Vraag & Antwoord

Beveiliging & privacy

Laptop erg traag

Anoniem
Abraham54
26 antwoorden
  • Een beetje verlaat, maar hier is het logje:


    ComboFix 12-08-05.02 - Sjouke Hoving 09.08.2012 20:41:22.2.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.41.1033.18.8086.6253 [GMT 2:00]
    ausgeführt von:: c:\users\Sjouke Hoving\Desktop\ComboFix.exe
    AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
    SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Neuer Wiederherstellungspunkt wurde erstellt
    .
    .
    ((((((((((((((((((((((( Dateien erstellt von 2012-07-09 bis 2012-08-09 ))))))))))))))))))))))))))))))
    .
    .
    2012-08-09 18:44 . 2012-08-09 18:44 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp
    2012-08-09 18:44 . 2012-08-09 18:44 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-08-07 15:52 . 2012-06-29 10:04 9133488 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1736563D-BA0E-46B4-BDE4-FE0FC6EB21D2}\mpengine.dll
    2012-08-06 09:49 . 2012-08-06 09:50 ——– d—–w- C:\TDSSStarter
    2012-08-06 08:25 . 2012-08-06 08:25 ——– d—–w- c:\program files\ESET
    2012-08-05 06:09 . 2012-08-05 06:09 ——– d—–w- c:\users\Sjouke Hoving\AppData\Roaming\Malwarebytes
    2012-08-05 06:09 . 2012-08-05 06:09 ——– d—–w- c:\programdata\Malwarebytes
    2012-08-05 06:09 . 2012-08-05 06:09 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-08-05 06:09 . 2012-07-03 11:46 24904 —-a-w- c:\windows\system32\drivers\mbam.sys
    .
    .
    .
    (((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-07-10 17:15 . 2012-03-23 18:26 59701280 —-a-w- c:\windows\system32\MRT.exe
    2012-06-26 21:21 . 2012-06-26 21:21 255352 —-a-w- c:\windows\SysWow64\awrdscdc.ax
    2012-06-18 05:20 . 2012-06-18 05:20 476936 —-a-w- c:\windows\SysWow64\npdeployJava1.dll
    2012-06-18 05:20 . 2012-04-03 20:04 472840 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2012-06-12 03:08 . 2012-07-10 17:20 3148800 —-a-w- c:\windows\system32\win32k.sys
    2012-06-09 05:43 . 2012-07-10 17:12 14172672 —-a-w- c:\windows\system32\shell32.dll
    2012-06-06 06:06 . 2012-07-10 17:12 2004480 —-a-w- c:\windows\system32\msxml6.dll
    2012-06-06 06:06 . 2012-07-10 17:12 1881600 —-a-w- c:\windows\system32\msxml3.dll
    2012-06-06 06:02 . 2012-07-10 17:12 1133568 —-a-w- c:\windows\system32\cdosys.dll
    2012-06-06 05:05 . 2012-07-10 17:12 1390080 —-a-w- c:\windows\SysWow64\msxml6.dll
    2012-06-06 05:05 . 2012-07-10 17:12 1236992 —-a-w- c:\windows\SysWow64\msxml3.dll
    2012-06-06 05:03 . 2012-07-10 17:12 805376 —-a-w- c:\windows\SysWow64\cdosys.dll
    2012-06-02 22:19 . 2012-06-21 17:24 38424 —-a-w- c:\windows\system32\wups.dll
    2012-06-02 22:19 . 2012-06-21 17:24 2428952 —-a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 22:19 . 2012-06-21 17:24 57880 —-a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 22:19 . 2012-06-21 17:24 44056 —-a-w- c:\windows\system32\wups2.dll
    2012-06-02 22:19 . 2012-06-21 17:24 701976 —-a-w- c:\windows\system32\wuapi.dll
    2012-06-02 22:15 . 2012-06-21 17:24 2622464 —-a-w- c:\windows\system32\wucltux.dll
    2012-06-02 22:15 . 2012-06-21 17:24 99840 —-a-w- c:\windows\system32\wudriver.dll
    2012-06-02 13:19 . 2012-06-21 17:24 186752 —-a-w- c:\windows\system32\wuwebv.dll
    2012-06-02 13:15 . 2012-06-21 17:24 36864 —-a-w- c:\windows\system32\wuapp.exe
    2012-06-02 12:49 . 2012-07-10 17:13 17807360 —-a-w- c:\windows\system32\mshtml.dll
    2012-06-02 12:17 . 2012-07-10 17:13 10924032 —-a-w- c:\windows\system32\ieframe.dll
    2012-06-02 12:12 . 2012-07-10 17:14 2311680 —-a-w- c:\windows\system32\jscript9.dll
    2012-06-02 12:05 . 2012-07-10 17:14 1346048 —-a-w- c:\windows\system32\urlmon.dll
    2012-06-02 12:05 . 2012-07-10 17:14 1392128 —-a-w- c:\windows\system32\wininet.dll
    2012-06-02 12:04 . 2012-07-10 17:14 1494528 —-a-w- c:\windows\system32\inetcpl.cpl
    2012-06-02 12:04 . 2012-07-10 17:14 237056 —-a-w- c:\windows\system32\url.dll
    2012-06-02 12:03 . 2012-07-10 17:14 85504 —-a-w- c:\windows\system32\jsproxy.dll
    2012-06-02 12:01 . 2012-07-10 17:14 173056 —-a-w- c:\windows\system32\ieUnatt.exe
    2012-06-02 12:00 . 2012-07-10 17:14 818688 —-a-w- c:\windows\system32\jscript.dll
    2012-06-02 11:59 . 2012-07-10 17:14 2144768 —-a-w- c:\windows\system32\iertutil.dll
    2012-06-02 11:57 . 2012-07-10 17:14 96768 —-a-w- c:\windows\system32\mshtmled.dll
    2012-06-02 11:57 . 2012-07-10 17:14 2382848 —-a-w- c:\windows\system32\mshtml.tlb
    2012-06-02 11:54 . 2012-07-10 17:14 248320 —-a-w- c:\windows\system32\ieui.dll
    2012-06-02 08:33 . 2012-07-10 17:14 1800192 —-a-w- c:\windows\SysWow64\jscript9.dll
    2012-06-02 08:25 . 2012-07-10 17:14 1129472 —-a-w- c:\windows\SysWow64\wininet.dll
    2012-06-02 08:25 . 2012-07-10 17:14 1427968 —-a-w- c:\windows\SysWow64\inetcpl.cpl
    2012-06-02 08:20 . 2012-07-10 17:14 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
    2012-06-02 08:16 . 2012-07-10 17:14 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
    2012-06-02 05:50 . 2012-07-10 17:12 458704 —-a-w- c:\windows\system32\drivers\cng.sys
    2012-06-02 05:48 . 2012-07-10 17:12 151920 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-06-02 05:48 . 2012-07-10 17:12 95600 —-a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-06-02 05:45 . 2012-07-10 17:12 340992 —-a-w- c:\windows\system32\schannel.dll
    2012-06-02 05:44 . 2012-07-10 17:12 307200 —-a-w- c:\windows\system32\ncrypt.dll
    2012-06-02 04:40 . 2012-07-10 17:12 22016 —-a-w- c:\windows\SysWow64\secur32.dll
    2012-06-02 04:40 . 2012-07-10 17:12 225280 —-a-w- c:\windows\SysWow64\schannel.dll
    2012-06-02 04:39 . 2012-07-10 17:12 219136 —-a-w- c:\windows\SysWow64\ncrypt.dll
    2012-06-02 04:34 . 2012-07-10 17:12 96768 —-a-w- c:\windows\SysWow64\sspicli.dll
    2012-05-31 10:25 . 2012-03-23 18:13 279656 ——w- c:\windows\system32\MpSigStub.exe
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-08-06_06.30.45 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-03-24 17:44 . 2012-08-09 18:21 30433 c:\windows\SysWOW64\config\systemprofile\AppData\Local\ESET\ESET Smart Security\Antispam\scdns.bin
    + 2012-03-23 17:28 . 2012-08-08 05:11 40438 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2012-08-08 05:11 29332 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    - 2009-07-14 05:30 . 2012-08-03 18:38 86016 c:\windows\system32\DriverStore\infpub.dat
    + 2009-07-14 05:30 . 2012-08-06 08:25 86016 c:\windows\system32\DriverStore\infpub.dat
    - 2012-03-23 17:02 . 2012-08-05 15:10 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2012-03-23 17:02 . 2012-08-07 04:17 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2012-03-23 17:02 . 2012-08-05 15:10 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2012-03-23 17:02 . 2012-08-07 04:17 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-08-05 15:10 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-08-07 04:17 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-08-06 08:25 . 2012-08-06 08:25 10134 c:\windows\Installer\{F7274D82-C857-4C20-AB1A-D701D64BFD90}\callmsi.exe
    - 2012-08-03 18:38 . 2012-08-03 18:38 10134 c:\windows\Installer\{F7274D82-C857-4C20-AB1A-D701D64BFD90}\callmsi.exe
    + 2012-03-23 17:13 . 2012-08-08 05:11 8930 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2310585955-207485757-2205469552-1000_UserData.bin
    - 2012-03-23 17:01 . 2012-08-05 14:07 1557 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
    + 2012-03-23 17:01 . 2012-08-08 05:01 1557 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Bluetooth\bthservsdp.dat
    + 2012-08-08 05:02 . 2012-08-08 05:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-08-05 14:08 . 2012-08-05 14:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-08-05 14:08 . 2012-08-05 14:08 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2012-08-08 05:02 . 2012-08-08 05:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2012-03-24 12:51 . 2012-08-09 18:19 298042 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
    - 2009-07-14 02:36 . 2012-08-05 14:12 616008 c:\windows\system32\perfh009.dat
    + 2009-07-14 02:36 . 2012-08-08 05:06 616008 c:\windows\system32\perfh009.dat
    + 2009-07-14 02:36 . 2012-08-08 05:06 106388 c:\windows\system32\perfc009.dat
    - 2009-07-14 02:36 . 2012-08-05 14:12 106388 c:\windows\system32\perfc009.dat
    + 2009-07-14 05:30 . 2012-08-06 08:25 143360 c:\windows\system32\DriverStore\infstrng.dat
    - 2009-07-14 05:30 . 2012-08-03 18:38 143360 c:\windows\system32\DriverStore\infstrng.dat
    - 2009-07-14 05:30 . 2012-08-03 18:38 143360 c:\windows\system32\DriverStore\infstor.dat
    + 2009-07-14 05:30 . 2012-08-06 08:25 143360 c:\windows\system32\DriverStore\infstor.dat
    - 2009-07-14 05:01 . 2012-08-05 14:07 389376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2009-07-14 05:01 . 2012-08-08 05:01 389376 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2012-08-03 18:38 . 2012-08-03 18:38 105624 c:\windows\Installer\{F7274D82-C857-4C20-AB1A-D701D64BFD90}\egui.exe
    + 2012-08-06 08:25 . 2012-08-06 08:25 105624 c:\windows\Installer\{F7274D82-C857-4C20-AB1A-D701D64BFD90}\egui.exe
    + 2012-03-23 19:30 . 2012-08-07 05:32 3523200 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2310585955-207485757-2205469552-1000-8192.dat
    - 2012-03-23 19:30 . 2012-08-05 14:07 3523200 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2310585955-207485757-2205469552-1000-8192.dat
    + 2012-08-06 08:09 . 2012-08-06 08:09 62664192 c:\windows\Installer\23249.msi
    .
    (((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 —-a-w- c:\users\Sjouke Hoving\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 —-a-w- c:\users\Sjouke Hoving\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 94208 —-a-w- c:\users\Sjouke Hoving\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
    "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
    "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
    .
    R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184]
    R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496]
    R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-01-24 53008]
    R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128]
    R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-11-15 327168]
    R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-12-09 60416]
    R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-11-10 172632]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
    R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-23 1255736]
    S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2010-12-24 25960]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
    S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
    S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\Sjouke Hoving\Desktop\EmsisoftEmergencyKit\Run\a2ddax64.sys [2012-08-06 23208]
    S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
    S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
    S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
    S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-12 13336]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-12-24 1997416]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-12-23 378984]
    S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
    S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
    S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
    S3 cyhid;Cypress Input Device;c:\windows\system32\DRIVERS\cyhid.sys [2011-02-17 103936]
    S3 cykbfltrService;Cypress Keyboard Filter Driver;c:\windows\system32\DRIVERS\cykbfltr.sys [2011-02-17 12800]
    S3 cymfltrService;Cypress Trackpad Filter Driver;c:\windows\system32\DRIVERS\cymfltr.sys [2011-02-17 61440]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
    S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-12-28 76912]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
    S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
    S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
    S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
    S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Inhalt des "geplante Tasks" Ordners
    .
    2012-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2310585955-207485757-2205469552-1000Core.job
    - c:\users\Sjouke Hoving\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-24 07:41]
    .
    2012-08-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2310585955-207485757-2205469552-1000UA.job
    - c:\users\Sjouke Hoving\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-24 07:41]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 97792 —-a-w- c:\users\Sjouke Hoving\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 97792 —-a-w- c:\users\Sjouke Hoving\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 97792 —-a-w- c:\users\Sjouke Hoving\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-14 22:58 97792 —-a-w- c:\users\Sjouke Hoving\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-18 167960]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-18 391704]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-18 417304]
    "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-12-23 312936]
    "Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1580368]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-25 6611560]
    "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
    "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
    "CyCpIo"="c:\program files\Cypress\TrackPad\CyCpIo.exe" [2011-02-17 2364928]
    "CyHidWin"="c:\program files\Cypress\TrackPad\CyHidWin.exe" [2011-02-17 2351104]
    "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
    "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-01-24 10355200]
    "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
    .
    ——- Zusätzlicher Suchlauf ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.ch/
    uDefault_Search_URL = hxxp://www.google.com/ie
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
    .
    .
    ——————— Gesperrte Registrierungsschluessel ———————
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Zeit der Fertigstellung: 2012-08-09 20:45:30
    ComboFix-quarantined-files.txt 2012-08-09 18:45
    .
    Vor Suchlauf: 35'516'620'800 bytes free
    Nach Suchlauf: 35'316'162'560 bytes free
    .
    - - End Of File - - 24E349882ED0E135C849EC87F509C700
    Anoniem
    Anoniem
  • Hallo Sjouke, jouw laatste log ziet er goed uit.
    Hoe staat het wat de traagheid betreft?
    Anoniem
    Anoniem
  • Hoi Sjouke,
    er is geen enkele antivirus, die voor de volle honderd procent jouw Windows kan beschermen; dit wordt nog moeilijker wanneer onderdelen in jouw Windows niet regelmatig gecontroleerd worden op updates.

    Daarom nu graag het volgende doen: een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is.

    Download naar je bureaublad [b:79da26b575].
    [list:79da26b575][*:79da26b575] Klik/dubbelklik op [b:79da26b575]SecurityCheck.exe[/b:79da26b575] en let op de instrukties in het zwarte venster.
    [*:79da26b575] Een Kladblok document genaamd [b:79da26b575]checkup.txt[/b:79da26b575] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:79da26b575] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:79da26b575]
    Post de inhoud van [b:79da26b575]checkup.txt [/b:79da26b575]in je volgende post.
    Anoniem
    Anoniem
  • Ik surf alleen nog met Chrome.
    MvG, Sjouke
    Anoniem
    Anoniem
  • Hier is de log:


    Results of screen317's Security Check version 0.99.43
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    [b:d4873d6395][u:d4873d6395]``````````````Antivirus/Firewall Check:``````````````[/b:d4873d6395][/u:d4873d6395]
    Windows Firewall Disabled!
    ESET Smart Security 5.2
    Antivirus up to date!
    [b:d4873d6395][u:d4873d6395]`````````Anti-malware/Other Utilities Check:`````````[/b:d4873d6395][/u:d4873d6395]
    Malwarebytes Anti-Malware version 1.62.0.1300
    E-Finance Java
    Java(TM) 6 Update 33
    Anoniem
    Anoniem
  • Even een vraag: gebruik jij Internet Explorer nog of surf jij alleen nog met Chrome?
    Anoniem
    Anoniem

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Gerelateerde vragen

We hebben je een e-mail gestuurd!

Oops… er ging wat mis.

Hoera, je account is nu geactiveerd!

Dit token is niet meer valide.

Wachtwoord vergeten?

Je aanvraag is verstuurd

Wachtwoord herstellen

Wachtwoord herstellen

Dit token is niet meer valide.

Je vraag is geplaatst!

Je antwoord is geplaatst!

Bevestigingsmail verstuurd!