Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 8 and sudden performance issues


  • Please log in to reply
4 replies to this topic

#1 len.moret

len.moret

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 08 April 2013 - 01:39 PM

Hey All,
 
Thanks for reading this boring post and your attempts to help me.
I have an Acer I7 laptop which has Win 8 pro installed. Some time ago I found my laptop slower and last week it almost grinded to a halt. 
I tried my macafee which came with the laptop and also mbam. They found cookies but nothing serious, or so i think. My speed is back but I don't trust my system anymore. What's more sometimes, at no particular interval, I can't reach my network via WiFi. Internet is also unreachable at these times. 
I ran RoqueKiller which comes up whith a filename. I tried to rename that file but it wouldn't let me until I chose to do that in safe mode. By then I had an other problem. My WiFi connection wouldn't come up again after restart. So I named it back tot it's original name. (see the rk log)
 
I am not too particular to where I get my software from though my Win 8 is legit. The rest is from internet. I can't however pinpoint any one internet install after which I experienced these problems.
 
I hope one of you can make something of this story. I can't.
 
Thanks in advance for your input Guys!
 
Sincerely,
 
Len
 
 
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:38, on 8-4-2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16518)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Eigenaar\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130403105058.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [StartMenuX] C:\Program Files\Start Menu X\StartMenuX.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - Global Startup: Spyder3Utility.lnk = C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
 
\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
 
\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher
 
\FNPLicensingService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management 
 
Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® 
 
Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\mcafee\msc\McAWFwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Application Statistics Service (MfeASUM) - McAfee, Inc. - C:\Program Files\McAfee\AppStats\MfeASUM.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: StartMenuXService - OrdinarySoft - C:\Program Files\Start Menu X\StartMenuXService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® 
 
Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file 
 
missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player
 
\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
 
--
End of file - 14078 bytes
 
 
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16519  BrowserJavaVersion: 10.17.2
Run by Eigenaar at 20:00:58 on 2013-04-08
Microsoft Windows 8 Pro  6.2.9200.0.1252.31.1043.18.5959.3794 [GMT 2:00]
.
AV: McAfee Antivirus en antispyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Antivirus en antispyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\WINDOWS\system32\AdminService.exe
C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\McAfee\AppStats\MfeASUM.exe
C:\windows\system32\mfevtps.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\SysWOW64\rundll32.exe
C:\Program Files\Start Menu X\StartMenuXService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Start Menu X\StartMenuX.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\SysWOW64\notepad.exe
C:\WINDOWS\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
C:\Program Files\mcafee.com\agent\mcagent.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.nl/
uDefault_Page_URL = hxxp://acer13.msn.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20130403105058.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [StartMenuX] C:\Program Files\Start Menu X\StartMenuX.exe
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun: [LManager] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ACERBA~1.LNK - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SPYDER~1.LNK - C:\Program Files (x86)\Datacolor\Spyder3Express\Utility\Spyder3Utility.exe
IE: &Verzenden naar OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{35EBAE54-090C-4E56-9B13-F52E9F349034} : DHCPNameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{3E66DC7E-1DDF-4498-AC18-B67AAEC37C10} : DHCPNameServer = 150.200.3.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20130403105058.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 directads.mcafee.com
Hosts: 127.0.0.1 analytics.microsoft.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 metrics.mcafee.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\Drivers\iaStorA.sys [2012-9-21 645952]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\Drivers\mfehidk.sys [2012-6-22 771536]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\Drivers\mfewfpk.sys [2012-6-22 340216]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\Drivers\nvpciflt.sys [2013-3-11 30496]
R1 MfeASKM;McAfee Application Statistics Device Driver;C:\Program Files\mcafee\AppStats\MfeASKM.sys [2013-3-5 31408]
R1 mwlPSDFilter;mwlPSDFilter;C:\WINDOWS\System32\Drivers\mwlPSDFilter.sys [2012-9-3 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\WINDOWS\System32\Drivers\mwlPSDNserv.sys [2012-9-3 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\WINDOWS\System32\Drivers\mwlPSDVDisk.sys [2012-9-3 62776]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AtherosSvc;AtherosSvc;C:\WINDOWS\System32\AdminService.exe [2012-8-29 208384]
R2 BrcmCardReader;Broadcom Card Reader Service;C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-8-21 176640]
R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-8-24 2435728]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-9-3 348784]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 
 
635104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL
 
\Jhi_service.exe [2012-9-21 165760]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2013-3-4 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2013-3-4 201304]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2013-3-4 201304]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2013-3-4 201304]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-9-3 241456]
R2 MfeASUM;McAfee Application Statistics Service;C:\Program Files\mcafee\AppStats\MfeASUM.exe [2013-3-5 335216]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-9-3 218760]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2012-9-3 182752]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-11-2 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2012-9-21 93296]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-2 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-2 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-2 168384]
R2 StartMenuXService;StartMenuXService;C:\Program Files\Start Menu X\StartMenuXService.exe [2013-3-11 67904]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-2-12 93072]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 
 
[2012-9-21 364416]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [2012-9-21 81536]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;C:\WINDOWS\System32\Drivers\b57xdbd.sys [2012-8-13 72280]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;C:\WINDOWS\System32\Drivers\b57xdmp.sys [2012-8-13 21080]
R3 bScsiMSa;bScsiMSa;C:\WINDOWS\System32\Drivers\bScsiMSa.sys [2012-6-19 55384]
R3 bScsiSDa;bScsiSDa;C:\WINDOWS\System32\Drivers\bScsiSDa.sys [2012-8-14 70744]
R3 BtFilter;BtFilter;C:\WINDOWS\System32\Drivers\btfilter.sys [2012-8-29 565760]
R3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;C:\WINDOWS\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\Drivers\cfwids.sys [2012-6-22 70112]
R3 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-8-23 658576]
R3 ETD;ELAN PS/2 Port Input Device;C:\WINDOWS\System32\Drivers\ETD.sys [2012-9-3 318864]
R3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\Drivers\IntcDAud.sys [2012-9-3 342528]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\Drivers\k57nd60a.sys [2012-6-2 425472]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\Drivers\mfeavfk.sys [2012-6-22 309840]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\Drivers\mfefirek.sys [2012-6-22 515968]
R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\WINDOWS\System32\Drivers\aPs2Kb2Hid.sys [2012-9-21 26736]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\Drivers\mfeelamk.sys [2012-6-18 69168]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-8-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-7-12 174160]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\Drivers\HipShieldK.sys [2013-3-10 196440]
S3 McAWFwk;McAfee Activation Service;C:\Program Files\mcafee\msc\McAWFwk.exe [2012-9-3 332080]
S3 mferkdet;McAfee Inc. mferkdet;C:\WINDOWS\System32\Drivers\mferkdet.sys [2012-6-22 106552]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 vmbusr;Provider van virtuele-machinebus;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2013-3-4 201304]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-04-04 18:37:23 -------- d-----w- C:\WINDOWS\AutoKMS
2013-04-04 18:35:07 -------- d-----w- C:\ProgramData\Microsoft Toolkit
2013-04-04 09:26:39 11459584 ----a-w- C:\WINDOWS\System32\glcndFilter.dll
2013-04-04 09:25:30 109568 ----a-w- C:\WINDOWS\System32\dskquota.dll
2013-04-04 09:25:29 115712 ----a-w- C:\WINDOWS\System32\wbem\PolicMan.dll
2013-04-04 09:25:28 84992 ----a-w- C:\WINDOWS\SysWow64\wbem\PolicMan.dll
2013-04-04 09:25:28 82944 ----a-w- C:\WINDOWS\SysWow64\dskquota.dll
2013-04-04 09:25:13 1172992 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll
2013-04-04 09:25:12 929792 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll
2013-04-04 09:25:12 677888 ----a-w- C:\WINDOWS\System32\mfnetcore.dll
2013-04-04 09:25:12 673280 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2013-04-04 09:25:12 568832 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
2013-04-04 09:25:12 513024 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2013-04-04 09:25:11 850944 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2013-04-04 09:25:11 1048064 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll
2013-04-04 09:23:59 331776 ----a-w- C:\WINDOWS\System32\dhcpcore.dll
2013-04-04 09:21:45 2367528 ----a-w- C:\WINDOWS\System32\WSService.dll
2013-04-04 09:20:59 866304 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2013-04-04 08:25:28 78168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2013-04-04 08:25:28 692568 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2013-04-03 11:44:09 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-04-03 11:44:08 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-04-03 08:37:46 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\abelhadigital.com
2013-04-03 08:37:46 -------- d-----w- C:\ProgramData\abelhadigital.com
2013-04-03 08:37:45 -------- d-----w- C:\Program Files (x86)\HostsMan
2013-04-03 08:31:45 -------- d-----w- C:\WINDOWS\System32\drivers\Nieuwe map (2)
2013-04-03 08:31:30 -------- d-----w- C:\WINDOWS\System32\drivers\Nieuwe map
2013-04-03 08:16:31 17888 ----a-w- C:\WINDOWS\System32\msvcr100_clr0400.dll
2013-04-03 08:15:56 17888 ----a-w- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
2013-04-03 08:12:52 144384 ----a-w- C:\WINDOWS\System32\tssdisai.dll
2013-04-03 08:11:49 1558912 ----a-w- C:\Program Files\Windows Defender\DbgHelp.dll
2013-04-03 08:08:59 496872 ----a-w- C:\WINDOWS\System32\drivers\usbhub.sys
2013-04-02 21:22:09 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Deployment
2013-04-02 20:50:12 -------- d-----w- C:\WINDOWS\ERUNT
2013-04-02 18:17:41 187152 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10197.bin
2013-04-02 10:42:30 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-04-02 10:33:35 -------- d-----w- C:\JRT
2013-04-02 10:14:57 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-04-02 10:14:50 17272 ----a-w- C:\WINDOWS\System32\sdnclean64.exe
2013-04-02 10:14:45 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-04-02 08:56:15 -------- d-----w- C:\Program Files (x86)\Foxit Software
2013-04-02 08:44:04 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Foxit Software
2013-04-02 08:42:57 -------- d-----w- C:\Users\Eigenaar\AppData\Local\assembly
2013-04-02 08:13:55 -------- d-----w- C:\Windows.old
2013-04-02 07:48:19 -------- d-sh--we C:\ProgramData\Sjablonen
2013-04-02 07:48:19 -------- d-sh--we C:\ProgramData\Menu Start
2013-04-02 07:48:19 -------- d-sh--we C:\ProgramData\Documenten
2013-04-02 07:48:19 -------- d-sh--we C:\ProgramData\Bureaublad
2013-04-02 07:25:53 -------- d-sh--w- C:\Recovery
2013-04-02 07:18:34 -------- d-----w- C:\Program Files\Elantech
2013-04-02 07:17:49 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-04-02 07:17:35 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-04-02 07:17:35 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-04-02 07:17:29 56832 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2013-04-02 07:17:29 56320 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2013-04-02 07:11:25 -------- d-----w- C:\WINDOWS\SysWow64\XPSViewer
2013-04-02 07:05:56 1166440 ----a-r- C:\WINDOWS\System32\PresentationNative_v0300.dll
2013-04-02 07:05:47 35400 ----a-r- C:\WINDOWS\System32\TsWpfWrp.exe
2013-04-02 07:05:41 124040 ----a-r- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2013-04-02 07:05:29 35400 ----a-r- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2013-04-02 07:05:24 102528 ----a-r- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-04-02 07:05:15 778856 ----a-r- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2013-04-02 06:24:23 -------- d-----w- C:\WINDOWS\Panther
2013-03-31 19:19:39 861088 ----a-w- C:\WINDOWS\SysWow64\npDeployJava1.dll
2013-03-31 19:19:39 782240 ----a-w- C:\WINDOWS\SysWow64\deployJava1.dll
2013-03-31 19:19:36 95648 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2013-03-26 19:27:34 -------- d-----w- C:\ProgramData\Spotnet
2013-03-26 19:27:34 -------- d-----w- C:\Program Files (x86)\Spotnet
2013-03-24 20:56:40 119808 ----a-r- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2013-03-24 20:07:06 -------- d-----w- C:\pebuilder3110a
2013-03-23 19:03:05 -------- d-----w- C:\Users\Eigenaar\AppData\Local\InstantUpdate
2013-03-23 18:54:55 -------- d-----w- C:\ProgramData\INSTALLER
2013-03-17 17:55:36 -------- d-----w- C:\ProgramData\DriverGenius
2013-03-17 17:24:39 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\DRPSu
2013-03-17 17:22:37 -------- d-----w- C:\Users\Eigenaar\AppData\Local\BMExplorer
2013-03-17 17:17:28 -------- d-----w- C:\Program Files (x86)\uTorrent
2013-03-15 20:19:59 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-03-15 18:02:28 -------- d-----w- C:\WINDOWS\System32\drivers\etc\hosts (2)
2013-03-15 17:50:19 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2013-03-15 17:50:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-15 06:40:56 -------- d-----w- C:\WINDOWS\SysWow64\searchplugins
2013-03-15 06:40:56 -------- d-----w- C:\WINDOWS\SysWow64\Extensions
2013-03-15 06:40:54 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\CRMixiDJTB
2013-03-14 19:24:53 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\SUPERAntiSpyware.com
2013-03-14 19:24:53 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2013-03-14 19:21:15 -------- d-----w- C:\WINDOWS\pss
2013-03-14 18:46:39 -------- d-----w- C:\Malwarebytes' Anti-Malware
2013-03-14 18:40:00 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Malwarebytes
2013-03-14 18:40:00 -------- d-----w- C:\ProgramData\Malwarebytes
2013-03-13 18:34:18 -------- d-----w- C:\ProgramData\HitmanPro
2013-03-13 17:07:38 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Nico Mak Computing
2013-03-12 16:59:07 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-03-11 21:35:21 -------- d-----w- C:\WINDOWS\System32\appmgmt
2013-03-11 21:29:59 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Symantec
2013-03-11 21:15:52 -------- d-----w- C:\ProgramData\Symantec
2013-03-11 21:15:52 -------- d-----w- C:\ProgramData\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
2013-03-11 20:21:32 -------- d-----w- C:\NVIDIA
2013-03-11 18:02:18 -------- d-----w- C:\Program Files (x86)\ESET
2013-03-11 15:37:26 -------- d-----w- C:\Program Files (x86)\Unlocker
2013-03-11 11:57:34 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\calibre
2013-03-11 11:57:21 -------- d-----w- C:\Program Files (x86)\Calibre2
2013-03-11 11:06:24 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\4Team
2013-03-11 11:05:59 -------- d-----w- C:\ProgramData\Downloaded Installations
2013-03-11 10:38:07 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\StartMenuX
2013-03-11 10:38:07 -------- d-----w- C:\ProgramData\StartMenuX
2013-03-11 10:38:07 -------- d-----w- C:\Program Files\Start Menu X
2013-03-11 10:37:08 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Programs
2013-03-11 08:08:01 -------- d-----w- C:\Users\Eigenaar\AppData\Local\ElevatedDiagnostics
2013-03-10 20:43:23 -------- d-----w- C:\Users\Eigenaar\PicStream
2013-03-10 20:43:11 -------- d-----w- C:\Users\Eigenaar\AppData\Local\clear.fi
2013-03-10 20:39:07 196440 ----a-w- C:\WINDOWS\System32\drivers\HipShieldK.sys
2013-03-10 20:07:16 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\uTorrent
.
==================== Find3M  ====================
.
2013-03-15 18:02:28 1611 ----a-w- C:\WINDOWS\System32\drivers\etc\mvps.bat
2013-03-02 08:22:18 361984 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2013-03-02 02:44:30 468992 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2013-02-19 12:59:06 70112 ----a-w- C:\WINDOWS\System32\drivers\cfwids.sys
2013-02-19 12:56:26 340216 ----a-w- C:\WINDOWS\System32\drivers\mfewfpk.sys
2013-02-19 12:56:14 182752 ----a-w- C:\WINDOWS\System32\mfevtps.exe
2013-02-19 12:55:26 10728 ----a-w- C:\WINDOWS\System32\drivers\mfeclnk.sys
2013-02-19 12:55:14 106552 ----a-w- C:\WINDOWS\System32\drivers\mferkdet.sys
2013-02-19 12:54:32 771536 ----a-w- C:\WINDOWS\System32\drivers\mfehidk.sys
2013-02-19 12:53:42 515968 ----a-w- C:\WINDOWS\System32\drivers\mfefirek.sys
2013-02-19 12:53:02 309840 ----a-w- C:\WINDOWS\System32\drivers\mfeavfk.sys
2013-02-19 12:52:44 179280 ----a-w- C:\WINDOWS\System32\drivers\mfeapfk.sys
2013-02-19 12:40:52 69168 ----a-w- C:\WINDOWS\System32\drivers\mfeelamk.sys
2013-02-15 07:58:59 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2013-02-15 06:35:40 444416 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2013-02-12 01:30:04 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
2013-02-12 00:56:19 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll
2013-02-12 00:25:18 4041728 ----a-w- C:\WINDOWS\System32\win32k.sys
2013-02-12 00:17:50 20992 ----a-w- C:\WINDOWS\System32\drivers\usb8023.sys
2013-02-10 01:04:31 6393120 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2013-02-10 01:04:31 3472672 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2013-02-10 01:04:29 877856 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2013-02-10 01:04:29 76064 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2013-02-10 01:04:29 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll
2013-02-10 01:04:29 2555680 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2013-02-10 01:04:29 237856 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2013-02-10 01:04:29 1012000 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2013-02-09 13:25:36 3035306 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2013-02-07 04:09:56 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2013-02-07 03:34:58 10115072 ----a-w- C:\WINDOWS\System32\twinui.dll
2013-02-07 03:33:47 2302464 ----a-w- C:\WINDOWS\System32\authui.dll
2013-02-07 03:33:42 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2013-02-07 01:34:00 8856576 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2013-02-07 01:33:03 2033664 ----a-w- C:\WINDOWS\SysWow64\authui.dll
2013-02-07 01:33:01 754176 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2013-02-05 22:31:11 622080 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2013-02-05 22:29:09 370688 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2013-02-05 22:28:48 247808 ----a-w- C:\WINDOWS\System32\drivers\srvnet.sys
2013-02-05 22:28:36 215552 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2013-02-05 04:58:01 1766912 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2013-02-05 04:56:33 2877952 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2013-02-05 04:56:27 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
2013-02-05 04:56:27 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll
2013-02-05 03:55:27 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2013-02-05 01:44:50 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll
2013-02-04 22:39:47 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll
2013-02-04 22:39:39 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll
2013-02-04 22:38:55 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll
2013-02-04 22:38:53 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll
2013-02-02 11:19:44 446184 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2013-02-02 11:19:41 329960 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2013-02-02 11:19:33 61672 ----a-w- C:\WINDOWS\System32\drivers\crashdmp.sys
2013-02-02 10:54:54 1933544 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2013-02-02 10:28:54 993512 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2013-02-02 10:28:54 2226408 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2013-02-02 08:40:58 375808 ----a-w- C:\WINDOWS\SysWow64\wbem\WmiPrvSE.exe
2013-02-02 08:40:55 80896 ----a-w- C:\WINDOWS\SysWow64\tasklist.exe
2013-02-02 08:40:55 79360 ----a-w- C:\WINDOWS\SysWow64\taskkill.exe
2013-02-02 08:40:36 155136 ----a-w- C:\WINDOWS\SysWow64\XpsRasterService.dll
2013-02-02 08:40:35 370688 ----a-w- C:\WINDOWS\SysWow64\WWanAPI.dll
2013-02-02 08:40:27 131072 ----a-w- C:\WINDOWS\SysWow64\wbem\WmiDcPrv.dll
2013-02-02 08:40:26 410624 ----a-w- C:\WINDOWS\SysWow64\wlroamextension.dll
2013-02-02 08:40:22 197632 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
2013-02-02 08:40:22 10792448 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2013-02-02 08:40:01 356352 ----a-w- C:\WINDOWS\SysWow64\SettingSync.dll
2013-02-02 08:39:59 325632 ----a-w- C:\WINDOWS\SysWow64\schannel.dll
2013-02-02 08:39:47 18432 ----a-w- C:\WINDOWS\SysWow64\npmproxy.dll
2013-02-02 08:39:34 55296 ----a-w- C:\WINDOWS\SysWow64\nlaapi.dll
2013-02-02 08:39:34 15872 ----a-w- C:\WINDOWS\SysWow64\nlmproxy.dll
2013-02-02 08:39:34 12288 ----a-w- C:\WINDOWS\SysWow64\nlmsprep.dll
2013-02-02 08:39:33 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll
2013-02-02 08:39:28 5090816 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll
2013-02-02 08:39:15 157696 ----a-w- C:\WINDOWS\SysWow64\mbsmsapi.dll
2013-02-02 08:38:54 567808 ----a-w- C:\WINDOWS\SysWow64\duser.dll
2013-02-02 08:24:19 107520 ----a-w- C:\WINDOWS\System32\taskkill.exe
2013-02-02 08:24:19 102400 ----a-w- C:\WINDOWS\System32\tasklist.exe
2013-02-02 08:23:44 228352 ----a-w- C:\WINDOWS\System32\XpsRasterService.dll
2013-02-02 08:23:43 475136 ----a-w- C:\WINDOWS\System32\WWanAPI.dll
2013-02-02 08:23:37 611840 ----a-w- C:\WINDOWS\System32\wpd_ci.dll
2013-02-02 08:23:37 105472 ----a-w- C:\WINDOWS\System32\wpdbusenum.dll
2013-02-02 08:23:30 830464 ----a-w- C:\WINDOWS\System32\wbem\WmiPrvSD.dll
2013-02-02 08:23:28 543232 ----a-w- C:\WINDOWS\System32\wlroamextension.dll
2013-02-02 08:23:21 13643264 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2013-02-02 08:23:19 293376 ----a-w- C:\WINDOWS\System32\Windows.Networking.Connectivity.dll
2013-02-02 08:23:18 731648 ----a-w- C:\WINDOWS\System32\win32spl.dll
2013-02-02 08:23:16 87552 ----a-w- C:\WINDOWS\System32\wersvc.dll
2013-02-02 08:22:28 448512 ----a-w- C:\WINDOWS\System32\SettingSync.dll
2013-02-02 08:22:22 416256 ----a-w- C:\WINDOWS\System32\schannel.dll
2013-02-02 08:21:45 467456 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll
2013-02-02 08:21:44 385024 ----a-w- C:\WINDOWS\System32\ncsi.dll
2013-02-02 08:21:38 5977600 ----a-w- C:\WINDOWS\System32\mstscax.dll
2013-02-02 08:21:10 225280 ----a-w- C:\WINDOWS\System32\mbsmsapi.dll
2013-02-02 08:20:47 260096 ----a-w- C:\WINDOWS\System32\hotspotauth.dll
2013-02-02 08:20:31 729600 ----a-w- C:\WINDOWS\System32\duser.dll
2013-02-02 07:30:05 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2013-02-02 07:25:52 297984 ----a-w- C:\WINDOWS\System32\drivers\ks.sys
2013-02-02 07:25:26 82944 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys
2013-02-02 07:25:23 37632 ----a-w- C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
2013-02-02 05:41:57 1437184 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2013-02-02 05:31:54 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
.
============= FINISH: 20:01:49,17 ===============
 
 
 
 
Spybot search and destroy
// info: Rootkit removal help file
// copyright: © 2008-2013 Safer-Networking Ltd. All rights reserved.
 
:: RootAlyzer Results
File:"No admin in ACL","C:\$WINDOWS.~BT\Windows\System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask"
 
 
 
 
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Eigenaar [Admin rights]
Mode : Scan -- Date : 04/08/2013 19:41:55
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 3 ¤¤¤
[SUSP PATH] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe [7] -> BEEINDIGD [TermProc]
[RESIDUE] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe [7] -> BEEINDIGD [TermProc]
[RESIDUE] RfBtnSvc64.exe -- C:\Windows\RfBtnSvc64.exe [7] -> KILLED [TermProc]
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableTaskMgr (0) -> FOUND
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> FOUND
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
 
127.0.0.1 localhost
::1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net
[...]
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: WDC WD5000BPVT-22HXZT3 +++++
--- User ---
[MBR] bba9f6911ee10096be46f134a4912add
[BSP] 1ec88d4b499dbbc69366f959d47cb142 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[2]_S_04082013_02d1941.txt >>
RKreport[1]_S_04082013_02d1930.txt ; RKreport[2]_S_04082013_02d1941.txt


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:44 PM

Posted 10 April 2013 - 08:06 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#3 len.moret

len.moret
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 11 April 2013 - 04:16 PM

Hey Nasdaq,

 

Thank you for your efforts to help me and for the clear and transparant instructions. I wil paste the logs in this post as requested.

 

Persisting problem after this session is the intermittent absence of my network location (NAS) which seems to be unreachable at no particular reason and at no particular intervals. At this moment eg. I have no trouble to look on the shares which are on the NAS. Some moments later I can't reach them at all. I tried resetting the router several times but  it seems to be OK for I can always reach the internet with my laptop. My friends laptop has no problem reaching the shares on the NAS.

 

The performance issues (speed) seem to have gone, I didn't time them with a stopwatch, but it seems much faster in startup and opening applications. 

 

Sincerely,

 

Len

 

==============================================================

 

security check....

 

 

 Results of screen317's Security Check version 0.99.62  
   x64 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
McAfee Antivirus en antispyware   
Windows Defender                  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Spyder3Express     
 Spybot - Search & Destroy 
 HostsMan 3.2.73    
 Malwarebytes Anti-Malware versie 1.70.0.1100  
 Java 7 Update 17  
 Adobe Flash Player 11.1.102.62  
 Google Chrome 25.0.1364.172  
 Google Chrome 26.0.1410.43  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 

 

ADW cleaner log.................

 

 

# AdwCleaner v2.200 - Verslag gemaakt op 11/04/2013 om 22:44:37
# Geactualiseerd op 02/04/2013 door Xplode
# Besturingssysteem : Windows 8 Pro  (64 bits)
# Gebruiker : Eigenaar - PC-3
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Eigenaar\Desktop\adwcleaner.exe
# Optie [Verwijderen]
 
 
***** [Diensten] *****
 
 
***** [Files / Mappen] *****
 
 
***** [Register] *****
 
 
***** [Browsers] *****
 
-\\ Internet Explorer v10.0.9200.16519
 
[OK] Het register bevat geen enkele ongeoorloofde invoer.
 
-\\ Google Chrome v26.0.1410.43
 
File : C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] De file bevat geen enkele ongeoorloofde invoer.
 
*************************
 
AdwCleaner[S4].txt - [738 octets] - [11/04/2013 22:44:37]
 
########## EOF - C:\AdwCleaner[S4].txt - [797 octets] ##########


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,788 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:44 PM

Posted 12 April 2013 - 07:53 AM

NAS problems.

You will find a number of suggestions on this topic.

http://superuser.com/questions/536472/windows-8-mapping-network-drive-nas

===

Since this is not a malware problem I suggest you start a new topic in the Networking forum
http://www.bleepingcomputer.com/forums/forum21.html

An expert in that field should be able to help better than I can.

===

I will leave this topic open if you need to check further for malware please call.

#5 len.moret

len.moret
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:44 AM

Posted 12 April 2013 - 09:59 AM

NAS problems.

You will find a number of suggestions on this topic.

http://superuser.com/questions/536472/windows-8-mapping-network-drive-nas

===

Since this is not a malware problem I suggest you start a new topic in the Networking forum
http://www.bleepingcomputer.com/forums/forum21.html

An expert in that field should be able to help better than I can.

===

I will leave this topic open if you need to check further for malware please call.

Hey Nasdaq,

 

Thank you very much for the friendly advice, I wil check out the provided links before I will post in the other forum.

 

Sincerely,

 

Len






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users