton SpeedDisk Service;c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe [2010-11-30 1037672]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]

S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-04-17 2671376]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]

S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-01 195584]

S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128]

S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]

S3 cyhid;Cypress Input Device;c:\windows\system32\DRIVERS\cyhid.sys [2011-06-07 108032]

S3 cykbfltrService;Cypress Keyboard Filter Driver;c:\windows\system32\DRIVERS\cykbfltr.sys [2011-05-26 11264]

S3 cymfltrService;Cypress Trackpad Filter Driver;c:\windows\system32\DRIVERS\cymfltr.sys [2011-05-22 70656]

S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440]

S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-05-17 25496]

S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 22544]

S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\Netwsw00.sys [2012-03-12 11471872]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2011-05-17 42392]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 20:37]

.

2012-07-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002Core.job

- c:\users\Fuad Yusibov\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-01 11:34]

.

2012-07-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002UA.job

- c:\users\Fuad Yusibov\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-01 11:34]

.

2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38]

.

2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 18:38]

.

2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002Core.job

- c:\users\Fuad Yusibov\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 18:27]

.

2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1941087755-3768846296-3944321467-1002UA.job

- c:\users\Fuad Yusibov\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 18:27]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-06-20 17:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CyCpIo"="c:\program files\Cypress\TrackPad\CyCpIo.exe" [2011-05-20 2352640]

"CyHidWin"="c:\program files\Cypress\TrackPad\CyHidWin.exe" [2011-05-26 2356224]

"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]

"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-10-18 7509096]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-10-14 2278504]

"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-11-04 540992]

"combofix"="c:\combofix\CF16989.3XE" [2010-11-21 345088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uInternet Settings,ProxyOverride = local

TCP: DhcpNameServer = 213.46.228.196 62.179.104.196

FF - ProfilePath - c:\users\Fuad Yusibov\AppData\Roaming\Mozilla\Firefox\Profiles\b0b8d2kd.default\

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Cisco Systems\VPN Client\cvpnd.exe

c:\windows\SysWOW64\rpcnet.exe

c:\program files (x86)\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe

c:\program files (x86)\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe

c:\program files (x86)\Google\Update\1.3.21.111\GoogleCrashHandler.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Voltooingstijd: 2012-07-09 13:02:10 - machine werd herstart

ComboFix-quarantined-files.txt 2012-07-09 11:02

ComboFix2.txt 2012-07-08 09:57

ComboFix3.txt 2012-07-07 22:05

.

Pre-Run: 288.409.006.080 bytes beschikbaar

Post-Run: 287.738.232.832 bytes beschikbaar

.

- - End Of File - - 6E806A1B16842A473DE49B8982DF3D89

8 juli 2012

Alstublieft. Ik moet trouwens wel zeggen dat kort nadat ik deze post had aangemaakt de problemen zomaar weg waren, ik weet niet wat en of ik iets had gedaan. Maar ze zijn al een paar dagen terug:

ComboFix 12-07-07.04 - Fuad Yusibov 08-07-2012 11:33:16.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3990.2479 [GMT 2:00]

Gestart vanuit: c:\users\Fuad Yusibov\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Fuad Yusibov\Desktop\CFScript.txt

AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\Tasks\AutoKMSCustom.job"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\AutoKMS

c:\windows\AutoKMS\AutoKMS.exe

c:\windows\AutoKMS\AutoKMS.ini

c:\windows\Tasks\AutoKMSCustom.job

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-08 to 2012-07-08 ))))))))))))))))))))))))))))))

.

2012-07-08 09:42 . 2012-07-08 09:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-07-08 09:42 . 2012-07-08 09:42 -------- d-----w- c:\users\Default\AppData\Local\temp